public void ExportedFunctions_Should_Be_Exported() { var exportedFunctions = new List <ExportedFunction> { new ExportedFunction("print5", (env, args) => { Printer.Print("5"); return(ObjectFactory.Null); }, (0, 0)) }; _settings = new ScriptSettings(exportedFunctions); _settings.Functions.Should().HaveCount(1); }
private IntPtr GetFunctionAddress(Module module, ExportedFunction exportedFunction) { // Determine if the function is forwarded to another function if (exportedFunction.ForwarderString is null) { return(module.BaseAddress + exportedFunction.Offset); } // Get the module and function that the function is forwarded to var forwardedData = exportedFunction.ForwarderString.Split("."); var forwardedModule = ResolveDllName($"{forwardedData[0]}.dll"); var forwardedFunction = forwardedData[1]; return(GetFunctionAddress(forwardedModule, forwardedFunction)); }
private void ExportGeneralFunctions() { _environment.ExportFunction(new ExportedFunction("print", Print, (1, 1))); _environment.ExportFunction(new ExportedFunction("random", RandomNum, (1, 2))); _environment.ExportFunction(new ExportedFunction("error", Error, (1, 1))); }
static void Main(string[] args) { byte[] data = null; byte[] userData = System.Text.Encoding.Default.GetBytes("None\0"); if (args.Length < 1) { Console.WriteLine("\n[!] Usage:\n\n\tDotNetLoader.exe <DLL File>\n\tDotNetLoader.exe <Shellcode Bin>"); return; } try { data = System.IO.File.ReadAllBytes(args[0]); } catch { Console.WriteLine("\n[!] Failed to load file"); Environment.Exit(0); } byte[] shellcode; if (data[0] == 'M' && data[1] == 'Z') { // 0x30627745 - 'SayHello' - FunctionToHash.py shellcode = ConvertToShellcode(data, 0x30627745, userData); Console.WriteLine("[+] Converted DLL to shellcode"); } else { shellcode = data; } GCHandle scHandle = GCHandle.Alloc(shellcode, GCHandleType.Pinned); IntPtr scPointer = scHandle.AddrOfPinnedObject(); if (!Native.VirtualProtect(scPointer, (UIntPtr)shellcode.Length, Native.PAGE_EXECUTE_READWRITE, out uint flOldProtect)) { Console.WriteLine("[!] Failed to set memory flags"); return; } ReflectiveLoader reflectiveLoader = (ReflectiveLoader)Marshal.GetDelegateForFunctionPointer(scPointer, typeof(ReflectiveLoader)); Console.WriteLine("[+] Executing RDI"); IntPtr peLocation = reflectiveLoader(); IntPtr expFunctionLocation = PE.GetProcAddressR(peLocation, "SayGoodbye"); if (expFunctionLocation != IntPtr.Zero) { ExportedFunction exportedFunction = (ExportedFunction)Marshal.GetDelegateForFunctionPointer(expFunctionLocation, typeof(ExportedFunction)); GCHandle userDataHandle = GCHandle.Alloc(userData, GCHandleType.Pinned); IntPtr userDataPointer = userDataHandle.AddrOfPinnedObject(); Console.WriteLine("[+] Calling exported function"); exportedFunction(userDataPointer, (uint)userData.Length); } }
public static List <Module> GetModules(string contents, string fileName) { var currentAst = new TypeScriptAST(); var modules = new List <Module>(); currentAst.MakeAST(contents, fileName); foreach (var functionDeclaration in currentAst.RootNode.Children.OfType <FunctionDeclaration>().Where(f => f.Modifiers != null && f.Modifiers.Any(m => m.Kind == SyntaxKind.ExportKeyword))) { var module = new ExportedFunction(functionDeclaration.IdentifierStr); modules.Add(module); } foreach (var classDeclaration in currentAst.GetDescendants().OfType <ClassDeclaration>()) { Module module = null; if (classDeclaration.Decorators != null) { foreach (var decorator in classDeclaration.Decorators) { if (decorator.Expression is CallExpression) { var callExpression = (CallExpression)decorator.Expression; switch (callExpression.IdentifierStr) { case "NgModule": { module = new AngularModule(classDeclaration.IdentifierStr); modules.Add(module); } break; case "Component": { module = new Page(classDeclaration.IdentifierStr); modules.Add(module); } break; case "Pipe": { module = new Pipe(classDeclaration.IdentifierStr); modules.Add(module); } break; case "Directive": { module = new Directive(classDeclaration.IdentifierStr); modules.Add(module); } break; case "Injectable": { module = new Provider(classDeclaration.IdentifierStr); modules.Add(module); } break; default: { DebugUtils.Break(); break; } } } else { DebugUtils.Break(); } } } if (module == null) { module = new ESModule(classDeclaration.IdentifierStr); modules.Add(module); } } return(modules); }
public void Add(ExportedFunction function) { _functions.Add(function); }
public void ExportedFunction_Should_Be_Available_For_Use_In_Script() { var toIncrease = 6; var settings = new ScriptSettings(new List <ExportedFunction> { new ExportedFunction("increaseBy3", IncreaseBy3, (1, 1)) });