A BrainF*ck Inspired Shell Obfuscation Proof-of-Concept
This is a proof-of-concept that combines a modified BrainF*ck interpreter and shell command obfuscation. The instruction set used is the same as BrainF*ck, with the exception that instead of , getting input, it calls system() with the output so far, and clears the output in doing so.
The purpose of this is to finally make a BrainF*ck interpreter, which I don't think I've done before, and to combine it with obfuscation. Instead of having a payload of only 8 characters, which is discernable as BrainF*ck characters and easy to write signatures for, it maps every possible value for 8 bits to one of the 8 BrainF*ck commands. The mapping is weighted based on how prevelant the particular command is in the generated payload (that is to say, if the + command comprises 90% of the generated payload, then ~90% of the 256 bytecodes will be mapped to the + command.
TODO: - Clean this up
- Run
.\generate_shellfeck_instructions.py --command <command>- Note: By default it will use a random algorithm. Recommend specifying
--algo sstelianif you want a smaller instruction payload`
- Note: By default it will use a random algorithm. Recommend specifying
- Compile with
gcc shellfeck.c - Run the compiled executable!
- simple - Super simple algorithm that only uses
+and>to generate the output. - simple-alternate - Super simple algorithm that alternates between using
+>and->for each letter of the output. - simple-delta - Super simple algorithm that generates the output by calculating the delta between the letter to be generated and the previously generated letter.
- simple-reverse - Super simple algorithm that only uses
-and<to generate the output. - sstelian Recommended - Uses an algorithm almost entirely based on https://github.com/sstelian/Text-to-Brainfuck, is the only one that makes use of the
[and]characters, so its payloads will be shorter than the other algorithm.s