NAME¶

ragg2-cc — CC frontend for compiling shellcodes

SYNOPSIS¶

DESCRIPTION¶

ragg2-cc is a frontend of CC. It is used to creates tiny binaries (1KB) or shellcodes in binary or hexpairs from a C source.

The compiler used is the one configured by the CC environment. This has been tested with gcc, llvm-gcc and clang.

Uses sflib (shellforge4) includes to get the syscall definitions.

Only linux/darwin x86-32/64 is supported at the moment. Planned support for more architectures.

OPTIONS¶

-a arch

set architecture x86, arm

-b bits

32 or 64

-k kernel

windows, linux or osx

-o file

output file to write result of compilation

-h

show help message

-v

show version

-d

show assembler code

-s

generate assembly file

-c

generate compiled shellcode

-x

show hexpair bytes

EXAMPLE¶

$ cat hi.c
int main() {
write (1, "Hello World\n", 12);
exit (0);
}

$ ragg2-cc hi.c
hi.c.bin

# Linked into a tiny binary. This is 294 bytes
$ wc -c < hi.c.bin
294

$ ./hi.c.bin
Hello World

# The compiled shellcode has zeroes
$ ragg2-cc -x hi.c
e90000000083ec0ce800000000588d882a000000b804000000606a0651
6a0150cd8083c41061b8010000006a0050cd8083c40883c40cc368656c
6c6f0a00

# Use a xor encoder with key 32 to bypass
$ ragg2 -e xor -c key=32 -B `ragg2-cc -x hi.c`
6a3e596a205be8ffffffffc15e4883c60d301e48ffc6e2f9c920202020
a3cc2cc82020202078ada80a2020209824202020404a26714a2170eda0
a3e4304198212020204a2070eda0a3e428a3e42ce348454c4c4f2a20

SEE ALSO¶

radare2(1), rahash2(1), rafind2(1), rabin2(1), rafind2(1), radiff2(1), rasm2(1), ragg2cc(1),

AUTHORS¶

pancake <pancake@nopcode.org>