You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

69 lines
1.8 KiB

11 years ago
#!/usr/bin/env sh
# This script will generate shellcode.c and compile it
# Compile the payload and decoder
echo " [+] Compiling the payload and decoder ..."
nasm -f elf32 -o $SPAYLOAD.o $SPAYLOAD.nasm && ld -m elf_i386 -o $SPAYLOAD $SPAYLOAD.o
nasm -f elf32 -o $SDECODER.o $SDECODER.nasm && ld -m elf_i386 -o $SDECODER $SDECODER.o
echo " [+] Preparing decoder shellcode ..."
DECODERSHELLCODE=$(echo -n "\""; for i in $(objdump -d $SDECODER -M intel |grep "^ " |cut -f2); do echo -n '\x'$i; done)
# Encode the payload shellcode
echo " [+] Encoding the payload shellcode ..."
# $ echo -en '\x37\xFA\xD6\x3F' |ndisasm -b32 -
# 00000000 37 aaa
# 00000001 FA cli
# 00000002 D6 salc
# 00000003 3F aas
garbage=('\x37' '\xFA' '\xD6' '\x3F');
#ENCPSHELLCODE=$(for i in $(objdump -d $SPAYLOAD |grep "^ " |cut -f2); do echo -n '\x'$i; echo -n ${garbage[$[$(shuf --random-source=/dev/urandom -z -i 999-999999 -n1)%4]]}; done; echo -n "\xAF\"")
ENCPSHELLCODE=$(for i in $(objdump -d $SPAYLOAD |grep "^ " |cut -f2); do echo -n '\x'$i; echo -n ${garbage[$[$(od -A n -N 2 -t u2 /dev/urandom)%4]]}; done; echo -n "\xAF\"")
11 years ago
# Generate shellcode.c
echo " [+] Generating shellcode.c file ..."
cat > shellcode.c << EOF
#include <stdio.h>
#include <string.h>
unsigned char code[] = \
printf("Shellcode Length: %d\n", strlen(code));
int (*ret)() = (int(*)())code;
# Compile C code with GCC
echo " [+] Compiling shellcode.c with GCC ..."
gcc -m32 -fno-stack-protector -z execstack shellcode.c -o shellcode
ls -la ./shellcode
# Cleanup