Skip to content

Latest commit

 

History

History
148 lines (114 loc) · 4.9 KB

README.md

File metadata and controls

148 lines (114 loc) · 4.9 KB

Kuymak

Kuymak

A tasty cross-platform tool from Blacksea to inspect/debug/run shellcode.

Linguistic info: Kuymak is a regional meal of Turkey's Black Sea Region.

    __________________________________________________________________
   |         ...-...  .'\\   _   __                            _      |
   |      ./sh0mmm0hs+\  o  | | / /                           | |     |
   |    ./hmPS1SSSSSSm0y/:  | |/ / _   _ _   _ _ __ ___   __ _| | __  |
   |    +mq00000000000pm+   |    \| | | | | | | '_ ` _ \ / _` | |/ /  |
   |   .mq0001010011000pm.  | |\  \ |_| | |_| | | | | | | (_| |   <   |
 +=|   .mq0001000011000pm.  \_| \_/\__,_|\__, |_| |_| |_|\__,_|_|\_\  |=+
 | |    +mq00101010000pm+                 __/ |                       | |
 | |   //yomooooooooom0+.                |___/ github.com/blue-devil/ | |
 | |   \  y+sh0mmm0hs/.                                               | |
 | |    `-'  '''-''' To kuymak or not to kuymak, that's the question! | |
 | |__________________________________________________________________| |
 |         ____________________________________________________         |
 |      -+| @author   : Blue DeviL <[email protected]>   |+-      |
 |     |  | @version  : 0.4.0                                  |  |     |
 +<===>+--| @date     : 06/05/2023                             |--+<===>+
       |  | @license  : GPLv3                                  |  |
        -+| @info     : Cross-platform shellcode runner        |+-
          |____________________________________________________|

KUYMAK v0.4.0

[*] USAGE:
        kuymak -b shellcode.bin
        kuymak -c "\x0f\x01\xf8\xe8\x05\x00\x00\x00\x0f\x01\xf8\x48\xcf"

[*] Options:
        -b      shellcode as a binary
        -c      shellcode as char array (not implemented yet)
        -h      prints this help

Usage

Save your shellcode as a binary file. You can use HxD, xxd or use your favourite editor. Then give this shellcode binary with parameter -b.

kuymak -b shellcode.bin

You can run your shellcode with "\x" specifier directly from command line:

kuymak -c "\x48\x83\xEC\x28\x48 <snipped> \x00\x48\x8D"

Requirements

You only need GCC to build Kuymak.

  • Linux
    • Arch Linux/Manjaro: sudo pacman -S base-devel
    • Pisi GNU/Linux: sudo pisi it gcc
    • Fedora: sudo dnf install gcc-c++ make
    • Debian/Kali/Ubuntu: sudo apt install build-essential
  • macOS
    • Open terminal and run this command: xcode-select --install
  • Windows
    1. Install Mingw-w64 via MSYS2. Download the installer and install it.
    2. Alternatively you can use winget: winget install -e --id msys2.msys2
    3. After installation fire up MSYS2 shell and run: pacman -S --needed base-devel mingw-w64-x86_64-toolchain

Building

If you have GCC on your system building is very straightforward:

LINUX:

gcc -Wall kuymak.c -o kuymak

WINDOWS:

Windows x86_64:

x86_64-w64-mingw32-gcc -Wall kuymak.c -o kuymak

Windows x86_32:

i686-w64-mingw32-gcc -Wall kuymak.c -o kuymak

APPLE:

gcc -Wall kuymak.c -o kuymak

TODO

  • Make a version for macOS(use __APPLE__ preprocessor expression)
  • Create a shellcode runner
  • Ask user if he/she wants to run shellcode or not
  • Get rid of unistd+getopt dependency
  • Can we compile it with cl? Look for a workaround
  • Add changelog
  • Add, macOS "Hello, world!" shellcode
  • Publish releases
  • Shellcode in a new thread; do we need that?
  • Add, linux "Hello, world!" shellcode
  • Publish prebuilt ARM binaries
  • Parse and execute shellcode from console
  • Check if null bytes exist? And print info to user
  • Can i add an option of printing objdump output of given shellcode
  • Can i add an option of printing dumpbin output of given shellcode
  • Add sample shell code of execve
  • Add null-free sample shellcodes

Further Reading & Resources

Checkout other shellcode runner/debugger, pe2shellcode projects:

LICENSE

This project is licensed under GPLv3.