ShellNoob 1.0 - a shellcode writing toolkit

Today I'm really happy to publicly release ShellNoob (and to publish my first blog post :-))

During the many CTFs I played, there always has been the need to manually write some shellcode (yep, most of time Metasploit is not enough, even if you are lucky and you get a working shellcode...)

Now, writing shellcode is always super fun, but some parts are extremely boring and error prone. And after googling for the n-th time "how to <put-anything-you-like-here>", I just got tired and I wrote shellnoob.py, a simple Python script that makes some boring steps less boring.

I bet that there are tons of similar scripts around the web, but I never found anything that had all the features I wanted. If you have suggestions, please ping me!

Alright, let's go to the meat. This is the list of features:

• convert shellcode between different formats (currently supported: asm, bin, hex, obj, exe, C, python, ruby, pretty)
• interactive opcode-to-binary conversion (and viceversa) mode. This is useful when you cannot use specific bytes in the shellcode.
• resolve syscall numbers and constants (not exactly implemented yet :-))
• portable: it only relies on gcc/as/objdump and python.
• easily deployable: it's just one python file!
• in-place development: you run ShellNoob directly on the target architecture!
• other options: prepend breakpoint, 32bit/64bit switch.
• read from stdin / write to stdout support (use "-" as filename)

Everything (i.e., the code, use cases, etc) is on github: https://github.com/reyammer/shellnoob

Check it out! Feedback, comments, and contributions are more than welcome!