This is a shellcode generator in ASM to fast development and test it in a C snippet template, I prefer Intel syntax but if you found any AT&T syntax in experiments code don't worry, only read documentation inside source code.
All source codes run on Parrot OS (Debian), I will try to test in some many Linux distros.
- Where to start
- Manual compilation and test
- Binary to Shellcode string tool
- ASM Fast Development Projects
Some useful links:
- A complete beginner guide: http://www.vividmachines.com/shellcode/shellcode.html
- Understanting a basic Hello World!: https://stackoverflow.com/questions/15593214/linux-shellcode-hello-world
- How Shellcodes Work: http://www.linuxdevcenter.com/pub/a/linux/2006/05/18/how-shellcodes-work.html
- Shellcode injection: https://dhavalkapil.com/blogs/Shellcode-Injection/
- Some of C++: http://files2.syncfusion.com/Downloads/Ebooks/Cplusplus_Succinctly.pdf
- Also you can read this book: https://leaksource.files.wordpress.com/2014/08/hacking-the-art-of-exploitation.pdf
If you want to compile and create a trace of all your code use the traditional steps. I know this is hard to remember, use the next snippets.
Disclaimer: This section is under x86 support, all code above is only for x86 architectures. In next versions support x64 and x84_64.
nasm -f elf sourceCode.asm
ld -o executableName sourceCode.o
objdump -d executableName
Normal purposes
gcc -o cExecutableName sourceCode.c
Testing shellcodes
gcc cExecutableName.c -o cExecutableName -fno-stack-protector -z execstack -no-pie
To easy extracting shellcodes use shellcode.sh script contained in root project folder to generate shellcode strings and test it. You can extract a shellcode and print in console, save in a text file, inject into test project, build to check errors and run injected shellcode. Documentation is exposed below.
> bash shellcode.sh [<options>] [<asm_filename>]
-e, --extract Extract shellcode from binary file and print in console
-s, --save Save shellcode string into a .txt file
-t, --test Inject shellcode string into shellcode.c source code, ready to compile
-tb, --testbuild Inject shellcode string and build shellcode.c
-tbr, --testbuildrun Inject shellcode string, build shellcode.c and run program
Example:
> bash shellcode.sh -tbr ~/ASM/HelloWorld/Helloworld.asm
I know that start a new project and contain all generated files is hard, for that reason I developed another tool for fast development in asm, you could create new projects with folder structure and using the shellcode script to compile and test use following tool:
Disclaimer: This section is under x86 support, all code above is only for x86 architectures. In next versions support x64 and x84_64.
> bash ASMFastDevelopment.sh [<options>] [<folder name>]
-h, --help Show helps'
-n, --new Create new project with folder name given
-c, --compile Compile .asm file inside folder
Disclaimer: This script works in current folder, do not try to compile outside this folder
Example:
> bash ASMFastDevelopment.sh -c HelloWorld
bash ASMFastDevelopment.sh --new HelloWorld
The previous command create a new .asm file inside a folder with name provided, open it and develop!
Folder tree generated:
| ~/Linux-Shellcode-Generator/
|- src/
|- projects/
|- HelloWorld/
|- HelloWorld.asm
Warning: Do not change the .asm file name!. If you need change it, you need to change folder name
bash ASMFastDevelopment.sh --compile HelloWorld
The previous command generate:
| ~/Linux-Shellcode-Generator/
|- src/
|- projects/
|- HelloWorld/
|- HelloWorld.asm
|- HelloWorld.o
|- HelloWorld [your executable file]