|
| 1 | +import argparse |
| 2 | +import platform |
| 3 | +import sys |
| 4 | + |
| 5 | +def format_shellcode(shellcode_bytes, language, number): |
| 6 | + suffix = "" if number == 1 else str(number) |
| 7 | + |
| 8 | + if language in ['c', 'cpp']: |
| 9 | + formatted = ', '.join(f'0x{byte:02x}' for byte in shellcode_bytes) |
| 10 | + return ( |
| 11 | + f"unsigned char shellcode{suffix}[] = {{\n " |
| 12 | + + formatted + |
| 13 | + f"\n}};\nunsigned int shellcode{suffix}_len = sizeof(shellcode{suffix});" |
| 14 | + ) |
| 15 | + |
| 16 | + elif language == 'csharp': |
| 17 | + formatted = ', '.join(f'0x{byte:02x}' for byte in shellcode_bytes) |
| 18 | + return f'byte[] shellcode{suffix} = new byte[] {{ {formatted} }};' |
| 19 | + |
| 20 | + else: |
| 21 | + raise ValueError("Unsupported language. Choose from: c, cpp, csharp.") |
| 22 | + |
| 23 | +def read_shellcode_from_bin(file_path, language, number, output_file=None, arch=None): |
| 24 | + try: |
| 25 | + with open(file_path, "rb") as f: |
| 26 | + shellcode_bytes = f.read() |
| 27 | + |
| 28 | + # تأكد من تطابق المعمارية |
| 29 | + if arch: |
| 30 | + if arch == "x86" and platform.architecture()[0] != "32bit": |
| 31 | + print("[-] Error: You selected x86 but you're running a 64-bit interpreter.") |
| 32 | + sys.exit(1) |
| 33 | + elif arch == "x64" and platform.architecture()[0] != "64bit": |
| 34 | + print("[-] Error: You selected x64 but you're running a 32-bit interpreter.") |
| 35 | + sys.exit(1) |
| 36 | + |
| 37 | + formatted_shellcode = format_shellcode(shellcode_bytes, language, number) |
| 38 | + |
| 39 | + if output_file: |
| 40 | + with open(output_file, "w") as out: |
| 41 | + out.write(formatted_shellcode + "\n") |
| 42 | + print(f"[+] Shellcode written to: {output_file}") |
| 43 | + else: |
| 44 | + print("[+] Shellcode extracted successfully:\n") |
| 45 | + print(formatted_shellcode) |
| 46 | + |
| 47 | + return shellcode_bytes |
| 48 | + |
| 49 | + except FileNotFoundError: |
| 50 | + print("[-] File not found.") |
| 51 | + except Exception as e: |
| 52 | + print(f"[-] Error: {e}") |
| 53 | + |
| 54 | +if __name__ == "__main__": |
| 55 | + parser = argparse.ArgumentParser(description="Extract and format shellcode from a .bin file.") |
| 56 | + parser.add_argument("file", help="Path to the .bin file") |
| 57 | + parser.add_argument("--lang", choices=["c", "cpp", "csharp"], default="c", help="Language to format shellcode for") |
| 58 | + parser.add_argument("--output", help="Optional output file to save the formatted shellcode") |
| 59 | + parser.add_argument("--num", type=int, default=1, help="Shellcode variable number (default: 1)") |
| 60 | + parser.add_argument("--arch", choices=["x86", "x64"], help="Target architecture (x86 or x64)") |
| 61 | + |
| 62 | + args = parser.parse_args() |
| 63 | + read_shellcode_from_bin(args.file, args.lang, args.num, args.output, args.arch) |
0 commit comments