icyguider
commented
2 years ago Hi @Fankaren. While I'm not too familiar with that particular flag, I assume you are trying to get the ollvm compiled pe stub to run without the console, correct? To try and replicate your issue, I modified line 1221 of the mimcrypt.nim source code, changing "--app=console" to "--app=gui". I then recompiled Nimcrypt2 and ran the following command with a x64 Cobalt Strike beacon exe:
./nimcrypt -f beacon.exe -t pe -lThe output of this command showed me the same warning from wclang that you received, however it didn't seem to make any difference in regards to the output binary working as expected. I checked the output file using the "file" command and that confirmed to me that it was a x64 exe, not x86. I then copied it over to a windows system, confirmed that it was the ollvm compiled exe based on it's size, and executed it successfully with no console output. See the below screenshot:
I know you are having other issues/errors so maybe this one is related? If you did something different than I did above, feel free to add more details and maybe I'll be able to replicate then. Otherwise, I'm not too sure what's going on. I definitely appreciate you trying out the tool and letting me know of your issues though. I'm hoping at some point we'll be able to figure out what's going on to help make it better!
@Simon-Davies to give you a quick answer, I used the llvm-5.0 branch. Compiling it took me multiple tries as I had to run the make command more than a few times for it to reach 100% build status. I did see the issue you opened and if you still need the step-by-step commands I used for Kali I will try to provide them at some point in the future. It will probably take at least a few days unfortunately as I'm a bit busy, but with a little perseverance I'm sure you can figure it out before then. Good luck!
Simon-Davies
Fankaren
Hi! Could you please tell me how to implement "-mwindows" for wclang? I wanna get x64 executable file instead of x86.
Thanks.