shcode2exe - An alternative to shellcode2exe.bat

[accidentalrebel]

Good day,

I couldn't get shellcode2exe.bat to work (Something about read access denied) so I checked it's code and found out that the code is very simple and that it uses Wine to run.

I decided to make my own tool that does the same thing but does not require Wine and also runs on Linux and Windows. Here it is: https://github.com/accidentalrebel/shcode2exe

I believe that this would be an easier to use alternative that would be great for Remnux users. Of course, I am open to suggestions and comments to improve it further.

Thanks!

[lennyzeltser]

Thanks for creating this handy tool, @accidentalrebel! You're right, getting shellcode2exe.bat to run on Linux it tricky.

I was wondering whether you might be willing to tweak schcode2exe.py to use built-in Ubuntu tools, instead relying on the binary programs in the "tools" directory?

• I can preinstall the "nasm" package on REMnux, so your script would be able to first try using the "nasm" command in the PATH, and perhaps resort to the one in "tools" only if the PATH doesn't have "nasm".
• Regarding the linker: Is it practical for your script to use the "ld" command, which is already on REMnux, instead of the linkers supplied in the "tools" directory?

[accidentalrebel]

* I can preinstall the "nasm" package on REMnux, so your script would be able to first try using the "nasm" command in the PATH, and perhaps resort to the one in "tools" only if the PATH doesn't have "nasm".

This is a good idea. I'll be sure to do this.

* Regarding the linker: Is it practical for your script to use the "ld" command, which is already on REMnux, instead of the linkers supplied in the "tools" directory?

I remember having problems with the built in ld command on Linux when generating 64-bit exes, but that was during the early stages of me working on the tool. I'll revisit this and see if I could get it to work.

Will let you know once I've pushed and tested tbe changes. Thanks.

[digitalsleuth]

If you're interested, I saw your request yesterday and thought of a couple of ideas for a pull request which might save you some time. If you'd like, I can submit the pull request. I don't want to step on any toes, of course, just looking to be helpful.

If not though, the issues you would have had with ld are because you would need to specify the module you want for compilation: -m i386pe for 32-bit and -m i386pep for 64-bit.

Hope this helps!

[accidentalrebel]

@digitalsleuth I have no problems with that. Feel free to send a pull request so I can check. Thanks!

[accidentalrebel]

@lennyzeltser, I've merged @digitalsleuth 's pull request and was able to test that it is running well on both Linux and Windows.

The tool now checks for the existence of both nasm and ld, and then throws an error if they are not found. The binaries are still included in the tools folder for convenience, but I made a note on the README that it would still be better for users to install them on their machines.

Let me know if you guys have other comments and suggestions to further improve the tool. Thanks a lot!

[lennyzeltser]

@accidentalrebel, thanks for this! I added shcode2exe to REMnux: https://docs.remnux.org/discover-the-tools/dynamically+reverse-engineer+code/shellcode#shcode-2-exe

Thank you for the pull request, @digitalsleuth!

[accidentalrebel]

Thank you @lennyzeltser !

Just to clarify though, the tool does not create a Linux binary file. It can, however run on Linux.

So a more apt description for the docs would be:

Convert 32 and 64-bit shellcode to a Windows executable from Linux or Windows

Thanks!

[lennyzeltser]

Thanks for the clarification! I corrected the documentation.