Hardware-Hacking/BadUSB
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update 1.1. RansomwareSimulationCleanup

Browse Source
This commit is contained in:
Mark
2024-05-20 11:31:01 -04:00
committed by GitHub
parent 085fd437ff
commit e6f9358628
1 changed files with 48 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
1.1. RansomwareSimulationCleanup
+48 -9
View File
@@ -3,20 +3,59 @@ REM ################ This script was created by github.com
REM ################ This is a follow-up script to the RansomwareSimulation ############ REM ################ This is a follow-up script to the RansomwareSimulation ############
REM ################ This script is to revert all changes from the RansomwareSimulation script ############ REM ################ This script is to revert all changes from the RansomwareSimulation script ############
REM ######################################################################################################################### REM #########################################################################################################################
DELAY 1000
DELAY 500
GUI r GUI r
DELAY 100 DELAY 2000
STRING powershell -Command "Start-Process powershell -Verb runAs" STRING powershell
ENTER ENTER
DELAY 500 DELAY 6000
ALT y
DELAY 500
REM Revert file renamings in specified locations, removing .locked from all files REM Define the locations using correct SpecialFolder enumerations
STRING $locations = @('MyDocuments', 'Desktop', 'Pictures', 'Music'); foreach ($loc in $locations) { $path = [Environment]::GetFolderPath($loc); Get-ChildItem -Path $path -File | Where-Object { $_.Extension -eq '.locked' } | Rename-Item -NewName {$_.Name.Replace('.locked', '')} } STRING $folders = @(
DELAY 1000
ENTER ENTER
DELAY 1000 DELAY 1000
STRING [System.Environment+SpecialFolder]::Desktop,
DELAY 1000
ENTER
DELAY 2000
STRING [System.Environment+SpecialFolder]::MyPictures,
DELAY 1000
ENTER
DELAY 2000
STRING [System.Environment+SpecialFolder]::MyMusic,
DELAY 1000
ENTER
DELAY 2000
STRING [System.Environment+SpecialFolder]::Downloads
DELAY 1000
ENTER
DELAY 2000
STRING )
DELAY 1000
ENTER
DELAY 3000
REM Iterate over each location
STRING foreach ($folder in $folders) {
DELAY 1000
ENTER
DELAY 1000
STRING $path = [Environment]::GetFolderPath($folder)
DELAY 1000
ENTER
DELAY 4000
REM Get all .locked files in the path and rename them back
STRING Get-ChildItem -Path $path -File | Where-Object { $_.Name.EndsWith('.locked') } | ForEach-Object { Rename-Item -Path $_.FullName -NewName ($_.Name -replace '\.locked$', '') }
DELAY 2000
ENTER
DELAY 5000
STRING }
DELAY 1000
ENTER
DELAY 4000
STRING exit STRING exit
DELAY 1000
ENTER ENTER