# go-shellcode2uuid `go-shellcode2uuid` is an offensive security utility that encodes arbitrary binary shellcode into UUID strings, generating C and Python stubs to decode and execute the shellcode at runtime. It supports Linux and Windows platforms, with optional single-byte XOR encoding for obfuscation. This is a golang implementation of the popular technique written in many other programming lanauges with multiple authors. > **WARNING**: This tool is intended for **authorized security assessments only**. Misuse may violate laws or regulations. The author disclaims any responsibility for unlawful use. Always obtain explicit permission before conducting any security tests. ## Features - **UUID encoding**: Converts raw shellcode bytes into UUID string literals for easy embedding. - **Multi-platform stubs**: Generates testing stubs for C (Linux and Windows), and Python. - **XOR or RC4 encryption**: Supports single-byte XOR or 16bit RC4 random key encryption/decryption for lightweight obfuscation. - **Automatic shellcode padding**: Pads shellcode to a multiple of 16 bytes to fit UUID size. ## Installation ### Prerequisites - **Go**: Version 1.21 or later. - **Make**: For building with the provided Makefile. - **Git**: To clone the repository. ### Steps - Clone the repository: ``` $ git clone https://cgit.heqnx.com/go-shellcode2uuid $ cd go-shellcode2uuid ``` - Install dependencies: ``` $ go mod tidy ``` - Build for all platforms: ``` $ make all ``` - Binaries will be generated in the build/ directory for Linux, Windows, and macOS; alternatively, build for a specific platform: ``` $ make linux-amd64 $ make windows-amd64 $ make darwin-arm64 ``` ## Usage ### Command-Line Flags ``` Usage of ./go-shellcode2uuid-linux-amd64: -file string path to binary shellcode file -rc4 enable rc4 encryption with 16bit random key -stub string stub language to output (c, cwin, py) -xor enable single-byte xor encoding with random key ``` ## Examples ### Generate a Windows C stub with XOR encoding enabled: ``` $ ./go-shellcode2uuid -file shellcode_win.bin -stub cwin -xor [inf] shellcode size (276 bytes) is not a multiple of 16, will pad with nullbytes [inf] using xor key: 0x1c e0549ff8-ecf4-dc1c-1c1c-5d4d5d4c4e4d 4a542dce-7954-974e-7c54-974e0454974e 3c54976e-4c54-13ab-5656-512dd5542ddc b0207d60-1e30-3c5d-ddd5-115d1dddfef1 4e5d4d54-974e-3c97-5e20-541dcc979c94 1c1c1c54-99dc-687b-541d-cc4c97540458 975c3c55-1dcc-ff4a-54e3-d55d97289454 1dca512d-d554-2ddc-b05d-ddd5115d1ddd 24fc69ed-501f-5038-1459-25cd69c44458 975c3855-1dcc-7a5d-9710-5458975c0055 1dcc5d97-1894-541d-cc5d-445d44424546 5d445d45-5d46-549f-f03c-5d4ee3fc445d 45465497-0ef5-4be3-e3e3-4154a61d1c1c 1c1c1c1c-1c54-9191-1d1d-1c1c5da62d97 739be3c9-a7fc-0136-165d-a6ba89a181e3 c9549fd8-3420-1a60-169c-e7fc6919a75b 0f6e7376-1c45-5d95-c6e3-c97f7d707f32 7964791c-1c1c-1c1c-1c1c-1c1c1c1c1c1c [inf] stub written to stub.c $ x86_64-w64-mingw32-gcc -o stub.exe stub.c -Wl,--nxcompat -Wl,--dynamicbase ``` ### Generate a Python stub with RC4 encoding: ``` $ ./go-shellcode2uuid-linux-amd64 -file shellcode_linux.bin -rc4 -stub py [inf] shellcode size (54 bytes) is not a multiple of 16, will pad with nullbytes [inf] using rc4 key: r24OlLLBQr6Ay8rL ef4cd858-172a-5494-d0f2-1aec40ea5813 00ccb780-888c-ea60-0353-85d24303e0a9 3627567b-6603-5074-4beb-a8c1b23c7211 c73d284b-b64d-d337-4ec5-3be297937f8f [inf] stub written to stub.py ``` - The tool prints the generated UUID strings to stdout and writes the stub source file (`stub.c` or `stub.py`). ## License This project is licensed under the GNU GENERAL PUBLIC LICENSE. See the [LICENSE](LICENSE) file for more details. ## Disclaimer `go-shellcode2uuid` is provided "as is" without warranties. The author and contributors are not responsible for any misuse or damages resulting from use. This tool is for educational and authorized security testing purposes only.