// TODO: Abstract away shellcode encoding so that plugins can extend the available encoders
// and so that the MyWarez.Core namespace does not depend on msfvenom
private static byte[] Msfvenom(byte[] shellcode, ShellcodeArch arch, string format, byte[] badChars = null)
{
string archString = arch.ToString();
var inputFilename = RandomString(5) + ".bin";
var outputFilename = inputFilename + ".encoded";
var encodeCommandFormatStr = "cat {0} | msfvenom --arch {1} --platform windows -p - -f {2} -o {3}";
var encodeCommand = string.Format(encodeCommandFormatStr, inputFilename, archString, format, outputFilename);
if (badChars != null)
{
var badCharString = @"\x" + BitConverter.ToString(badChars).Replace("-", @"\x");
encodeCommand += " -b '" + badCharString + "'";
}
var cwd = Directory.GetCurrentDirectory();
Directory.SetCurrentDirectory(Constants.TempDirectory);
File.WriteAllBytes(inputFilename, shellcode);
var proc = Process.Start("powershell", string.Format(@"-c ""{0}""", encodeCommand));
proc.WaitForExit();
var outputBytes = File.ReadAllBytes(outputFilename);
Directory.SetCurrentDirectory(cwd);
return(outputBytes);
}
public static string TransformShellcode(byte[] shellcode, ShellcodeArch arch, string format)
{
return(Encoding.ASCII.GetString(Msfvenom(shellcode, arch, format)));
}
public static byte[] EncodeShellcode(byte[] shellcode, ShellcodeArch arch, byte[] badChars = null)
{
return(Msfvenom(shellcode, arch, "raw", badChars));
}
