Description
Generates a ClaimsPrincipal-wrapped BinaryFormatter deserialization gadget with triple-layer deserialization.
Overview
Generates a triple-layer BinaryFormatter gadget chain: ClaimsPrincipal → ClaimsIdentity → bootstrapContext → TypeConfuseDelegate. Each layer adds an additional deserialization step, which can defeat simple signature matching on the outer stream structure.
Parameters
| Parameter | Type | Description |
|---|---|---|
| Filename | string | Executable to launch on the target. |
| Arguments | string | Arguments to pass. |
Target Requirements
- .NET Framework 4.5+