public static string ChunkRAWShellcode_HTA(string FilePath, int ChunkSizes = 100)
{
List <string> Chunks = new List <string>();
String ShellcodeHex = "";
string VBAArrayName = Utils.RandomString(DateTime.Now.Second);//Utils.RandomString(DateTime.Now.Second);
string ChunkedString = "";
string B64Shellcode = Compress.Base64File(FilePath);
for (int i = 0; i < B64Shellcode.Length; i += ChunkSizes)
{
if (i + ChunkSizes > B64Shellcode.Length)
{
ChunkSizes = B64Shellcode.Length - i;
}
string item = ShellcodeHex.Substring(i, ChunkSizes);
Chunks.Add(item);
}
for (int x = 1; x < Chunks.Count; ++x)
{
ChunkedString += "var " + VBAArrayName + x + " = \"" + Chunks.ElementAt(x) + "\";\r\n";
}
for (int x = 1; x < Chunks.Count; ++x)
{
VBAArrayName += VBAArrayName + x + "+";
}
ChunkedString += "\r\n" + VBAArrayName;
return(ChunkedString);
}
static void Main(string[] args)
{
PrintLogo();
if (args.Length <= 0)
{
Usage();
Environment.Exit(0);
}
try
{
switch (args[0])
{
case "-b64":
Compress.Base64File(args[1]);
break;
case "-GZIP":
if (args.Length == 2)
{
Compress.GZIP(args[1]);
}
else
{
Compress.GZIP(args[1], args[2]);
}
break;
case "-xor":
Crypto.XORShellcodeFile(args[1], args[2]);
break;
case "-far":
FindAndReplace.ReadFileReplaceString(args[1], args[2], args[3]);
break;
case "-AVFileCheck":
AVChecks.AVTest(args[1]);
break;
case "-DefenderCheck":
DefenderCheck.DefenderCheckScan(args[1]);
break;
case "-ChunkHTAShellcode":
Console.WriteLine("[*] Writing File ChunkHTAShellcode.txt");
File.WriteAllText("ChunkHTAShellcode.txt", HTA.ChunkRAWShellcode_HTA(args[1], Convert.ToInt32(args[2])));
break;
case "-ChunckRAWtoVBArrys":
Console.WriteLine("[*] Writing File ChunckRAWtoVBArrys.txt");
File.WriteAllText("ChunckRAWtoVBArrys.txt", VBA.ChunckRAWtoVBArrys(args[1]));
break;
case "-ConvertToIntArray":
Console.WriteLine("[*] Writing File ConvertedINTArray.txt");
File.WriteAllText("ConvertedINTArray.txt", BinaryOperations.ByteShellcodeToInt(File.ReadAllBytes(args[1])));
break;
case "-ConvertToINT64Array":
Console.WriteLine("[*] Writing File ConvertedINT64Array.txt");
File.WriteAllText("ConvertedINT64Array.txt", BinaryOperations.ByteToInt64(File.ReadAllBytes(args[1])));
break;
case "-ConvertToGUIDArray":
Console.WriteLine("[*] Writing File ConvertToGUIDArray.txt");
File.WriteAllText("ConvertToGUIDArray.txt", BinaryOperations.ByteToGUID(File.ReadAllBytes(args[1])));
break;
case "-aes":
try
{
if (File.Exists(args[1]))
{
byte[] tmp = Crypto.Encrypt(File.ReadAllBytes(args[1]), args[2], args[3]);
Console.WriteLine("[*] Writing File 'EncryptedShellcode.bin' and 'EncryptedShellcodeB64.txt' to current dir");
File.WriteAllText("EncryptedShellcodeB64.txt", Convert.ToBase64String(tmp));
File.WriteAllBytes("EncryptedShellcode.bin", tmp);
}
else
{
Console.WriteLine("[!] So you files isnt where you said it was. " + args[1]);
}
}
catch (Exception e)
{
Console.WriteLine("[!] SHIT SOMETHING WENT WRONG! " + e.Message.ToString());
}
break;
case "-ConvertToHEX":
try
{
if (File.Exists(args[1]))
{
byte[] tmp = File.ReadAllBytes(args[1]);
Console.WriteLine("[*] Writing File 'HexCodeOuput.txt' to current dir");
File.WriteAllText("HexCodeOuput.txt", BinaryOperations.ByteArrayToHEXString(tmp));
}
else
{
Console.WriteLine("[!] So you files isnt where you said it was. " + args[1]);
}
}
catch (Exception e)
{
Console.WriteLine("[!] SHIT SOMETHING WENT WRONG! " + e.Message.ToString());
}
break;
case "-Reverse":
if (File.Exists(args[1]))
{
string filename = Path.GetFileName(args[1]).Split('.')[0] + "reverse";
string Dir = Path.GetDirectoryName(args[1]);
string ext = Path.GetExtension(args[1]);
Console.WriteLine("[*] Writing File with reverse string " + Dir + "\\" + filename + ext + " to current dir");
File.WriteAllText(Dir + "\\" + filename + ext, Utils.ReverseString(File.ReadAllText(args[1])));
}
else
{
Console.WriteLine("[!] So you files isnt where you said it was. " + args[1]);
}
break;
case "-AddJunk":
if (File.Exists(args[1]))
{
string filename = Path.GetFileName(args[1]).Split('.')[0] + "junked";
string Dir = Path.GetDirectoryName(args[1]);
string ext = Path.GetExtension(args[1]);
Console.WriteLine("[*] Writing File with Junk in string " + Dir + "\\" + filename + ext + " to current dir");
File.WriteAllText(Dir + "\\" + filename + ext, Utils.AddJunkToString(File.ReadAllText(args[1])));
}
else
{
Console.WriteLine("[!] So you files isnt where you said it was. " + args[1]);
}
break;
case "-ByteReplaceBin":
if (args.Length == 4)
{
BinaryOperations.ReplaceBinString(args[1], args[2], args[3]);
}
else
{
BinaryOperations.ReplaceBinString(args[1], args[2], args[3], args[4]);
}
break;
case "-ChunkShellcodeTextToVariableCSharp": //REF:https://github.com/mobdk/Zeta/blob/main/Zeta.cs
string code = Utils.StringToVariable(File.ReadAllText(args[1]), "var ", " = \"" + Utils.RandomString(20) + "\";\n");
code += @"
//using System.Linq.Expressions;
//Code Below will turn variable into string that can be used as shellcode. Setup for a forloop right now
public static string GetVariableDataTypeNameAsString<T>(Expression<Func<T>> memberExpression)
{
MemberExpression expressionBody = (MemberExpression)memberExpression.Body;
return expressionBody.Member.Name;
}
";
File.WriteAllText("ChunkShellcodeTextToVariableCSharp.cs", code);
break;
case "-h":
Usage();
break;
case "-help":
Usage();
break;
case "?":
Usage();
break;
}
}
catch (Exception e)
{
Usage();
Console.WriteLine("[Error] Invalid input " + e.Message.ToString());
}
}