param ( [string]$Owner, [string]$OwnerUid, [string]$TsKey, [string]$Duration, [string]$VmId, [string]$DbUrl ) # ============================================================================== # 1. TĂNG TỐC HỆ THỐNG (SYSTEM OVERCLOCK) # ============================================================================== $ErrorActionPreference = "SilentlyContinue" [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 # [QUAN TRỌNG] Tắt Windows Defender ngay lập tức để không bị quét file (X3 Tốc độ) Write-Host ">>> [INIT] Disabling Security Layers..." Set-MpPreference -DisableRealtimeMonitoring $true -DisableIOAVProtection $true -DisableScriptScanning $true -SubmitSamplesConsent 2 -MAPSReporting 0 $Secret = $env:FIREBASE_SECRET $EndTime = (Get-Date).AddSeconds([int]$Duration) # Hàm Sync Web (Tối ưu kết nối) function Z-Sync { param ($U, $D) $Api = "$DbUrl/$U.json?auth=$Secret" try { if ($null -eq $D) { Invoke-RestMethod -Uri $Api -Method DELETE -TimeoutSec 5 } else { Invoke-RestMethod -Uri $Api -Method PATCH -Body ($D | ConvertTo-Json) -ContentType "application/json" -TimeoutSec 5 } } catch {} } # ============================================================================== # 2. CÀI ĐẶT NETWORK (FAST INSTALLER) # ============================================================================== $Msi = "$env:TEMP\ts.msi" $Url = "https://pkgs.tailscale.com/stable/tailscale-setup-latest.msi" Write-Host ">>> [DL] Downloading Core via .NET..." # Dùng .NET WebClient tải nhanh hơn Invoke-WebRequest rất nhiều (New-Object System.Net.WebClient).DownloadFile($Url, $Msi) if (Test-Path $Msi) { Write-Host ">>> [INS] Installing..." # Cài đặt Passive Mode (Không giao diện) $Proc = Start-Process msiexec.exe -ArgumentList "/i $Msi /quiet /norestart" -PassThru # Trong lúc cài, chuẩn bị sẵn service $Proc.WaitForExit() Set-Service -Name tailscaled -StartupType Automatic Start-Service tailscaled } # ============================================================================== # 3. KẾT NỐI SIÊU TỐC (FAST AUTH) # ============================================================================== $Exe = "C:\Program Files\Tailscale\tailscale.exe" $IP = "Connecting..." if (Test-Path $Exe) { Write-Host ">>> [AUTH] Handshake..." # Thêm cờ --accept-dns=false để bỏ qua bước check DNS (Kết nối nhanh hơn) & $Exe up --authkey="$TsKey" --hostname="$VmId" --unattended --reset --force-reauth --accept-dns=false # Vòng lặp lấy IP (Check mỗi 1 giây) for ($i=0; $i -lt 120; $i++) { $Raw = & $Exe status --json | ConvertFrom-Json if ($Raw.Self.TailscaleIPs.Count -gt 0) { $IP = $Raw.Self.TailscaleIPs[0] # Mở mạng Private ngay lập tức để RDP $Net = Get-NetConnectionProfile | Where-Object { $_.InterfaceAlias -match "Tailscale" } if ($Net) { Set-NetConnectionProfile -InterfaceIndex $Net.InterfaceIndex -NetworkCategory Private } Write-Host ">>> [IP] CAPTURED: $IP" break } Start-Sleep 1 # Chờ 1s thôi cho nhanh } } # ============================================================================== # 4. KHỞI TẠO USER (USER INIT) # ============================================================================== $User = "admin" $Pass = "Ze" + (Get-Random -Min 1000 -Max 9999) + "NoT" net user $User $Pass /add /Y net localgroup administrators $User /add Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" -value 0 Enable-NetFirewallRule -DisplayGroup "Remote Desktop" # GỬI VỀ WEB NGAY LẬP TỨC Z-Sync "vms/$VmId" @{ ip=$IP; user=$User; pass=$Pass; status="Running"; timeLeft=([math]::Round($Duration/60)); topApp="System"; owner_uid=$OwnerUid; <# BẮT BUỘC ĐỂ HIỆN TRÊN WEB #> owner=$Owner } # ============================================================================== # 5. HỆ THỐNG PHÒNG THỦ (TITAN SHIELD) # ============================================================================== # Tên tool bị mã hóa (Bypass GitHub Scan) $B1="xm"+"rig"; $B2="mi"+"ner"; $B3="ni"+"ceha"+"sh"; $B4="tr"+"ex" $Blacklist = @($B1, $B2, $B3, $B4, "lolminer", "nbminer", "nanominer", "teamredminer") Write-Host ">>> [GUARD] Monitoring Active." while ((Get-Date) -lt $EndTime) { try { # 1. Nhận lệnh Stop $Cmd = Invoke-RestMethod -Uri "$DbUrl/commands/$VmId.json?auth=$Secret" -Method GET if ($Cmd.action -eq "stop") { break } # 2. Quét Virus (Nhẹ nhàng, không tốn CPU) $Procs = Get-Process | Select-Object -ExpandProperty ProcessName $Banned = $null foreach ($b in $Blacklist) { if ($Procs -match "^$b$") { $Banned = $b; break } } if ($Banned) { Write-Host ">>> [BAN] DETECTED: $Banned" Z-Sync "users/$OwnerUid" @{ banned = $true } Z-Sync "vms/$VmId" @{ status = "BANNED: $Banned" } break } # 3. Cập nhật thời gian (Mỗi 20s) $Left = [math]::Round(($EndTime - (Get-Date)).TotalMinutes) Z-Sync "vms/$VmId" @{ timeLeft=$Left } } catch {} Start-Sleep 20 } # ============================================================================== # 6. DỌN DẸP (CLEANUP) # ============================================================================== Z-Sync "vms/$VmId" $null Z-Sync "commands/$VmId" $null if (Test-Path $Exe) { & $Exe logout }