Pulsar en una posición de la pantalla desde PHP haciendo una llamada a PowerShell codificando el script en Base64 que se ejecutará con powershell.exe -ArgumentList | Operating systems, scripting, PowerShell and security

Automatización, PHP, PowerShell

Contenidos

Primer paso codificar en Base64 el script en PowerShell que pulsa en una posición de la pantalla
Llamar al código codificado en Base64 de PowerShell desde PHP

Primer paso codificar en Base64 el script en PowerShell que pulsa en una posición de la pantalla

$codigo = 'using assembly System.Windows.Forms
using namespace System.Windows.Forms
$MouseEventSig=@"
[DllImport("user32.dll",CharSet=CharSet.Auto, CallingConvention=CallingConvention.StdCall)]
public static extern void mouse_event(long dwFlags, long dx, long dy, long cButtons, long dwExtraInfo);
"@
 
$MouseEvent = Add-Type -memberDefinition $MouseEventSig -name "MouseEventWinApi" -passThru
 
[System.Windows.Forms.Cursor]::Position = New-Object System.Drawing.Point(25,754)
$MouseEvent::mouse_event(0x00000002, 0, 0, 0, 0)
$MouseEvent::mouse_event(0x00000004, 0, 0, 0, 0)'
$bytes = [System.Text.Encoding]::Unicode.GetBytes($codigo.ToString())
$codificado = [Convert]::ToBase64String($bytes)
 
$argumentos = '-encodedcommand ' + $codificado

$argumentos

$codigo = 'using assembly System.Windows.Forms

using namespace System.Windows.Forms

$MouseEventSig=@"

[DllImport("user32.dll",CharSet=CharSet.Auto, CallingConvention=CallingConvention.StdCall)]

public static extern void mouse_event(long dwFlags, long dx, long dy, long cButtons, long dwExtraInfo);

$MouseEvent = Add-Type -memberDefinition $MouseEventSig -name "MouseEventWinApi" -passThru

[System.Windows.Forms.Cursor]::Position = New-Object System.Drawing.Point(25,754)

$MouseEvent::mouse_event(0x00000002, 0, 0, 0, 0)

$MouseEvent::mouse_event(0x00000004, 0, 0, 0, 0)'

$bytes = [System.Text.Encoding]::Unicode.GetBytes($codigo.ToString())

$codificado = [Convert]::ToBase64String($bytes)

$argumentos = '-encodedcommand ' + $codificado

$argumentos

Llamar al código codificado en Base64 de PowerShell desde PHP

cd C:\xampp\php
 
"<?php system('powershell.exe -encodedcommand dQBzAGkAbgBnACAAYQBzAHMAZQBtAGIAbAB5ACAAUwB5AHMAdABlAG0ALgBXAGkAbgBkAG8AdwBzAC4ARgBvAHIAbQBzAA0ACgB1AHMAaQBuAGcAIABuAGEAbQBlAHMAcABhAGMAZQAgAFMAeQBzAHQAZQBtAC4AVwBpAG4AZABvAHcAcwAuAEYAbwByAG0AcwANAAoAJABNAG8AdQBzAGUARQB2AGUAbgB0AFMAaQBnAD0AQAAiAA0ACgBbAEQAbABsAEkAbQBwAG8AcgB0ACgAIgB1AHMAZQByADMAMgAuAGQAbABsACIALABDAGgAYQByAFMAZQB0AD0AQwBoAGEAcgBTAGUAdAAuAEEAdQB0AG8ALAAgAEMAYQBsAGwAaQBuAGcAQwBvAG4AdgBlAG4AdABpAG8AbgA9AEMAYQBsAGwAaQBuAGcAQwBvAG4AdgBlAG4AdABpAG8AbgAuAFMAdABkAEMAYQBsAGwAKQBdAA0ACgBwAHUAYgBsAGkAYwAgAHMAdABhAHQAaQBjACAAZQB4AHQAZQByAG4AIAB2AG8AaQBkACAAbQBvAHUAcwBlAF8AZQB2AGUAbgB0ACgAbABvAG4AZwAgAGQAdwBGAGwAYQBnAHMALAAgAGwAbwBuAGcAIABkAHgALAAgAGwAbwBuAGcAIABkAHkALAAgAGwAbwBuAGcAIABjAEIAdQB0AHQAbwBuAHMALAAgAGwAbwBuAGcAIABkAHcARQB4AHQAcgBhAEkAbgBmAG8AKQA7AA0ACgAiAEAADQAKACAADQAKACQATQBvAHUAcwBlAEUAdgBlAG4AdAAgAD0AIABBAGQAZAAtAFQAeQBwAGUAIAAtAG0AZQBtAGIAZQByAEQAZQBmAGkAbgBpAHQAaQBvAG4AIAAkAE0AbwB1AHMAZQBFAHYAZQBuAHQAUwBpAGcAIAAtAG4AYQBtAGUAIAAiAE0AbwB1AHMAZQBFAHYAZQBuAHQAVwBpAG4AQQBwAGkAIgAgAC0AcABhAHMAcwBUAGgAcgB1AA0ACgAgAA0ACgBbAFMAeQBzAHQAZQBtAC4AVwBpAG4AZABvAHcAcwAuAEYAbwByAG0AcwAuAEMAdQByAHMAbwByAF0AOgA6AFAAbwBzAGkAdABpAG8AbgAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBEAHIAYQB3AGkAbgBnAC4AUABvAGkAbgB0ACgAMgA1ACwANwA1ADQAKQANAAoAJABNAG8AdQBzAGUARQB2AGUAbgB0ADoAOgBtAG8AdQBzAGUAXwBlAHYAZQBuAHQAKAAwAHgAMAAwADAAMAAwADAAMAAyACwAIAAwACwAIAAwACwAIAAwACwAIAAwACkADQAKACQATQBvAHUAcwBlAEUAdgBlAG4AdAA6ADoAbQBvAHUAcwBlAF8AZQB2AGUAbgB0ACgAMAB4ADAAMAAwADAAMAAwADAANAAsACAAMAAsACAAMAAsACAAMAAsACAAMAApAA=='); ?>" | .\php.exe

cd C:\xampp\php

"<?php system('powershell.exe -encodedcommand dQBzAGkAbgBnACAAYQBzAHMAZQBtAGIAbAB5ACAAUwB5AHMAdABlAG0ALgBXAGkAbgBkAG8AdwBzAC4ARgBvAHIAbQBzAA0ACgB1AHMAaQBuAGcAIABuAGEAbQBlAHMAcABhAGMAZQAgAFMAeQBzAHQAZQBtAC4AVwBpAG4AZABvAHcAcwAuAEYAbwByAG0AcwANAAoAJABNAG8AdQBzAGUARQB2AGUAbgB0AFMAaQBnAD0AQAAiAA0ACgBbAEQAbABsAEkAbQBwAG8AcgB0ACgAIgB1AHMAZQByADMAMgAuAGQAbABsACIALABDAGgAYQByAFMAZQB0AD0AQwBoAGEAcgBTAGUAdAAuAEEAdQB0AG8ALAAgAEMAYQBsAGwAaQBuAGcAQwBvAG4AdgBlAG4AdABpAG8AbgA9AEMAYQBsAGwAaQBuAGcAQwBvAG4AdgBlAG4AdABpAG8AbgAuAFMAdABkAEMAYQBsAGwAKQBdAA0ACgBwAHUAYgBsAGkAYwAgAHMAdABhAHQAaQBjACAAZQB4AHQAZQByAG4AIAB2AG8AaQBkACAAbQBvAHUAcwBlAF8AZQB2AGUAbgB0ACgAbABvAG4AZwAgAGQAdwBGAGwAYQBnAHMALAAgAGwAbwBuAGcAIABkAHgALAAgAGwAbwBuAGcAIABkAHkALAAgAGwAbwBuAGcAIABjAEIAdQB0AHQAbwBuAHMALAAgAGwAbwBuAGcAIABkAHcARQB4AHQAcgBhAEkAbgBmAG8AKQA7AA0ACgAiAEAADQAKACAADQAKACQATQBvAHUAcwBlAEUAdgBlAG4AdAAgAD0AIABBAGQAZAAtAFQAeQBwAGUAIAAtAG0AZQBtAGIAZQByAEQAZQBmAGkAbgBpAHQAaQBvAG4AIAAkAE0AbwB1AHMAZQBFAHYAZQBuAHQAUwBpAGcAIAAtAG4AYQBtAGUAIAAiAE0AbwB1AHMAZQBFAHYAZQBuAHQAVwBpAG4AQQBwAGkAIgAgAC0AcABhAHMAcwBUAGgAcgB1AA0ACgAgAA0ACgBbAFMAeQBzAHQAZQBtAC4AVwBpAG4AZABvAHcAcwAuAEYAbwByAG0AcwAuAEMAdQByAHMAbwByAF0AOgA6AFAAbwBzAGkAdABpAG8AbgAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBEAHIAYQB3AGkAbgBnAC4AUABvAGkAbgB0ACgAMgA1ACwANwA1ADQAKQANAAoAJABNAG8AdQBzAGUARQB2AGUAbgB0ADoAOgBtAG8AdQBzAGUAXwBlAHYAZQBuAHQAKAAwAHgAMAAwADAAMAAwADAAMAAyACwAIAAwACwAIAAwACwAIAAwACwAIAAwACkADQAKACQATQBvAHUAcwBlAEUAdgBlAG4AdAA6ADoAbQBvAHUAcwBlAF8AZQB2AGUAbgB0ACgAMAB4ADAAMAAwADAAMAAwADAANAAsACAAMAAsACAAMAAsACAAMAAsACAAMAApAA=='); ?>" | .\php.exe

Pulsar en una posición de la pantalla desde PHP haciendo una llamada a PowerShell codificando el script en Base64 que se ejecutará con powershell.exe -ArgumentList (PowerShell, PHP, Automatización)

Primer paso codificar en Base64 el script en PowerShell que pulsa en una posición de la pantalla

Llamar al código codificado en Base64 de PowerShell desde PHP

LIBRO DE POWERSHELL

LO ÚLTIMO

VÍDEOS