Compile error - Githubissues

hasherezade / pe_to_shellcode

Converts PE into a shellcode

https://www.youtube.com/watch?v=WQCiM0X11TA

BSD 2-Clause "Simplified" License

2.27k stars 423 forks source link

Compile error #11

Closed anasorova closed 10 months ago

anasorova commented 3 years ago

I have a problem to compile in Linux (Fodora)

pe_to_shellcode/libpeconv/libpeconv/include/peconv/pe_hdrs_helper.h:8:10: fatal error: Windows.h: No such file or directory 8 | #include <Windows.h> | ^~~~~~~~~~~

I tried to set a an C=i686-w64-mingw32-gcc

But I keep getting this error. What is correct way to set my env?

hasherezade commented 3 years ago

can you check if it works if you change Windows.h to windows.h? sometimes just the different case is the problem...

anasorova commented 3 years ago

Now it's saying the same about windows.h if I use make

hasherezade commented 3 years ago

ok, I will check it in details soon. it was tested only with Visual Studio.

anasorova commented 3 years ago

It compiles perfectly in VS. Thank you!

anasorova commented 3 years ago

I have a probem, tho with the app itself. I convert to shellcode with [+] Saved to file: bla.sch.exe, but when I run it with runshc.exe it does not work and I don't see any crash errors.

When I use my loader to run this shellcode (also compiled with x86 compiler) I'm getting this error:

Problem signature
Problem Event Name:     APPCRASH
Application Name:       peshellcoderun.exe
Application Version:    0.0.0.0
Application Timestamp:  5f85d4fe
Fault Module Name:      msvcrt.dll
Fault Module Version:   7.0.19041.1
Fault Module Timestamp: 4c1230ad
Exception Code: c0000005
Exception Offset:       00088d4a
OS Version:     10.0.19041.2.0.0.256.48
Locale ID:      1033
Additional Information 1:       2beb
Additional Information 2:       2beba6fb4680d73a8c78ca7c24ccdb46
Additional Information 3:       ab31
Additional Information 4:       ab31236752fcb0c711def892810629b8

Any ideas?

hasherezade commented 3 years ago

not all the executables are convertable. can you share the binary that you was trying to convert? I will check it... if you don't want to share it publicly, you can send to my email: hasherezade@pm.me

anasorova commented 3 years ago

I just tried on Win7 and the peshellcoderun.exe worked fine... Should be something related to Win10 I will send you more details, asap. Both OS were 64bit.

hasherezade commented 3 years ago

Thank you! if if worked on older system, I suspect it may be about missing compatibility shims for some of the imports. when a PE is converted to shellcode, import table is loaded as is, and no compatibility shims are applied. if they are needed but missing, the application may crash. I am not sure if this was what happened in your case, but this is my theory by looking at the symptoms. unfortunately this problem cannot be easily solved...