Skip to content
/ SharpASM Public

SharpASM is a C# project that aims to automate ASM (i.e. shellcode) execution in .NET programs by exploiting code caves in RWX sections allocated by the CLR.

57 stars 9 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

SECFORCE/SharpASM

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
SharpASM
SharpASM
 
 
examples
examples
 
 
README.md
README.md
 
 
logo.png
logo.png
 
 

Repository files navigation

SharpASM

LOGO

SharpASM is a C# project that aims to automate ASM (i.e. shellcode) execution in .NET programs by exploiting code caves in RWX sections allocated by the CLR.

Read the blog post for the technical details: https://secforce.com/blog/sharpasm-sharpwhispers

Requirements

  • Visual Studio
  • .NET Framework >= 3.5

Usage

  • Create Visual Studio .NET Framework project (follow the instructions here)
  • Import SharpASM.cs file in the Visual Studio .NET Framework project.
  • Include the namespace in the program 
     using SharpASM = SharpAssembly.SharpASM;
  • Define a byte array containing the shellcode 
     // __readgsqword(0x60)
 static byte[] bReadgsqword =
 {
     0x65, 0x48, 0x8B, 0x04, 0x25, 0x60,     // mov rax, qword ptr gs:[0x60]
     0x00, 0x00, 0x00,
     0xc3                                    // ret
 };
  • Call the shellcode using SharpASM.callASM() 
     var peb = SharpASM.callASM(bReadgsqword);

Example

A complete example to retrieve the PEB using assembly can be found here.

About

SharpASM is a C# project that aims to automate ASM (i.e. shellcode) execution in .NET programs by exploiting code caves in RWX sections allocated by the CLR.

Resources

Readme
Activity
Custom properties

Stars

57 stars

Watchers

3 watching

Forks

9 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages