ShenCode - ByteBert - Heckhausen.IT

ByteBert

Description

A polymorphic encoder, which also generates a polymorphic encoder stub

ByteBert is based on ByteSwap but provides more advanced features like:

no shellcode max size limit
variable registers which will be used for decoding the shellcode
option to vary the padding with NOP
automatic compile with nasm.exe

You have to provide nasm.exe in your shencode directory. Download your copy here.

Command

shencode encoder bytebert [-h] [-i INPUT] [-o OUTPUT] [-v]

options:
--help             show this help message and exit
--input INPUT      Input file to use with byteswap stub
--output OUTPUT    outputfile for byteswap stub
--variable-padding Inserts a random NOP to differ the padding

Example output

shencode encoder bytebert -i calc.raw -o bb.sc -v

[+] Random key: 122 (0x7a)
[+] Payload size: 251
[*] Stub generated with a size of 1898 bytes
[*] XORed payload added, size of shellcode 3172 bytes
[+] XOR encoded shellcode created in bb.sc