Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
Path: blob/master/external/source/shellcode/windows/x64/build.py
Views: 11784
#!/usr/bin/env python312#=============================================================================#3# A simple python build script to build the singles/stages/stagers and4# some usefull information such as offsets and a hex dump. The binary output5# will be placed in the bin directory. A hex string and usefull comments will6# be printed to screen.7#8# Example:9# >python build.py stager_reverse_tcp_nx10#11# Example, to build everything:12# >python build.py all > build_output.txt13#14# Author: Stephen Fewer (stephen_fewer[at]harmonysecurity[dot]com)15#=============================================================================#1617import os18import sys19import time20from subprocess import Popen21from struct import pack2223def clean(dir='./bin/'):24for root, dirs, files in os.walk(dir):25for name in files:26if name[-4:] == '.bin':27os.remove(os.path.join(root, name))2829def locate(src_file, dir='./src/'):30for root, dirs, files in os.walk(dir):31for name in files:32if src_file == name:33return root34return None3536def build(name):37location = locate('%s.asm' % name)38if location:39input = os.path.normpath(os.path.join(location, name))40output = os.path.normpath(os.path.join('./bin/', name))41p = Popen(['nasm', '-f bin', '-O3', '-o %s.bin' %42output, '%s.asm' % input])43p.wait()44xmit(name)45else:46print("[-] Unable to locate '%s.asm' in the src directory" % name)4748def xmit_dump_ruby(data, length=16):49dump = ''50for i in range(0, len(data), length):51bytes = data[i: i+length]52hex = "\"%s\"" % (''.join(['\\x%02X' % x for x in bytes]))53if i+length <= len(data):54hex += ' +'55dump += '%s\n' % (hex)56print(dump)5758def xmit_offset(data, name, value):59offset = data.find(value)60if offset != -1:61print('# %s Offset: %d' % (name, offset))6263def xmit(name, dump_ruby=True):64bin = os.path.normpath(os.path.join('./bin/', '%s.bin' % name))65f = open(bin, 'rb')66data = f.read()67print('# Name: %s\n# Length: %d bytes' % (name, len(data)))68xmit_offset(data, 'Port', pack('>H', 4444)) # 444469xmit_offset(data, 'Host', pack('>L', 0x7F000001)) # 127.0.0.170# kernel32.dll!ExitThread71xmit_offset(data, 'ExitFunk', pack('<L', 0x0A2A1DE0))72# kernel32.dll!ExitProcess73xmit_offset(data, 'ExitFunk', pack('<L', 0x56A2B5F0))74# kernel32.dll!SetUnhandledExceptionFilter75xmit_offset(data, 'ExitFunk', pack('<L', 0xEA320EFE))76xmit_offset(data, 'ExitFunk', pack('<L', 0xE035F044)) # kernel32.dll!Sleep77if dump_ruby:78xmit_dump_ruby(data)7980def main(argv=None):81if not argv:82argv = sys.argv83if len(argv) == 1:84print('Usage: build.py [clean|all|<name>]')85else:86print('# Built on %s\n' % (time.asctime(time.localtime())))87if argv[1] == 'clean':88clean()89elif argv[1] == 'all':90for root, dirs, files in os.walk('./src/migrate/'):91for name in files:92if name[-4:] == '.asm':93build(name[:-4])94for root, dirs, files in os.walk('./src/single/'):95for name in files:96if name[-4:] == '.asm':97build(name[:-4])98for root, dirs, files in os.walk('./src/stage/'):99for name in files:100if name[-4:] == '.asm':101build(name[:-4])102for root, dirs, files in os.walk('./src/stager/'):103for name in files:104if name[-4:] == '.asm':105build(name[:-4])106else:107build(argv[1])108109if __name__ == '__main__':110main()111112113