OffensivePipeline - Allows You To Download And Build C# Tools, Applying Certain Modifications In Order To Improve Their Evasion For Red Team Exercises


OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team exercises.
A common use of OffensivePipeline is to download a tool from a Git repository, randomise certain values in the project, build it, obfuscate the resulting binary and generate a shellcode.


Features

  • Currently only supports C# (.Net Framework) projects
  • Allows to clone public and private (you will need credentials :D) git repositories
  • Allows to work with local folders
  • Randomizes project GUIDs
  • Randomizes application information contained in AssemblyInfo
  • Builds C# projects
  • Obfuscates generated binaries
  • Generates shellcodes from binaries
  • There are 79 tools parameterised in YML templates (not all of them may work :D)
  • New tools can be added using YML templates
  • It should be easy to add new plugins...

What's new in version 2.0

  • Almost complete code rewrite (new bugs?)
  • Cloning from private repositories possible (authentication via GitHub authToken)
  • Possibility to copy a local folder instead of cloning from a remote repository
  • New module to generate shellcodes with Donut
  • New module to randomize GUIDs of applications
  • New module to randomize the AssemblyInfo of each application
  • 60 new tools added

Examples

  • List all tools:
OffensivePipeline.exe list
  • Build all tools:
OffensivePipeline.exe all
  • Build a tool
OffensivePipeline.exe t toolName
  • Clean cloned and build tools
OffensivePipeline.exe 

Output example

PS C:\OffensivePipeline> .\OffensivePipeline.exe t rubeus                                                                                                   ooo                                                                                           .osooooM M      ___   __  __                _           ____  _            _ _                      +y.     M M     / _ \ / _|/ _| ___ _ __  ___(_)_   _____|  _ \(_)_ __   ___| (_)_ __   ___           :h  .yoooMoM    | | | | |_| |_ / _ \ '_ \/ __| \ \ / / _ \ |_) | | '_ \ / _ \ | | '_ \ / _ \          oo  oo    | |_| |  _|  _|  __/ | | \__ \ |\ V /  __/  __/| | |_) |  __/ | | | | |  __/          oo  oo     \___/|_| |_|  \___|_| |_|___/_| \_/ \___|_|   |_| .__/ \___|_|_|_| |_|\___|          oo  oo                                                     |_|                            MoMoooy.  h:                                                                                       M M     .y+                                                                                    M Mooooso.                                                                                    ooo                                                                    @aetsu                                                                                v2.0.0[+] Loading tool: Rubeus    Clonnig repository: Rubeus into C:\OffensivePipeline\Git\Rubeus                 Repository Rubeus cloned into C:\OffensivePipeline\Git\Rubeus    [+] Load RandomGuid module        Searching GUIDs...                > C:\OffensivePipeline\Git\Rubeus\Rubeus.sln                > C:\OffensivePipeline\Git\Rubeus\Rubeus\Rubeus.csproj                > C:\OffensivePipeline\Git\Rubeus\Rubeus\Properties\AssemblyInfo.cs        Replacing GUIDs...                File C:\OffensivePipeline\Git\Rubeus\Rubeus.sln:                           > Replacing GUID 658C8B7F-3664-4A95-9572-A3E5871DFC06 with 3bd82351-ac9a-4403-b1e7-9660e698d286                        > Replacing GUID FAE04EC0-301F-11D3-BF4B-00C04F79EFBC with 619876c2-5a8b-4c48-93c3-f87ca520ac5e                        > Replacing GUID 658c8b7f-3664-4a95-9572-a3e5871dfc06 with 11e0084e-937f-46d7-83b5-38a496bf278a                [+] No errors!                File C:\OffensivePipeline\Git\Rubeus\Rubeus\Rubeus.csproj:                        > Replacing GUID 658C8B7F-3664-4A95-9572-A3E5871DFC06 with 3bd82351-ac9a-4403-b1e7-9660e698d286                        > Replacing GUID FAE04EC0-301F-11D3-BF4B-00C04F79EFBC with 619876c2-5a8b-4c48-93c3-f87ca520ac5e                        > Replacing GUID 658c8b7f-3664-4a95-9572-a3e5871dfc06 with 11e0084e-937f-46d7-83b5-38a496bf278a                [+] No errors!                File C:\OffensivePipeline\Git\Rubeus\Rubeus\Properties\AssemblyInfo.cs:                           > Replacing GUID 658C8B7F-3664-4A95-9572-A3E5871DFC06 with 3bd82351-ac9a-4403-b1e7-9660e698d286                        > Replacing GUID FAE04EC0-301F-11D3-BF4B-00C04F79EFBC with 619876c2-5a8b-4c48-93c3-f87ca520ac5e                        > Replacing GUID 658c8b7f-3664-4a95-9572-a3e5871dfc06 with 11e0084e-937f-46d7-83b5-38a496bf278a                [+] No errors!    [+] Load RandomAssemblyInfo module        Replacing strings in C:\OffensivePipeline\Git\Rubeus\Rubeus\Properties\AssemblyInfo.cs                [assembly: AssemblyTitle("Rubeus")] -> [assembly: AssemblyTitle("g4ef3fvphre")]                [assembly: AssemblyDescription("")] -> [assembly: AssemblyDescription("")]                [assembly: AssemblyConfiguration("")] -> [assembly: AssemblyConfiguration("")]                [assembly: AssemblyCompany("")] -> [assembly: AssemblyCompany("")]                [assembly: AssemblyProduc   t("Rubeus")] -> [assembly: AssemblyProduct("g4ef3fvphre")]                [assembly: AssemblyCopyright("Copyright ©  2018")] -> [assembly: AssemblyCopyright("Copyright ©  2018")]                [assembly: AssemblyTrademark("")] -> [assembly: AssemblyTrademark("")]                [assembly: AssemblyCulture("")] -> [assembly: AssemblyCulture("")]    [+] Load BuildCsharp module        [+] Checking requirements...        [*] Downloading nuget.exe from https://dist.nuget.org/win-x86-commandline/latest/nuget.exe                [+] Download OK - nuget.exe                [+] Path found - C:\Program Files (x86)\Microsoft Visual Studio\2022\BuildTools\Common7\Tools\VsDevCmd.bat        Solving dependences with nuget...        Building solution...                [+] No errors!                [+] Output folder: C:\OffensivePipeline\Output\Rubeus_vh00nc50xud    [+] Load ConfuserEx module        [+] Checking requirements...        [+] Downloading ConfuserEx from https://github.com/mkaring/ConfuserEx/releases/download/v1.6.0/ConfuserEx-CLI.zip                [+] Download OK - ConfuserEx        Confusing...                [+] No errors!    [+] Load Donut module        Generating shellcode...Payload options:        Domain: RMM6XFC3        Runtime:v4.0.30319Raw Payload: C:\OffensivePipeline\Output\Rubeus_vh00nc50xud\ConfuserEx\Donut\Rubeus.binB64 Payload: C:\OffensivePipeline\Output\Rubeus_vh00nc50xud\ConfuserEx\Donut\Rubeus.bin.b64                [+] No errors!    [+] Generating Sha256 hashes                Output file: C:\OffensivePipeline\Output\Rubeus_vh00nc50xud-----------------------------------------------------------------                SUMMARY - Rubeus         - RandomGuid: OK         - RandomAssemblyInfo: OK            - BuildCsharp: OK         - ConfuserEx: OK         - Donut: OK-----------------------------------------------------------------

Plugins

  • RandomGuid: randomise the GUID in .sln, .csproj and AssemblyInfo.cs files
  • RandomAssemblyInfo: randomise the values defined in AssemblyInfo.cs
  • BuildCsharp: build c# project
  • ConfuserEx: obfuscate c# tools
  • Donut: use Donut to generate shellcodes. The shellcode generated is without parameters, in future releases this may be changed.

Add a tool from a remote git

The scripts for downloading the tools are in the Tools folder in yml format. New tools can be added by creating new yml files with the following format:

  • Rubeus.yml file:
tool:  - name: Rubeus    description: Rubeus is a C# toolset for raw Kerberos interaction and abuses    gitLink: https://github.com/GhostPack/Rubeus    solutionPath: Rubeus\Rubeus.sln    language: c#    plugins: RandomGuid, RandomAssemblyInfo, BuildCsharp, ConfuserEx, Donut    authUser:    authToken: 

Where:

  • Name: name of the tool
  • Description: tool description
  • GitLink: link from git to clone
  • SolutionPath: solution (sln file) path
  • Language: language used (currently only c# is supported)
  • Plugins: plugins to use on this tool build process
  • AuthUser: user name from github (not used for public repositories)
  • AuthToken: auth token from github (not used for public repositories)

Add a tool from a private git

tool:  - name: SharpHound3-Custom    description: C# Rewrite of the BloodHound Ingestor    gitLink: https://github.com/aaaaaaa/SharpHound3-Custom    solutionPath: SharpHound3-Custom\SharpHound3.sln    language: c#    plugins: RandomGuid, RandomAssemblyInfo, BuildCsharp, ConfuserEx, Donut    authUser: aaaaaaa    authToken: abcdefghijklmnopqrsthtnf

Where:

  • Name: name of the tool
  • Description: tool description
  • GitLink: link from git to clone
  • SolutionPath: solution (sln file) path
  • Language: language used (currently only c# is supported)
  • Plugins: plugins to user on this tool build process
  • AuthUser: user name from GitHub
  • AuthToken: auth token from GitHub (documented at GitHub: creating a personal access token)

Add a tool from local git folder

tool:  - name: SeatbeltLocal    description: Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.    gitLink: C:\Users\alpha\Desktop\SeatbeltLocal    solutionPath: SeatbeltLocal\Seatbelt.sln    language: c#    plugins: RandomGuid, RandomAssemblyInfo, BuildCsharp, ConfuserEx, Donut    authUser:    authToken: 

Where:

  • Name: name of the tool
  • Description: tool description
  • GitLink: path where the tool is located
  • SolutionPath: solution (sln file) path
  • Language: language used (currently only c# is supported)
  • Plugins: plugins to user on this tool build process
  • AuthUser: user name from github (not used for local repositories)
  • AuthToken: auth token from github (not used for local repositories)

Requirements for the release version (Visual Studio 2019/2022 is not required)

In the OffensivePipeline.dll.config file it's possible to change the version of the build tools used.

  • Build Tools 2019:
<add key="BuildCSharpTools" value="C:\Program Files (x86)\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\VsDevCmd.bat"/>
  • Build Tools 2022:
<add key="BuildCSharpTools" value="C:\Program Files (x86)\Microsoft Visual Studio\2022\BuildTools\Common7\Tools\VsDevCmd.bat"/>

Requirements for build

Credits

Supported tools




Source: www.kitploit.com
OffensivePipeline - Allows You To Download And Build C# Tools, Applying Certain Modifications In Order To Improve Their Evasion For Red Team Exercises OffensivePipeline - Allows You To Download And Build C# Tools, Applying Certain Modifications In Order To Improve Their Evasion For Red Team Exercises Reviewed by Zion3R on 6:06 AM Rating: 5