Python package to create shellcodes from elfs supported arch (mips, arm (32bit), i386 32bit, i386 64bit, aarch64)
Project description
Shelf - Shellcode ELF convert elf to shellcode
Convert standard elf files to standalone shellcodes. Please read the following documentation and view the examples for this project to work properly
Project links
Supported architectures
- mips
- i386 (32bit)
- i386 (64bit)
- arm (32bit)
- aarch64 (arm 64 bit)
Installation:
pip install py_shelf
Python version support
- python3
How does this work ?
The python library parses the elf and create a simple relocatable file format Then the mini loader is inserted as the entry point of the elf the mini loader will load the relocatable format and execute it. There are no special requirements, the library contain the compiled mini loaders.
classDiagram
ShellcodeEntryPoint --|> MiniLoader
ShellcodeEntryPoint: Shellcode to jump into the mini loader
MiniLoader --|> Relocation table
MiniLoader: Contain all the logic for parsing the relocation table
MiniLoader: fully os independent
Relocation table --|> SHELF
Relocation table : Contain table required for shellcode runtime relocation
SHELF: Shellcode elf - This is the compiled binary we convert into shellcode
SHELF: This binary is stripped into only opcodes
SHELF: fully relocatable using the relocation table
This project is intended to convert elf to os independent shellcodes. Therefor the loader never allocate memory and the shellcode format is not packed. You can just execute it, eg ...
((void (*)()) shellcode)();
note that __libc_start_main perform syscalls therefor if you want your shellcode to be fully os independent you must compile with -nostartfiles follow the examples below
Creating a shellcode
Some compilation flags are required for this to work properly. You must compile the binary with -fPIE and -static take a look at the provided examples below (makefile).
shellcode is a stripped binary with no symbols and no elf information only opcodes, in order to make the shellcode this library require a binary with elf information. so make sure you are not stripping the binary before using this library
simplified make command for mips big endian
gcc example.c -fno-stack-protector -fPIE -fpic -static -nostartfiles --entry=main -o binary.out
python -m shelf --input binary.out
Examples:
Testing your shellcode
You can use the provided shellcode Loader to test you shellcodes
qemu-mips ./shellcode_loader ./myshellcode.out
Output example
Shellcode size = 66620
Allocating shellcode buffer, size = 69632
Mapping new memory, size = 69632
Jumping to shellcode, address = 0x7f7ee000
Hello from shellcode !
Advanced concepts and features
for following links only work on the github page
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file py_shelf-3.tar.gz.
File metadata
- Download URL: py_shelf-3.tar.gz
- Upload date:
- Size: 7.1 MB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.15.0 pkginfo/1.8.3 requests/2.27.1 setuptools/44.1.1 requests-toolbelt/0.10.1 tqdm/4.64.1 CPython/2.7.18
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 1337296ba0e8a604809da92de2879da60be3dd20257b4df0235bf001d573347c |
|
| MD5 | 7bc2e48200a62056c9e6d0147e59d6ca |
|
| BLAKE2b-256 | 18b0c1e5bf01cffbf32c528480e16f9e4033c870bd83629c6d2d847a0f54bc1c |
