[Full-Disclosure] HOON: at&t-2-shellcode

[ned <nd@felinemenace.org>]

Hi,
This is the first release of HOON, a python shellcode creator. Thing is, 
it does not just creat shellcode, it parses at&t syntax assembler and 
creates the shellcode from that.

HOON is basically a product of not having a decent PUBLIC shellcode 
creator and it works pretty good too. Some things to note though, it does 
not have a huge instruction/opcode database and this will be fixed in 
future releases. It also does not handle jump/call's very well or 
addressing (movl (%eax),%esi for example) these are minor issues. Most 
definately have a look at the tokening system - if someone can port this 
to intel syntax it'd be great.

to add more entries, goto the init (not __init__) method and use 
self.addreg (ignore the name ;)) with the instruction/format of 
instruction/opcode. opcode will need a base (commonly \xc0) if it's all 
register instruction.

single instruction:
self.addreg("int3",self.format["single"],"\xcc")
instruction with format instruction reg,reg
self.addreg("movl",self.format["insregreg"],"\xc7\xc0")

there will be bugs im sure, so please, add an ins/opc pair and send them 
in, the more i get the more extensive it will become. any logic bugs, 
please fix, some of the algorithms used are quite odd so have a look.

any patches, additions, questions, thankyou's or chocolate thickshakes, 
email me at nd@felinemenace.org. HOON.zip is attached but you can download 
it from:
http://felinemenace.org/~nd/HOON.tar.bz2
http://felinemenace.org/~nd/HOON.zip.bz2

note; it will be broken on unix. python (not activepython) doesn't like 
values with it's strips() so change that will a replace(self.null,"")

thats enough!
- nd

----
http://felinemenace.org/~nd

HOON.zip