hckhsn

AlphaNum

2 min read

Alphanum

Description

No zero byte encoder, with polymorphic decoder stub

AlphaNum encodes every byte into 2 printable characters. This increases the shellcode size but you don’t have to worry about 0x00 bytes.

  • polymorphic decoder stub
  • variable registers which will be used for decoding the shellcode
  • variable instruction sets
  • automatic compile with nasm.exe
  • extract shellcode from compiled object file

You have to provide nasm.exe in your shencode directory. Download your copy here.

Workflow

  1. Load the payload
  2. Encode the payload with AlphaNum
  3. Create the stub with random registers and instructions
  4. Append the encoded payload
  5. Conpile with nasm
  6. Extract the .text section as final shellcode

Command

shencode encoder alphanum [-h] [-i INPUT] [-o OUTPUT] [-c] [-d] [-v NUM]
 
Encode bytes to alphanumeric output
 
options:
  -h, --help            show this help message and exit
  -i, --input           Input file to use
  -o, --output          Output file to use
 
Additional:
  -c, --compile         Compile object file and extract shellcode
  -d, --decode          Decode the input to bytes
  -v, --variable-padding
                        Inserts random NOPs to differ the padding
Example output
shencode encoder alphanum -i calc.raw -o calc_alphanum.bin -c
 
[AlphaNum]-[0.3.0]
[*] Try to open file calc.raw
┏━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ Key  ┃ Value                                    ┃
┡━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩
│ File │ calc.raw                                 │
│ Size │ 251.0 B                                  │
│ Hash │ 7c1bb19fe6606cfe29e750326db2972c4743e623
└──────┴──────────────────────────────────────────┘
[*] Encoder running...
100%|███████████████████████████████████████████████████████████████████████████| 251/251 [00:00<00:00, 2672005.85it/s]
[*] NOP inserted at line 28: lea esi,
[*] NOP inserted at line 33: xchg esi, esi
[*] NOP inserted at line 11: mov edi, edi
[*] Writing to file calc_alphanum.bin
┏━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ Key  ┃ Value                                    ┃
┡━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩
│ File │ calc_alphanum.bin                        │
│ Size │ 572.0 B                                  │
│ Hash │ 33540861e5d6e52efc401bb5e772843a6b622a22
└──────┴──────────────────────────────────────────┘
[+] Done!

JSON Parameter

ArgumentsValuesType
inputfilenamestr
ouputfilenamestr
decodetrue, falsebool
compiletrue, falsebool
variable_padding0int

Graphansicht

Backlinks