https://github.com/tijme/relocatable

Boilerplate to develop raw and truly Position Independent Code (PIC).
https://github.com/tijme/relocatable

malware pic position-independent-code shellcode windows x64

Last synced: 23 days ago
JSON representation

Boilerplate to develop raw and truly Position Independent Code (PIC).

• Host: GitHub
• URL: https://github.com/tijme/relocatable
• Owner: tijme
• License: gpl-2.0
• Created: 2025-01-18T16:41:12.000Z (about 1 year ago)
• Default Branch: master
• Last Pushed: 2025-01-20T09:29:03.000Z (about 1 year ago)
• Last Synced: 2025-05-01T00:59:00.832Z (11 months ago)
• Topics: malware, pic, position-independent-code, shellcode, windows, x64
• Language: C
• Homepage:
• Size: 2.01 MB
• Stars: 51
• Watchers: 1
• Forks: 5
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Funding: .github/FUNDING.yml
  • License: LICENSE.md

Awesome Lists containing this project

README

          


    
Relocatable




    

        

      

    

        

      

    

        

    





    Boilerplate to develop raw and truly Position Independent Code (PIC).

    


    Built with ♥ by Tijme Gommers – Buy me a coffee via PayPal.

    






    Abstract

    •

    Getting started

    •

    Issues & requests

    •

    License & copyright





## Abstract

Sometimes you want to write Position Independent Code (PIC) in plain C (well, at least I do). Relocatable helps you do so. It allows you to write C-code that will be directly compiled into raw shellcode, which can be loaded into any process without the need for tools such as Donut or sRDI. An advantage is that the output size of the shellcode is extremely small (almost no overhead), and the shellcode remains simple.

## Getting started

Clone this repository first. Install the dependencies, then [review the code](https://github.com/tijme/relocatable/blob/master/.github/laughing.gif).

**Dependencies**

* [MinGW](https://formulae.brew.sh/formula/mingw-w64)

**Modify the code**

Adjust the code in `./src/main.c` to your needs. The included example code pops a message box.

**Compiling**

    make

**Usage**

Load `./dst/relocatable.x64.bin` using your shellcode loader (technique) of choice. You can also convert it to a c-code array using `xxd`.

    xxd -i dst/relocatable.x64.bin

This outputs about a 1000 bytes. An example is included below.

    unsigned char dst_relocatable_x64_bin[] = {

      0x55, 0x48, 0x89, 0xe5, 0xe8, 0x55, 0x03, 0x00, 0x00, 0x90, 0x5d, 0xc3,

      0x55, 0x48, 0x89, 0xe5, 0x48, 0x83, 0xec, 0x10, 0xc7, 0x45, 0xfc, 0x60,

      0x00, 0x00, 0x00, 0x8b, 0x45, 0xfc, 0x65, 0x48, 0x8b, 0x00, 0x48, 0x8

      -- snip --

## Issues & requests

Issues or new feature requests can be reported via the [issue tracker](https://github.com/tijme/relocatable/issues). Please make sure your issue or feature has not yet been reported by anyone else before submitting a new one.

## License & copyright

Copyright (c) 2025 Tijme Gommers. Relocatable is released under the GNU General Public License, version 2.0. View [LICENSE.md](https://github.com/tijme/relocatable/blob/master/LICENSE.md) for the full license. Relocatable was inspired by [ShellcodeStdio](https://github.com/jackullrich/ShellcodeStdio/tree/master), which is also licenced under the [GNU General Public License, version 2.0](https://github.com/zyantific/zydis/blob/master/LICENSE).