public inbox for isar-users@googlegroups.com
 help / color / mirror / Atom feed
* OT: A self-extracting executable tiny ELF32 payload
@ 2026-06-24  8:56 Roberto A. Foglietta
  2026-06-29 17:03 ` Roberto A. Foglietta
  0 siblings, 1 reply; 2+ messages in thread
From: Roberto A. Foglietta @ 2026-06-24  8:56 UTC (permalink / raw)
  To: isar-users

# uzpexec

https://github.com/robang74/gzcmd.sh/blob/main/README.md#uzpexec

> [!NOTE]
>
> Suggested file extension: **`.uzp`**

Utility for executing an ELF binary directly from stdin pipe:

- it runs binary via SSH/wget
- it runs gzip compressed binary
- it self-extract and execute

without writing it on the remote/local systems (memfd_create).

```sh
make clean tests
```

The [uzpexec](uzpexec.asm) (micro gzip pipe exec, written in
Assembler) replaces the previous `upexec` comparison which offers as
extra the integrated support for `gzip` inflate on the standard input
pipe. Pre-compiled v0.68 elf32 available
[here](https://github.com/robang74/working-in-progress/raw/refs/heads/main/uchaosys.qemu/uzpexec).

#### USAGE

-  `{ cat uzpexec; gzip -7c $elf; }    > $elf.uzp`
-  `cp uzpexec $elf.uzp; gzip -c $elf >> $elf.uzp`
-  `wget $url/$elf[.gz] -O- | uzpexec [args]`

It works as a single block 512-bytes self-inflating executable payload
replacing also `gzcmd.sh` with the sole requirement of `/bin/zcat`
available.

---

### Quick customisations

Quick customisations by `sed` and other stings-based editor is supported:

- `{ cat uzpexec | sed 's/zcat\x00/xzcat/'; xz -7c $elf; } > $elf.uxp`

Alternative to `zcat` are `xzcat` for XZ compression, or `lzcat` for LZMA.

The alternatives that are natively compatible with `-f -` are fully supported.

```
; =====================================================================
; COMPACT DATA SECTION (Appended to code)
; =====================================================================
copy_vers:  db "(c) 2026 robang74 l.MIT v0.68 git.new/ttRvFBu", 0
; filename can be changed by sed up to 7 chars + ending \0
; zcat -f is cat when input isn't gzip, options up to -6c\0
; /bin/zcat can be changed by sed up to 31 chars + ending \0
; - for example: /usr/local/bin/xzcat is 20 chars + ending \0
; eof_strng helps to find the EOF, and where \0 padding starts
filename:   db "uzpexec", 0
zcat_path:  db "/bin/zcat",  0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0
force_arg:  db "-f",  0,0, 0,0,0,0
dash_arg:   db "-", 0,0,0, 0,0,0,0
eof_strng:  db "elf_eof", 0

; =====================================================================
; PADDING: Aligned exactly to 512 bytes (as per skip request)
; =====================================================================
file_end:                       ; Physical end of the binary file!
times (512 - ($ - $$)) db 0     ; Padding to 512 bytes for skip=1
```

Since `zcat` is a shell script, it can be changed to pair the input
with the proper decompressing tool. While a tiny `xcat` binary in ASM
would be much faster in properly pairing the matches.

Best regards,
-- 
Roberto A. Foglietta
+49.176.274.75.661
+39.349.33.30.697

-- 
You received this message because you are subscribed to the Google Groups "isar-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/isar-users/CAJGKYO6ak7TT1OKcYHFmomJnRt_2ovEUfLENa5SOYPh0%2BNY6jg%40mail.gmail.com.

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: OT: A self-extracting executable tiny ELF32 payload
  2026-06-24  8:56 OT: A self-extracting executable tiny ELF32 payload Roberto A. Foglietta
@ 2026-06-29 17:03 ` Roberto A. Foglietta
  0 siblings, 0 replies; 2+ messages in thread
From: Roberto A. Foglietta @ 2026-06-29 17:03 UTC (permalink / raw)
  To: isar-users

On Wed, 24 Jun 2026 at 10:56, Roberto A. Foglietta
<roberto.foglietta@gmail.com> wrote:
>
> # uzpexec
>
> https://github.com/robang74/gzcmd.sh/blob/main/README.md#uzpexec

uzpexec (512B) release v0.87 includes uzpack standalone (3KB) to
convert almost every binary and scripts, in an easy way.

The uzpexec (micro gzip pipe exec, written in Assembler, 512 bytes of
payload equivalent to a single dd standard I/O block) offers native
support for gzip self-inflate self-execution, running in RAM also when
started by the STDIN pipe. Pre-compiled ELF32 (for all x86) available
in releases. Development happens in 'devel' branch.

~> https://github.com/robang74/uzpexec

Project name changed but it is the same repository.
No more uzpexec notifications will be sent to this m-list.
For information or being kept informed write me in.

Best regards,
-- 
Roberto A. Foglietta
+49.176.274.75.661
+39.349.33.30.697

-- 
You received this message because you are subscribed to the Google Groups "isar-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/isar-users/CAJGKYO7tufTuUONbACtMhtPw0kjK9GhO-%3DCXsh2uCkDCFH3Hyw%40mail.gmail.com.

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2026-06-29 17:04 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-06-24  8:56 OT: A self-extracting executable tiny ELF32 payload Roberto A. Foglietta
2026-06-29 17:03 ` Roberto A. Foglietta

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox