updates code segment name, allows for custom PE file naming

jstrosch · Mar 12, 2024 · 13697e6 · 13697e6
1 parent 50524d2
commit 13697e6
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 6 deletions.
diff --git a/pe_file.h b/pe_file.h
@@ -16,7 +16,7 @@ int round_up(int val) {
     return val;
 }
 
-void create_pe(char * sc_inject, int shellcode_size, int entry_point, bool is_64) {
+void create_pe(char * sc_inject, int shellcode_size, int entry_point, bool is_64, char*output_name) {
     unsigned int tmp_offset = 0, section_padding = 0;
     char* padding_buffer = NULL;
     FILE*fp = NULL, *pe = NULL;
@@ -56,7 +56,7 @@ void create_pe(char * sc_inject, int shellcode_size, int entry_point, bool is_64
     };
 
     struct _IMAGE_DOS_STUB ids = {0};
-    memmove(&ids.data, "Brought to you by sclauncher.exe",33);
+    memmove(&ids.data, "Brought to you by sclauncher.exe and still can't be run in DOS_MODE.",67);
 
     struct _IMAGE_FILE_HEADER ifh = {
         0x14C,
@@ -148,7 +148,7 @@ void create_pe(char * sc_inject, int shellcode_size, int entry_point, bool is_64
     };
 
     struct _IMAGE_SECTION_HEADER ish = {
-        ".josh",
+        ".text",
         0,
         0x1000,
         0,
@@ -204,7 +204,10 @@ void create_pe(char * sc_inject, int shellcode_size, int entry_point, bool is_64
     //create array for padding bytes
     padding_buffer = (char*)calloc(section_padding,1);
 
-    if (is_64) {
+    if(strlen(output_name) > 0) {
+        pe = fopen(output_name, "wb");
+        printf("[PE] Done building PE file...created file %s\n", output_name);
+    } else if (is_64) {
         pe = fopen("sc_output_x64.exe", "wb");
         printf("[PE] Done building PE file...created file sc_output_x64.exe\n");
     } else {

diff --git a/sclauncher.c b/sclauncher.c
@@ -14,6 +14,7 @@ int main(int argc, char **argv) {
 	bool pause = false;
 	bool is_64 = false;
 	char sc_path[100] = {0};
+	char output_name[100] = {0};
 	FILE*fp = NULL;
 
 	void*stage = NULL;
@@ -55,6 +56,9 @@ int main(int argc, char **argv) {
 		} else if(!strncmp(argv[arg_count],"-pause",6)) {
 			pause = true;
 			puts("[*] Pausing before executing shellcode");
+		} else if(!strncmp(argv[arg_count],"-o",2)) {
+			command_arg = validate_argument(argv[arg_count]);
+			strncpy(output_name, command_arg, strlen(command_arg));
 		}
 	}
 	puts("");
@@ -83,7 +87,7 @@ int main(int argc, char **argv) {
 				puts("[PE] Producing PE file from shellcode found in a file, then exiting.");
 				sc_stage = (char*)malloc(shellcode_size);
 				fread((char*)sc_stage, sizeof(char), shellcode_size, fp);
-				create_pe(sc_stage,shellcode_size, entry_point, is_64);
+				create_pe(sc_stage,shellcode_size, entry_point, is_64, output_name);
 				free(sc_stage);
 			} else {
 				stage = VirtualAlloc(0, shellcode_size + 1, 0x1000,0x40 );

diff --git a/utils.h b/utils.h
@@ -1,6 +1,6 @@
 #include <math.h>
 
-const char* _version = "0.0.3";
+const char* _version = "0.0.5";
 const char* _banner = 
 "  __________________ .____                               .__                  \n"
 " /   _____/\\_   ___ \\|    |   _____   __ __  ____   ____ |  |__   ___________ \n"
@@ -17,6 +17,7 @@ void usage(void) {
 	puts("\t-ep: adjust entry point offset in bytes based on zero-index. Value can be base 10 or hex (prefix with 0x)");
 	puts("\t-pe: creates an executable version of the shellcode in a PE file");
 	puts("\t-64: PE file creation only, creates a 64-bit PE file - assumes 64-bit shellcode");
+    puts("\t-o: When producing a PE file, defines output file name");
     puts("\t-pause: Pause before execution, allowing time to attach a debugger");
 }