Recently, I have a demmand for encoding a Linux-cmd-64bit shellcode to bypass some security checks. There are a lot shellcode loaders for Windows machine to generate an executable to run, but rarely for the elf binary in Linux Systyem. So I make a simple framework that allow us to encode the shellcode, and auto generates the final binary with both decoder & shellcode.
We can add more procedures for the Encoder & Decoder respectivly when we need to bypass complicate AV or security checks. And this Encoder & Decoder is easy to use with following steps:
-
Place the desired shellcode into the XOR Encoder
shellcode_generator.py, and run it to generate an encoded shellcode. -
Paste encoded shellcode into the Assembly Decoder
decoder.asm. -
Use the bash script
./compile.sh decoder.asmto print out the final obfuscated shellcode. -
The final obfuscated shellcode locates at
.txtfile. Use it and exploit. -
For more details read: https://4xura.com/pwn/create-a-shellcode-encoder-for-binary-exploit/