run_shellcode - Loads shellcode from disk into memory, and then executes the
                shellcode.

Introduction:
=============

I originally wrote this program to provide a "shell" (a.k.a. executable
environment) for debugging/analyzing shellcode.  Shellcode is typically intended
to be executed in the context of an already running program, and as such needs
an executable environment.  run_shellcode provides this environment.

How to use the tool:
====================

The first thing you'll have to do is compile the tool (or find a precompiled
binary.)  I compiled this successfully under VC6.0, although it wouldn't be
difficult to modify the program to compile with other compilers.

run_shellcode is configurable partly by command line, and mostly by a
configuration file.  The only two command line options supported by
run_shellcode are:
 -h : Displays the help
 [config file] : The name of the configuration file.

If you don't specify the configuration file at the command line, the default
configuration file run_shellcode.cfg is used.  This allows you to "set up" your
debugger once, and analyze new shellcode by just changing the config file.  The
down side is that you won't be able to save file-specific things such as
comments, what you tell the debugger about the file, etc.  If you need this,
take a look at make_loader (or shellcode2exe).


Configuration file options:
===========================

Configuration options are a single word at the begining of a line, with a
variable number of arguments.  The specific option determines how many arguments
it has.  Empty lines and unknown options are skipped.  The options currently
supported are:

skip [bytes]: Skip over the specified number of bytes in the file that holds the
shellcode.  This is useful if the shellcode is not at the begining of a file
(think WireShark "Follow TCP Stream" with a "Save")

shellcode_file [file]: The name of the file to read the shellcode from.

int_3 [true|false]: Specifies whether or not to execute an int 3 instruction
right before transferring control of execution to the shellcode.  On a majority
of systems, executing an int 3 will trap to the debugger (in essence pause
right before executing the shellcode).


Licensing:
==========

GPL v2


Bugs/Fixes/Suggestions:
=======================

If you find a bug, have a fix, a patch, or a suggestion, feel free to email
me.  Make sure to mention run_shellcode in the subject line.
