Ithesin Shellcoding Helper Tool
Here's a tool I did couple of years ago and thought it's time to publish it and maybe someone will take the time to extend or make it more portable.
Snipped out of the README:
Ithesin is a tool which should help you to create shellcodes way faster and easier than converting all by hand. You only need to provide the asm source file to Ithesin and the tool will convert it directly to shellcode with or without encoding.
To compile it simply type make in the Ithesin folder:
ptdeb:~/Ithesin# make cc -W -Wall -c ithesin.c -o ithesin.o cc -W -Wall -c utils.c -o utils.o cc -W -Wall -c print.c -o print.o cc ithesin.o utils.o print.o -o ithesin ptdeb:~/Ithesin#
Now Ithesin is build and you can take a loop at the options if you like:
ptdeb:~/Ithesin# ./ithesin Usage: ./ithesin -f asm.o [options] -f Filename -c C output -p Perl output -P Python output -S One Line output -d Documented output (only available without encoding) -e Encoding (1=xor, 2=add, 3=sub) -o Offset to be used for encoding -t Execute shellcode -v Verify shellcode (strace)
There's an example included in the Ithesin folder called example.s, feel free to try it out and play with it:
ptdeb:~/Ithesin# gcc -c example.s ptdeb:~/Ithesin# ./ithesin -f example.o -c [+] Generating Shellcode [+] Checking for NULL bytes [+] No NULL bytes found char shellcode = "\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3" "\x50\x54\x53\x50\xb0\x3b\xcd\x80";
or with some nice asm documentation style:
ptdeb:~/Ithesin# ./ithesin -f example.o -c -d [+] Generating Shellcode [+] Checking for NULL bytes [+] No NULL bytes found char shellcode = "\x31\xc0" /* xor %eax,%eax */ "\x50" /* push %eax */ "\x68\x2f\x2f\x73\x68" /* push $0x68732f2f */ "\x68\x2f\x62\x69\x6e" /* push $0x6e69622f */ "\x89\xe3" /* mov %esp,%ebx */ "\x50" /* push %eax */ "\x54" /* push %esp */ "\x53" /* push %ebx */ "\x50" /* push %eax */ "\xb0\x3b" /* mov $0x3b,%al */ "\xcd\x80" /* int $0x80 */ ; /* EOF */
It's nothing life changing, but it helped in the earlier times :)
Maybe someone will like it as well and perhaps continue the project.
© 2015 coma. All rights reserved.
Disclaimer: There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk.
In no event shall the author be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.