keystone使用

First Post:

Last Update:

编译x86的shellcode

py代码:

1
2
3
4
5
6
7
8
import keystone

shellcode = 'jmp 0x15'

ks = keystone.Ks(keystone.KS_ARCH_X86,keystone.KS_MODE_32)
encoding,count = ks.asm(shellcode)
for i in encoding:
print(hex(i))

简单理解:

Ks函数,加载一个反汇编引擎

asm函数,将一段shellcode转化为二进制