Hello @bats3c this is a great tool! I've been using Darkarmour for a little while now on a malware evasion/defense project, and I've recently started seeing some odd behavior in the compilation process. Any insight you can provide is greatly appreciated.
The error stack is below with system and other configuration details.
Ubuntu: Linux NAME 5.14.0-1056-oem #63-Ubuntu SMP Fri Dec 16 14:32:59 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
src/jmp_loader/main.c:137:28: error: ‘key1’ undeclared (first use in this function); did you mean ‘key0’?
137 | decrypted_bytes[i] = key1 ^ image_crypt[i];
| ^~~~
| key0
src/jmp_loader/main.c:137:28: note: each undeclared identifier is reported only once for each function it appears in
src/jmp_loader/main.c:277:28: error: ‘key2’ undeclared (first use in this function); did you mean ‘key0’?
277 | decrypted_bytes[i] = key2 ^ image_crypt[i];
| ^~~~
| key0
Traceback (most recent call last):
File "darkarmour.py", line 116, in <module>
darkarmour.run(vars(ap.parse_args()))
File "darkarmour.py", line 96, in run
self._do_crypt()
File "darkarmour.py", line 90, in _do_crypt
self._do_jmp()
File "darkarmour.py", line 60, in _do_jmp
self.compile_binary.compile("src/jmp_loader/main.c", self.out_file)
File "/DATA/<>/github/darkarmour/lib/compile.py", line 15, in compile
subprocess.run(["x86_64-w64-mingw32-gcc", path, "-o", outfile, "-static"], check=True)
File "/DATA/<>/miniconda3/envs/rlkit1/lib/python3.6/subprocess.py", line 438, in run
output=stdout, stderr=stderr)
subprocess.CalledProcessError: Command '['x86_64-w64-mingw32-gcc', 'src/jmp_loader/main.c', '-o', '/DATA/<>/tools/xoutput/rlkit/build/rootkit/26ab95008cf635c1641456b4c75c4c605f08f56a2c677389c71b81664287859c', '-static']' returned non-zero exit status 1.```
Hello @bats3c this is a great tool! I've been using Darkarmour for a little while now on a malware evasion/defense project, and I've recently started seeing some odd behavior in the compilation process. Any insight you can provide is greatly appreciated.
The error stack is below with system and other configuration details.
Ubuntu:
Linux NAME 5.14.0-1056-oem #63-Ubuntu SMP Fri Dec 16 14:32:59 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
mingW:
x86_64-w64-mingw32-gcc (GCC) 10-win32 20220113
Darkarmour command:
python3 darkarmour.py -f {inPath}{self.fname} -e xor -b -j -o {BUILDPATH}{self.fname} -l 2
Python/Conda stuff: