-
Notifications
You must be signed in to change notification settings - Fork 1
/
index.html
115 lines (114 loc) · 4.53 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
<html>
<head>
<script src="static/keystone.min.js"></script>
<script src="static/wasm_exec.js"></script>
<link rel="stylesheet" href="https://cdn.simplecss.org/simple.min.css">
<script>
const go = new Go();
WebAssembly.instantiateStreaming(fetch("static/sgn.wasm"), go.importObject).then((result) => {
go.run(result.instance);
document.getElementById('runButton').textContent = 'Run';
document.getElementById("runButton").disabled = false;
});
</script>
</head>
<body>
<h1>SGN (Metasploit's Shikata ga nai encoder)</h1>
<br/>
<b>generate origin shellcode example: "msfvenom -p windows/x64/exec CMD=calc.exe -f hex"</b>
<br/>
<b>repo: <a href="https://github.com/akkuman/sgn-html">github.com/akkuman/sgn-html</a></b>
<br/>
<b>blog: <a href="https://hacktech.cn">Akkuman's Blog</a></b>
<br/>
<br/>
<span>Binary architecture (32/64): </span>
<select id="arch" name="arch">
<option value=64>x64</option>
<option value=32>x86</option>
</select>
<br/>
<br/>
<span>Number of times to encode the binary (increases overall size): </span>
<input id="encCount" type="number" value=1 />
<br/>
<br/>
<span>Maximum number of bytes for obfuscation: </span>
<input id="obsLevel" type="number" value=20 />
<br/>
<br/>
<span>Do not encode the decoder stub: </span>
<select id="encDecoder" name="encDecoder">
<option value=true>true</option>
<option value=false selected="selected">false</option>
</select>
<br/>
<br/>
<span>Generates a full ASCI printable payload (takes very long time to bruteforce): </span>
<select id="asciPayload" name="asciPayload">
<option value=true>true</option>
<option value=false selected="selected">false</option>
</select>
<br/>
<br/>
<span>Do not modify any register values: </span>
<select id="saveRegisters" name="saveRegisters">
<option value=true>true</option>
<option value=false selected="selected">false</option>
</select>
<br/>
<br/>
<span>Don't use specified bad characters given in hex format (\x00\x01\x02...): </span>
<input id="badChars" type="text" />
<br/>
<br/>
<span>shellcode: </span>
<input id="shellcode" type="text" />
<br/>
<br/>
<button id="runButton" onclick="runSgn()" disabled>Loading...</button>
<br/>
<br/>
<textarea id="encShellcode" name="textarea" rows="12" cols="100"></textarea>
<script>
function getArch() {
let e=document.getElementById("arch");
let index=e.selectedIndex;
return parseInt(e.options[index].value);
}
function getEncCount() {
return parseInt(document.getElementById('encCount').value);
}
function getObsLevel() {
return parseInt(document.getElementById('obsLevel').value);
}
function getIsEncDecoder() {
let e=document.getElementById("encDecoder");
let index=e.selectedIndex;
return e.options[index].value==='true';
}
function getIsAsciPayload() {
let e=document.getElementById("asciPayload");
let index=e.selectedIndex;
return e.options[index].value==='true';
}
function getIsSaveRegisters() {
let e=document.getElementById("saveRegisters");
let index=e.selectedIndex;
return e.options[index].value==='true';
}
function getBadChars() {
return document.getElementById('badChars').value.trim();
}
function getShellcode() {
return document.getElementById('shellcode').value.trim();
}
function runSgn() {
let result = sgnFunc(getArch(), getEncCount(), getObsLevel(), getIsEncDecoder(), getIsAsciPayload(), getIsSaveRegisters(), getBadChars(), getShellcode());
let data = result['result'];
let err = result['err'];
document.getElementById('encShellcode').value = data;
}
</script>
</body>
</html>