Skip to main content

ShellcodeBuilder

specter::memory::allocation::shellcode

Struct ShellcodeBuilder 

Source 
pub struct ShellcodeBuilder { /* private fields */ }
Expand description

Builder for configuring and loading shellcode

Implementations§

Source§

impl ShellcodeBuilder

Source

pub fn new(shellcode: &[u8]) -> Self

Creates a new shellcode builder from raw bytes

§Arguments
  • shellcode - The raw machine code bytes
Source

pub fn from_instructions(instructions: &[u32]) -> Self

Creates a shellcode builder from ARM64 instructions (u32 array)

§Arguments
  • instructions - Slice of 32-bit ARM64 instructions
Source

pub fn with_symbol(self, offset: usize, symbol_name: &str) -> Self

Adds a symbol relocation for dynamic linking

The loader will resolve the symbol address and write it at the specified offset.

§Arguments
  • offset - Byte offset in the shellcode
  • symbol_name - Name of the symbol to resolve
Source

pub fn no_auto_free(self) -> Self

Disables automatic cleanup (shellcode won’t be freed on drop)

Use this if you want the shellcode to persist for the lifetime of the process.

Source

pub fn near_address(self, target: usize) -> Self

Tries to load shellcode near a specific address (within branch range)

Use this if your shellcode contains relative branches to nearby code.

Source

pub fn load(self) -> Result<LoadedShellcode, LoaderError>

Loads the shellcode into memory with all configured options

This will:

  1. Allocate a code cave (optionally near a target)
  2. Resolve and apply symbol relocations
  3. Write the code to memory
  4. Flush the instruction cache
§Returns
  • Result<LoadedShellcode, LoaderError> - The loaded shellcode handle or an error

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.