shelljmp v0.9c - x86 Win32 code execution host
copyright (C) bytepointer.com 2015
shelljmp.exe [options] [stackArg1 [stackArg2...]]
This utility hosts and runs (via the CALL instruction) position-independent
machine code loaded from a file to aid in binary analysis. For example,
functions or other code sequences may be run in isolation with or without
simulated stack arguments from the command line, conducive to a scripting
environment. Not only can this aid in testing, but also brute-force methods.
This program returns an ERRORLEVEL equal to the contents of the EAX register
upon code return.
-f <filename> - REQUIRED: input file containing the code to execute
-o <uint> - offset in input file to begin execution; default 0
-s - for code that actually returns, this option dumps all
data represented by argument pointers allowing you to
view how (and if) the data was modified.
-x - enable C-style backslash escapes for string args
-y - disable C-style backslash escapes for string args
-d - insert INT 3 (debug breakpoint) at start of code
-q - quiet mode; do not display informative messages
-? - this help page
NOTE: -x and -y arguments are positional in that they affect all stack
arguments that follow, not before. Default=DISABLE escapes.
Optional stack arguments (up to 16) may be specified directly on the
cmdline for use with code representing functions expecting stack arguments.
Arguments are pushed on stack in the order they appear prior to code
execution. Stack arguments containing spaces (such as strings) must be
surrounded in double quotes. Stack arguments have the format [<type>:]<data>.
If the optional type is omitted, the data is expected to be a numeric DWORD to
be passed directly on the stack. If a <type> is specified (not case sensitive),
it must be the following:
dwordptr:<uint> - pointer to initialized dword passed on stack
when zero, can be used to pass an empty string
string:<string> - ansi NULL terminated string allocated and ptr passed
widestring:<string> - same as string, but with double-byte string
binfile:<file> - file loaded into memory and pointer passed
fileptr:<offset> - pass pointer calculated as offset of code base
buffer:<size> - generic zero-initialized buffer of specific byte size
NOTE: any numeric arguments may be specified as hex or binary if prefixed
with 0x or 0b respectively. (e.g. 0x2BFF, 0b0010100101)