GetShellCode.py - extract shellcode from a binary

Revision as of 09:40, 5 June 2018 by Dmina (talk | contribs) (Created page with "= getShellCode.py = Ok. Before you say anything, there may be quicker ways to extract shell code from a binary, many of them are bash one-liners employing '''grep''', '''cut''...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

getShellCode.py

Ok. Before you say anything, there may be quicker ways to extract shell code from a binary, many of them are bash one-liners employing grep, cut and similar bash commands. Look at this more like an exercise on how to combine python regex, command line processing to extract and manipulate data. So, here we go...

#!/usr/bin/python3
""""""""""""""""""""""""""""""""""""" """
""" A handy-dandy schellcode dumper   """
""" Probabyl not the most optimized   """
""" piece of code but it works!       """
""" Usage: ./getShellCode.py <binary> """
""""""""""""""""""""""""""""""""""""" """
__author__  = "@blaksec"
__copyrights__  = "Do whatever u want"

import sys
import re
import subprocess

cmd = ['objdump', '-d', sys.argv[1]]

shcode_re = re.compile(r'\s*[0-9a-f]:\t(.*\S)\s{2,}\t', re.M)

shcode_li = list()

result = subprocess.run(cmd, stdout=subprocess.PIPE)
result = result.stdout.decode('utf-8')

for e in re.findall(shcode_re, result):
    shcode_li.extend(e.split(' '))

print(''.join(r'\x'+i for i in shcode_li))