MLE(1)                      General Commands Manual                     MLE(1)

NAME
       mle - target-agnostic machine language encoder

SYNOPSIS
       mle < INPUT > OUTPUT
       mle [-o OUTPUT] [-m MAP] [INPUT]

DESCRIPTION
       mle  is  a standalone shell script that encodes machine language from a
       text-based source format into raw data. It operates as  a  generic  en‐
       coder  supporting  hexadecimal  byte literals, labels, and macros. This
       makes mle suitable for generating shellcode, flat binaries,  or  custom
       object formats.

       The  encoder  processes  input in two passes: the first pass calculates
       label offsets and records definitions, while the second  pass  performs
       the final binary output.

OPTIONS
       -o OUTPUT
              Write  the  generated  binary  to  the specified OUTPUT file. If
              omitted, output is written to standard output.

       -m MAP
              Dump a plain-text map of offset/label pairs to the specified MAP
              file.  Refer  to  shelf(1)  for information about how to use the
              symbol map to generate a symbol table in an ELF relocatable  ob‐
              ject which can be fed to gdb's add-symbol-file command.

       -h
              Display usage information.

SYNTAX
       The mle source format consists of whitespace-separated tokens.

       Hexadecimal Literals
              Two-character  hexadecimal strings, such as any value from 00 to
              ff, are encoded directly as bytes.

       Offset Labels
              Tokens ending with a colon, such as Start:, are treated  as  la‐
              bels. They assign the current byte offset to the specified label
              within an internal symbol map. Labels may feature letters,  num‐
              bers and some punctuation.

       Macro Expansion
              Tokens  enclosed in brackets, like [ macro u64 u64le '$@' ], are
              interpreted  to  execute  internal  functions  or   user-defined
              macros.

       Commentary
              # turns the rest of the line into a comment.
              ; does the same.

BUILT-IN MACROS
       The following macros are available within the interpreter context:

       align POWER-OF-2
              Aligns  the  current write offset to the next multiple of POWER-
              OF-2. If the current offset is already  aligned,  no  action  is
              taken. Otherwise, the interpreter pads the output with NUL bytes
              (00) until the boundary is reached.

       u8 VALUE ...
              Encodes one or more values as 8-bit unsigned integers.

       u16le | u16be VALUE ...
              Encodes values as 16-bit integers in little-endian (le) or  big-
              endian (be) format.

       u32le | u32be VALUE ...
              Encodes  values as 32-bit integers in little-endian (le) or big-
              endian (be) format.

       u64le | u64be VALUE ...
              Encodes values as 64-bit integers in little-endian (le) or  big-
              endian (be) format.

       offset LABEL [DISPLACEMENT]
              Calculates the offset from the current write offset to LABEL. If
              DISPLACEMENT is provided, it is subtracted from  the  calculated
              offset.

       resolve LABEL
              Outputs the calculated offset of a previously defined LABEL.

       define NAME VALUE
              Sets an internal variable NAME to VALUE.

       macro NAME BODY
              Defines a new macro NAME.

       . FILE
              Uses  the  shell's . built-in (also known as source) to incorpo‐
              rate the contents of FILE into the current environment.  Consult
              the  manual page associated with your system's implementation of
              /bin/sh for further information.

FILES
       /usr/local/share/mle/
              Default search path for external  macro  definitions,  unless  a
              custom PREFIX is declared during installation.

EXAMPLE
       Generate  a simple mli-amd64 executable that prints the current working
       directory.

       $ cd /tmp
       $ cat > pwd.src << EOF
       Magic:
               90

       Start:
               # getcwd(directory, 2048);
               54 5f                             # mov rsp rdi
               66 be 00 08                       # mov 2048 si
               6a 4f 58                          # mov SYS_GETCWD rax
               0f 05                             # syscall

               # Replace the NUL terminator with LF.
               c6 44 07 ff 0a                    # mov '\n' (rdi + rax - 1)

               # write(STDOUT_FILENO, directory, strlen(directory));
               92                                # xchg eax edx
               57 5e                             # mov rdi rsi
               6a 01 5f                          # mov STDOUT_FILENO rdi
               57 58                             # mov SYS_WRITE rax
               0f 05                             # syscall

               # exit(EXIT_SUCCESS);
               31 ff                             # mov EXIT_SUCCESS rdi
               b0 3c                             # mov SYS_EXIT rax
               0f 05                             # syscall
       EOF

       $ mle -o pwd pwd.src
       $ chmod 755 pwd

       $ ls -al pwd
       -rwxr-xr-x 1 user user 33 Dec 31 02:01 pwd

       $ ./pwd
       /tmp

SEE ALSO
       mli(1), shelf(1), sh(1)

AUTHOR
       Justin Swartz <justin.swartz@risingedge.co.za>

MLE                              January 2026                           MLE(1)