# Cshap

**Repository Path**: CVE/Cshap

## Basic Information

- **Project Name**: Cshap
- **Description**: C# 系列脚本
- **Primary Language**: C#
- **License**: GPL-2.0
- **Default Branch**: master
- **Homepage**: None
- **GVP Project**: No

## Statistics

- **Stars**: 0
- **Forks**: 0
- **Created**: 2020-03-24
- **Last Updated**: 2020-12-19

## Categories & Tags

**Categories**: Uncategorized

**Tags**: None

## README

# Cshap
本文项目参考来源

https://github.com/3gstudent/Homework-of-C-Sharp

https://github.com/GhostPack/SafetyKatz

Casey Smith Github账号注销了，遗憾

### PEloder.cs

思路来源Casey Smith

使用C#的PE加载器，可直接加载PE文件，也可以加载内存中的二进制可执行数据

*用法：*

    `csc.exe /unsafe PEloder.cs` 


### CShapLoder_x32.cs

32位的PE加载器
```
Complie:
C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe /unsafe /platform:x86 CShapLoder_x32.cs
or
C:\Windows\Microsoft.NET\Framework\v3.5\csc.exe /unsafe /platform:x86 CShapLoder_x32.cs

Usage:
CShapLoder_x32.exe coffee exit
```


### CShapLoder_x64.cs

64位的PE加载器
```
Complie:
C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe /unsafe /platform:x86 CShapLoder_x64.cs
or
C:\Windows\Microsoft.NET\Framework\v3.5\csc.exe /unsafe /platform:x86 CShapLoder_x64.cs

Usage:
CShapLoder_x64.exe coffee exit
```
### Compress.cs

压缩程序成以及使用base64编码，方便PEloder加载

输出文件名：Comprocessed.b64

---------------------------------------------

也可以使用在线工具箱生成数据

https://gchq.github.io/CyberChef/

```
Recipe依次是
Gzip(default)
To Base64
```


### SharpPELoaderGenerater.cs
用于生成对应版本的PEloder
```
Complie:
C:\Windows\Microsoft.NET\Framework64\v3.5\csc.exe /unsafe c:\Test\SharpPELoaderGenerater.cs
or other .net version

Usage:
SharpPELoaderGenerater.exe <exe Path>

example:
SharpPELoaderGenerater.exe Mimikatz.exe
```
生成的cs文件就是加载MimiKatz的loder