Difference between revisions of "GetShellCode.py - extract shellcode from a binary"

(Created page with "= getShellCode.py = Ok. Before you say anything, there may be quicker ways to extract shell code from a binary, many of them are bash one-liners employing '''grep''', '''cut''...")
 
(No difference)

Latest revision as of 09:40, 5 June 2018

getShellCode.py

Ok. Before you say anything, there may be quicker ways to extract shell code from a binary, many of them are bash one-liners employing grep, cut and similar bash commands. Look at this more like an exercise on how to combine python regex, command line processing to extract and manipulate data. So, here we go... 

#!/usr/bin/python3
""""""""""""""""""""""""""""""""""""" """
""" A handy-dandy schellcode dumper   """
""" Probabyl not the most optimized   """
""" piece of code but it works!       """
""" Usage: ./getShellCode.py <binary> """
""""""""""""""""""""""""""""""""""""" """
__author__  = "@blaksec"
__copyrights__  = "Do whatever u want"

import sys
import re
import subprocess

cmd = ['objdump', '-d', sys.argv[1]]

shcode_re = re.compile(r'\s*[0-9a-f]:\t(.*\S)\s{2,}\t', re.M)

shcode_li = list()

result = subprocess.run(cmd, stdout=subprocess.PIPE)
result = result.stdout.decode('utf-8')

for e in re.findall(shcode_re, result):
    shcode_li.extend(e.split(' '))

print(''.join(r'\x'+i for i in shcode_li))
Retrieved from "https://blaksec.com/index.php?title=GetShellCode.py_-_extract_shellcode_from_a_binary&oldid=384"