How to produce an assembly from script source?

[a-prokopyev-resume]

Hello,

Most likely your dotnet-shell generates and assembly each time script source is changed and started? And then such assembly is executed by the .net?

Other scripting engines like csscript and dotnet-script allow to generate assembly which can be used without scripting engine.

Please let me know how to get a self enough assembly using your tool?

Your scripting tool looks the most convenient for shell scripting among other C# compatible ones because supports easy execution of shell commands almost as general *nix shells like Xonsh, Bash, etc.

Thanks, Alex

[i-am-shodan]

Dotnet shell is an interpreter, it doesn't compile up a new assembly each time a script is run. Instead it evaluates each line in turn performing actions in its own memory space - exactly how something like bash works. There is no command today that can build you a single binary with an embedded script, however this isn't that hard.

If you can get away with two executables then you can just run dotnet-shell [YOURSCRIPT]. There are even a few tools on Windows/Linux that can take these and a command line and make self extracting executables. You could try those to make a single executable. YMMV.

Alternatively it should be pretty easy to make some minor changes to the dotnet-shell binary to get the behaviour as you described.

You should start here, where execution in the shell begins. https://github.com/dotnet-shell/Shell/blob/53f7dea53d238067c438244ea19c181725148494/src/dotnet-shell/Program.cs#L86 . This line is start of the code path when a script argument is provided. You aren't providing a script file but something very similar an actual script. You just need to embed your script and call Execute on it. After a 'dotnet publish' you should be left with a single binary that runs your script and terminates.

You could even look at Native AOT which might be able to take your modifications as described above and compile it straight to a native binary. That way you'll have something completely self contained and a couple of meg.

[i-am-shodan]

Alternatively you could try --showPreProcessorOutput. That dotnet-shell argument dumps the internal C# that is to be evaluated.

dotnet-shell --showPreProcessorOutput [YOURSCRIPT]

You could use this and the compilation options defined inside dotnet-shell to effectively give you everything you need to compile your own assembly.

[a-prokopyev-resume]

Alternatively you could try --showPreProcessorOutput. That dotnet-shell argument dumps the internal C# that is to be evaluated.

dotnet-shell --showPreProcessorOutput [YOURSCRIPT]

You could use this and the compilation options defined inside dotnet-shell to effectively give you everything you need to compile your own assembly.

Thank you very much, second option looks more interesting.

I would prefer to have a pure assembly which could be obfuscated and prefer to not have any interpreted code (at least in terms of dotnet-shell syntax) at runtime if possible.

If obfuscated assembly then could be AOTed after obfuscation - good, but not required actually.

It seems your C# shell is the only relatively popular one which has shell like syntax to run Linux shell commands.

I guess Python Xonsh does something like yours. Actually Xonsh is not capable to produce a pure Python modules from script source too AFAIK.

If your scripting tool could generate pure C# code (instead of IL assembly) from script source it would be nice too. Just convert C# syntax mixed with pseudo shell syntax into pure C# syntax which can be compiled completely into IL assembly and then fully obfuscated without leaking algo fragments of the script in memory to avoid dumping.

[i-am-shodan]

Good luck with your malware!

[a-prokopyev-resume]

I am sorry if you understood me incorrectly.

Obfuscation can be useful to protect intellectual property when doing consulting or shareware.

For example some scripts can be distributed as closed source until paid and after payment the source is provided.