Closed platinumvoid closed 1 year ago
Hi,
I haven't tried that myself before, to get a better idea about the errors you getting;
For debugging the issue, create a simple deserializer in c# that takes the stage_2 based64 encoded blob, decodes it then deserializes it, then step through the c# deserializer and see what type of (hopefully explicit) errors you're getting..
Just keep in mind, when you deserialize your blob via c#, make sure to disable type checks before you decode/deserialize the blob:
ConfigurationManager.AppSettings.Set("microsoft:WorkflowComponentModel:DisableActivitySurrogateSelectorTypeCheck", "true");
Hello,
Thank you for responding! No errors were displayed it was just my code was not executed when executing the .js file, despite the standalone exe executing just fine.
I have managed to resolve the issue but I I still do not know why because it is very weird how I did it. I had a source file named envdecryptor.cs that had inside it a class named Class2. Method names inside that class included HashKeyword, GenerateKey, Decrypt, FindMasterKey.
When I added a namespace to that class it worked. So I am assuming maybe it conflicted with something in the global namespace, that maybe Gadget2JS was using as well.
I have a C# shellcode injector (.NET Framework 4.8) that has a dependency on BouncyCastle. To merge the DLLs I have used both ILMerge.Fody and libZ. Although the build exe works as expected, the merged DLL when used on GadgetToJScript it does not execute and IE opens:
\GadgetToJScript.exe -w js -b -a .\csharpstager_merged.dll -o new
I think this indicates that an exception with the compiled code has occured.While I understand this might not be a direct issue of the tool, I would appreciate help if someone has needed a merged DLL or EXE to JS before, or if anybody from the dev team can help me debug it