public dynamic InitStruct(string type)
{
if (type == "DSConfig")
{
var config = new DSConfig
{
arch = Constants.DONUT_ARCH_X84,
bypass = Constants.DONUT_BYPASS_CONTINUE,
inst_type = Constants.DONUT_INSTANCE_PIC,
mod_len = 0,
inst_len = 0,
pic = IntPtr.Zero,
pic_len = 0,
cls = new char[Constants.DONUT_MAX_NAME],
domain = new char[Constants.DONUT_MAX_NAME],
method = new char[Constants.DONUT_MAX_NAME],
modname = new char[Constants.DONUT_MAX_NAME],
file = new char[Constants.DONUT_MAX_NAME],
runtime = new char[Constants.DONUT_MAX_NAME],
url = new char[Constants.DONUT_MAX_NAME],
param = new char[(Constants.DONUT_MAX_PARAM + 1) * Constants.DONUT_MAX_NAME]
};
return(config);
}
else if (type == "DSModule")
{
var mod = new DSModule
{
runtime = new byte[512],
cls = new byte[512],
method = new byte[512],
domain = new byte[512],
sig = new char[256]
};
mod.p = new P[Constants.DONUT_MAX_PARAM + 1];
for (int i = 0; i < mod.p.Length; i++)
{
mod.p[i] = new P
{
param = new byte[Constants.DONUT_MAX_NAME * 2]
};
}
return(mod);
}
else if (type == "DSInstance")
{
var inst = new DSInstance
{
sig = new char[256],
amsiInit = new char[16],
amsiScanBuf = new char[16],
amsiScanStr = new char[16],
clr = new char[8],
wldp = new char[16],
wldpQuery = new char[32],
wldpIsApproved = new char[32],
wscript = new char[16],
wscript_exe = new char[32],
};
inst.amsi = new AMSI();
inst.amsi.s = new char[8];
inst.key.ctr = new byte[16];
inst.key.mk = new byte[16];
inst.mod_key.ctr = new byte[16];
inst.mod_key.mk = new byte[16];
return(inst);
}
return(0);
}
public static int CreateModule(ref DSConfig config, ref DSFileInfo fi)
{
D.Print("Entering CreateModule()");
string[] param;
// Inititialize Module struct
DSModule mod = new DSModule
{
type = fi.type,
runtime = new byte[512],
cls = new byte[512],
method = new byte[512],
domain = new byte[512],
sig = new char[256]
};
// DotNet Assembly
if (mod.type == Constants.DONUT_MODULE_NET_DLL || mod.type == Constants.DONUT_MODULE_NET_EXE)
{
// If no AppDomain, generate one
if (config.domain[0] == 0)
{
Helper.Copy(config.domain, Helper.RandomString(8));
}
Console.WriteLine($"\t[+] Domain:\t{Helper.String(config.domain)}");
Helper.Unicode(mod.domain, Helper.String(config.domain));
if (mod.type == Constants.DONUT_MODULE_NET_DLL)
{
Console.WriteLine($"\t[+] Class:\t{Helper.String(config.cls)}");
Helper.Unicode(mod.cls, Helper.String(config.cls));
Console.WriteLine($"\t[+] Method:\t{Helper.String(config.method)}");
Helper.Unicode(mod.method, Helper.String(config.method));
}
// If no runtime specified, use the version from assembly
if (config.runtime[0] == 0)
{
config.runtime = fi.ver;
}
Console.WriteLine($"\t[+] Runtime:\t{Helper.String(config.runtime)}");
Helper.Unicode(mod.runtime, Helper.String(config.runtime));
}
// Unmanaged DLL?
if (mod.type == Constants.DONUT_MODULE_DLL)
{
if (config.method[0] == 0)
{
// Set method DllMain
Helper.Copy(mod.method, "DllMain");
}
else
{
Helper.Copy(mod.method, Helper.String(config.method));
}
}
if (config.param != null)
{
// Initialize Param struct
mod.p = new P[Constants.DONUT_MAX_PARAM + 1];
for (int i = 0; i < mod.p.Length; i++)
{
mod.p[i] = new P
{
param = new byte[Constants.DONUT_MAX_NAME * 2]
};
}
// Assign params
param = Helper.String(config.param).Split(new char[] { ',', ';' });
for (int cnt = 0; cnt < param.Length; cnt++)
{
Helper.Unicode(mod.p[cnt].param, param[cnt]);
mod.param_cnt++;
}
// If no params, assign cnt = 0
if (param[0] == "")
{
mod.param_cnt = 0;
}
}
// Assign mod length
mod.len = Convert.ToUInt32(new FileInfo(Helper.String(config.file)).Length);
// Update mod and len
config.mod = mod;
config.mod_len = Convert.ToUInt32(Marshal.SizeOf(typeof(DSModule))) + mod.len;
D.Print($"Total Module Size: {config.mod_len}");
return(Constants.DONUT_ERROR_SUCCESS);
}
