private static IAttack OutputMergingExample()
{
// Note: This sample uses the same virtual host and port for the HTMLMTH server as the HTMLMTH server from Sample6
var HOSTNAME = "HostnameC2"; // the DNS name "HostnameC2" points to the virtual host "VirtualHostC"
var VIRTUALHOST = "VirtualHostC"; // So, the host in Sample6 and Sample7 are the same virtual host
var HOST = Host.GetHostByHostName(HOSTNAME) ?? new Host(VIRTUALHOST, HOSTNAME, null);
var htmlmthServerOutput = new HtmlmthServerOutput(HOST, scriptEncodingServerHost: "SomeWindowsServerRunningTheEncoderScript.com", scriptEncodingServerPort: 5000); // the default port is 80
var attackName = "OutputMerging";
var attack = new Attack(new IOutput[] {
htmlmthServerOutput,
}, name: attackName);
var website = new OnePageWebsite("<html><head><meta http-equiv=\"x-ua-compatible\" content=\"IE=8\"></head><body><script language='VBScript.Encode'>MsgBox Hex(&HBAADF00D)</script></body></html>");
var evasions = new[] { // Refer to HTMLMTH documentation & source code for the available evasions
"htmlmth.evasions.html.encoded_script", // This evasion requires HTMLMTH's scripting_encoder_server.py to be running on a Windows server. This server should be reachable from the HTMLMTH server
// This evasion also only works when IE rendering mode is set to <= 8
};
var htmlmthWebsite = new HtmlmthWebsite(website, HOST, evasions);
htmlmthServerOutput.Add(htmlmthWebsite); // bookkeep
attack.Generate();
// The files needed to launch the HTMLMTH server should now be at $(ProjectDir)\bin\$(Configuration)\$(TargetFramework)\Output\Server\HostnameB\80_HTMLMTH_Server
// Note: MyWarez will automatically merge the HTMLMTH server contents correctly for HtmlmthServerOutput on the same virtual host & port
// Note: The same occurs for multiple HttpServerOutput on the same virtual host & port
// Note: The same occurs for multiple SmbServerOutput on the same virtual host & port
// Note: The same occurs for multiple RemoteFileServerOutput on the same virtual host & port
// Note: Different Output types on the same virtual host & port will NOT be merged
return(attack);
}
private static IAttack HttpServerOutputExample()
{
var HOSTNAME = "HostnameB";
var HOST = Host.GetHostByHostName(HOSTNAME) ?? new Host(HOSTNAME, HOSTNAME, null);
var httpServerOutput = new HttpServerOutput(HOST); // the default port is 80
var attackName = "HttpServerOutput";
var attack = new Attack(new IOutput[] {
httpServerOutput,
}, name: attackName);
// The files placed in "$(ProjectDir)\Resources" or "$(ProjectDir)\..\Resources" will be available for use
// This is useful for bringing in your own exploits, payloads, Output files, etc
var sampleAResourcePath = Path.Join(MyWarez.Core.Constants.ResourceDirectory, "HttpServerOutput.html");
var sampleAResourceText = File.ReadAllText(sampleAResourcePath);
var html = new OnePageWebsite(sampleAResourceText);
var sampleAFilename = "/somepath/HttpServerOutputExampleA.html";
// HttpServerOutput has the same Add methods as SamplesOutput
httpServerOutput.Add(sampleAFilename, html);
attack.Generate();
// The file should now be at $(ProjectDir)\bin\$(Configuration)\$(TargetFramework)\Output\Server\HostnameB\80_HTTP_Server\wwwroot\somepath\HttpServerOutputExampleA.html
return(attack);
}
