Created
November 8, 2018 16:34
-
-
Save dtmsecurity/051cd24658ec22e6e916047936578a27 to your computer and use it in GitHub Desktop.
SharpGen Aggressor Beacon Wrapper
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $dotnetpath = "/usr/local/share/dotnet/dotnet"; | |
| $sharpgenpath = "/Users/dtmsecurity/Tools/SharpGen/bin/Debug/netcoreapp2.1/SharpGen.dll"; | |
| $temppath = "/tmp/"; | |
| beacon_command_register("sharpgen", "Compile and execute C-Sharp","Synopsis: sharpgen [code]\n"); | |
| alias sharpgen{ | |
| $executionId = "sharpgen_" . int(rand() * 100000); | |
| $temporaryCsharp = $temppath . $executionId . ".cs"; | |
| $executableFilename = $temppath . $executionId . ".exe"; | |
| $code = replace($0, "sharpgen ", ""); | |
| $escaped = replace($code, '"', '\"'); | |
| @command = @($dotnetpath,$sharpgenpath,'-f',$executableFilename,$escaped); | |
| $proc = exec(@command); | |
| @data = readAll($proc); | |
| $success = 0; | |
| foreach $value (@data){ | |
| blog2($1, $value); | |
| if('Compiled assembly written' isin $value){ | |
| $success = 1; | |
| bexecute_assembly($1, $executableFilename); | |
| sleep(1000); | |
| deleteFile($executableFilename); | |
| } | |
| } | |
| if($success == 0){ | |
| blog2($1, "Error compiling with SharpGen"); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment