GetShellCode.py - extract shellcode from a binary
getShellCode.py
Ok. Before you say anything, there may be quicker ways to extract shell code from a binary, many of them are bash one-liners employing grep, cut and similar bash commands. Look at this more like an exercise on how to combine python regex, command line processing to extract and manipulate data. So, here we go...
#!/usr/bin/python3
""""""""""""""""""""""""""""""""""""" """
""" A handy-dandy schellcode dumper """
""" Probabyl not the most optimized """
""" piece of code but it works! """
""" Usage: ./getShellCode.py <binary> """
""""""""""""""""""""""""""""""""""""" """
__author__ = "@blaksec"
__copyrights__ = "Do whatever u want"
import sys
import re
import subprocess
cmd = ['objdump', '-d', sys.argv[1]]
shcode_re = re.compile(r'\s*[0-9a-f]:\t(.*\S)\s{2,}\t', re.M)
shcode_li = list()
result = subprocess.run(cmd, stdout=subprocess.PIPE)
result = result.stdout.decode('utf-8')
for e in re.findall(shcode_re, result):
shcode_li.extend(e.split(' '))
print(''.join(r'\x'+i for i in shcode_li))