小贝子编程

将 exe 转换为十六进制以由 Python 运行



我想将应用程序存储为十六进制编码的字节数组,以便我可以使用python执行它。传统上,我使用 msfencode 创建了它,但后来它已被弃用。 我知道有msfvenom,但我想自己做,这样我就不必依赖另一个程序。

基本上,我想做的是读取一个文件并将其存储为十六进制编码的二进制数组。

例如,这是作为字节编码字节数组的Windows计算器(可在线找到):

 shellcode = bytearray(
 "xdbxc3xd9x74x24xf4xbexe8x5ax27x13x5fx31xc9" 
 "xb1x33x31x77x17x83xc7x04x03x9fx49xc5xe6xa3" 
 "x86x80x09x5bx57xf3x80xbex66x21xf6xcbxdbxf5" 
 "x7cx99xd7x7exd0x09x63xf2xfdx3exc4xb9xdbx71" 
 "xd5x0fxe4xddx15x11x98x1fx4axf1xa1xd0x9fxf0" 
 "xe6x0cx6fxa0xbfx5bxc2x55xcbx19xdfx54x1bx16" 
 "x5fx2fx1exe8x14x85x21x38x84x92x6axa0xaexfd" 
 "x4axd1x63x1exb6x98x08xd5x4cx1bxd9x27xacx2a" 
 "x25xebx93x83xa8xf5xd4x23x53x80x2ex50xeex93" 
 "xf4x2bx34x11xe9x8bxbfx81xc9x2ax13x57x99x20" 
 "xd8x13xc5x24xdfxf0x7dx50x54xf7x51xd1x2exdc" 
 "x75xbaxf5x7dx2fx66x5bx81x2fxcex04x27x3bxfc" 
 "x51x51x66x6axa7xd3x1cxd3xa7xebx1ex73xc0xda" 
 "x95x1cx97xe2x7fx59x67xa9x22xcbxe0x74xb7x4e" 
 "x6dx87x6dx8cx88x04x84x6cx6fx14xedx69x2bx92" 
 "x1dx03x24x77x22xb0x45x52x41x57xd6x3exa8xf2" 
 "x5exa4xb4")

我希望能够给它一个文件,并按照上面格式化。

您可以使用 Python 内置例程之一来执行此操作。下面假定data包含.exe文件的(二进制)内容。

import binascii
def pairwise(iterable):
    "s -> (s0,s1), (s2,s3), (s4, s5), ..."
    a = iter(iterable)
    return zip(a, a)
hex_encoded = '\x' + '\x'.join(pair[0]+pair[1]
                                    for pair in pairwise(binascii.hexlify(data)))
print('data length: {}'.format(len(data)))
print('hex_encoded length: {}, "{}"'.format(len(hex_encoded), hex_encoded))

输出:

data length: 227
hex_encoded length: 908, "xdbxc3xd9x74x24xf4xbexe8x5ax27x13x5fx31xc9xb1x33x31x77x17x83xc7x04x03x9fx49xc5xe6xa3x86x80x09x5bx57xf3x80xbex66x21xf6xcbxdbxf5x7cx99xd7x7exd0x09x63xf2xfdx3exc4xb9xdbx71xd5x0fxe4xddx15x11x98x1fx4axf1xa1xd0x9fxf0xe6x0cx6fxa0xbfx5bxc2x55xcbx19xdfx54x1bx16x5fx2fx1exe8x14x85x21x38x84x92x6axa0xaexfdx4axd1x63x1exb6x98x08xd5x4cx1bxd9x27xacx2ax25xebx93x83xa8xf5xd4x23x53x80x2ex50xeex93xf4x2bx34x11xe9x8bxbfx81xc9x2ax13x57x99x20xd8x13xc5x24xdfxf0x7dx50x54xf7x51xd1x2exdcx75xbaxf5x7dx2fx66x5bx81x2fxcex04x27x3bxfcx51x51x66x6axa7xd3x1cxd3xa7xebx1ex73xc0xdax95x1cx97xe2x7fx59x67xa9x22xcbxe0x74xb7x4ex6dx87x6dx8cx88x04x84x6cx6fx14xedx69x2bx92x1dx03x24x77x22xb0x45x52x41x57xd6x3exa8xf2x5exa4xb4"

不过,使用 base64 编码会更紧凑、更高效:

import base64
base64_encoded = base64.b64encode(data)
print('base64_encoded length: {}, "{}"'.format(len(base64_encoded), base64_encoded))

输出:

base64_encoded length: 304, "28PZdCT0vuhaJxNfMcmxMzF3F4PHBAOfScXmo4aACVtX84C+ZiH2y9v1fJnXftAJY/L9PsS523HVD+TdFRGYH0rxodCf8OYMb6C/W8JVyxnfVBsWXy8e6BSFITiEkmqgrv1K0WMetpgI1Uwb2SesKiXrk4Oo9dQjU4AuUO6T9Cs0EemLv4HJKhNXmSDYE8Uk3/B9UFT3UdEu3HW69X0vZluBL84EJzv8UVFmaqfTHNOn6x5zwNqVHJfif1lnqSLL4HS3Tm2HbYyIBIRsbxTtaSuSHQMkdyKwRVJBV9Y+qPJepLQ="

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium