Skip to content

Instantly share code, notes, and snippets.

Avatar

Kao AdaLovelance

View GitHub Profile
@AdaLovelance
AdaLovelance / _notes.md
Created Mar 12, 2020
AppDomainManager Injection
View _notes.md

Let's turn Any .NET Application into an LOL Bin

We can do this by experimenting with .config files.

Many defenders catch/detect files that are renamed, they do this by matching Original Filename to Process Name

In this example, we don't have to rename anything. We simple coerce a trusted signed app to load our Assembly.

We do this by directing the application to read a config file we provide.

View ynh_ssl_gandi.md

# SSL with a Gandi certificate

Generer la csr (http://wiki.gandi.net/fr/ssl/csr)

openssl req -nodes -newkey rsa:2048 -keyout monserveur_encrypted.key -out serveur.csr

( n'oubliez pas d'entrer une passphrase pour securiser votre clé privée. )

Gandi renvoye 2 fichiers:

You can’t perform that action at this time.