metasm
Metasm is a cross-architecture assembler, disassembler, linker, and debugger. It is written in such a way that it is easy to add support for new architectures. For now, the following architectures are in:
  • Intel Ia32.txt (16 and 32bits)
  • Intel X86_64.txt (aka Ia32 64bits, X64, AMD64)
  • MIPS
  • PowerPC
  • Sh4
Supports low and high-level debugging support (Ia32 only for now) under Windows, Linux and remote (via a gdbserver). Metasm is included in Metasploit by default.
  • Install Metasm gem
    1
    gem install metasm
    Copied!
    More about installation here.

Converting Assembly to Op-code - metasm-shell.rb

You can find metasm-shell in ruby gems default path after installation. In my case, it's located in /var/lib/gems/2.1.0/gems/metasm-1.0.2/samples
  • Run it
1
ruby metasm-shell.rb
2
type "exit" or "quit" to quit
3
use ";" for newline
4
5
asm>
Copied!
as you can see you are now in the shell's prompt
  • Find assembly op-code
1
asm> nop nop
2
"\x90\x90"
3
asm> call [eax]
4
"\xff\x10"
5
asm> push esp
6
"\x54"
7
asm> pop eax
8
"\x58"
Copied!
Note: it is possible to do exactly the same thing with a metasploit embedded tool: nasm_shell.
1
$ /opt/metasploit/tools/exploit/nasm_shell.rb
2
nasm > jmp esp
3
00000000 FFE4 jmp esp
Copied!
Last modified 2yr ago