😎
😎
😎
😎
Intruder
Twitter
Search…
About Shantanu Khandelwal
Reporting
Excel Sheet to Word Report by PowerShell
Ghostwriter - Add report type
Red Team
HTTPS C2 Done Right NGINX
Domain Front
GoLang
ShellCode Injection
magic_mz_x86 and magic_mz_x64
Process Hollowing DInvoke
Shellcode Formatter
PowerShell
Database
Dealing with the Errors
Setting Up OPENVAS in KALI 2020.3
Phishing
Connecting GoPhish with Office365
SharpLoginPrompt - Success and a Curious Case
Gophish MODs
Long Live DMARC - Email Spoof issues
Talks I Like
Talks Worth Checking Out
Powered By GitBook
Shellcode Formatter
Format Shellcode in various formats
1
#!/usr/bin/env python3
2
import base64
3
​
4
# Edit this line with the path to the binary file containing shellcode you are converting
5
with open('/home/user/Downloads/payload.bin', 'rb') as sc_handle:
6
sc_data = sc_handle.read()
7
​
8
# Just raw binary blog base64 encoded
9
encoded_raw = base64.b64encode(sc_data)
10
​
11
# Print in "standard" shellcode format \x41\x42\x43....
12
binary_code = ''
13
fs_code = ''
14
for byte in sc_data:
15
binary_code += "\\x" + hex(byte)[2:].zfill(2)
16
# this is for f#
17
fs_code += "0x" + hex(byte)[2:].zfill(2) + "uy;"
18
​
19
# Convert this into a C# style shellcode format
20
cs_shellcode = "0" + ",0".join(binary_code.split("\\")[1:])
21
​
22
# Base 64 encode the C# code (for use with certain payloads :))
23
encoded_cs = base64.b64encode(cs_shellcode.encode())
24
​
25
# Write out the files to disk (edit this path as needed)
26
with open('formatted_shellcode.txt', 'w') as format_out:
27
format_out.write("Binary Blob base64 encoded:\n\n")
28
format_out.write(encoded_raw.decode('ascii'))
29
format_out.write("\n\nStandard shellcode format:\n\n")
30
format_out.write(binary_code)
31
format_out.write("\n\nC# formatted shellcode:\n\n")
32
format_out.write(cs_shellcode)
33
format_out.write("\n\nBase64 Encoded C# shellcode:\n\n")
34
format_out.write(encoded_cs.decode('ascii'))
35
format_out.write("\n\nF# Shellcode:\n\n")
36
format_out.write(fs_code)
37
format_out.write("\n")
Copied!
1
$fileName = "C:\Users\User\Desktop\payload.bin"
2
$fileContent = [IO.File]::ReadAllBytes($fileName)
3
$filecontentsencoded = [convert]::ToBase64String($fileContent)
4
"Binary Blob base64 encoded:`n`n" + $filecontentsencoded | set-content ($fileName + ".b64")
5
​
6
$scformat = '\x' + (($fileContent | ForEach-Object ToString x2) -join '\x')
7
"`nStandard shellcode format:`n`n" + $scformat | add-content ($fileName + ".b64")
8
​
9
$csharpformat = '0x' + (($fileContent | ForEach-Object ToString x2 | ForEach-Object { $_ + ',' }) -join '0x')
10
$csharpformat = $csharpformat.SubString(0, $csharpformat.Length-1)
11
"`nC# formatted shellcode:`n`n" + $csharpformat | add-content ($fileName + ".b64")
12
​
13
$Bytes = [System.Text.Encoding]::UTF8.GetBytes($csharpformat)
14
$EncodedText =[Convert]::ToBase64String($Bytes)
15
"`nBase64 Encoded C# shellcode:`n`n" + $EncodedText | add-content ($fileName + ".b64")
16
​
17
$fsharpformat = '0x' + (($fileContent | ForEach-Object ToString x2 | ForEach-Object { $_ + 'uy;' }) -join '0x')
18
$fsharpformat = $fsharpformat.SubString(0, $fsharpformat.Length-1)
19
"`nF# formatted shellcode:`n`n" + $fsharpformat | add-content ($fileName + ".b64")
Copied!
Update 22-03-2022
1
#!/usr/bin/env python3
2
import base64
3
​
4
# Edit this line with the path to the binary file containing shellcode you are converting
5
with open('.\Helloworld.bin', 'rb') as sc_handle:
6
sc_data = sc_handle.read()
7
​
8
# Just raw binary blog base64 encoded
9
encoded_raw = base64.b64encode(sc_data)
10
n=100
11
chunks = [encoded_raw[i:i+n] for i in range(0, len(encoded_raw), n)]
12
​
13
# Print in "standard" shellcode format \x41\x42\x43....
14
binary_code = ''
15
fs_code = ''
16
for byte in sc_data:
17
binary_code += "\\x" + hex(byte)[2:].zfill(2)
18
# this is for f#
19
fs_code += "0x" + hex(byte)[2:].zfill(2) + "uy;"
20
​
21
binary_chunks = [binary_code[i:i+n] for i in range(0, len(binary_code), n)]
22
​
23
​
24
# Convert this into a C# style shellcode format
25
cs_shellcode = "0" + ",0".join(binary_code.split("\\")[1:])
26
​
27
# Base 64 encode the C# code (for use with certain payloads :))
28
encoded_cs = base64.b64encode(cs_shellcode.encode())
29
​
30
# Write out the files to disk (edit this path as needed)
31
with open('formatted_helloworld_shellcode.txt', 'w') as format_out:
32
format_out.write("Binary Blob base64 encoded:\n\n")
33
format_out.write(encoded_raw.decode('ascii'))
34
format_out.write("\n\nStandard shellcode format:\n\n")
35
format_out.write(binary_code)
36
format_out.write("\n\nC# formatted shellcode:\n\n")
37
format_out.write(cs_shellcode)
38
format_out.write("\n\nBase64 Encoded C# shellcode:\n\n")
39
format_out.write(encoded_cs.decode('ascii'))
40
format_out.write("\n\nF# Shellcode:\n\n")
41
format_out.write(fs_code)
42
format_out.write("\n")
43
format_out.write("\n\nchunk base64 Shellcode:\n\n")
44
for item in chunks:
45
format_out.write(f"\"{item.decode('ascii')}\"\n")
46
format_out.write("\n\nChunk Standard shellcode format:\n\n")
47
for item in binary_chunks:
48
format_out.write(f"\"{item}\"\n")
Copied!
Previous
Process Hollowing DInvoke
Next - Red Team
PowerShell
Last modified 1mo ago
Copy link