combiner

package module
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 5, 2024 License: MIT Imports: 4 Imported by: 0

README

x96-combiner

A tool to merge x86 and x64 shellcode to one that can run on x86/x64 at the same time.
This technique is referenced from DoublePulsar, it added some obfuscation instructions to circumvent the feature.

Usage

sc-combiner -x86 x86.bin -x64 x64.bin -o x96.bin

Development

// xor eax, eax
// add eax, 0x86
// ret
x86 := []byte{
	0x31, 0xC0,
	0x05, 0x86, 0x00, 0x00, 0x00,
	0xC3,
}
// xor eax, eax
// add rax, 0x64
// ret
x64 := []byte{
	0x31, 0xC0,
	0x48, 0x83, 0xC0, 0x64,
	0xC3,
}
shellcode := Combine(x86, x64)
fmt.Println(shellcode)

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Combine 

func Combine(x86, x64 []byte) []byte

Combine is used to combine x86 and x64 shellcode to one.

Types

This section is empty.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.