Address
304 North Cardinal St.
Dorchester Center, MA 02124
Work Hours
Monday to Friday: 7AM - 7PM
Weekend: 10AM - 5PM
Real busy week at work this week, so just going to go over a simply simple binary to hex converter in Python for converting binary files to hex encoded strings (for use in shellcode, exploits, etc.).
First, the script:
# -*- coding: utf-8 -*-
#!/usr/bin/env python
if __name__ == "__main__":
shellcode = "\""
ctr = 1
maxlen = 15
for b in open("win-exec-calc-shellcode.bin", "rb").read():
shellcode += "\\x" + b.encode("hex")
if ctr == maxlen:
shellcode += "\" +\n\""
ctr = 0
ctr += 1
shellcode += "\""
print shellcode
As you can see, it is great for situations like the win-exec-calc shellcode where they give you a binary or assembly and you need to easily convert it for your exploit.
Another case I tend to use this for fairly often is when I have a binary that will crash an application (either manually created or generated by a fuzzer). This allows me to more easily throw it into my exploits and/or modify it.
As I said, a short post and script this week, but hopefully a nice change from the boot2root walk-throughs.
The code and updates can always be found in my GitHub repository as well.
Ray Doyle is an avid pentester/security enthusiast/beer connoisseur who has worked in IT for almost 16 years now. From building machines and the software on them, to breaking into them and tearing it all down; he’s done it all. To show for it, he has obtained an OSCE, OSCP, eCPPT, GXPN, eWPT, eWPTX, SLAE, eMAPT, Security+, ICAgile CP, ITIL v3 Foundation, and even a sabermetrics certification!
He currently serves as a Senior Staff Adversarial Engineer for Avalara, and his previous position was a Principal Penetration Testing Consultant for Secureworks.
This page contains links to products that I may receive compensation from at no additional cost to you. View my Affiliate Disclosure page here. As an Amazon Associate, I earn from qualifying purchases.
