// TODO: Abstract away shellcode encoding so that plugins can extend the available encoders // and so that the MyWarez.Core namespace does not depend on msfvenom private static byte[] Msfvenom(byte[] shellcode, ShellcodeArch arch, string format, byte[] badChars = null) { string archString = arch.ToString(); var inputFilename = RandomString(5) + ".bin"; var outputFilename = inputFilename + ".encoded"; var encodeCommandFormatStr = "cat {0} | msfvenom --arch {1} --platform windows -p - -f {2} -o {3}"; var encodeCommand = string.Format(encodeCommandFormatStr, inputFilename, archString, format, outputFilename); if (badChars != null) { var badCharString = @"\x" + BitConverter.ToString(badChars).Replace("-", @"\x"); encodeCommand += " -b '" + badCharString + "'"; } var cwd = Directory.GetCurrentDirectory(); Directory.SetCurrentDirectory(Constants.TempDirectory); File.WriteAllBytes(inputFilename, shellcode); var proc = Process.Start("powershell", string.Format(@"-c ""{0}""", encodeCommand)); proc.WaitForExit(); var outputBytes = File.ReadAllBytes(outputFilename); Directory.SetCurrentDirectory(cwd); return(outputBytes); }
public static string TransformShellcode(byte[] shellcode, ShellcodeArch arch, string format) { return(Encoding.ASCII.GetString(Msfvenom(shellcode, arch, format))); }
public static byte[] EncodeShellcode(byte[] shellcode, ShellcodeArch arch, byte[] badChars = null) { return(Msfvenom(shellcode, arch, "raw", badChars)); }