public static ICCxxSource CreateSource(IParameterlessCFunction function) { var sourceFiles = SourceDirectoryToSourceFiles(ResourceDirectory); FindAndReplace(sourceFiles, ThreadFunctionSignaturePlaceholder, function.Signature); FindAndReplace(sourceFiles, ThreadFunctionPlaceholder, function.Name); return(new CCxxSource(sourceFiles)); }
public static ICCxxSource CreateSource(IParameterlessCFunction function, string mutexName) { var sourceFiles = SourceDirectoryToSourceFiles(ResourceDirectory); FindAndReplace(sourceFiles, ExecutePayloadSignaturePlaceholder, function.Signature); FindAndReplace(sourceFiles, ExecutePayloadPlaceholder, function.Name); FindAndReplace(sourceFiles, MutexNamePlaceholder, Utils.StringToCArrary(mutexName, wide: true)); return(new CCxxSource(sourceFiles)); }
// Merges only the elements that implement ICCxxSourceIParameterlessCFunction public ProcessAttachDllMainCCxxSource(IParameterlessCFunction source, IEnumerable <string> exportedFunctions = null, bool mergeCCxxSources = true) : base(SourceDirectoryToSourceFiles( ResourceDirectory, additionalSources: new[] { source }.Where(x => mergeCCxxSources && x is ICCxxSourceIParameterlessCFunction).Cast <ICCxxSource>() ), exportedFunctions) { FindAndReplace(SourceFiles, PayloadFunctionPlaceholder, source.Name); }
// Merges only the elements that implement ICCxxSourceIParameterlessCFunction public DiaghubDllCCxxSource(IParameterlessCFunction source, bool mergeCCxxSources = true) : base(new[] { new CCxxSource( SourceDirectoryToSourceFiles( ResourceDirectory, excludeFiles: ExcludeFiles, additionalSources: new[] { source }.Where(x => mergeCCxxSources && x is ICCxxSourceIParameterlessCFunction).Cast <ICCxxSource>() )) }, Exports) { FindAndReplace(SourceFiles, PayloadFunctionPlaceholder, ((IParameterlessCFunction)source).Name); }
// Merges only the elements that implement ICCxxSourceIParameterlessCFunction public IfElseFunctionCallCCxxSource( string conditionalExpression, // format string representing a conditional expression in C: "{0} && (!{1} || {2} == {3})" IEnumerable <IParameterlessCFunction> conditionalExpressionFunctionSources, // The arguments for the format string conditionalExpression IParameterlessCFunction trueCaseFunction = null, // call this function if the conditional is true IParameterlessCFunction falseCaseFunction = null, // call this function if the conditional is false bool mergeCCxxSources = true) : base(MergeSourceFiles( IfElseFunctionCallCCxxSource.CreateSource(conditionalExpression, conditionalExpressionFunctionSources, trueCaseFunction, falseCaseFunction), conditionalExpressionFunctionSources.Append(trueCaseFunction).Append(falseCaseFunction).Where(x => mergeCCxxSources && x is ICCxxSourceIParameterlessCFunction).Cast <ICCxxSource>()) ) { FindAndReplace(SourceFiles, FunctionNamePlaceholder, ((ICFunction)this).Name); }
public static ICCxxSource CreateSource( string conditionalExpression, IEnumerable <IParameterlessCFunction> conditionalExpressionFunctionSources, IParameterlessCFunction trueCaseFunction, IParameterlessCFunction falseCaseFunction) { for (int i = 0; i < conditionalExpressionFunctionSources.Count(); i++) { if (!conditionalExpression.Contains("{" + i + "}")) { throw new ArgumentException("conditionalExpression missing an argument"); } } string sourcecode = ""; sourcecode += "#include <Windows.h>\r\n"; foreach (var function in conditionalExpressionFunctionSources) { sourcecode += function.Signature + "\r\n"; } if (trueCaseFunction != null) { sourcecode += trueCaseFunction.Signature + "\r\n"; } if (falseCaseFunction != null) { sourcecode += falseCaseFunction.Signature + "\r\n"; } sourcecode += "void " + "IfElseFunctionCall" + "(void){\r\n"; sourcecode += "if(" + string.Format(conditionalExpression, conditionalExpressionFunctionSources.Select(x => x.Name + "()").ToArray()) + ") {\r\n"; if (trueCaseFunction != null) { sourcecode += "\t" + trueCaseFunction.Name + "();" + "\r\n"; } sourcecode += "}\r\n"; sourcecode += "else {\r\n"; if (falseCaseFunction != null) { sourcecode += "\t" + falseCaseFunction.Name + "();" + "\r\n"; } sourcecode += "}\r\n"; sourcecode += "}\r\n"; return(new CCxxSource(new List <CCxxSourceFile>() { new CCxxSourceFile(sourcecode, Utils.RandomString(10) + ".c") })); }
// Does not merge input source into this object. public MutexSingletonShellcodeCCxxSource(IParameterlessCFunction functionSource, string mutexName = @"Global\MutexSingleton") : base(MutexSingletonCCxxSource.CreateSource((IParameterlessCFunction)functionSource, mutexName)) { FindAndReplace(SourceFiles, FunctionNamePlaceholder, ((ICFunction)this).Name); }
// Does not merge input source into this object. public CreateThreadShellcodeCCxxSource(IParameterlessCFunction functionSource) : base(CreateThreadCCxxSource.CreateSource((IParameterlessCFunction)functionSource)) { FindAndReplace(SourceFiles, FunctionNamePlaceholder, ((ICFunction)this).Name); }
// Does not merge input source into this object public FunctionCallExeWinMainCCxxSource(IParameterlessCFunction source) : base(SourceDirectoryToSourceFiles(ResourceDirectory)) { FindAndReplace(SourceFiles, PayloadFunctionPlaceholder, source.Name); }