shellcode help

[Sec13B]

Can someone show, how i convert the beacon shellcode from cobatstrike like msf shellcode
cobalstrike shellcode

/* length: 892 bytes */
unsigned char buf[] = "\xfc\x41\x51\x41\x50\x52\xac\x3c\x61\x7c\x02\x2c\x20\x41\...........\.......\xc1\xc9\x0d\x41\x01\xc1\52\x20\x8b\x4\x78\.............................\x31\xc0\xac\x400\x3a\xde\x68\xb1";

in msf shelcode model

"\x31\xc9\x64\x8b\x41\x30\x8b\x40\x0c\x8b\x70\x14\xad\x96\xad\x96\xad\x8b"
"\x58\x10\x8b\x53\x3c\x01\xda\x8b\x52\x78\x01\xda\x8b\x72\x20\x01\xde\x31"

 

[secidiot]

Перевести из exe в shellcode:

GitHub - hasherezade/pe_to_shellcode: Converts PE into a shellcode

Converts PE into a shellcode. Contribute to hasherezade/pe_to_shellcode development by creating an account on GitHub.

github.com

GitHub - TheWover/donut: Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters - TheWover/donut

github.com

Собрать напрямую шеллкод из VS

GitHub - RtlDallas/vs-shellcode: Shellcode template for visual studio

Shellcode template for visual studio. Contribute to RtlDallas/vs-shellcode development by creating an account on GitHub.

github.com

Перевод в C/C++ или C# массив байт

Спойлер: python

#!/usr/bin/env python
import sys

def generate_c_shellcode(filename):
    # Generate C shellcode
    shellcode = "\""
    ctr = 1
    maxlen = 15

    try:
        with open(filename, "rb") as file:
            for b in file.read():
                shellcode += "\\x" + b.encode("hex")  # Convert each byte to hexadecimal
                if ctr == maxlen:
                    shellcode += "\" \n\""  # Split the shellcode into multiple lines if maxlen is reached
                    ctr = 0
                ctr += 1
        shellcode += "\""
        return shellcode
    except IOError:
        print("Error: Failed to read the input file.")
        sys.exit(1)

def generate_cs_shellcode(filename):
    # Generate C# shellcode
    shellcode = ""
    ctr = 1
    maxlen = 15

    try:
        with open(filename, "rb") as file:
            for b in file.read():
                shellcode += "0x" + b.encode("hex") + ","  # Convert each byte to hexadecimal
                if ctr == maxlen:
                    shellcode += "\n"  # Split the shellcode into multiple lines if maxlen is reached
                    ctr = 0
                ctr += 1
        return shellcode
    except IOError:
        print("Error: Failed to read the input file.")
        sys.exit(1)

if __name__ == "__main__":
    if len(sys.argv) < 3:
        print("Usage: %s file.bin c|cs\n" % (sys.argv[0],))
        sys.exit(0)

    if sys.argv[2] == "c":
        # Generate C shellcode
        shellcode = generate_c_shellcode(sys.argv[1])
        print(shellcode)
    else:
        # Generate C# shellcode
        shellcode = generate_cs_shellcode(sys.argv[1])
        print(shellcode)

Или через HxD Файл -> Экспорт -> C

UPD: какой смысл вообще переводить из одной строки в несколько по 32 байта, компилятору пох на это он оба формата поддерживает. Ну если прям так сильно надо то вот

Спойлер: python

original_string = "\\xfc\\x41\\x51"
original_string = original_string[1:-1]
bytes_list = original_string.split("\\x")
converted_string = ''.join(["\\x" + byte for byte in bytes_list])
converted_string = [converted_string[i:i+32] for i in range(0, len(converted_string), 32)]
converted_string = '"' + '"\n"'.join(converted_string) + '"'
print(converted_string)

 

[Sec13B]

thank you
I saw a video how to do with notepad++ , but i dont remember the link from github

stageless have a big bytes length

 

[RedNode]

Using hxd and open the beacon with hxd then select all and then copy as Pure c if you want to use the shellcode in c or c++ or any other language like c# for example