MFC in the static library

[wgetnz]

I found that the compiler does not use MFC in the static library, which may cause the computer without the library file to not work properly

[klezVirus]

Hi @wgetnz, thanks for reporting this. May I ask you to give me a reference link / example on how to force use of MCF?

[wgetnz]

Hello, I solved the problem by manually adding parameters some time ago, but I forgot which parameter, the following is the command line I used, I hope it can help you "C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\VC\Auxiliary\Build\vcvarsall.bat" x64 & "D:\git\inceptor\inceptor\obfuscators\native\llvm-clang\llvm-clang\clang-cl.exe" /permissive- /GS /GL /W0 /Gy /MT /Gm- /O2 /sdl /Zc:inline /Zc:wchar_t /fp:precise /DEBUG:NONE /O2 /D "_CONSOLE" /D "_UNICODE" /D "UNICODE" /errorReport:prompt /Zc:forScope /Gd /Oi /MT /EHsc /nologo /diagnostics:column -o "b2.exe" /D __CUDACC__ /D _ALLOW_COMPILER_AND_STL_VERSION_MISMATCH -mllvm -bcf -mllvm -bcf_prob=73 -mllvm -bcf_loop=1 -mllvm -sub -mllvm -sub_loop=5 -mllvm -fla -mllvm -split_num=5 -mllvm -aesSeed=54a9d195f220353856f50e9c95429efa -w "b2.cpp" /DYNAMICBASE "Urlmon.lib" "Advapi32.lib" "user32.lib" "SHELL32.LIB" "winspool.lib" "comdlg32.lib" "advapi32.lib" "shell32.lib" "ole32.lib" "oleaut32.lib" "uuid.lib" "odbc32.lib" "odbccp32.lib"

[pielgrzym]

@klezVirus You have to use /MT instead of /MD? https://github.com/klezVirus/inceptor/blob/42c313fd6a0edaf0d3750b9ef90d5683cb2e3db2/inceptor/compilers/ClCompiler.py#L63

[Parrishjm]

Using /MT instead of /MD was what I needed to stop my application from crashing. While inspecting it using procmon I found it always crashed right after attempting to import vcruntime140.dll. Though no error was ever shown

Installing vcruntime140.dll on the system did not resolve the issue, only statically linking it with /MT solved the issue.

I tested with multiple payloads, 1 a large 18MB Sliver.exe, 32 and 64 bit. In addition I also created a a very simple msfvenom windows/exec raw shellcode script. After creating with the /MT flag both no longer break at attempting to import vcruntime140.dll

Happy to provide additional information at request.

[klezVirus]

Closing this as /MT is now the default strategy for binary compilation. Feel free to reopen if necessary.