Post

Storing/Reading shellcode in .bin files with C++

Learn to store and read shellcode in binary (.bin) files using C++ with sample code with detailed comments.

Posted
By WafflesExploits
2 min read

If you want to encrypt shellcode, storing it in a .bin file and using a C++ program like HellShell to handle the encryption makes the process much easier.

However, resources like Maldev Academy and CRTL often overlook how to create .bin files, and assume that you already know how to do it. Which wasn’t the case for me.

To help others fill this knowledge gap, I’ve decided to share a sample code with detailed comments, making it accessible for everyone to learn and understand this process. Happy hacking! :D

Table of Contents

Storing shellcode in .bin files

Output

  • Output image

Code

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

#include <iostream>
int main(int argc, char *argv[]) {
    // Check for the correct number of arguments  
    if (argc < 2) {
        printf("Usage: %s <output_filename>.bin\n", argv[0]);
        return 1;
    }
    // Define the variables
    char* output_file = argv[1];
    unsigned char shellcode[] = {0x99, 0x12, 0x15, 0x0C}; // Your shellcode goes into here.

    // Open a binary file for writing
    FILE *file = fopen(output_file, "wb");
    if (file == NULL) {
        perror("Error opening file");
        return 1;
    }

    // Write the shellcode to the file
    fwrite(shellcode, sizeof(shellcode), 1, file);

    // Close the file
    fclose(file);

    printf("Shellcode written to %s\n", output_file);
    return 0;
}

Reading .bin files to retrieve shellcode

Output

  • Output image

Code

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48

#include <iostream>
int main(int argc, char *argv[]) {
    // Check for the correct number of arguments  
    if (argc < 2) {
        printf("Usage: %s <input_filename>.bin\n", argv[0]);
        return 1;
    }
    // Define the variables
    char* input_file = argv[1];
    
    // Open the binary file for reading
    FILE *file = fopen(input_file, "rb"); // Opens file with read-mode "rb". "rb" is used for non-text files, while "r" is used for text files.
    if (file == NULL) {
        perror("Error opening file");
        return 1;
    }

    // Find the size of the file
    fseek(file, 0, SEEK_END); // moves the file pointer to the end of the file.
    long fileSize = ftell(file); // retrieves the current file pointer position, which is the size of the file.
    fseek(file, 0, SEEK_SET); // moves the file pointer back to the start so that subsequent read or write operations start from the beginning of the file.

    // Allocate memory to hold the shellcode
    unsigned char *shellcode = (unsigned char *)malloc(fileSize);
    if (shellcode == NULL) {
        perror("Memory allocation failed");
        fclose(file);
        return 1;
    }

    // Read the shellcode from the file and store it in the "shellcode" variable
    fread(shellcode, fileSize, 1, file);

    // Close the file
    fclose(file);

    // Print the shellcode as hexadecimal values
    printf("Shellcode read from %s:\n", input_file);
    for (long i = 0; i < fileSize; i++) {
        printf("0x%02x ", shellcode[i]);
    }
    printf("\n");

    // Free the allocated memory
    free(shellcode);

    return 0;
}
Malware, CPP, Hacking, Programming
Malware Malware Development Maldev C CPP Hacking Programming
This post is licensed under CC BY 4.0 by the author.