😎
😎
😎
😎
Intruder
Twitter
Search…
About Shantanu Khandelwal
Reporting
Excel Sheet to Word Report by PowerShell
Ghostwriter - Add report type
Red Team
HTTPS C2 Done Right NGINX
Domain Front
GoLang
ShellCode Injection
magic_mz_x86 and magic_mz_x64
Process Hollowing DInvoke
Shellcode Formatter
PowerShell
Database
Dealing with the Errors
Setting Up OPENVAS in KALI 2020.3
Phishing
Connecting GoPhish with Office365
SharpLoginPrompt - Success and a Curious Case
Gophish MODs
Long Live DMARC - Email Spoof issues
Talks I Like
Talks Worth Checking Out
Powered By GitBook
Shellcode Formatter
Format Shellcode in various formats
#!/usr/bin/env python3
import base64
​
# Edit this line with the path to the binary file containing shellcode you are converting
with open('/home/user/Downloads/payload.bin', 'rb') as sc_handle:
sc_data = sc_handle.read()
​
# Just raw binary blog base64 encoded
encoded_raw = base64.b64encode(sc_data)
​
# Print in "standard" shellcode format \x41\x42\x43....
binary_code = ''
fs_code = ''
for byte in sc_data:
binary_code += "\\x" + hex(byte)[2:].zfill(2)
# this is for f#
fs_code += "0x" + hex(byte)[2:].zfill(2) + "uy;"
​
# Convert this into a C# style shellcode format
cs_shellcode = "0" + ",0".join(binary_code.split("\\")[1:])
​
# Base 64 encode the C# code (for use with certain payloads :))
encoded_cs = base64.b64encode(cs_shellcode.encode())
​
# Write out the files to disk (edit this path as needed)
with open('formatted_shellcode.txt', 'w') as format_out:
format_out.write("Binary Blob base64 encoded:\n\n")
format_out.write(encoded_raw.decode('ascii'))
format_out.write("\n\nStandard shellcode format:\n\n")
format_out.write(binary_code)
format_out.write("\n\nC# formatted shellcode:\n\n")
format_out.write(cs_shellcode)
format_out.write("\n\nBase64 Encoded C# shellcode:\n\n")
format_out.write(encoded_cs.decode('ascii'))
format_out.write("\n\nF# Shellcode:\n\n")
format_out.write(fs_code)
format_out.write("\n")
$fileName = "C:\Users\User\Desktop\payload.bin"
$fileContent = [IO.File]::ReadAllBytes($fileName)
$filecontentsencoded = [convert]::ToBase64String($fileContent)
"Binary Blob base64 encoded:`n`n" + $filecontentsencoded | set-content ($fileName + ".b64")
​
$scformat = '\x' + (($fileContent | ForEach-Object ToString x2) -join '\x')
"`nStandard shellcode format:`n`n" + $scformat | add-content ($fileName + ".b64")
​
$csharpformat = '0x' + (($fileContent | ForEach-Object ToString x2 | ForEach-Object { $_ + ',' }) -join '0x')
$csharpformat = $csharpformat.SubString(0, $csharpformat.Length-1)
"`nC# formatted shellcode:`n`n" + $csharpformat | add-content ($fileName + ".b64")
​
$Bytes = [System.Text.Encoding]::UTF8.GetBytes($csharpformat)
$EncodedText =[Convert]::ToBase64String($Bytes)
"`nBase64 Encoded C# shellcode:`n`n" + $EncodedText | add-content ($fileName + ".b64")
​
$fsharpformat = '0x' + (($fileContent | ForEach-Object ToString x2 | ForEach-Object { $_ + 'uy;' }) -join '0x')
$fsharpformat = $fsharpformat.SubString(0, $fsharpformat.Length-1)
"`nF# formatted shellcode:`n`n" + $fsharpformat | add-content ($fileName + ".b64")
Update 22-03-2022
#!/usr/bin/env python3
import base64
​
# Edit this line with the path to the binary file containing shellcode you are converting
with open('.\Helloworld.bin', 'rb') as sc_handle:
sc_data = sc_handle.read()
​
# Just raw binary blog base64 encoded
encoded_raw = base64.b64encode(sc_data)
n=100
chunks = [encoded_raw[i:i+n] for i in range(0, len(encoded_raw), n)]
​
# Print in "standard" shellcode format \x41\x42\x43....
binary_code = ''
fs_code = ''
for byte in sc_data:
binary_code += "\\x" + hex(byte)[2:].zfill(2)
# this is for f#
fs_code += "0x" + hex(byte)[2:].zfill(2) + "uy;"
​
binary_chunks = [binary_code[i:i+n] for i in range(0, len(binary_code), n)]
​
​
# Convert this into a C# style shellcode format
cs_shellcode = "0" + ",0".join(binary_code.split("\\")[1:])
​
# Base 64 encode the C# code (for use with certain payloads :))
encoded_cs = base64.b64encode(cs_shellcode.encode())
​
# Write out the files to disk (edit this path as needed)
with open('formatted_helloworld_shellcode.txt', 'w') as format_out:
format_out.write("Binary Blob base64 encoded:\n\n")
format_out.write(encoded_raw.decode('ascii'))
format_out.write("\n\nStandard shellcode format:\n\n")
format_out.write(binary_code)
format_out.write("\n\nC# formatted shellcode:\n\n")
format_out.write(cs_shellcode)
format_out.write("\n\nBase64 Encoded C# shellcode:\n\n")
format_out.write(encoded_cs.decode('ascii'))
format_out.write("\n\nF# Shellcode:\n\n")
format_out.write(fs_code)
format_out.write("\n")
format_out.write("\n\nchunk base64 Shellcode:\n\n")
for item in chunks:
format_out.write(f"\"{item.decode('ascii')}\"\n")
format_out.write("\n\nChunk Standard shellcode format:\n\n")
for item in binary_chunks:
format_out.write(f"\"{item}\"\n")
Previous
Process Hollowing DInvoke
Next - Red Team
PowerShell
Last modified 4mo ago
Copy link