first commit

PhrozenIO · May 18, 2020 · 6a21900 · 6a21900
1 parent 36f7988
commit 6a21900
Show file tree

Hide file tree

Showing 12 changed files with 1,992 additions and 0 deletions.
diff --git a/RunAsAttached.dpr b/RunAsAttached.dpr
@@ -0,0 +1,136 @@
+(*******************************************************************************
+
+  Jean-Pierre LESUEUR (@DarkCoderSc)
+  https://www.phrozen.io/
+  [email protected]
+
+  License : MIT
+
+  Version: 1.0b
+
+  Description:
+  ------------------------------------------------------------------------------
+
+    This version doesn't work with programs such as Netcat in the scenario of an
+    initial reverse / bind shell.
+
+    Check my Github : https://github.com/darkcodersc to find the version that
+    supports netcat ;-)
+
+    Don't forgget to leave a star and follow if you found my work useful ! =P
+
+*******************************************************************************)
+
+program RunAsAttached;
+
+{$APPTYPE CONSOLE}
+
+{$R *.res}
+
+uses
+  System.SysUtils,
+  Windows,
+  Classes,
+  UntFunctions in 'Units\UntFunctions.pas',
+  UntApiDefs in 'Units\UntApiDefs.pas',
+  UntGlobalDefs in 'Units\UntGlobalDefs.pas',
+  UntStdHandlers in 'Units\UntStdHandlers.pas',
+  UntTypeDefs in 'Units\UntTypeDefs.pas';
+
+var SET_USERNAME   : String = '';
+    SET_PASSWORD   : String = '';
+    SET_DOMAINNAME : String = '';
+
+    LStdoutHandler : TStdoutHandler;
+    LStdinHandler  : TStdinHandler;
+    AExitCode      : Cardinal;
+
+{-------------------------------------------------------------------------------
+  Usage Banner
+-------------------------------------------------------------------------------}
+function DisplayHelpBanner() : String;
+begin
+  result := '';
+  ///
+
+  WriteLn;
+
+  WriteLn('-----------------------------------------------------------');
+
+  Write('RunAsAttached By ');
+
+  WriteColoredWord('Jean-Pierre LESUEUR ');
+
+  Write('(');
+
+  WriteColoredWord('@DarkCoderSc');
+
+  WriteLn(')');
+
+
+  WriteLn('https://www.phrozen.io/');
+  WriteLn('https://github.com/darkcodersc');
+  WriteLn('-----------------------------------------------------------');
+
+  WriteLn;
+
+  WriteLn('RunAsAttached.exe -u <username> -p <password> [-d <domain>]');
+  WriteLn;
+end;
+
+{-------------------------------------------------------------------------------
+  Program Entry
+-------------------------------------------------------------------------------}
+begin
+  isMultiThread := True;
+  try
+    {
+      Parse Parameters
+    }
+    if NOT GetCommandLineOption('u', SET_USERNAME) then
+      raise Exception.Create('');
+
+    if NOT GetCommandLineOption('p', SET_PASSWORD) then
+      raise Exception.Create('');
+
+    GetCommandLineOption('d', SET_DOMAINNAME);
+
+    {
+      Create Handlers (stdout, stdin, stderr)
+    }
+    try
+      LStdoutHandler := TStdoutHandler.Create(SET_USERNAME, SET_PASSWORD, SET_DOMAINNAME);
+      LStdinHandler  := TStdinHandler.Create(LStdoutHandler.ThreadID);
+
+      LStdoutHandler.StdinThreadId := LStdInHandler.ThreadID;
+      LStdoutHandler.Resume();
+
+      {
+         Stdout is our master
+      }
+      WaitForSingleObject(LStdoutHandler.Handle, INFINITE); // or LStdoutHandler.WaitFor();
+
+      {
+        Close secondary thread if not already
+      }
+      GetExitCodeThread(LStdinHandler.Handle, AExitCode);
+      if (AExitCode = STILL_ACTIVE) then begin
+        LStdinHandler.Terminate();
+        LStdinHandler.WaitFor();
+      end;
+    finally
+      if Assigned(LStdoutHandler) then
+        FreeAndNil(LStdoutHandler);
+
+      if Assigned(LStdinHandler) then
+        FreeAndNIl(LStdinHandler);
+    end;
+  except
+    on E: Exception do begin
+      if (E.Message <> '') then
+        Debug(Format('Exception in class=[%s], message=[%s]', [E.ClassName, E.Message]), dlError)
+      else
+        DisplayHelpBanner();
+    end;
+  end;
+end.
diff --git a/RunAsAttached.dproj b/RunAsAttached.dproj
diff --git a/RunAsAttached.dproj.local b/RunAsAttached.dproj.local
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="utf-8"?>
+<BorlandProject>
+	<Transactions>
+    <Transaction>2020/03/03 11:06:06.000.717,=C:\Users\PhrozenLab\Documents\Embarcadero\Studio\Projects\Unit1.pas</Transaction>
+    <Transaction>2020/04/30 15:03:58.000.912,=C:\Users\PhrozenLab\Documents\Embarcadero\Studio\Projects\Unit1.pas</Transaction>
+    <Transaction>2020/05/15 20:22:44.000.504,C:\Users\PhrozenLab\Desktop\Open Source Projects\RunAsAttached\RunAsAttached.dproj=C:\Users\PhrozenLab\Documents\Embarcadero\Studio\Projects\Project2.dproj</Transaction>
+    <Transaction>2020/05/15 20:42:17.000.757,=C:\Users\PhrozenLab\Desktop\Open Source Projects\RunAsAttached\Unit1.pas</Transaction>
+    <Transaction>2020/05/15 20:42:25.000.739,C:\Users\PhrozenLab\Desktop\Open Source Projects\RunAsAttached\Units\UntHandler.pas=C:\Users\PhrozenLab\Desktop\Open Source Projects\RunAsAttached\Unit1.pas</Transaction>
+    <Transaction>2020/05/17 10:21:52.000.555,=C:\Users\PhrozenLab\Desktop\Open Source Projects\RunAsAttached\Unit1.pas</Transaction>
+    <Transaction>2020/05/17 10:26:49.000.540,=C:\Users\PhrozenLab\Desktop\Open Source Projects\RunAsAttached\Unit1.pas</Transaction>
+    <Transaction>2020/05/17 10:26:58.000.055,C:\Users\PhrozenLab\Desktop\Open Source Projects\RunAsAttached\Unit1.pas=C:\Users\PhrozenLab\Desktop\Open Source Projects\RunAsAttached\Units\UntTypeDefs.pas</Transaction>
+    <Transaction>2020/05/17 12:27:22.000.791,C:\Users\PhrozenLab\Desktop\Open Source Projects\RunAsAttached\Units\UntHandler.pas=C:\Users\PhrozenLab\Desktop\Open Source Projects\RunAsAttached\Units\UntStdHandlers.pas</Transaction>
+  </Transactions>
+</BorlandProject>
diff --git a/RunAsAttached.identcache b/RunAsAttached.identcache
diff --git a/RunAsAttached.res b/RunAsAttached.res
diff --git a/Units/UntApiDefs.pas b/Units/UntApiDefs.pas
@@ -0,0 +1,64 @@
+(*******************************************************************************
+
+  Jean-Pierre LESUEUR (@DarkCoderSc)
+  https://www.phrozen.io/
+  [email protected]
+
+  License : MIT
+
+*******************************************************************************)
+
+unit UntApiDefs;
+
+interface
+
+uses Windows;
+
+var hKernel32 : THandle;
+    hShell32  : THandle;
+    hCrypt32  : THandle;
+    hAdvapi32 : THandle;
+
+    {
+      API's Definitions
+    }
+    CommandLineToArgvW      : function(lpCmdLine : LPCWSTR; var pNumArgs : Integer) : LPWSTR; stdcall;
+    CreateProcessWithLogonW : function(lpUsername, lpDomain, lpPassword: LPCWSTR; dwLogonFlags: DWORD; lpApplicationName: LPCWSTR; lpCommandLine: LPWSTR; dwCreationFlags: DWORD; lpEnvironment: LPVOID; lpCurrentDirectory: LPCWSTR; const lpStartupInfo: STARTUPINFOW; var lpProcessInformation: PROCESS_INFORMATION): BOOL; stdcall;
+
+const LOGON_WITH_PROFILE      = $00000001;
+      LOGON_LOGON_INTERACTIVE = $00000002;
+      LOGON_PROVIDER_DEFAULT  = $00000000;
+
+implementation
+
+initialization
+  {
+    Shell32.dll API's Loading
+  }
+  CommandLineToArgvW := nil;
+
+  hShell32 := LoadLibrary('SHELL32.DLL');
+  if (hShell32 <> 0) then begin
+    @CommandLineToArgvW := GetProcAddress(hShell32, 'CommandLineToArgvW');
+  end;
+
+  {
+    hAdvapi32.DLL API's Loading
+  }
+  CreateProcessWithLogonW := nil;
+
+  hAdvapi32 := LoadLibrary('ADVAPI32.DLL');
+  if (hAdvapi32 <> 0) then begin
+    @CreateProcessWithLogonW := GetProcAddress(hAdvapi32, 'CreateProcessWithLogonW');
+  end;
+
+
+finalization
+  if (hShell32 <> 0) then
+    FreeLibrary(hShell32);
+
+  if (hAdvapi32 <> 0) then
+    FreeLibrary(hAdvapi32);
+
+end.
+