Hardware-Hacking/BadUSB
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update 1.1. RansomwareSimulationCleanup

Browse Source
This commit is contained in:
Mark
2024-05-20 11:31:01 -04:00
committed by GitHub
parent 085fd437ff
commit e6f9358628
1 changed files with 48 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
1.1. RansomwareSimulationCleanup
+48 -9
View File
@@ -3,20 +3,59 @@ REM ################ This script was created by github.com
REM ################ This is a follow-up script to the RansomwareSimulation ############
REM ################ This script is to revert all changes from the RansomwareSimulation script ############
REM #########################################################################################################################
DELAY 500
DELAY 1000
GUI r
DELAY 100
STRING powershell -Command "Start-Process powershell -Verb runAs"
DELAY 2000
STRING powershell
ENTER
DELAY 500
ALT y
DELAY 500
DELAY 6000
REM Revert file renamings in specified locations, removing .locked from all files
STRING $locations = @('MyDocuments', 'Desktop', 'Pictures', 'Music'); foreach ($loc in $locations) { $path = [Environment]::GetFolderPath($loc); Get-ChildItem -Path $path -File | Where-Object { $_.Extension -eq '.locked' } | Rename-Item -NewName {$_.Name.Replace('.locked', '')} }
REM Define the locations using correct SpecialFolder enumerations
STRING $folders = @(
DELAY 1000
ENTER
DELAY 1000
STRING [System.Environment+SpecialFolder]::Desktop,
DELAY 1000
ENTER
DELAY 2000
STRING [System.Environment+SpecialFolder]::MyPictures,
DELAY 1000
ENTER
DELAY 2000
STRING [System.Environment+SpecialFolder]::MyMusic,
DELAY 1000
ENTER
DELAY 2000
STRING [System.Environment+SpecialFolder]::Downloads
DELAY 1000
ENTER
DELAY 2000
STRING )
DELAY 1000
ENTER
DELAY 3000
REM Iterate over each location
STRING foreach ($folder in $folders) {
DELAY 1000
ENTER
DELAY 1000
STRING $path = [Environment]::GetFolderPath($folder)
DELAY 1000
ENTER
DELAY 4000
REM Get all .locked files in the path and rename them back
STRING Get-ChildItem -Path $path -File | Where-Object { $_.Name.EndsWith('.locked') } | ForEach-Object { Rename-Item -Path $_.FullName -NewName ($_.Name -replace '\.locked$', '') }
DELAY 2000
ENTER
DELAY 5000
STRING }
DELAY 1000
ENTER
DELAY 4000
STRING exit
DELAY 1000
ENTER