Description

shellcode2exe.py is a python based script written by Mario Vilas. It transforms shellcode to a Windows executable.

Installation

Prerequisites

You will need InlineEgg dependency that you can download from here:

http://corelabs.coresecurity.com/index.php?module=Wiki&action=attachment&type=tool&page=InlineEgg&file=InlineEgg-1.08.tar.gz

Once downloaded, uncompress and install:

$ tar xzvf InlineEgg-1.08.tar.gz 
$ cd InlineEgg-1.08/
$ sudo python setup.py install

Installation of shellcode2exe.py

You can get it from: https://raw.github.com/MarioVilas/shellcode_tools/master/shellcode2exe.py

Usage

Syntax

Usage: shellcode2exe.py payload.bin [payload.exe]
                  [--arch=i386|powerpc|sparc|arm]
                  [--os=windows|linux|freebsd|openbsd|solaris]
                  [-c Allow for ascii shellcode as a cmd line parameter]
                  [-s Allows for ascii shellcode in file]

Options

-h, --help

show this help message and exit

-a ARCH, --arch=ARCH

target architecture [default: i386]

-o OS, --os=OS

target operating system [default: windows]

-c, --asciicmd

enable ascii entry in input file

-s, --asciifile

enable ascii entry in command line

Example

We would like to compile the following shellcode:

$ cat shellcode.txt 
\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90
\x8b\xec\x55\x8b\xec\x68\x65\x78\x65\x20\x68
\x63\x6d\x64\x2e\x8d\x45\xf8\x50\xb8\x44\x80
\xbf\x77\xff\xd0

We use the -s parameter to read from our file:

$ python shellcode2exe.py -s shellcode.txt
Shellcode to executable converter
by Mario Vilas (mvilas at gmail dot com)

Reading string shellcode from file shellcode.txt
Generating executable file
Writing file shellcode.exe
Done.

Our executable is now ready:

$ file shellcode.exe 
shellcode.exe: PE32 executable (GUI) Intel 80386, for MS Windows

Comments