{"id":17383485,"url":"https://github.com/rcx/shellcode_encoder","last_synced_at":"2025-04-14T19:09:23.157Z","repository":{"id":176237979,"uuid":"148072749","full_name":"rcx/shellcode_encoder","owner":"rcx","description":"x64 printable shellcode encoder","archived":false,"fork":false,"pushed_at":"2020-03-20T20:47:15.000Z","size":12,"stargazers_count":155,"open_issues_count":0,"forks_count":24,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-04-14T19:09:13.334Z","etag":null,"topics":["exploit-development","shellcode","x86-64"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rcx.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-09-09T22:59:19.000Z","updated_at":"2025-01-22T12:35:17.000Z","dependencies_parsed_at":null,"dependency_job_id":"145b442e-d6f4-48f1-962f-cf4e0d072b0b","html_url":"https://github.com/rcx/shellcode_encoder","commit_stats":null,"previous_names":["rcx/shellcode_encoder"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rcx%2Fshellcode_encoder","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rcx%2Fshellcode_encoder/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rcx%2Fshellcode_encoder/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rcx%2Fshellcode_encoder/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rcx","download_url":"https://codeload.github.com/rcx/shellcode_encoder/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248943456,"owners_count":21186958,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["exploit-development","shellcode","x86-64"],"created_at":"2024-10-16T07:42:55.827Z","updated_at":"2025-04-14T19:09:23.103Z","avatar_url":"https://github.com/rcx.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# x64 printable shellcode encoder\n\n### Dependencies\n - pwntools (`pip install pwntools`)\n - z3 python bindings (`pip install z3-solver`)\n\n### Usage\n`./main.py \u003cshellcode file\u003e \u003cpointer to shellcode\u003e`\n\nFor the encoded shellcode to work it needs to be able to know where it will execute. This is done by passing the encoder a pointer to your shellcode. This should be an expression that is the address of the start of the shellcode in the victim's address space. For example, if rdx happens to point to your shellcode, use `rdx`. If the shellcode is always at 0x4001000, specify that. Etc. Also, if you want to use a negative offset you must use `base+-offset`. This is because I hacked the parser together really quickly.\n\n#### Examples\n- `./main.py shellcode.bin rcx`\n- `./main.py shellcode.bin [rsp+-8]`\n- `./main.py shellcode.bin 0x0123456789abcdef`\n- `./main.py shellcode.bin rbp+5`\n\n### Example output\n```\n$ python main.py shellcode.bin rax+0x150\nEncoding stage2\n488b0432 =\u003e 4863343a31343a53582d702835332d74205f5f35543c6f5f505e31343a57582d7c6f3f7e2d405042402d40407e41505f\n480faf44 =\u003e 4863343a31343a53582d505040792d743020693574703059505e31343a57582d7c6f3f7e2d405042402d40407e41505f\n32084889 =\u003e 4863343a31343a53582d244874202d5f606c20354f5f5736505e31343a57582d7c6f3f7e2d405042402d40407e41505f\n043a83c7 =\u003e 4863343a31343a53582d402233402d706020203554472f58505e31343a57582d7c6f3f7e2d405042402d40407e41505f\n0883c610 =\u003e 4863343a31343a53582d403346322d7020207e35582f5f5f505e31343a57582d7c6f3f7e2d405042402d40407e41505f\n85c075e8 =\u003e 4863343a31343a53582d204775202d202160403545575f77505e31343a57582d7c6f3f7e2d405042402d40407e41505f\nMultiply-encoding stage3\neb365f31c0040231 =\u003e 45375d7168724246 6f4047487268284e\nf60f054889c76681 =\u003e 456453557d232227 7e3e7d2d6b72697d\necff0f4889e648c7 =\u003e 615a285150304752 6c3f4c4848644a47\nc2ff0f000031c00f =\u003e 4178757b577d6869 423f6f5f41715055\n0531ff4080c70148 =\u003e 3d7d537e307c7458 694f37294a726258\n89c231c0ffc00f05 =\u003e 41233b202b406267 497538523e77406d\n31ff31c0043c0f05 =\u003e 43667e753a6f6443 7b5f2c5b2b444651\ne8c5ffffff2f7072 =\u003e 51424b2d33383b23 68457d3f3f2b7076\n6f632f666c616700 =\u003e 5d774b667832573f 3b553d6f4d7e5b55\nAssembling jump at +408\n\nEncoding preamble for rdx \u003c- rax+0x150\nPPTAYAXVI31VXXXf-0~f-@Bf-@\u003ePZ\n\nOriginal length: 72\nEncoded length:  556\nPreamble length: 29\nTotal length:    585\n\nPPTAYAXVI31VXXXf-0~f-@Bf-@\u003ePZTAYAXVI31VXPP[_Hc4:14:SX-p(53-t __5T\u003co_P^14:WX-|o?~-@PB@-@@~AP_Hc4:14:SX-PP@y-t0 i5tp0YP^14:WX-|o?~-@PB@-@@~AP_Hc4:14:SX-$Ht -_`l 5O_W6P^14:WX-|o?~-@PB@-@@~AP_Hc4:14:SX-@\"3@-p`  5TG/XP^14:WX-|o?~-@PB@-@@~AP_Hc4:14:SX-@3F2-p  ~5X/__P^14:WX-|o?~-@PB@-@@~AP_Hc4:14:SX- Gu - !`@5EW_wP^14:WX-|o?~-@PB@-@@~AP_SX- `Ba- @BA5X^{]P_Hc4:14:SX-*90 -E'  5n}?/P^14:WX-|o?~-@PB@-@@~AP_SX- `@a- @PA5\\^o]P^SX-@@@\"-y``~5____P_AAAAE7]qhrBFo@GHrh(NEdSU}#\"'~\u003e}-kri}aZ(QP0GRl?LHHdJGAxu{W}hiB?o_AqPU=}S~0|tXiO7)JrbXA#; +@bgIu8R\u003ew@mCf~u:odC{_,[+DFQQBK-38;#hE}??+pv]wKfx2W?;U=oM~[U\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frcx%2Fshellcode_encoder","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frcx%2Fshellcode_encoder","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frcx%2Fshellcode_encoder/lists"}