#!/usr/bin/env python3 #=============================================================================# # A simple python build script to build the singles/stages/stagers and # some usefull information such as offsets and a hex dump. The binary output # will be placed in the bin directory. A hex string and usefull comments will # be printed to screen. # # Example: # >python build.py stager_reverse_tcp_nx # # Example, to build everything: # >python build.py all > build_output.txt # # Author: Stephen Fewer (stephen_fewer[at]harmonysecurity[dot]com) #=============================================================================# import os import sys import time from subprocess import Popen from struct import pack def clean(dir='./bin/'): for root, dirs, files in os.walk(dir): for name in files: if name[-4:] == '.bin': os.remove(os.path.join(root, name)) def locate(src_file, dir='./src/'): for root, dirs, files in os.walk(dir): for name in files: if src_file == name: return root return None def build(name): location = locate('%s.asm' % name) if location: input = os.path.normpath(os.path.join(location, name)) output = os.path.normpath(os.path.join('./bin/', name)) p = Popen(['nasm', '-f bin', '-O3', '-o %s.bin' % output, '%s.asm' % input]) p.wait() xmit(name) else: print("[-] Unable to locate '%s.asm' in the src directory" % name) def xmit_dump_ruby(data, length=16): dump = '' for i in range(0, len(data), length): bytes = data[i: i+length] hex = "\"%s\"" % (''.join(['\\x%02X' % x for x in bytes])) if i+length <= len(data): hex += ' +' dump += '%s\n' % (hex) print(dump) def xmit_offset(data, name, value): offset = data.find(value) if offset != -1: print('# %s Offset: %d' % (name, offset)) def xmit(name, dump_ruby=True): bin = os.path.normpath(os.path.join('./bin/', '%s.bin' % name)) f = open(bin, 'rb') data = f.read() print('# Name: %s\n# Length: %d bytes' % (name, len(data))) xmit_offset(data, 'Port', pack('>H', 4444)) # 4444 xmit_offset(data, 'Host', pack('>L', 0x7F000001)) # 127.0.0.1 # kernel32.dll!ExitThread xmit_offset(data, 'ExitFunk', pack(']') else: print('# Built on %s\n' % (time.asctime(time.localtime()))) if argv[1] == 'clean': clean() elif argv[1] == 'all': for root, dirs, files in os.walk('./src/migrate/'): for name in files: if name[-4:] == '.asm': build(name[:-4]) for root, dirs, files in os.walk('./src/single/'): for name in files: if name[-4:] == '.asm': build(name[:-4]) for root, dirs, files in os.walk('./src/stage/'): for name in files: if name[-4:] == '.asm': build(name[:-4]) for root, dirs, files in os.walk('./src/stager/'): for name in files: if name[-4:] == '.asm': build(name[:-4]) else: build(argv[1]) if __name__ == '__main__': main()