https://github.com/xacone/vsshellcodeextractor
Dumb Visual Studio Shellcode extractor w/ C like formating
https://github.com/xacone/vsshellcodeextractor
shellcode shellcodeextraction visualstudio
Last synced: about 1 month ago
JSON representation
Dumb Visual Studio Shellcode extractor w/ C like formating
- Host: GitHub
- URL: https://github.com/xacone/vsshellcodeextractor
- Owner: Xacone
- Created: 2023-10-13T19:31:48.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2024-07-19T23:09:17.000Z (over 1 year ago)
- Last Synced: 2025-03-16T06:18:01.848Z (11 months ago)
- Topics: shellcode, shellcodeextraction, visualstudio
- Language: Python
- Homepage:
- Size: 4.88 KB
- Stars: 2
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Visual Studio Shellcode Extractor 🐈⬛
Time-saving tool for extracting and formatting shellcode extracted from visual studio (and more).
Suppose you have the following content in a file named decompiled.txt :
```asm
40 53 push rbx
48 83 EC 30 sub rsp,30h
65 48 8B 04 25 60 00 00 00 mov rax,qword ptr gs:[60h]
33 DB xor ebx,ebx
48 8B 48 18 mov rcx,qword ptr [rax+18h]
...... blah blah
8B D0 mov edx,eax
41 0F B7 04 53 movzx eax,word ptr [r11+rdx*2]
```
The program extracts the shellcode and formats it in a C way :
```shell
>> python3 .\scextract.py .\decompiled.txt
unsigned char shellcode[] =
"\x40\x53\x48\x83\xEC\x30\x65\x48\x8B\x04\x25\x60\x00\x00\x00"
"\x33\xDB\x48\x8B\x48\x18\x48\x8B\x41\x20\x48\x8B\x08\x48\x8B"
"\x01\x4C\x8B\x40\x20\x49\x63\x40\x3C\x42\x8B\x8C\x00\x......";
```