├── GoLink.exe
├── README.md
├── shellcode2exe.bat
└── yasm.exe


/GoLink.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/repnz/shellcode2exe/d18ac26e8ba6dc042a88aec90c5a29b4a1b68f50/GoLink.exe


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # shellcode2exe
 2 | 
 3 | Compile a binary shellcode blob into an exe file
 4 | 
 5 | As a malware researcher I do this mostly for shellcode debugging. 
 6 | Some researchers use "shellcode_launcher", but it's easier to convert the shellcode to exe because
 7 | it allows doing both static and dynamic analysis in IDA Pro.
 8 | 
 9 | The executable is created in 2 steps:
10 | 1) An assembly source file is created with an "incbin" directive
11 | 2) The assembly file is assembled with yasm into a .obj file
12 | 3) The .obj file is linked into a .exe file
13 | 4) The .obj and .asm files are removed
14 | 
15 | ```batch
16 | Required Arguments:
17 | - architecture: 32 or 64 (depending on the shellcode)
18 | - shellcode blob file name
19 | - Output executable file name
20 | ```
21 | 


--------------------------------------------------------------------------------
/shellcode2exe.bat:
--------------------------------------------------------------------------------
 1 | @echo off
 2 | @if "%1"=="" goto help
 3 | @if "%2"=="" goto help
 4 | @if "%3"=="" goto help
 5 | 
 6 | @echo Global Start > shellcode.asm
 7 | @echo SECTION 'foo' write, execute,read >> shellcode.asm
 8 | @echo Start:       >> shellcode.asm
 9 | @echo incbin "%2"  >> shellcode.asm
10 | @yasm.exe -f win%1 -o shellcode.obj shellcode.asm
11 | @golink /ni /fo %3 /entry Start shellcode.obj
12 | @del shellcode.asm
13 | @del shellcode.obj
14 | @dir %3*
15 | 
16 | @goto exit
17 | 
18 | @:help
19 | @echo Converts a shellcode blob to an executable
20 | @echo Required Arguments:
21 | @echo - architecture: 32 or 64 (depending on the shellcode)
22 | @echo - shellcode blob file name
23 | @echo - Output executable file name
24 | @:exit
25 | echo.


--------------------------------------------------------------------------------
/yasm.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/repnz/shellcode2exe/d18ac26e8ba6dc042a88aec90c5a29b4a1b68f50/yasm.exe


--------------------------------------------------------------------------------