Pentesting Tools

Relocatable : A Tool For Position Independent Code

Relocatable is an innovative tool designed to simplify the creation of Position Independent Code (PIC) in C.

This tool enables developers to write C code that is directly compiled into raw shellcode, which can be loaded into any process without requiring external utilities like Donut or sRDI.

The result is lightweight, efficient shellcode with minimal overhead and straightforward functionality.

To use Relocatable, begin by cloning the repository and installing its dependencies, such as MinGW. The tool includes example code in ./src/main.c, which can be modified to fit specific needs. For instance, the provided example demonstrates how to display a message box.

Steps:

  1. Clone the repository.
  2. Install MinGW or other required dependencies.
  3. Edit the source code in ./src/main.c as needed.

The compilation process is straightforward. Use the make command to generate a binary file (relocatable.x64.bin). This binary can be loaded using any shellcode loader of your choice.

Additionally, you can convert the binary into a C code array using the xxd command:

xxd -i dst/relocatable.x64.bin

This conversion results in approximately 1000 bytes of output, ready for integration into other projects.

Once compiled, the binary file can be loaded into memory using any shellcode loading technique. The compact size and simplicity of the generated shellcode make it ideal for use in scenarios where efficiency and flexibility are critical.

The ability to execute at any memory address ensures compatibility across various environments.

Relocatable is an essential tool for developers aiming to write efficient Position Independent Code in C.

Its ease of use, minimal overhead, and adaptability make it a valuable addition to any development toolkit, particularly for those working on shellcode or memory-resilient applications.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Recent Posts

ROADTools: The Modern Azure AD Exploration Framework

ROADTools is a powerful framework designed for exploring and interacting with Microsoft Azure Active Directory…

1 day ago

How to Enumerate Microsoft 365 Groups Using PowerShell and Python

Microsoft 365 Groups (also known as M365 Groups or Unified Groups) are at the heart…

1 day ago

SeamlessPass: Using Kerberos Tickets to Access Microsoft 365

SeamlessPass is a specialized tool designed to leverage on-premises Active Directory Kerberos tickets to obtain…

2 days ago

PPLBlade: Advanced Memory Dumping and Obfuscation Tool

PPLBlade is a powerful Protected Process Dumper designed to capture memory from target processes, hide…

2 days ago

HikPwn : Simple Scanner For Hikvision Devices With Basic Vulnerability Scanning

HikPwn: Comprehensive Guide to Scanning Hikvision Devices for Vulnerabilities If you’re searching for an efficient…

3 days ago

Comments in Bash Scripts

What Are Bash Comments? Comments in Bash scripts, are notes in your code that the…

1 week ago