owasp / zsc Goto Github PK
View Code? Open in Web Editor NEWOWASP ZSC - Shellcode/Obfuscate Code Generator https://www.secologist.com/
Home Page: https://www.secologist.com/
License: Other
OWASP ZSC - Shellcode/Obfuscate Code Generator https://www.secologist.com/
Home Page: https://www.secologist.com/
License: Other
Hello friends,
There is a new issue which is when software is asking for a input from user to get a file to encode, If user push tab
key, It will not showing files list in current directory!
Software engine works like this:
zsc> obfuscate
zsc/obfuscate> javascript
filename> javascript
And what we are expecting is:
zsc> obfuscate
zsc/obfuscate> javascript
filename> [tab]
CHANGELOG.md LICENSE.md features_table.html installer.py readme.md uninstaller.py zsc.py
There are some documents available for users and developers which locate in here and could be useful!
I'll be so grateful if someone assist me with this issue.
Thank you.
Hello friends,
For a long time, OWASP ZSC shellcode and encoding modules database didn't update. To expansion software, We need to add some new shellcodes for new operation systems. There isn't any problem if operation system or encoding module is not listed in here, We will add it! There isn't any limitation. Remember, OSX
and Windows
have most priority for us now.
There are some documents available for users and developers which locate in here and could be useful!
I'll be so grateful if someone assist me with this issue.
Thank you.
When moving into a subcontext from the main menu (e.g. zsc/shellcode/generate>) issuing the "help" command switches back to the root context (i.e. zsc>).
This issue is twofold: a bugfix so that the "help" command doesn't switch contexts, and an enhancement to have the "help" command display help based on whatever context you are in (e.g. "zsc/shellcode> help" shows shellcode help)
zsc> shellcode
zsc/shellcode> generate
zsc/shellcode/generate> help
[+] shellcode generate shellcode
[+] shellcode>generate to generate shellcode
[+] shellcode>search search for shellcode in shellstorm
[+] obfuscate generate obfuscate code
[+] help show help menu
[+] update check for update
[+] about about owasp zsc
[+] restart restart the software
[+] version software version
[+] exit to exit the software
zsc>
I'll be glad to help with this as I have time.
with last commit the windows shellcode is not working. Here is the image to it http://i.imgur.com/GS6ZRkg.png I think it opcoder got messed up, have to look into it.
And I think again we have to discuss those changes as there were around 10k+ lines and In some places I think code was looking good before pep8 fixes like this (before and after ).
And at this stage I don't think we need pep8 fixes. Maybe later we can have pep8 fixes and we can also add about pep8 rules to be followed while contributing in documentation.
when zsc is asking for shellcode encoding type, it's like zsc>
and not showing path.
zsc/shellcode/generate/linux_x86/exec> file_to_execute
file_to_execute> /bin/bash
[+] file_to_execute set to "/bin/bash"
[+] none
[+] xor_random
[+] xor_yourvalue
[+] add_random
[+] add_yourvalue
[+] sub_random
[+] sub_yourvalue
[+] inc
[+] inc_timesyouwant
[+] dec
[+] dec_timesyouwant
[+] mix_all
[+] enter encode type
zsc> none
it's better to be like zsc/shellcode/generate/linux_x86/exec/encode_type
or something.
Add back
command to go back one step. It is very frustrating to restart from the beginning.
Is there any chance that this project will support python 3?
Could you provide more details which parameters and how this option should work? I don't get any specific parameters, not sure how this should work
zsc/shellcode/generate/windows_x86/disable_firewall>
The following info is not correct
Mailing List: https://lists.owasp.org/mailman/listinfo/owasp-zsc-tool-project
Contact US Now: owasp-zsc-tool-project[at]lists[dot]owasp[dot]org
Please set the google user group since we don't maintain access to the mailing list at OWASP
I'm using the last version, but update command is not working, it's not connected to github.
I will transfer this repo to zscproject github soon.
update.py
url = 'http://zsc.z3r0d4y.com/zsc_archive/last_version'
up_url = 'http://zsc.z3r0d4y.com/zsc_archive/'
______ __ _____ _____ ______ _____ _____
/ __ \ \ / /\ / ____| __ \ |___ // ____|/ ____|
| | | \ \ /\ / / \ | (___ | |__) | / /| (___ | |
| | | |\ \/ \/ / /\ \ \___ \| ___/ / / \___ \| |
| |__| | \ /\ / ____ \ ____) | | / /__ ____) | |____
\____/ \/ \/_/ \_\_____/|_| /_____|_____/ \_____|
OWASP ZeroDay Cyber Research Shellcoder
your software version: 1.1.0
last version released: 1.0.9
Downloading zcr_shellcoder_1.0.9.zip
Downloading: zcr_shellcoder_1.0.9.zip Bytes: 721223
(' 10 [0.00%]\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08',)
(' 20 [0.00%]\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08',)
(' 30 [0.00%]\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08',)
(' 40 [0.01%]\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08',)
(' 50 [0.01%]\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08',)
(' 60 [0.01%]\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08\x08',)Connection Error!
This table has an overview of available features/payloads.
http://zsc.z3r0d4y.com/table.html
Should provide some updates on Windows and OSX
gdb-peda$ shellcode zsc
[+] linux_x86
[+] linux_x64
[+] linux_arm
[+] linux_mips
[+] freebsd_x86
[+] freebsd_x64
[+] windows_x86
[+] windows_x64
[+] osx
[+] solaris_x64
[+] solaris_x86
os:osx
[+] exec('/path/file')
[+] chmod('/path/file','permission number')
[+] write('/path/file','text to write')
[+] file_create('/path/file','text to write')
[+] dir_create('/path/folder')
[+] download('url','filename')
[+] download_execute('url','filename','command to execute')
[+] system('command to execute')
job:system('echo yolo')
[+] none
[+] xor_random
[+] xor_yourvalue
[+] add_random
[+] add_yourvalue
[+] sub_random
[+] sub_yourvalue
[+] inc
[+] inc_timeyouwant
[+] dec
[+] dec_timeyouwant
[+] mix_all
encode:none
Connection to OWASP ZSC API api.z3r0d4y.com
"Note: system('echo yolo') function is not Activated for osx OS Yet, Please wait for update.To see available modules take a look at the features_table.html file in software folder."
gdb-peda$ shellcode zsc
[+] linux_x86
[+] linux_x64
[+] linux_arm
[+] linux_mips
[+] freebsd_x86
[+] freebsd_x64
[+] windows_x86
[+] windows_x64
[+] osx
[+] solaris_x64
[+] solaris_x86
os:osx
[+] exec('/path/file')
[+] chmod('/path/file','permission number')
[+] write('/path/file','text to write')
[+] file_create('/path/file','text to write')
[+] dir_create('/path/folder')
[+] download('url','filename')
[+] download_execute('url','filename','command to execute')
[+] system('command to execute')
job:exec('/bin/sh')
[+] none
[+] xor_random
[+] xor_yourvalue
[+] add_random
[+] add_yourvalue
[+] sub_random
[+] sub_yourvalue
[+] inc
[+] inc_timeyouwant
[+] dec
[+] dec_timeyouwant
[+] mix_all
encode:none
Connection to OWASP ZSC API api.z3r0d4y.com
"Note: exec('/bin/sh') function is not Activated for osx OS Yet, Please wait for update.To see available modules take a look at the features_table.html file in software folder."
gdb-peda$ shellcode zsc
[+] linux_x86
[+] linux_x64
[+] linux_arm
[+] linux_mips
[+] freebsd_x86
[+] freebsd_x64
[+] windows_x86
[+] windows_x64
[+] osx
[+] solaris_x64
[+] solaris_x86
os:windows_x86
[+] exec('/path/file')
[+] chmod('/path/file','permission number')
[+] write('/path/file','text to write')
[+] file_create('/path/file','text to write')
[+] dir_create('/path/folder')
[+] download('url','filename')
[+] download_execute('url','filename','command to execute')
[+] system('command to execute')
Many of the shellcodes which should work are not because maybe the api has not be updated. Also the shellcodes which are available in zsc are not being shown in gdb-peda, while those which are not available are being shown.
Where is the code for the api? Should we add it in zscproject and keep updating it regularly ?
encoding/obfuscation module should validate the extension of the file to be encoded, allowing encode on files that are not the chosen format
zsc/obfuscate> ruby
filename>
.DS_Store installer.py sharmincv.c
.gitignore readme.md uninstaller.py
CHANGELOG.md secret.c version
LICENSE.md sharmin zcr_shellcoder_1.0.9.zip
admin.c sharminc.c zsc.py
filename> secret.c
encode>
base64 base64_rev simple_hex simple_hex_rev
encode> base64
[+] file "secret.c" encoded successfully!
The following issue occurs in the interface. It skips the question of generating a '.c' file after user has selected no on 'output shellcode too (y or n)?
user answers 'n' and the following question should follow, to generate a .c file:
zsc/shellcode/generate>
linux_x86 osx_x86 windows_x86
zsc/shellcode/generate> osx_x86
zsc/shellcode/generate/osx_x86>
exec system
zsc/shellcode/generate/osx_x86> system
zsc/shellcode/generate/osx_x86/system> command_to_execute
command_to_execute> clear
[+] command_to_execute set to "clear"
[+] none
[+] enter encode type
zsc> none
Output assembly code?(y or n)> n
[+] Generated shellcode is:
\x68\x90\x90\x90\x72\x59\xc1\xe9\x10\xc1\xe9\x08\x51\x68\x63\x6c\x65\x61\x89\xe1\x68\x90\x90\x2d\x63\x5a\xc1\xea\x10\x52\x89\xe2\x68\x90\x2f\x73\x68\x5b\xc1\xeb\x08\x53\x68\x2f\x62\x69\x6e\x89\xe3\x31\xc0\x50\x51\x52\x53\x89\xe1\x31\xd2\x52\x51\x53\xb0\x3b\x6a\x2a\xcd\x80\xb0\x01\xb3\x01\xcd\x80
Shellcode output to .c file?(y or n)> n
zsc> generate
[+] Command not found!
zsc> shellcode
zsc/shellcode> generate
zsc/shellcode/generate>
linux_x86 osx_x86 windows_x86
zsc/shellcode/generate> osx_x86
zsc/shellcode/generate/osx_x86>
exec system
zsc/shellcode/generate/osx_x86> system
zsc/shellcode/generate/osx_x86/system> command_to_execute
command_to_execute> clear
[+] command_to_execute set to "clear"
[+] none
[+] enter encode type
zsc> none
Output assembly code?(y or n)> y
push $0x72909090
pop %ecx
shr $0x10,%ecx
shr $0x8,%ecx
push %ecx
push $0x61656c63
mov %esp,%ecx
push $0x632d9090
pop %edx
shr $0x10,%edx
push %edx
mov %esp,%edx
push $0x68732f90
pop %ebx
shr $0x8,%ebx
push %ebx
push $0x6e69622f
mov %esp,%ebx
xor %eax,%eax
push %eax
push %ecx
push %edx
push %ebx
mov %esp,%ecx
xor %edx,%edx
push %edx
push %ecx
push %ebx
mov $0x3b,%al
push $0x2a
int $0x80
mov $0x1,%al
mov $0x1,%bl
int $0x80
Output shellcode too?(y or n)> n
zsc>
Hello friends,
We need new ideas for adding new features and utilities to the software, If you feel something is unregarded or need to be add, change or something else please let us know.
There are some documents available for users and developers which locate in here and could be useful!
I'll be so grateful if someone assist me with this issue.
Thank you.
Output assembly code?(y or n)> n
Output shellcode to screen?(y or n)> n
Shellcode output to a .c file?(y or n)> y
Target .c file?> ../testZSC.c
Traceback (most recent call last):
File "/usr/share/owasp_zsc/zsc.py", line 23, in <module>
main() #execute main function
File "/usr/share/owasp_zsc/zsc.py", line 18, in main
_interface()
File "/usr/share/owasp_zsc/core/controller.py", line 23, in _interface
run.engine(commands) #run engine with user friendly interface
File "/usr/share/owasp_zsc/core/run.py", line 261, in engine
getcommand(commands)
File "/usr/share/owasp_zsc/core/run.py", line 197, in getcommand
file_output(target, func, data, os, encode, shellcode, shellcode_op)
UnboundLocalError: local variable 'shellcode_op' referenced before assignment
Sending a PR in a moment.
Yo, just try some test on zsc.Command line seems like buggy,
root@r00t-VirtualBox:/home/r00t/Desktop# zsc
Traceback (most recent call last):
File "/usr/share/owasp_zsc/zsc.py", line 11, in <module>
from core import run
File "/usr/share/owasp_zsc/core/run.py", line 25, in <module>
exec(compile(open('core/commands.py', "rb").read(), 'core/commands.py', 'exec'))
IOError: [Errno 2] No such file or directory: 'core/commands.py'
root@r00t-VirtualBox:/home/r00t/Desktop#
There you go, system informations;
root@r00t-VirtualBox:/home/r00t/Desktop# uname -a
Linux r00t-VirtualBox 4.2.0-16-generic #19-Ubuntu SMP Thu Oct 8 15:35:06 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
Good luck my friend :)
Working on it
quit
gives back Command not found!
hello friends,
I release that when we use a specific value for encoding shellcodes example( sub/xor/add_yourvalue ) it could make a null and there is if
in script it tries again if find \x00
in software.
for example run this command zsc.py -p windows_x86/exec/xor_0x41414141 -i calc.exe
, we need to check and if there is a null, return an error, also there is more, inc and dec also could make the nulls,
'%x'%(int('0x4f5ec401',16) - int('0x1',16)) '4f5ec400'
or
'%x'%(int('0x4f5ec4ff',16) + int('0x1',16))
'4f5ec500'
we need to return error and tell user this value make nulls or change value +1 or -1
@Pratik151 please notice that until you adding encoder and we not fix it
I suggest that you don't use an install.py file and just create a list of dependencies with instructions on how to install them.
Also create instructions on how to install it the way that the install.py file installs it, for if users don't want to run it just as standalone python program. (But assume that most people will just be running it from the directory where it is installed as standlone python program.)
Just notice that this project support only Linux based. However, is there any chance that this project will support OS X environment?
❯ sudo python installer.py
Password:
Sorry, This version of software just could be run on linux.
The following command does not get the latest version in the master branch:
wget https://github.com/zscproject/OWASP-ZSC/archive/master.zip \
-O owasp-zsc.zip && unzip owasp-zsc.zip && rm -rf owasp-zsc.zip &&
mv OWASP-ZSC-master owasp-zsc && cd owasp-zsc && python installer.py
Hello friends,
There is a unregarded item, which is missed in features, and that's manifest the path of user inputs.
example, in the main of software, We are seeing zsc>
to receive inputs from users.
our choices in first section are:
zsc> [pressed tab key]
about exit help obfuscate restart shellcode update version
but input indicator shouldn't be zsc>
after we elected shellcode
, and must change for each section.
Software engine works like this:
zsc> shellcode
zsc> [pressed tab key]
download generate search
zsc> generate
zsc> linux_x86
zsc> [pressed tab key]
chmod download exec script_executor write
dir_create download_execute file_create system
And what we are expecting is:
zsc> shellcode
zsc/shellcode> [pressed tab key]
download generate search
zsc/shellcode> generate
zsc/shellcode/generate> linux_x86
zsc/shellcode/generate/linux_x86> [pressed tab key]
chmod download exec script_executor write
dir_create download_execute file_create system
Note that, we must take care other main commands, This expecting is just for shellcode
and obfuscate
commands, because other commands [version
,update
,help
,restart
] don't have any sub-commands!
If you want to manage this issue with logging input keys, you have to notice that, sometimes keys are tab
or blank
or wrong inputs
and etc.
There is a temporary document for users and developers which locate in here and could be useful!
I'll be so grateful if someone assist me with this issue.
Thank you.
Continuous Integration is very useful for project development. Please go through this blog post
Working on it.
Steps to reproduce:
Choose zsc>shellcode>generate>osx_x86>system>command_to_execute
Set command to 'clear'
choose none as encoder type
Output assembly code?(y or n)> n
[+] Generated shellcode is:
\x68\x90\x90\x90\x72\x59\xc1\xe9\x10\xc1\xe9\x08\x51\x68\x63\x6c\x65\x61\x89\xe1\x68\x90\x90\x2d\x63\x5a\xc1\xea\x10\x52\x89\xe2\x68\x90\x2f\x73\x68\x5b\xc1\xeb\x08\x53\x68\x2f\x62\x69\x6e\x89\xe3\x31\xc0\x50\x51\x52\x53\x89\xe1\x31\xd2\x52\x51\x53\xb0\x3b\x6a\x2a\xcd\x80\xb0\x01\xb3\x01\xcd\x80
Issue: forgets to ask 'output shellcode too?(y or n)
Instead the shellcode is generate at once without requesting
This is small issue which I came across when I tried to install without root permissions.
When running installer.py
without root permission then it should exit with the message 'Sorry you must run this file as root.' but it is not and this error is raised :
Traceback (most recent call last):
File "installer.py", line 48, in <module>
linux_osx()
File "installer.py", line 23, in linux_osx
check_prv()
File "installer.py", line 20, in check_prv
if ctypes.windll.shell32.IsUserAnAdmin() != 1:
AttributeError: 'module' object has no attribute 'windll'
It is because the sys.exit()
only raises an exception and it is catched in next except block here.
A quick fix would be to catch only AttributeError
. I will make PR for this now.
compile example: gcc -ggdb -static -m32 -fno-stack-protector -z execstack -mpreferred-stack-boundary=2 -o shellcode_compiled
Since OS X(since version 10.6) doesn't support PowerPC architecture some of these gcc
flags like -mpreferred-stack-boundary
won't work...I'm looking for alternatives. Will send in a PR soon.
Although the option for other operating systems exists, the libraries do not exists yet. Should invest time in targeting multiple operating systems.
Only one of line 15 and line 63 can be correct.
@Pratik151 @Ali-Razmjoo
Hello friends,
There is a new issue which OWASP ZSC is not able to install/uninstall on windows
, We would better to solve this earlier.
There are some documents available for users and developers which locate in here and could be useful!
I'll be so grateful if someone assist me with this issue.
Thank you.
Hello friends,
New version of OWASP ZSC has a new feature that lets you convert the codes to obfuscated codes. We need to expansion this feature with adding more new modules. The software already has a simple instance. Please help us on development by sending your modules.
There are some documents available for users and developers which locate in here and could be useful!
I'll be so grateful if someone assist me with this issue.
Thank you.
Hello friends,
There is a new issue on python3
while using shell-storm
API and obfuscating codes.
zsc> obfuscate
zsc/obfuscate>
javascript php python
zsc/obfuscate> p
php python
zsc/obfuscate> python
filename> f.txt
encode> simple_hex
Traceback (most recent call last):
File "zsc.py", line 22, in <module>
main() #execute main function
File "zsc.py", line 18, in main
run.engine(commands) #run engine
File "C:\Users\Ali\Documents\GitHub\OWASP-ZSC\core\run.py", line 226, in engine
getcommand(commands)
File "C:\Users\Ali\Documents\GitHub\OWASP-ZSC\core\run.py", line 113, in getcommand
obf_code(option,encode,filename,content)
File "C:\Users\Ali\Documents\GitHub\OWASP-ZSC\core\obfuscate.py", line 12, in obf_code
content = start(content) #encoded content as returned value
File "C:\Users\Ali\Documents\GitHub\OWASP-ZSC\lib\encoder\python\simple_hex.py", line 57, in start
return str(str('\'\'\'\n')+str(content.replace('\'\'\'','\\\'\\\'\\\''))+str('\n\'\'\'') + str(encode(content))+str('\n'))
TypeError: a bytes-like object is required, not 'str'
zsc> shellcode
zsc/shellcode> search
keyword_to_search>
download generate search
keyword_to_search> ali razmjoo
Traceback (most recent call last):
File "zsc.py", line 22, in <module>
main() #execute main function
File "zsc.py", line 18, in main
run.engine(commands) #run engine
File "C:\Users\Ali\Documents\GitHub\OWASP-ZSC\core\run.py", line 226, in engine
getcommand(commands)
File "C:\Users\Ali\Documents\GitHub\OWASP-ZSC\core\run.py", line 74, in getcommand
_search_shellcode()
File "C:\Users\Ali\Documents\GitHub\OWASP-ZSC\lib\shell_storm_api\grab.py", line 31, in _search_shellcode
for shellcode_ in data.rsplit('\n'):
TypeError: a bytes-like object is required, not 'str'
I've forgotten to convert the bytes to strings.
There are some documents available for users and developers which locate in here and could be useful!
I'll be so grateful if someone assist me with this issue.
Thank you.
Please include examples that fit the OSX for users that want to use the example code right away
For the OSX we have an option in the menu when through the menu for payloads
zsc -l
....
[!] exec('file_to_execute')
[+] osx_x86/exec/none
From usability point of view, is this an example or a command that will generate automatically something for the user?
Hello friends,
We found a new bug in software while using python3 to run the software. restart
command doesn't work in python3.
The results of executing software with python2
zsc> shellcode
zsc/shellcode> generate
zsc/shellcode/generate> restart
zsc>
about help restart update
exit obfuscate shellcode version
zsc> shellcode
zsc/shellcode>
The results of executing software with python3
zsc> shellcode
zsc/shellcode> generate
zsc/shellcode/generate> restart
zsc/shellcode/generate>
about help restart update
exit obfuscate shellcode version
zsc/shellcode/generate> shellcode
[+] Command not found!
zsc/shellcode/generate>
There are some documents available for users and developers which locate in here and could be useful!
I'll be so grateful if someone assist me with this issue.
Thank you.
[root@localhost ZCR-Shellcoder-master]# python shellcoder.py -os linux_x86 -encode none -job chmod('/etc/shadow','777') -o file.txt
bash: syntax error near unexpected token `('
Trying to generate a payload from command line example
zsc -p windows_x86/add_admin/none -i mary password
-p is for selecting the payload
-i for the input
I get 'command not found'
Let me know if this is the right way to generate the payload
The command:
zsc -l
works fine in Mac but in windows it goes immediately to the interactive ZSC shell without displaying any payloads menu
In OSX I get:
Johannas-iMac:~ johannacuriel$ zsc -l
/ __ \ \ / /\ / _| __ \ | // __|/ |
| | | \ \ /\ / / \ | ( | |**) | / /| (** | |
| | | |\ / / / /\ \ ___ | **/ / / ** | |
| || | \ /\ / __ \ _) | | / / ) | |
**/ / // ___**/|| /|/ _____|
OWASP ZeroDay Cyber Research Shellcoder
[!] Note: Shellcode Payloads Sorted By OperatingSystem_Architecture/Function_Name/Encode_Name
[!] Note: Programming Languages Payloads Sorted By ProgrammingLanguagesName/Encode_Name
[!] system('command_to_execute')
[+] osx_x86/system/none
[!] exec('file_to_execute')
[+] osx_x86/exec/none
[!] add_admin('username','password')
[+] windows_x86/add_admin/none
[+] windows_x86/add_admin/xor_random
[+] windows_x86/add_admin/add_random
[+] windows_x86/add_admin/sub_random
[+] windows_x86/add_admin/xor_yourvalue
[!] download_exec('url','filename')
[+] windows_x86/download_exec/none
[+] windows_x86/download_exec/xor_random
[+] windows_x86/download_exec/add_random
[+] windows_x86/download_exec/sub_random
[+] windows_x86/download_exec/xor_yourvalue
[!] exec('file_to_execute')
[+] windows_x86/exec/none
[+] windows_x86/exec/xor_random
[+] windows_x86/exec/add_random
[+] windows_x86/exec/sub_random
[+] windows_x86/exec/xor_yourvalue
[!] disable_firewall()
[+] windows_x86/disable_firewall/none
[+] windows_x86/disable_firewall/xor_random
[+] windows_x86/disable_firewall/add_random
[+] windows_x86/disable_firewall/sub_random
[+] windows_x86/disable_firewall/xor_yourvalue
[!] download_tofile('url','filename')
[+] windows_x86/download_tofile/none
[+] windows_x86/download_tofile/xor_random
[+] windows_x86/download_tofile/add_random
[+] windows_x86/download_tofile/sub_random
[+] windows_x86/download_tofile/xor_yourvalue
[!] create_file('filename','content')
[+] windows_x86/create_file/none
[+] windows_x86/create_file/xor_random
[+] windows_x86/create_file/add_random
[+] windows_x86/create_file/sub_random
[+] windows_x86/create_file/xor_yourvalue
[!] dir_create('directory_to_create')
[+] windows_x86/dir_create/none
[+] windows_x86/dir_create/xor_random
[+] windows_x86/dir_create/add_random
[+] windows_x86/dir_create/sub_random
[+] windows_x86/dir_create/xor_yourvalue
[!] download_execute('download_url','filename','command_to_execute')
[+] linux_x86/download_execute/none
[+] linux_x86/download_execute/xor_random
[+] linux_x86/download_execute/xor_yourvalue
[+] linux_x86/download_execute/add_random
[+] linux_x86/download_execute/add_yourvalue
[+] linux_x86/download_execute/sub_random
[+] linux_x86/download_execute/sub_yourvalue
[+] linux_x86/download_execute/inc
[+] linux_x86/download_execute/inc_timesyouwant
[+] linux_x86/download_execute/dec
[+] linux_x86/download_execute/dec_timesyouwant
[+] linux_x86/download_execute/mix_all
[!] write('file_to_write','content')
[+] linux_x86/write/none
[+] linux_x86/write/xor_random
[+] linux_x86/write/xor_yourvalue
[+] linux_x86/write/add_random
[+] linux_x86/write/add_yourvalue
[+] linux_x86/write/sub_random
[+] linux_x86/write/sub_yourvalue
[+] linux_x86/write/inc
[+] linux_x86/write/inc_timesyouwant
[+] linux_x86/write/dec
[+] linux_x86/write/dec_timesyouwant
[+] linux_x86/write/mix_all
[!] file_create('filename','content')
[+] linux_x86/file_create/none
[+] linux_x86/file_create/xor_random
[+] linux_x86/file_create/xor_yourvalue
[+] linux_x86/file_create/add_random
[+] linux_x86/file_create/add_yourvalue
[+] linux_x86/file_create/sub_random
[+] linux_x86/file_create/sub_yourvalue
[+] linux_x86/file_create/inc
[+] linux_x86/file_create/inc_timesyouwant
[+] linux_x86/file_create/dec
[+] linux_x86/file_create/dec_timesyouwant
[+] linux_x86/file_create/mix_all
Hello,
right now by using zsc -l
or zsc --show-payloads
we can see all available payloads, except the shellcodes in shell-storm, i thinks it's cool if we could all available shellcodes in shellstorm too, for example:
zsc -l -s
or zsc --show-payloads --shell-storm
it will including the shellstorm shellcodes, but it will need internet connection too.
also for searching we need to add pattern, example:
zsc -l window_x86
will show windows x86 payloads But zsc -l windows
will return nothing, so we could use something like this zsc -l windows*
to show windows_x86 or x64[for future]zsc -l *exec*
to search all exec() function in all oszsc -l *xor_random
to show all xor_random encodes availablezsc -l windows*xor_random
show all windows xor_random encoding functions availablezsc -l -s *exec*
show all exec functions available in zsc and shell-storm ...Note: we can't handle exec or exec for shell-storm, it doesn't have a static pattern. just word to search in shellcode title.
@jowasp @paraschetal @Pratik151 @CodeMaxx ideas ?
I get the following issue when using the obfuscate module:
I use tab, I get 'simple_' as menu, when enter it gives me the error 'please enter a valid code name'
encode> simple_
[!] please enter a valid encode name
The menu shows this:
encode> simple_
simple_base64_rev simple_hex simple_hex_rev
the option [+] windows_x86/create_file/
parameters filename is clear but how should this content be provided?
I'm using Windows 7, i have installed python, and installed OWASP installer.py, i have opened ZSC.py, and the terminal is opened.
Can you kindly instruct me how to obfuscate the exploit in this py document. https://www.sendspace.com/file/dclz21
office exploit py.zip (60.45KB) - SendSpace.com
the zsc terminal is opened
what are the commands i use so that the py code in that document and shellcode in the doc file can be obfuscated and clean
Not sure exactly how this command should run, but I'm attempting the following. Please verify with me so I can make sure this is properly documented
Steps:
Create a .c file with command_to_execute 'clear'
zsc/shellcode/generate/osx_x86> system
zsc/shellcode/generate/osx_x86/system> command_to_execute
command_to_execute> clear
[+] command_to_execute set to "clear"
[+] none
[+] enter encode type
zsc> none
Output assembly code?(y or n)> y
....
Shellcode output to .c file?(y or n)> y
Target .c file?> clearme.c
[+] File saved as clearme.c .
Once generated compile and run
johannacuriel$ file clear
clear: Mach-O 64-bit executable x86_64
Johannas-iMac:owasp-zsc-master-5 johannacuriel$ gcc -o clearme clearme.c -m32
Johannas-iMac:owasp-zsc-master-5 johannacuriel$ file clearme
clearme: Mach-O executable i386
Get the following issue:
Johannas-iMac:owasp-zsc-master-5 johannacuriel$ ./clearme
TERM environment variable not set.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.