Unpacking shikata-ga-nai by scripting radare2

During latest hacklu’s radare workshop, one part was dedicated to how to generically unpack shikata-ga-nai. This blogpost is a simple transposition of the slides into a blogpost. Disclaimer: almost everything here is stolen based on ideas from NighterMan. First, was is Shitkata-ga-nai? It’s a polymorphic shellcode encoder implemented into metasploit: msf > info encoder/x86/shikata_ga_nai > out.txt Name: Polymorphic XOR Additive Feedback Encoder Module: encoder/x86/shikata_ga_nai Platform: All Arch: x86 Rank: Excellent Provided by: spoonm <[email protected]$email.