Skip to content

weaselsec/ClickOnce-AppDomain-Manager-Injection

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
FileHistory.exe
FileHistory.exe
 
 
Filehistory.exe.config
Filehistory.exe.config
 
 
README.md
README.md
 
 
amsi.cs
amsi.cs
 
 
uevmonitor.cs
uevmonitor.cs
 
 

Repository files navigation

ClickOnce + AppDomain Manager Injection

ClickOnce + AppDomain Manager Injection

Based on https://github.com/Mr-Un1k0d3r/.NetConfigLoader

csc.exe /t:library /keyfile:key.snk /out:uevmonitor.dll uevmonitor.cs amsi.cs

"[System.Reflection.AssemblyName]::GetAssemblyName("uevmonitor.dll").FullName"

uevmonitor, Version=0.0.0.0, Culture=neutral, PublicKeyToken=1bb626af4620f3e6

Add PublicKeyToken to Filehistory.exe.config

makecert -r -pe -n "CN=test" -ss CA -sr CurrentUser -a sha256 -cy authority -sky signature -sv cert.pvk CA.cer

pvk2pfx -pvk cert.pvk -spc CA.cer -pfx CA.pfx -po "test"

MageUI.exe

Create application manifest:

image

Sign and save the application manifest:

image

Create deployment manifest:

image

Add the application manifest:

image

Sign and save the deployment manifest:

image

Launch the ClickOnce application to bypass Smart Screen:

image

About

Click Once + App Domain

Resources

Readme
Activity

Stars

59 stars

Watchers

1 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages