radare2/man/ragg2-cc.1

87 lines
1.9 KiB
Groff
Raw Normal View History

2014-09-30 09:01:45 +00:00
.Dd Sep 30, 2014
.Dt RAGG2-CC 1
2014-09-30 09:37:26 +00:00
.Sh NAME
.Nm ragg2-cc
2014-09-30 09:37:26 +00:00
.Nd CC frontend for compiling shellcodes
.Sh SYNOPSIS
.Nm ragg2-cc
.Op Fl a Ar arch
.Op Fl b Ar bits
.Op Fl k Ar kernel
.Op Fl o Ar file
.Op Fl dscxvh
.Sh DESCRIPTION
ragg2-cc is a frontend of CC. It is used to creates tiny binaries (1KB) or shellcodes in binary or hexpairs from a C source.
.Pp
The compiler used is the one configured by the CC environment. This has been tested with gcc, llvm-gcc and clang.
.Pp
Uses sflib (shellforge4) includes to get the syscall definitions.
.Pp
Only linux/darwin x86-32/64 is supported at the moment. Planned support for more architectures.
.Sh OPTIONS
.Pp
.Bl -tag -width Fl
.It Fl a Ar arch
set architecture x86, arm
.It Fl b Ar bits
32 or 64
.It Fl k Ar kernel
windows, linux or osx
.It Fl o Ar file
output file to write result of compilation
.It Fl h
show help message
.It Fl v
show version
.It Fl d
show assembler code
.It Fl s
generate assembly file
.It Fl c
generate compiled shellcode
.It Fl x
show hexpair bytes
.El
.Sh EXAMPLE
.Pp
$ cat hi.c
int main() {
write (1, "Hello World\\n", 12);
exit (0);
}
.Pp
$ ragg2-cc hi.c
hi.c.bin
.Pp
# Linked into a tiny binary. This is 294 bytes
$ wc \-c < hi.c.bin
294
.Pp
$ ./hi.c.bin
Hello World
.Pp
# The compiled shellcode has zeroes
$ ragg2-cc \-x hi.c
e90000000083ec0ce800000000588d882a000000b804000000606a0651
6a0150cd8083c41061b8010000006a0050cd8083c40883c40cc368656c
6c6f0a00
.Pp
# Use a xor encoder with key 32 to bypass
$ ragg2 \-e xor \-c key=32 \-B `ragg2-cc \-x hi.c`
6a3e596a205be8ffffffffc15e4883c60d301e48ffc6e2f9c920202020
a3cc2cc82020202078ada80a2020209824202020404a26714a2170eda0
a3e4304198212020204a2070eda0a3e428a3e42ce348454c4c4f2a20
.Sh SEE ALSO
.Pp
.Xr radare2(1) ,
.Xr rahash2(1) ,
.Xr rafind2(1) ,
.Xr rabin2(1) ,
.Xr rafind2(1) ,
.Xr radiff2(1) ,
.Xr rasm2(1) ,
.Xr ragg2cc(1) ,
.Sh AUTHORS
.Pp
pancake <pancake@nopcode.org>