<-- /BYTE* / shelljmp command line help 
1
shelljmp command line help

shelljmp v0.9c - x86 Win32 code execution host
copyright (C) bytepointer.com 2015

syntax:
  shelljmp.exe [options] [stackArg1 [stackArg2...]]

This utility hosts and runs (via the CALL instruction) position-independent
machine code loaded from a file to aid in binary analysis. For example,
functions or other code sequences may be run in isolation with or without
simulated stack arguments from the command line, conducive to a scripting
environment. Not only can this aid in testing, but also brute-force methods.

This program returns an ERRORLEVEL equal to the contents of the EAX register
upon code return.

[options]
  -f <filename>  - REQUIRED: input file containing the code to execute
  -o <uint>      - offset in input file to begin execution; default 0
  -s             - for code that actually returns, this option dumps all
                   data represented by argument pointers allowing you to
                   view how (and if) the data was modified.
  -x             - enable C-style backslash escapes for string args
  -y             - disable C-style backslash escapes for string args
  -d             - insert INT 3 (debug breakpoint) at start of code
  -q             - quiet mode; do not display informative messages
  -?             - this help page

NOTE: -x and -y arguments are positional in that they affect all stack
      arguments that follow, not before. Default=DISABLE escapes.

[stack arguments]
Optional stack arguments (up to 16) may be specified directly on the
cmdline for use with code representing functions expecting stack arguments.
Arguments are pushed on stack in the order they appear prior to code
execution. Stack arguments containing spaces (such as strings) must be
surrounded in double quotes. Stack arguments have the format [<type>:]<data>.
If the optional type is omitted, the data is expected to be a numeric DWORD to
be passed directly on the stack. If a <type> is specified (not case sensitive),
it must be the following:

  dwordptr:<uint>     - pointer to initialized dword passed on stack
                        when zero, can be used to pass an empty string
  string:<string>     - ansi NULL terminated string allocated and ptr passed
  widestring:<string> - same as string, but with double-byte string
  binfile:<file>      - file loaded into memory and pointer passed
  fileptr:<offset>    - pass pointer calculated as offset of code base
  buffer:<size>       - generic zero-initialized buffer of specific byte size

NOTE: any numeric arguments may be specified as hex or binary if prefixed
      with 0x or 0b respectively. (e.g. 0x2BFF, 0b0010100101)
 1:1