what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

crip.c

crip.c
Posted Oct 22, 2002
Authored by PoWeR PoRK | Site netric.org

Crip.c is a utility for ripping out a c-declaration of binary data (like shellcode) and converting it to binary.

tags | shellcode
SHA-256 | a63c9f4d2960f672e07b9bbd29d3d87d4a43463fb6e89cd83c72d12adb1619b0

crip.c

Change Mirror Download
/*
* [crip.c - written by PoWeR_PoRK of netric (http://www.netric.org)]
*
* Another utility to use for shellcode creation. Works a bit like
* cdump but instead of converting to c-declaration this rips the
* declaration from a c-source and converts it back to binary.
* This might be handy for re-encoding or reverse enginering
* third party shellcode.
*
*/


#include <stdio.h>
#include <math.h>
#define CH_OK -1
#define CH_BAD 1
#define STR_NOT_FOUND 0xFFFFFFFF
#define CHAR_FSLASH 0x2F // "\"
#define CHAR_BSLASH 0x5C
#define CHAR_STAR 0x2A
#define CHAR_SO 0x22

void * getstdin(unsigned long * cc);
unsigned char h2c(char * hchars);
unsigned int findstring(char * buffer, char * key, int start);

int main(int argc, char **argv[])
{
unsigned long stdinsize;
unsigned int cbuf=0, c=0, c2=0, oldc=0, tmpfstr=0;
char hexb[2];

char usage[]=
"Usage: crip [<char[] identifier>]\n"
"pipe driven utility for ripping a c declaration of a char array\n"
"in hex notation, converting it to binary and write it back to stdout.\n"
"\n"
"<char[] identifier> The name of the identifier associated with\n"
" the char array that has to be ripped.\n"
"\n"
"Example: cat exploit.c | crip shellcode[] | swipher -c 00 | cdump\n"
"This will rip shellcode[] from exploit, pipe the binary from it to\n"
"swipher and this will remove any 0-bytes in the shellcode before\n"
"feeding it to cdump making it into a c-declaration once again.\n"
"\n"
"[crip was written by PoWeR_PoRK of netric]\n"
" contact: powerpork@zonnet.nl || powerpork@netric.org\n"
" site: http://www.netric.org\n";

if(strlen((char *)&argv[1])==0){
printf("%s", &usage);
exit(0);
}

(void *)cbuf = getstdin(&stdinsize);
((char*)cbuf)[stdinsize]=0;
tmpfstr=findstring(((char*)cbuf), (char*)argv[1], 0);

if(tmpfstr==STR_NOT_FOUND){
printf("error: name of buffer not found\n");
exit(0);
}

tmpfstr=findstring(((char*)cbuf), "\"", tmpfstr);
tmpfstr++;
c2=findstring((char*)cbuf, ";", tmpfstr);

for(c=tmpfstr;c<c2;c++){
switch(((char*)cbuf)[c])
{
case CHAR_FSLASH:
if(((char*)cbuf)[c+1]==CHAR_FSLASH){
while(((char*)cbuf)[c]!=0xA){c++;}
}else if(((char*)cbuf)[c+1]==CHAR_STAR){
while(!( ( ((char*)cbuf)[c] == CHAR_STAR ) && ( ((char*)cbuf)[c+1] == CHAR_FSLASH ) )){c++;}
c++;
}
break;

case CHAR_SO:
c++;
while(((char*)cbuf)[c]!=CHAR_SO){c++;}
break;

case CHAR_BSLASH:
hexb[0]=((char*)cbuf)[c+2];
hexb[1]=((char*)cbuf)[c+3];
printf("%c", h2c((char*)&hexb));
c=c+3;
break;
}
}
tmpfstr=findstring(((char*)cbuf), "\"", tmpfstr);
return 0;
}

void * getstdin(unsigned long * cc)
{
int pbuf=0, fs=0;
*cc = 0;

(void *)pbuf = malloc(2048);

while(feof(stdin)==0){
fs = fread((void *)(pbuf+*cc), 1, 1024, stdin);
(void *)(pbuf) = realloc(pbuf, (*cc+2048));
*cc = *cc+fs;
}

return (void *)pbuf;
}

unsigned char h2c(char * hchars)
{
unsigned char conv=0;
int c=0;
for(c=0;c<2;c++){
if (47<hchars[1-c] && hchars[1-c]<58){
conv = conv + ((hchars[1-c]-48)*(pow(16,c)));
}else if(96<hchars[1-c] && hchars[1-c]<103){
conv = conv + ((hchars[1-c]-87)*(pow(16,c)));
}else if(64<hchars[1-c] && hchars[1-c]<71){
conv = conv + ((hchars[1-c]-55)*(pow(16,c)));
}else{
return 0;
}
}
return conv;
}

unsigned int findstring(char * buffer, char * key, int start)
{
int indexcounter=0;

for(indexcounter=start;(indexcounter)<(strlen(buffer));indexcounter++){
if(strncmp((((char*)buffer)+indexcounter), key, strlen(key))==0){
return indexcounter;
}
}

return STR_NOT_FOUND;
}
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close