[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Linux write() & exit(0) shellcode genearator with customizable text
# Published : 2010-04-20
# Author : Stoke
# Previous Title : Linux x86 forkbombe
# Next Title : Linux/ARM - Polymorphic execve("/bin/sh", ["/bin/sh"], NULL); - XOR 88 encoded -


#!/usr/bin/python
# Linux write() & exit(0) shellcode genearator with customizable text
# Usage: ./generator <msg>
# Author: Stoke
# Tested on: Ubuntu 8.10
# E-mail: stoke95[at]yahoo[dot]it
# Web: hack2web.altervista.org
# Visit: blasterhacking.forumcommunity.net

import re, sys

def str2hex(string):
msg = ''
for n in string:
msg += r"x"+hex(ord(n))[2:]
return msg


if len(sys.argv) != 2:
print "Usage: ./shellgen <msg>"
sys.exit(0)

shell = r"xebx11x31xc0xb0x04xb3x01x59xb2"
shell1 = r"xcdx80xb0x01x31xdbxcdx80xe8xeaxffxffxff"

strlen = hex(len(sys.argv[1]))
hstrlen = strlen.replace("0x",r"x")
if len(hstrlen[2:]) < 2:
hstrlen = r"x0"+hstrlen[2]
msg = str2hex(sys.argv[1])
print shell+hstrlen+shell1+msg