Esempio n. 1
0
def convert(shellcode):
    shellcode = shellcode.replace('\n\n', '\n').replace('\n\n', '\n').replace(
        '    ', ' ').replace('   ', ' ').replace('	', ' ')
    for data in replace_values_static:
        shellcode = shellcode.replace(data, replace_values_static[data])

    new_shellcode = shellcode.rsplit('\n')
    last = 0
    for line in new_shellcode:
        if 'push $0x' in line:
            if len(line) is 15:
                if _version is 2:
                    rep = str('68') + stack.st(
                        str(
                            binascii.a2b_hex(
                                str('0') + str(line.rsplit('$0x')[1]))))
                if _version is 3:
                    rep = str('68') + stack.st(
                        str(
                            binascii.a2b_hex(
                                str('0') + line.rsplit('$0x')[1].encode(
                                    'latin-1')).decode('latin-1')))
                shellcode = shellcode.replace(line, rep)
            if len(line) is 16:
                if _version is 2:
                    rep = str('68') + stack.st(
                        str(binascii.a2b_hex(str(line.rsplit('$0x')[1]))))
                if _version is 3:
                    rep = str('68') + stack.st(
                        str(
                            binascii.a2b_hex(
                                line.rsplit('$0x')[1].encode(
                                    'latin-1')).decode('latin-1')))
                shellcode = shellcode.replace(line, rep)

        if 'mov $0x' in line:
            if '%ecx' in line.rsplit(',')[1]:
                if _version is 2:
                    rep = str('b9') + stack.st(
                        str(
                            binascii.a2b_hex(
                                line.rsplit('$0x')[1].rsplit(',')[0])))
                if _version is 3:
                    rep = str('b9') + stack.st(
                        str(
                            binascii.a2b_hex(
                                line.rsplit('$0x')[1].rsplit(',')[0].encode(
                                    'latin-1')).decode('latin-1')))
                shellcode = shellcode.replace(line, rep)

        if 'mov 0x' in line:
            if '%eax' in line.rsplit(',')[0] and '%eax' in line.rsplit(',')[1]:
                rep = str('8b 40') + stack.toHex(
                    line.rsplit('0x')[1].rsplit('(')[0])
                shellcode = shellcode.replace(line, rep)
            if '%eax' in line.rsplit(',')[0] and '%esi' in line.rsplit(',')[1]:
                rep = str('8b 70') + stack.toHex(
                    line.rsplit('0x')[1].rsplit('(')[0])
                shellcode = shellcode.replace(line, rep)
            if '%eax' in line.rsplit(',')[0] and '%ebx' in line.rsplit(',')[1]:
                rep = str('8b 58') + stack.toHex(
                    line.rsplit('0x')[1].rsplit('(')[0])
                shellcode = shellcode.replace(line, rep)
            if '%ebx' in line.rsplit(',')[0] and '%edx' in line.rsplit(',')[1]:
                rep = str('8b 53') + stack.toHex(
                    line.rsplit('0x')[1].rsplit('(')[0])
                shellcode = shellcode.replace(line, rep)
            if '%edx' in line.rsplit(',')[0] and '%edx' in line.rsplit(',')[1]:
                rep = str('8b 52') + stack.toHex(
                    line.rsplit('0x')[1].rsplit('(')[0])
                shellcode = shellcode.replace(line, rep)
            if '%edx' in line.rsplit(',')[0] and '%esi' in line.rsplit(',')[1]:
                rep = str('8b 72') + stack.toHex(
                    line.rsplit('0x')[1].rsplit('(')[0])
                shellcode = shellcode.replace(line, rep)

        if 'mov $0x' in line and len(
                line.rsplit('$0x')[1].rsplit(',')[0]) == 4:
            if '%cx' in line:
                if _version is 2:
                    rep = str('66 b9') + stack.st(
                        str(
                            binascii.a2b_hex(
                                line.rsplit('$0x')[1].rsplit(',')[0])))
                if _version is 3:
                    rep = str('66 b9') + stack.st(
                        str(
                            binascii.a2b_hex(
                                line.rsplit('$0x')[1].rsplit(',')[0].encode(
                                    'latin-1')).decode('latin-1')))
                shellcode = shellcode.replace(line, rep)
            if '%dx' in line:
                if _version is 2:
                    rep = str('66 ba') + stack.st(
                        str(
                            binascii.a2b_hex(
                                line.rsplit('$0x')[1].rsplit(',')[0])))
                if _version is 3:
                    rep = str('66 ba') + stack.st(
                        str(
                            binascii.a2b_hex(
                                line.rsplit('$0x')[1].rsplit(',')[0].encode(
                                    'latin-1')).decode('latin-1')))
                shellcode = shellcode.replace(line, rep)

        if 'add' in line:
            if '$0x' in line:
                if '%esp' in line.rsplit(',')[1]:
                    if _version is 2:
                        rep = str('83 c4') + stack.st(
                            str(
                                binascii.a2b_hex(
                                    stack.toHex(
                                        line.rsplit('$0x')[1].rsplit(',')
                                        [0]))))
                    if _version is 3:
                        rep = str('83 c4') + stack.st(
                            str(
                                binascii.a2b_hex(
                                    stack.toHex(
                                        line.rsplit('$0x')[1].rsplit(',')[0]).
                                    encode('latin-1')).decode('latin-1')))
                    shellcode = shellcode.replace(line, rep)

        if 'cmpl' in line:
            if '(%eax)' == line.rsplit(',')[1]:
                if _version is 2:
                    rep = str('81 38') + stack.st(
                        str(
                            binascii.a2b_hex(
                                line.rsplit('$0x')[1].rsplit(',')[0])))
                if _version is 3:
                    rep = str('81 38') + stack.st(
                        str(
                            binascii.a2b_hex(
                                line.rsplit('$0x')[1].rsplit(',')[0].encode(
                                    'latin-1')).decode('latin-1')))
                shellcode = shellcode.replace(line, rep)
            if '0x' in line.rsplit(',')[1]:
                if '%eax' in line:
                    if _version is 2:
                        rep = str('81 78') + stack.st(
                            str(
                                binascii.a2b_hex(
                                    stack.toHex(
                                        line.rsplit(',0x')[1].rsplit('(')[0])))
                        ) + stack.st(
                            str(
                                binascii.a2b_hex(
                                    line.rsplit('$0x')[1].rsplit(',')[0])))
                    if _version is 3:
                        rep = str('81 78') + stack.st(
                            str(
                                binascii.a2b_hex(
                                    stack.toHex(
                                        line.rsplit(',0x')[1].rsplit('(')[0]).
                                    encode('latin-1')).decode('latin-1'))
                        ) + stack.st(
                            str(
                                binascii.a2b_hex(
                                    line.rsplit('$0x')[1].rsplit(',')
                                    [0].encode('latin-1')).decode('latin-1')))
                    shellcode = shellcode.replace(line, rep)

        if 'jne' in line:
            rep = str('75') + hex(int('f4', 16) - last * 9)[2:]
            shellcode = shellcode.replace(line, rep, 1)
            last += 1
    shellcode = stack.shellcoder(shellcode.replace('\n', '').replace(' ', ''))
    return shellcode
Esempio n. 2
0
def convert(shellcode):
	shellcode = shellcode.replace('\n\n','\n').replace('\n\n','\n').replace('    ',' ').replace('   ',' ')
	for data in replace_values_static:
		shellcode = shellcode.replace(data,replace_values_static[data])
	new_shellcode = shellcode.rsplit('\n')
	dynamics = ''
	for line in new_shellcode:
		if 'xor' in line:
			if '$0x' in line:
				if '%eax' in line.rsplit(',')[1]:
					if len(line.rsplit(',')[0]) is 8 or len(line.rsplit(',')[0]) is 9:
						rep = str('83 f0') + str(line.rsplit('$0x')[1].rsplit(',')[0])
						shellcode = shellcode.replace(line,rep)
					if len(line.rsplit(',')[0]) >= 14:
						try:
							if _version is 2:
								rep = str('35') + str(stack.st(binascii.a2b_hex(str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('35') + str(stack.st((binascii.a2b_hex((line.rsplit('$0x')[1].rsplit(',')[0]).encode('latin-1'))).decode('latin-1')))
							shellcode = shellcode.replace(line,rep)
						except:
							if _version is 2:
								rep = str('35') + str(stack.st(binascii.a2b_hex(str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('35') + str(stack.st((binascii.a2b_hex((str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0])).encode('latin-1'))).decode('latin-1')))
						shellcode = shellcode.replace(line,rep)
				if '%ebx' in line.rsplit(',')[1]:
					if len(line.rsplit(',')[0]) >= 14:
						try:
							if _version is 2:
								rep = str('81 f3') + str(stack.st(binascii.a2b_hex(str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('81 f3') + str(stack.st((binascii.a2b_hex((line.rsplit('$0x')[1].rsplit(',')[0]).encode('latin-1'))).decode('latin-1')))
							shellcode = shellcode.replace(line,rep)
						except:
							if _version is 2:
								rep = str('81 f3') + str(stack.st(binascii.a2b_hex(str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('81 f3') + str(stack.st((binascii.a2b_hex((str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0])).encode('latin-1'))).decode('latin-1')))
						shellcode = shellcode.replace(line,rep)
				if '%ecx' in line.rsplit(',')[1]:
					if len(line.rsplit(',')[0]) >= 14:
						try:
							if _version is 2:
								rep = str('81 f1') + str(stack.st(binascii.a2b_hex(str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('81 f1') + str(stack.st((binascii.a2b_hex((line.rsplit('$0x')[1].rsplit(',')[0]).encode('latin-1'))).decode('latin-1')))
							shellcode = shellcode.replace(line,rep)
						except:
							if _version is 2:
								rep = str('81 f1') + str(stack.st(binascii.a2b_hex(str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('81 f1') + str(stack.st((binascii.a2b_hex((str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0])).encode('latin-1'))).decode('latin-1')))
						shellcode = shellcode.replace(line,rep)
				if '%edx' in line.rsplit(',')[1]:
					if len(line.rsplit(',')[0]) >= 14:
						try:
							if _version is 2:
								rep = str('81 f2') + str(stack.st(binascii.a2b_hex(str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('81 f2') + str(stack.st((binascii.a2b_hex((line.rsplit('$0x')[1].rsplit(',')[0]).encode('latin-1'))).decode('latin-1')))
							shellcode = shellcode.replace(line,rep)
						except:
							if _version is 2:
								rep = str('81 f2') + str(stack.st(binascii.a2b_hex(str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('81 f2') + str(stack.st((binascii.a2b_hex((str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0])).encode('latin-1'))).decode('latin-1')))
						shellcode = shellcode.replace(line,rep)
				
		if 'add' in line:
			if '$0x' in line:
				if '%eax' in line.rsplit(',')[1]:
					if len(line.rsplit(',')[0]) is 8 or len(line.rsplit(',')[0]) is 9:
						rep = str('83 c0') + str(line.rsplit('$0x')[1].rsplit(',')[0])
						shellcode = shellcode.replace(line,rep)
					if len(line.rsplit(',')[0]) >= 14:
						try:
							if _version is 2:
								rep = str('05') + str(stack.st(binascii.a2b_hex(str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('05') + str(stack.st((binascii.a2b_hex((line.rsplit('$0x')[1].rsplit(',')[0]).encode('latin-1'))).decode('latin-1')))
							shellcode = shellcode.replace(line,rep)
						except:
							if _version is 2:
								rep = str('05') + str(stack.st(binascii.a2b_hex(str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('05') + str(stack.st((binascii.a2b_hex((str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0])).encode('latin-1'))).decode('latin-1')))
						shellcode = shellcode.replace(line,rep)
				if '%ebx' in line.rsplit(',')[1]:
					if len(line.rsplit(',')[0]) >= 14:
						try:
							if _version is 2:
								rep = str('81 c3') + str(stack.st(binascii.a2b_hex(str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('81 c3') + str(stack.st((binascii.a2b_hex((line.rsplit('$0x')[1].rsplit(',')[0]).encode('latin-1'))).decode('latin-1')))
							shellcode = shellcode.replace(line,rep)
						except:
							if _version is 2:
								rep = str('81 c3') + str(stack.st(binascii.a2b_hex(str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('81 c3') + str(stack.st((binascii.a2b_hex((str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0])).encode('latin-1'))).decode('latin-1')))
						shellcode = shellcode.replace(line,rep)
				if '%ecx' in line.rsplit(',')[1]:
					if len(line.rsplit(',')[0]) >= 14:
						try:
							if _version is 2:
								rep = str('81 c1') + str(stack.st(binascii.a2b_hex(str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('81 c1') + str(stack.st((binascii.a2b_hex((line.rsplit('$0x')[1].rsplit(',')[0]).encode('latin-1'))).decode('latin-1')))
							shellcode = shellcode.replace(line,rep)
						except:
							if _version is 2:
								rep = str('81 c1') + str(stack.st(binascii.a2b_hex(str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('81 c1') + str(stack.st((binascii.a2b_hex((str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0])).encode('latin-1'))).decode('latin-1')))
						shellcode = shellcode.replace(line,rep)
				if '%edx' in line.rsplit(',')[1]:
					if len(line.rsplit(',')[0]) >= 14:
						try:
							if _version is 2:
								rep = str('81 c2') + str(stack.st(binascii.a2b_hex(str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('81 c2') + str(stack.st((binascii.a2b_hex((line.rsplit('$0x')[1].rsplit(',')[0]).encode('latin-1'))).decode('latin-1')))
							shellcode = shellcode.replace(line,rep)
						except:
							if _version is 2:
								rep = str('81 c2') + str(stack.st(binascii.a2b_hex(str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('81 c2') + str(stack.st((binascii.a2b_hex((str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0])).encode('latin-1'))).decode('latin-1')))
						shellcode = shellcode.replace(line,rep)

		if 'sub' in line:
			if '$0x' in line:
				if '%eax' in line.rsplit(',')[1]:
					if len(line.rsplit(',')[0]) is 8 or len(line.rsplit(',')[0]) is 9:
						rep = str('83 e8') + str(line.rsplit('$0x')[1].rsplit(',')[0])
						shellcode = shellcode.replace(line,rep)

					if len(line.rsplit(',')[0]) >= 14:
						try:
							if _version is 2:
								rep = str('2d') + str(stack.st(binascii.a2b_hex(str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('2d') + str(stack.st((binascii.a2b_hex((line.rsplit('$0x')[1].rsplit(',')[0]).encode('latin-1'))).decode('latin-1')))
							shellcode = shellcode.replace(line,rep)
						except:
							if _version is 2:
								rep = str('2d') + str(stack.st(binascii.a2b_hex(str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('2d') + str(stack.st((binascii.a2b_hex((str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0])).encode('latin-1'))).decode('latin-1')))
						shellcode = shellcode.replace(line,rep)
				if '%ebx' in line.rsplit(',')[1]:
					if len(line.rsplit(',')[0]) >= 14:
						try:
							if _version is 2:
								rep = str('81 eb') + str(stack.st(binascii.a2b_hex(str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('81 eb') + str(stack.st((binascii.a2b_hex((line.rsplit('$0x')[1].rsplit(',')[0]).encode('latin-1'))).decode('latin-1')))
							shellcode = shellcode.replace(line,rep)
						except:
							if _version is 2:
								rep = str('81 eb') + str(stack.st(binascii.a2b_hex(str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('81 eb') + str(stack.st((binascii.a2b_hex((str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0])).encode('latin-1'))).decode('latin-1')))
						shellcode = shellcode.replace(line,rep)
				if '%ecx' in line.rsplit(',')[1]:
					if len(line.rsplit(',')[0]) >= 14:
						try:
							if _version is 2:
								rep = str('81 e9') + str(stack.st(binascii.a2b_hex(str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('81 e9') + str(stack.st((binascii.a2b_hex((line.rsplit('$0x')[1].rsplit(',')[0]).encode('latin-1'))).decode('latin-1')))
							shellcode = shellcode.replace(line,rep)
						except:
							if _version is 2:
								rep = str('81 e9') + str(stack.st(binascii.a2b_hex(str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('81 e9') + str(stack.st((binascii.a2b_hex((str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0])).encode('latin-1'))).decode('latin-1')))
						shellcode = shellcode.replace(line,rep)
				if '%edx' in line.rsplit(',')[1]:
					if len(line.rsplit(',')[0]) >= 14:
						try:
							if _version is 2:
								rep = str('81 ea') + str(stack.st(binascii.a2b_hex(str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('81 ea') + str(stack.st((binascii.a2b_hex((line.rsplit('$0x')[1].rsplit(',')[0]).encode('latin-1'))).decode('latin-1')))
							shellcode = shellcode.replace(line,rep)
						except:
							if _version is 2:
								rep = str('81 ea') + str(stack.st(binascii.a2b_hex(str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0]))))
							if _version is 3:
								rep = str('81 ea') + str(stack.st((binascii.a2b_hex((str('0')+str(line.rsplit('$0x')[1].rsplit(',')[0])).encode('latin-1'))).decode('latin-1')))
						shellcode = shellcode.replace(line,rep)
		if 'mov $0x' in line:
			if len(line) is 13 or len(line) is 12:
				if '%al' in line.rsplit(',')[1]:
					rep = str('b0') + str(line.rsplit('$0x')[1].rsplit(',')[0])
					shellcode = shellcode.replace(line,rep)
				if '%bl' in line.rsplit(',')[1]:
					rep = str('b3') + str(line.rsplit('$0x')[1].rsplit(',')[0])
		if 'push $0x' in line:
			if len(line) is 9:
				rep = str('6a0') + str(line.rsplit('$0x')[1])
				shellcode = shellcode.replace(line,rep,1)
			if len(line) is 10:
				rep = str('6a') + str(line.rsplit('$0x')[1])
				shellcode = shellcode.replace(line,rep,1)
			if len(line) is 15:
				if _version is 2:
					rep = str('68') + stack.st(str(binascii.a2b_hex(str('0') + str(line.rsplit('$0x')[1]))))
				if _version is 3:
					rep = str('68') + stack.st((binascii.a2b_hex((str('0') + str(line.rsplit('$0x')[1])).encode('latin-1'))).decode('latin-1'))
				shellcode = shellcode.replace(line,rep)
			if len(line) is 16:
				if _version is 2:
					rep = str('68') + stack.st(str(binascii.a2b_hex(str(line.rsplit('$0x')[1]))))
				if _version is 3:
					rep = str('68') + stack.st(((binascii.a2b_hex((line.rsplit('$0x')[1]).encode('latin-1'))).decode('latin-1')))
				shellcode = shellcode.replace(line,rep)
	shellcode = stack.shellcoder(shellcode.replace('\n','').replace(' ',''))
	return shellcode
Esempio n. 3
0
def convert(shellcode):
    shellcode = shellcode.replace('\n\n', '\n').replace('\n\n', '\n').replace(
        '    ', ' ').replace('   ', ' ')
    for data in replace_values_static:
        shellcode = shellcode.replace(data, replace_values_static[data])
    new_shellcode = shellcode.rsplit('\n')
    dynamics = ''
    for line in new_shellcode:
        if 'xor' in line:
            if '$0x' in line:
                if '%eax' in line.rsplit(',')[1]:
                    if len(line.rsplit(',')[0]) is 8 or len(
                            line.rsplit(',')[0]) is 9:
                        rep = str('83 f0') + str(
                            line.rsplit('$0x')[1].rsplit(',')[0])
                        shellcode = shellcode.replace(line, rep)
                    if len(line.rsplit(',')[0]) >= 14:
                        try:
                            if _version is 2:
                                rep = str('35') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('35') + str(
                                    stack.st((binascii.a2b_hex(
                                        (line.rsplit('$0x')[1].rsplit(',')[0]).
                                        encode('latin-1'))).decode('latin-1')))
                            shellcode = shellcode.replace(line, rep)
                        except:
                            if _version is 2:
                                rep = str('35') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str('0') + str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('35') + str(
                                    stack.st((binascii.a2b_hex((str('0') + str(
                                        line.rsplit('$0x')[1].rsplit(',')[0]
                                    )).encode('latin-1'))).decode('latin-1')))
                        shellcode = shellcode.replace(line, rep)
                if '%ebx' in line.rsplit(',')[1]:
                    if len(line.rsplit(',')[0]) >= 14:
                        try:
                            if _version is 2:
                                rep = str('81 f3') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('81 f3') + str(
                                    stack.st((binascii.a2b_hex(
                                        (line.rsplit('$0x')[1].rsplit(',')[0]).
                                        encode('latin-1'))).decode('latin-1')))
                            shellcode = shellcode.replace(line, rep)
                        except:
                            if _version is 2:
                                rep = str('81 f3') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str('0') + str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('81 f3') + str(
                                    stack.st((binascii.a2b_hex((str('0') + str(
                                        line.rsplit('$0x')[1].rsplit(',')[0]
                                    )).encode('latin-1'))).decode('latin-1')))
                        shellcode = shellcode.replace(line, rep)
                if '%ecx' in line.rsplit(',')[1]:
                    if len(line.rsplit(',')[0]) >= 14:
                        try:
                            if _version is 2:
                                rep = str('81 f1') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('81 f1') + str(
                                    stack.st((binascii.a2b_hex(
                                        (line.rsplit('$0x')[1].rsplit(',')[0]).
                                        encode('latin-1'))).decode('latin-1')))
                            shellcode = shellcode.replace(line, rep)
                        except:
                            if _version is 2:
                                rep = str('81 f1') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str('0') + str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('81 f1') + str(
                                    stack.st((binascii.a2b_hex((str('0') + str(
                                        line.rsplit('$0x')[1].rsplit(',')[0]
                                    )).encode('latin-1'))).decode('latin-1')))
                        shellcode = shellcode.replace(line, rep)
                if '%edx' in line.rsplit(',')[1]:
                    if len(line.rsplit(',')[0]) >= 14:
                        try:
                            if _version is 2:
                                rep = str('81 f2') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('81 f2') + str(
                                    stack.st((binascii.a2b_hex(
                                        (line.rsplit('$0x')[1].rsplit(',')[0]).
                                        encode('latin-1'))).decode('latin-1')))
                            shellcode = shellcode.replace(line, rep)
                        except:
                            if _version is 2:
                                rep = str('81 f2') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str('0') + str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('81 f2') + str(
                                    stack.st((binascii.a2b_hex((str('0') + str(
                                        line.rsplit('$0x')[1].rsplit(',')[0]
                                    )).encode('latin-1'))).decode('latin-1')))
                        shellcode = shellcode.replace(line, rep)

        if 'add' in line:
            if '$0x' in line:
                if '%eax' in line.rsplit(',')[1]:
                    if len(line.rsplit(',')[0]) is 8 or len(
                            line.rsplit(',')[0]) is 9:
                        rep = str('83 c0') + str(
                            line.rsplit('$0x')[1].rsplit(',')[0])
                        shellcode = shellcode.replace(line, rep)
                    if len(line.rsplit(',')[0]) >= 14:
                        try:
                            if _version is 2:
                                rep = str('05') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('05') + str(
                                    stack.st((binascii.a2b_hex(
                                        (line.rsplit('$0x')[1].rsplit(',')[0]).
                                        encode('latin-1'))).decode('latin-1')))
                            shellcode = shellcode.replace(line, rep)
                        except:
                            if _version is 2:
                                rep = str('05') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str('0') + str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('05') + str(
                                    stack.st((binascii.a2b_hex((str('0') + str(
                                        line.rsplit('$0x')[1].rsplit(',')[0]
                                    )).encode('latin-1'))).decode('latin-1')))
                        shellcode = shellcode.replace(line, rep)
                if '%ebx' in line.rsplit(',')[1]:
                    if len(line.rsplit(',')[0]) >= 14:
                        try:
                            if _version is 2:
                                rep = str('81 c3') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('81 c3') + str(
                                    stack.st((binascii.a2b_hex(
                                        (line.rsplit('$0x')[1].rsplit(',')[0]).
                                        encode('latin-1'))).decode('latin-1')))
                            shellcode = shellcode.replace(line, rep)
                        except:
                            if _version is 2:
                                rep = str('81 c3') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str('0') + str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('81 c3') + str(
                                    stack.st((binascii.a2b_hex((str('0') + str(
                                        line.rsplit('$0x')[1].rsplit(',')[0]
                                    )).encode('latin-1'))).decode('latin-1')))
                        shellcode = shellcode.replace(line, rep)
                if '%ecx' in line.rsplit(',')[1]:
                    if len(line.rsplit(',')[0]) >= 14:
                        try:
                            if _version is 2:
                                rep = str('81 c1') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('81 c1') + str(
                                    stack.st((binascii.a2b_hex(
                                        (line.rsplit('$0x')[1].rsplit(',')[0]).
                                        encode('latin-1'))).decode('latin-1')))
                            shellcode = shellcode.replace(line, rep)
                        except:
                            if _version is 2:
                                rep = str('81 c1') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str('0') + str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('81 c1') + str(
                                    stack.st((binascii.a2b_hex((str('0') + str(
                                        line.rsplit('$0x')[1].rsplit(',')[0]
                                    )).encode('latin-1'))).decode('latin-1')))
                        shellcode = shellcode.replace(line, rep)
                if '%edx' in line.rsplit(',')[1]:
                    if len(line.rsplit(',')[0]) >= 14:
                        try:
                            if _version is 2:
                                rep = str('81 c2') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('81 c2') + str(
                                    stack.st((binascii.a2b_hex(
                                        (line.rsplit('$0x')[1].rsplit(',')[0]).
                                        encode('latin-1'))).decode('latin-1')))
                            shellcode = shellcode.replace(line, rep)
                        except:
                            if _version is 2:
                                rep = str('81 c2') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str('0') + str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('81 c2') + str(
                                    stack.st((binascii.a2b_hex((str('0') + str(
                                        line.rsplit('$0x')[1].rsplit(',')[0]
                                    )).encode('latin-1'))).decode('latin-1')))
                        shellcode = shellcode.replace(line, rep)

        if 'sub' in line:
            if '$0x' in line:
                if '%eax' in line.rsplit(',')[1]:
                    if len(line.rsplit(',')[0]) is 8 or len(
                            line.rsplit(',')[0]) is 9:
                        rep = str('83 e8') + str(
                            line.rsplit('$0x')[1].rsplit(',')[0])
                        shellcode = shellcode.replace(line, rep)

                    if len(line.rsplit(',')[0]) >= 14:
                        try:
                            if _version is 2:
                                rep = str('2d') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('2d') + str(
                                    stack.st((binascii.a2b_hex(
                                        (line.rsplit('$0x')[1].rsplit(',')[0]).
                                        encode('latin-1'))).decode('latin-1')))
                            shellcode = shellcode.replace(line, rep)
                        except:
                            if _version is 2:
                                rep = str('2d') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str('0') + str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('2d') + str(
                                    stack.st((binascii.a2b_hex((str('0') + str(
                                        line.rsplit('$0x')[1].rsplit(',')[0]
                                    )).encode('latin-1'))).decode('latin-1')))
                        shellcode = shellcode.replace(line, rep)
                if '%ebx' in line.rsplit(',')[1]:
                    if len(line.rsplit(',')[0]) >= 14:
                        try:
                            if _version is 2:
                                rep = str('81 eb') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('81 eb') + str(
                                    stack.st((binascii.a2b_hex(
                                        (line.rsplit('$0x')[1].rsplit(',')[0]).
                                        encode('latin-1'))).decode('latin-1')))
                            shellcode = shellcode.replace(line, rep)
                        except:
                            if _version is 2:
                                rep = str('81 eb') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str('0') + str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('81 eb') + str(
                                    stack.st((binascii.a2b_hex((str('0') + str(
                                        line.rsplit('$0x')[1].rsplit(',')[0]
                                    )).encode('latin-1'))).decode('latin-1')))
                        shellcode = shellcode.replace(line, rep)
                if '%ecx' in line.rsplit(',')[1]:
                    if len(line.rsplit(',')[0]) >= 14:
                        try:
                            if _version is 2:
                                rep = str('81 e9') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('81 e9') + str(
                                    stack.st((binascii.a2b_hex(
                                        (line.rsplit('$0x')[1].rsplit(',')[0]).
                                        encode('latin-1'))).decode('latin-1')))
                            shellcode = shellcode.replace(line, rep)
                        except:
                            if _version is 2:
                                rep = str('81 e9') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str('0') + str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('81 e9') + str(
                                    stack.st((binascii.a2b_hex((str('0') + str(
                                        line.rsplit('$0x')[1].rsplit(',')[0]
                                    )).encode('latin-1'))).decode('latin-1')))
                        shellcode = shellcode.replace(line, rep)
                if '%edx' in line.rsplit(',')[1]:
                    if len(line.rsplit(',')[0]) >= 14:
                        try:
                            if _version is 2:
                                rep = str('81 ea') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('81 ea') + str(
                                    stack.st((binascii.a2b_hex(
                                        (line.rsplit('$0x')[1].rsplit(',')[0]).
                                        encode('latin-1'))).decode('latin-1')))
                            shellcode = shellcode.replace(line, rep)
                        except:
                            if _version is 2:
                                rep = str('81 ea') + str(
                                    stack.st(
                                        binascii.a2b_hex(
                                            str('0') + str(
                                                line.rsplit('$0x')[1].rsplit(
                                                    ',')[0]))))
                            if _version is 3:
                                rep = str('81 ea') + str(
                                    stack.st((binascii.a2b_hex((str('0') + str(
                                        line.rsplit('$0x')[1].rsplit(',')[0]
                                    )).encode('latin-1'))).decode('latin-1')))
                        shellcode = shellcode.replace(line, rep)
        if 'mov $0x' in line:
            if len(line) is 13 or len(line) is 12:
                if '%al' in line.rsplit(',')[1]:
                    rep = str('b0') + str(line.rsplit('$0x')[1].rsplit(',')[0])
                    shellcode = shellcode.replace(line, rep)
                if '%bl' in line.rsplit(',')[1]:
                    rep = str('b3') + str(line.rsplit('$0x')[1].rsplit(',')[0])
        if 'push $0x' in line:
            if len(line) is 9:
                rep = str('6a0') + str(line.rsplit('$0x')[1])
                shellcode = shellcode.replace(line, rep, 1)
            if len(line) is 10:
                rep = str('6a') + str(line.rsplit('$0x')[1])
                shellcode = shellcode.replace(line, rep, 1)
            if len(line) is 15:
                if _version is 2:
                    rep = str('68') + stack.st(
                        str(
                            binascii.a2b_hex(
                                str('0') + str(line.rsplit('$0x')[1]))))
                if _version is 3:
                    rep = str('68') + stack.st((binascii.a2b_hex(
                        (str('0') + str(line.rsplit('$0x')[1])
                         ).encode('latin-1'))).decode('latin-1'))
                shellcode = shellcode.replace(line, rep)
            if len(line) is 16:
                if _version is 2:
                    rep = str('68') + stack.st(
                        str(binascii.a2b_hex(str(line.rsplit('$0x')[1]))))
                if _version is 3:
                    rep = str('68') + stack.st(((binascii.a2b_hex(
                        (line.rsplit('$0x')[1]).encode('latin-1'))
                                                 ).decode('latin-1')))
                shellcode = shellcode.replace(line, rep)
    shellcode = stack.shellcoder(shellcode.replace('\n', '').replace(' ', ''))
    return shellcode
Esempio n. 4
0
def convert(shellcode):
    shellcode = (
        shellcode.replace("\n\n", "\n").replace("\n\n", "\n").replace("    ", " ").replace("   ", " ").replace("	", " ")
    )
    for data in replace_values_static:
        shellcode = shellcode.replace(data, replace_values_static[data])

    new_shellcode = shellcode.rsplit("\n")
    last = 0
    for line in new_shellcode:
        if "push $0x" in line:
            if len(line) is 15:
                if _version is 2:
                    rep = str("68") + stack.st(str(binascii.a2b_hex(str("0") + str(line.rsplit("$0x")[1]))))
                if _version is 3:
                    rep = str("68") + stack.st(
                        str(binascii.a2b_hex(str("0") + line.rsplit("$0x")[1].encode("latin-1")).decode("latin-1"))
                    )
                shellcode = shellcode.replace(line, rep)
            if len(line) is 16:
                if _version is 2:
                    rep = str("68") + stack.st(str(binascii.a2b_hex(str(line.rsplit("$0x")[1]))))
                if _version is 3:
                    rep = str("68") + stack.st(
                        str(binascii.a2b_hex(line.rsplit("$0x")[1].encode("latin-1")).decode("latin-1"))
                    )
                shellcode = shellcode.replace(line, rep)

        if "mov $0x" in line:
            if "%ecx" in line.rsplit(",")[1]:
                if _version is 2:
                    rep = str("b9") + stack.st(str(binascii.a2b_hex(line.rsplit("$0x")[1].rsplit(",")[0])))
                if _version is 3:
                    rep = str("b9") + stack.st(
                        str(binascii.a2b_hex(line.rsplit("$0x")[1].rsplit(",")[0].encode("latin-1")).decode("latin-1"))
                    )
                shellcode = shellcode.replace(line, rep)

        if "mov 0x" in line:
            if "%eax" in line.rsplit(",")[0] and "%eax" in line.rsplit(",")[1]:
                rep = str("8b 40") + stack.toHex(line.rsplit("0x")[1].rsplit("(")[0])
                shellcode = shellcode.replace(line, rep)
            if "%eax" in line.rsplit(",")[0] and "%esi" in line.rsplit(",")[1]:
                rep = str("8b 70") + stack.toHex(line.rsplit("0x")[1].rsplit("(")[0])
                shellcode = shellcode.replace(line, rep)
            if "%eax" in line.rsplit(",")[0] and "%ebx" in line.rsplit(",")[1]:
                rep = str("8b 58") + stack.toHex(line.rsplit("0x")[1].rsplit("(")[0])
                shellcode = shellcode.replace(line, rep)
            if "%ebx" in line.rsplit(",")[0] and "%edx" in line.rsplit(",")[1]:
                rep = str("8b 53") + stack.toHex(line.rsplit("0x")[1].rsplit("(")[0])
                shellcode = shellcode.replace(line, rep)
            if "%edx" in line.rsplit(",")[0] and "%edx" in line.rsplit(",")[1]:
                rep = str("8b 52") + stack.toHex(line.rsplit("0x")[1].rsplit("(")[0])
                shellcode = shellcode.replace(line, rep)
            if "%edx" in line.rsplit(",")[0] and "%esi" in line.rsplit(",")[1]:
                rep = str("8b 72") + stack.toHex(line.rsplit("0x")[1].rsplit("(")[0])
                shellcode = shellcode.replace(line, rep)

        if "mov $0x" in line and len(line.rsplit("$0x")[1].rsplit(",")[0]) == 4:
            if "%cx" in line:
                if _version is 2:
                    rep = str("66 b9") + stack.st(str(binascii.a2b_hex(line.rsplit("$0x")[1].rsplit(",")[0])))
                if _version is 3:
                    rep = str("66 b9") + stack.st(
                        str(binascii.a2b_hex(line.rsplit("$0x")[1].rsplit(",")[0].encode("latin-1")).decode("latin-1"))
                    )
                shellcode = shellcode.replace(line, rep)
            if "%dx" in line:
                if _version is 2:
                    rep = str("66 ba") + stack.st(str(binascii.a2b_hex(line.rsplit("$0x")[1].rsplit(",")[0])))
                if _version is 3:
                    rep = str("66 ba") + stack.st(
                        str(binascii.a2b_hex(line.rsplit("$0x")[1].rsplit(",")[0].encode("latin-1")).decode("latin-1"))
                    )
                shellcode = shellcode.replace(line, rep)

        if "add" in line:
            if "$0x" in line:
                if "%esp" in line.rsplit(",")[1]:
                    if _version is 2:
                        rep = str("83 c4") + stack.st(
                            str(binascii.a2b_hex(stack.toHex(line.rsplit("$0x")[1].rsplit(",")[0])))
                        )
                    if _version is 3:
                        rep = str("83 c4") + stack.st(
                            str(
                                binascii.a2b_hex(
                                    stack.toHex(line.rsplit("$0x")[1].rsplit(",")[0]).encode("latin-1")
                                ).decode("latin-1")
                            )
                        )
                    shellcode = shellcode.replace(line, rep)

        if "cmpl" in line:
            if "(%eax)" == line.rsplit(",")[1]:
                if _version is 2:
                    rep = str("81 38") + stack.st(str(binascii.a2b_hex(line.rsplit("$0x")[1].rsplit(",")[0])))
                if _version is 3:
                    rep = str("81 38") + stack.st(
                        str(binascii.a2b_hex(line.rsplit("$0x")[1].rsplit(",")[0].encode("latin-1")).decode("latin-1"))
                    )
                shellcode = shellcode.replace(line, rep)
            if "0x" in line.rsplit(",")[1]:
                if "%eax" in line:
                    if _version is 2:
                        rep = (
                            str("81 78")
                            + stack.st(str(binascii.a2b_hex(stack.toHex(line.rsplit(",0x")[1].rsplit("(")[0]))))
                            + stack.st(str(binascii.a2b_hex(line.rsplit("$0x")[1].rsplit(",")[0])))
                        )
                    if _version is 3:
                        rep = (
                            str("81 78")
                            + stack.st(
                                str(
                                    binascii.a2b_hex(
                                        stack.toHex(line.rsplit(",0x")[1].rsplit("(")[0]).encode("latin-1")
                                    ).decode("latin-1")
                                )
                            )
                            + stack.st(
                                str(
                                    binascii.a2b_hex(line.rsplit("$0x")[1].rsplit(",")[0].encode("latin-1")).decode(
                                        "latin-1"
                                    )
                                )
                            )
                        )
                    shellcode = shellcode.replace(line, rep)

        if "jne" in line:
            rep = str("75") + hex(int("f4", 16) - last * 9)[2:]
            shellcode = shellcode.replace(line, rep, 1)
            last += 1
    shellcode = stack.shellcoder(shellcode.replace("\n", "").replace(" ", ""))
    return shellcode
Esempio n. 5
0
def convert(shellcode):
	shellcode = shellcode.replace('\n\n','\n').replace('\n\n','\n').replace('    ',' ').replace('   ',' ')
	for data in replace_values_static:
		shellcode = shellcode.replace(data,replace_values_static[data])

	new_shellcode = shellcode.rsplit('\n')
	last = 0
	for line in new_shellcode:
		if 'push $0x' in line:
			if len(line) is 16:
				if _version is 2:
					rep = str('68') + stack.st(str(binascii.a2b_hex(str(line.rsplit('$0x')[1]))))
				if _version is 3:
					rep = str('68') + stack.st(str(binascii.a2b_hex(line.rsplit('$0x')[1].encode('latin-1')).decode('latin-1')))
				shellcode = shellcode.replace(line,rep)

		if 'mov $0x' in line:
			if '%ecx' in line.rsplit(',')[1]:
				if _version is 2:
					rep = str('b9') + stack.st(str(binascii.a2b_hex(line.rsplit('$0x')[1].rsplit(',')[0])))
				if _version is 3:
					rep = str('b9') + stack.st(str(binascii.a2b_hex(line.rsplit('$0x')[1].rsplit(',')[0].encode('latin-1')).decode('latin-1')))
				shellcode = shellcode.replace(line,rep)

		if 'mov 0x' in line:
			if '%eax' in line.rsplit(',')[0] and '%eax' in line.rsplit(',')[1]:
				rep = str('8b 40') + stack.toHex(line.rsplit('0x')[1].rsplit('(')[0])
				shellcode = shellcode.replace(line,rep)
			if '%eax' in line.rsplit(',')[0] and '%esi' in line.rsplit(',')[1]:
				rep = str('8b 70') + stack.toHex(line.rsplit('0x')[1].rsplit('(')[0])
				shellcode = shellcode.replace(line,rep)
			if '%eax' in line.rsplit(',')[0] and '%ebx' in line.rsplit(',')[1]:
				rep = str('8b 58') + stack.toHex(line.rsplit('0x')[1].rsplit('(')[0])
				shellcode = shellcode.replace(line,rep)
			if '%ebx' in line.rsplit(',')[0] and '%edx' in line.rsplit(',')[1]:
				rep = str('8b 53') + stack.toHex(line.rsplit('0x')[1].rsplit('(')[0])
				shellcode = shellcode.replace(line,rep)
			if '%edx' in line.rsplit(',')[0] and '%edx' in line.rsplit(',')[1]:
				rep = str('8b 52') + stack.toHex(line.rsplit('0x')[1].rsplit('(')[0])
				shellcode = shellcode.replace(line,rep)
			if '%edx' in line.rsplit(',')[0] and '%esi' in line.rsplit(',')[1]:
				rep = str('8b 72') + stack.toHex(line.rsplit('0x')[1].rsplit('(')[0])
				shellcode = shellcode.replace(line,rep)

		if 'add' in line:
			if '$0x' in line:
				if '%esp' in line.rsplit(',')[1]:
					if _version is 2:
						rep = str('83 c4') + stack.st(str(binascii.a2b_hex(stack.toHex(line.rsplit('$0x')[1].rsplit(',')[0]))))
					if _version is 3:
						rep = str('83 c4') + stack.st(str(binascii.a2b_hex(stack.toHex(line.rsplit('$0x')[1].rsplit(',')[0]).encode('latin-1')).decode('latin-1')))
					shellcode = shellcode.replace(line,rep)

		if 'cmpl' in line:
			if '(%eax)' == line.rsplit(',')[1]:
				if _version is 2:
					rep = str('81 38') + stack.st(str(binascii.a2b_hex(line.rsplit('$0x')[1].rsplit(',')[0])))
				if _version is 3:
					rep = str('81 38') + stack.st(str(binascii.a2b_hex(line.rsplit('$0x')[1].rsplit(',')[0].encode('latin-1')).decode('latin-1')))
				shellcode = shellcode.replace(line,rep)
			if '0x' in line.rsplit(',')[1]:
				if '%eax' in line:
					if _version is 2:
						rep = str('81 78') + stack.st(str(binascii.a2b_hex(stack.toHex(line.rsplit(',0x')[1].rsplit('(')[0])))) + stack.st(str(binascii.a2b_hex(line.rsplit('$0x')[1].rsplit(',')[0])))
					if _version is 3:
						rep = str('81 78') + stack.st(str(binascii.a2b_hex(stack.toHex(line.rsplit(',0x')[1].rsplit('(')[0]).encode('latin-1')).decode('latin-1'))) + stack.st(str(binascii.a2b_hex(line.rsplit('$0x')[1].rsplit(',')[0].encode('latin-1')).decode('latin-1')))
					shellcode = shellcode.replace(line,rep)

		if 'jne' in line:
			rep = str('75') + hex(int('f4', 16) - last*9)[2:]
			shellcode = shellcode.replace(line,rep,1)
			last += 1
	shellcode = stack.shellcoder(shellcode.replace('\n','').replace(' ',''))
	return shellcode