search

klezVirus / inceptor

Template-Driven AV/EDR Evasion Framework
Other
1.6k stars 263 forks source link

No template found #43

Closed vysecurity closed 2 years ago

vysecurity commented 2 years ago

Describe the bug Keep getting no template found even after trying to bruteforce combinations to get it to work.

python inceptor.py native beacon64.raw -C llvm -m syscalls -o incepted.exe

To Reproduce

python inceptor.py native beacon64.raw -C llvm -m syscalls -o incepted.exe

[-] No template found with given criteria

Expected behavior Payload to be generated

vysecurity commented 2 years ago

Sorted it out.

vysecurity commented 2 years ago

Actually no. Not sure why the generated file doesn't find the PID when I used /P /P0 explorer.exe:

incepted.exe
[-] Missing PID... Finding...
[-] Process not found

It seems it needs to be generated with -P0 explorer and not explorer.exe