Extracts machine codes from binary file between magic pattern
usage : python extractor.py [binary]
import sys, os, re
regex = re.compile('\x90\x90\x31\xc0\x90\x90[\S\s]*\x90\x90\x31\xc0\x90\x90')
fd = open(sys.argv[1])
it = regex.finditer( fd.read() )
code = ''
res1 = ''
res2 = ''
for match in it:
code = match.group()
res1 = code[6:][0:-6].encode('hex')
print 'shellcode len : ' + str(len(res1)/2)
print res1
res2 = '\\x' + '\\x'.join(x.encode('hex') for x in code[6:][0:-6])
print res2
'Shellcode' 카테고리의 다른 글
| FreeBSD x86 local (0) | 2013.07.13 |
|---|---|
| FreeBSD x86 remote (0) | 2013.07.13 |
| x86 decoder.s (0) | 2013.07.13 |
| encoder.py (0) | 2013.07.13 |
| Linux x86 remote shellcode (0) | 2013.06.11 |