ShenCode - Extract - Heckhausen.IT

Extract Module

Description

With extract it is possible to extract relevant bytes from a binary file. E.g. if you compile a shellcode as a binary o-file, this could be helpful.

Command

shencode core extract [-h] [-i INPUT] [-o OUTPUT] [-so START_OFFSET] [-eo END_OFFSET]

options:
--help            show this help message and exit
--input                 INPUTInput file for example module
--output                OUTPUTOutput file with extracted bytes
--start-offset          START_OFFSETbegin extraction from this offset
--end-offset            END_OFFSET extract until here

Example output

shencode core extract --input dev\calc.raw --output dev\temp.bs --start-offset 10 --end-offset 100
[+] [XTRACT] File exists
[i] [XTRACT] File: dev\calc.raw
[i] [XTRACT] Hash: 7c1bb19fe6606cfe29e750326db2972c4743e623
[*] try to open file
[+] reading calc.raw successful!
[*] extracting shellcode from 10 to 100
[+] written shellcode to temp.bs
[+] [XTRACT] File exists
[i] [XTRACT] File: dev\temp.bs
[i] [XTRACT] Hash: adb78a8fbf2c31ab722f5ff408a60a81eb2f692c