PoshC2_Python/Modules/Get-IdleTime.ps1

15 lines
6.4 KiB
PowerShell

$idletime = $null
Function Get-IdleTime {
if ($idletime -ne "TRUE") {
$script:idletime = "TRUE"
echo "Loading Assembly"
$PS = "TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAABQRQAATAEDAG4GsVoAAAAAAAAAAOAAIiALATAAAAoAAAAGAAAAAAAAbikAAAAgAAAAQAAAAAAAEAAgAAAAAgAABAAAAAAAAAAEAAAAAAAAAACAAAAAAgAAAAAAAAMAQIUAABAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAABwpAABPAAAAAEAAAFgDAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAwAAADkJwAAHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAAAAAAAAAAAAAAACCAAAEgAAAAAAAAAAAAAAC50ZXh0AAAAdAkAAAAgAAAACgAAAAIAAAAAAAAAAAAAAAAAACAAAGAucnNyYwAAAFgDAAAAQAAAAAQAAAAMAAAAAAAAAAAAAAAAAABAAABALnJlbG9jAAAMAAAAAGAAAAACAAAAEAAAAAAAAAAAAAAAAAAAQAAAQgAAAAAAAAAAAAAAAAAAAABQKQAAAAAAAEgAAAACAAUA3CAAAAgHAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMwAgAjAAAAAQAAESgOAAAKCxIBKA8AAAplbCgQAAAKChIAKAQAAAZsKBAAAAoqABMwAgATAAAAAgAAESgOAAAKChIAKAIAAAYoEQAACioAEzACAC0AAAADAAAREgD+FQMAAAISANADAAACKBIAAAooEwAACn0BAAAEEgAoAQAABiYGewIAAAQqAAAAQlNKQgEAAQAAAAAADAAAAHYyLjAuNTA3MjcAAAAABQBsAAAAiAIAACN+AAD0AgAA+AIAACNTdHJpbmdzAAAAAOwFAAAEAAAAI1VTAPAFAAAQAAAAI0dVSUQAAAAABgAACAEAACNCbG9iAAAAAAAAAAIAAAFXFaIVCQIAAAD6ATMAFgAAAQAAABYAAAADAAAAAgAAAAQAAAABAAAAEwAAAA0AAAADAAAAAQAAAAMAAAADAAAAAQAAAAEAAAABAAAAAQAAAAEAAAAAAOMBAQAAAAAABgAyAWcCBgCfAWcCBgB/ACUCDwCHAgAABgCnAPwBBgAVAfwBBgD2APwBBgCGAfwBBgBSAfwBBgBrAfwBBgC+APwBBgCTAEgCBgBxAEgCBgDZAPwBBgCyAuwBBgBXAOwBBgDzAewBBgBnAOwBBgC5AuwBBgBsAOwBBgAmAOwBBgDQAUgCAAAAAAEAAAAAAAEAAQCBARAA0wIAAD0AAQABAAsBEAAKAAAASQABAAUABgC9AVcABgBgAFoAAAAAAIAAkSAOAl0AAQBQIAAAAACWCN0CIQACAIAgAAAAAJYISgBkAAIAoCAAAAAAlgiWAiYAAgAAAAEAywEJAB8CAQARAB8CBgAZAB8CCgApAB8CEAAxAB8CEAA5AB8CEABBAB8CEABJAB8CEABRAB8CEABZAB8CEABhAB8CFQBpAB8CEABxAB8CEACBAOsCIQCZAMUCJgCBADgCKgCBAKkCNQChADgAQQCxAMQBSAAuAAsAdwAuABMAgAAuABsAnwAuACMAqAAuACsAsgAuADMAsgAuADsAsgAuAEMAqAAuAEsAuAAuAFMAsgAuAFsAsgAuAGMA0AAuAGsA+gAaADAAPAACAAEAAADhAmkAAABOAG4AAACaAnMAAgACAAMAAgADAAUAAgAEAAcA2AEAAQMADgIBAASAAAABAAAAAAAAAAAAAAAAACEAAAACAAAAAAAAAAAAAABOABgAAAAAAAMAAgAAAAAAADxNb2R1bGU+AExBU1RJTlBVVElORk8AbXNjb3JsaWIASWRsZQBSdW50aW1lVHlwZUhhbmRsZQBHZXRUeXBlRnJvbUhhbmRsZQBnZXRfSWRsZVRpbWUARGF0ZVRpbWUAZHdUaW1lAFZhbHVlVHlwZQBHdWlkQXR0cmlidXRlAERlYnVnZ2FibGVBdHRyaWJ1dGUAQ29tVmlzaWJsZUF0dHJpYnV0ZQBBc3NlbWJseVRpdGxlQXR0cmlidXRlAEFzc2VtYmx5VHJhZGVtYXJrQXR0cmlidXRlAEFzc2VtYmx5RmlsZVZlcnNpb25BdHRyaWJ1dGUAQXNzZW1ibHlDb25maWd1cmF0aW9uQXR0cmlidXRlAEFzc2VtYmx5RGVzY3JpcHRpb25BdHRyaWJ1dGUAQ29tcGlsYXRpb25SZWxheGF0aW9uc0F0dHJpYnV0ZQBBc3NlbWJseVByb2R1Y3RBdHRyaWJ1dGUAQXNzZW1ibHlDb3B5cmlnaHRBdHRyaWJ1dGUAQXNzZW1ibHlDb21wYW55QXR0cmlidXRlAFJ1bnRpbWVDb21wYXRpYmlsaXR5QXR0cmlidXRlAGNiU2l6ZQBTaXplT2YAcGxpaQBNYXJzaGFsAHVzZXIzMi5kbGwASWRsZS5kbGwAU3lzdGVtAFRpbWVTcGFuAFN5c3RlbS5SZWZsZWN0aW9uAEdldExhc3RJbnB1dEluZm8ALmN0b3IAU3lzdGVtLkRpYWdub3N0aWNzAEFkZE1pbGxpc2Vjb25kcwBTeXN0ZW0uUnVudGltZS5JbnRlcm9wU2VydmljZXMAU3lzdGVtLlJ1bnRpbWUuQ29tcGlsZXJTZXJ2aWNlcwBEZWJ1Z2dpbmdNb2RlcwBnZXRfTGFzdElucHV0VGlja3MAU3VidHJhY3QAT2JqZWN0AEVudmlyb25tZW50AGdldF9UaWNrQ291bnQAVXNlcklucHV0AGdldF9MYXN0SW5wdXQAZ2V0X1V0Y05vdwAAAAAAAAC8MtBwYvkGRYx7EIzxI8y4AAQgAQEIAyAAAQUgAQEREQQgAQEOBCABAQIGBwIRQRFBBAAAEUEDAAAIBSABEUENBAcBEUEGIAERRRFBBAcBEQwGAAESURFVBQABCBJRCLd6XFYZNOCJAgYJAgYIBgABAhARDAQAABFFBAgAEUEECAARRQMIAAgIAQAIAAAAAAAeAQABAFQCFldyYXBOb25FeGNlcHRpb25UaHJvd3MBCAEAAgAAAAAACQEABElkbGUAAAUBAAAAABcBABJDb3B5cmlnaHQgwqkgIDIwMTgAACkBACQ1OGZjZWM2Zi0zMDVjLTQ0YTMtYTdjNC02NDZhMzk2NWY1MmIAAAwBAAcxLjAuMC4wAAAAAAAAAG4GsVoAAAAAAgAAABwBAAAAKAAAAAoAAFJTRFN/3xwlgvxoQKNmR7Yb9xLlAQAAAEM6XFVzZXJzXGFkbWluXHNvdXJjZVxyZXBvc1xJZGxlXElkbGVcb2JqXFJlbGVhc2VcSWRsZS5wZGIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAARCkAAAAAAAAAAAAAXikAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFApAAAAAAAAAAAAAAAAX0NvckRsbE1haW4AbXNjb3JlZS5kbGwAAAAAAP8lACAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABABAAAAAYAACAAAAAAAAAAAAAAAAAAAABAAEAAAAwAACAAAAAAAAAAAAAAAAAAAABAAAAAABIAAAAWEAAAPwCAAAAAAAAAAAAAPwCNAAAAFYAUwBfAFYARQBSAFMASQBPAE4AXwBJAE4ARgBPAAAAAAC9BO/+AAABAAAAAQAAAAAAAAABAAAAAAA/AAAAAAAAAAQAAAACAAAAAAAAAAAAAAAAAAAARAAAAAEAVgBhAHIARgBpAGwAZQBJAG4AZgBvAAAAAAAkAAQAAABUAHIAYQBuAHMAbABhAHQAaQBvAG4AAAAAAAAAsARcAgAAAQBTAHQAcgBpAG4AZwBGAGkAbABlAEkAbgBmAG8AAAA4AgAAAQAwADAAMAAwADAANABiADAAAAAaAAEAAQBDAG8AbQBtAGUAbgB0AHMAAAAAAAAAIgABAAEAQwBvAG0AcABhAG4AeQBOAGEAbQBlAAAAAAAAAAAAMgAFAAEARgBpAGwAZQBEAGUAcwBjAHIAaQBwAHQAaQBvAG4AAAAAAEkAZABsAGUAAAAAADAACAABAEYAaQBsAGUAVgBlAHIAcwBpAG8AbgAAAAAAMQAuADAALgAwAC4AMAAAADIACQABAEkAbgB0AGUAcgBuAGEAbABOAGEAbQBlAAAASQBkAGwAZQAuAGQAbABsAAAAAABIABIAAQBMAGUAZwBhAGwAQwBvAHAAeQByAGkAZwBoAHQAAABDAG8AcAB5AHIAaQBnAGgAdAAgAKkAIAAgADIAMAAxADgAAAAqAAEAAQBMAGUAZwBhAGwAVAByAGEAZABlAG0AYQByAGsAcwAAAAAAAAAAADoACQABAE8AcgBpAGcAaQBuAGEAbABGAGkAbABlAG4AYQBtAGUAAABJAGQAbABlAC4AZABsAGwAAAAAACoABQABAFAAcgBvAGQAdQBjAHQATgBhAG0AZQAAAAAASQBkAGwAZQAAAAAANAAIAAEAUAByAG8AZAB1AGMAdABWAGUAcgBzAGkAbwBuAAAAMQAuADAALgAwAC4AMAAAADgACAABAEEAcwBzAGUAbQBiAGwAeQAgAFYAZQByAHMAaQBvAG4AAAAxAC4AMAAuADAALgAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAMAAAAcDkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
$dllbytes = [System.Convert]::FromBase64String($PS)
$assembly = [System.Reflection.Assembly]::Load($dllbytes)
}
Write-Output ("Last input " + [UserInput]::LastInput) | out-string
Write-Output ("Idle for " + [UserInput]::IdleTime) | out-string
}