Closed seeblog closed 2 years ago
It seems to be a coding problem
To Reproduce python3 inceptor.py native 1.raw -o packed.exe -m syscalls -m dinvoke -P
Complete! Files written to: E:\bypassAV\inceptor\inceptor\temp\tmp5h9qny5e.h E:\bypassAV\inceptor\inceptor\temp\tmp5h9qny5e.c E:\bypassAV\inceptor\inceptor\temp\tmp5h9qny5e.asm "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.29.30133\bin\Hostx64\x64\ml64.exe" /c /nologo /Zi /Fo"E:\bypassAV\inceptor\inceptor\temp\tmp5h9qny5e.0.obj" /W3 /errorReport:prompt "E:\bypassAV\inceptor\inceptor\temp\tmp5h9qny5e.asm" Assembling: E:\bypassAV\inceptor\inceptor\temp\tmp5h9qny5e.asm
"C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Auxiliary\Build\vcvarsall.bat" x64 & "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.29.30133\bin\Hostx64\x64\cl.exe" /permissive- /GS /GL /W3 /Gy /Zi /Gm- /O2 /sdl /Zc:inline /Zc:wchar_t /fp:precise /D "BUILD_DLL" /D "NDEBUG" /D "SAGAT_EXPORTS" /D "_WINDOWS" /D "_WINDLL" /D "_USRDLL" /D "_UNICODE" /D "UNICODE" /errorReport:prompt /WX- /Zc:forScope /Gd /Oi /MD /FC /EHsc /nologo /diagnostics:column /LD /Fo:"E:\bypassAV\inceptor\inceptor\temp\tmp5h9qny5e.1.obj" /I "E:\bypassAV\inceptor\inceptor\temp" "E:\bypassAV\inceptor\inceptor\temp\tmp5h9qny5e.c" Traceback (most recent call last): File "E:\bypassAV\inceptor\inceptor\engine\modules\TemplateModule.py", line 84, in from_name _instance = _class(kwargs=kwargs['kwargs']) File "E:\bypassAV\inceptor\inceptor\engine\modules\SyscallsModule.py", line 46, in init self.build(kwargs=kwargs) File "E:\bypassAV\inceptor\inceptor\engine\modules\SyscallsModule.py", line 95, in build cl.compile([f"{syscalls_basepath}.c"]) File "E:\bypassAV\inceptor\inceptor\compilers\Compiler.py", line 68, in compile print(output.decode()) UnicodeDecodeError: 'utf-8' codec can't decode byte 0xd5 in position 314: invalid continuation byte [DEBUG] Loading module Dinvoke [+] Native Artifact Generator Started At 2022-08-01 14:38:50.065093 [] Phase 0: Loading... [] Phase 1: Converting binary into shellcode [>] Transformer: Loader [] Phase 2: Encoding [] Phase 3: Generating source files using CLASSIC-DINVOKE_SYSCALLS [>] Phase 3.1: Writing CPP file in .\temp\tmpe259n97n.cpp [*] Phase 4: EXE compilation and Signing [>] Phase 4.1: Compiling EXE... "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Auxiliary\Build\vcvarsall.bat" x64 & "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.29.30133\bin\Hostx64\x64\cl.exe" /permissive- /Bt+ /GS /W3 /Gy /Zi /Gm- /O2i /sdl /Zc:inline /Zc:wchar_t /fp:precise /D "NDEBUG" /D "_CONSOLE" /D "_UNICODE" /D "UNICODE" /errorReport:prompt /WX- /Zc:forScope /Gd /MD /FC /EHsc /nologo /diagnostics:column /Fe:"E:\bypassAV\inceptor\inceptor\temp\packed-temp.exe" "E:\bypassAV\inceptor\inceptor\temp\tmpe259n97n.cpp" /link Traceback (most recent call last): File "E:\bypassAV\inceptor\inceptor\generators\NativeArtifactGenerator.py", line 248, in generate self.generate_wrapped() File "E:\bypassAV\inceptor\inceptor\generators\NativeArtifactGenerator.py", line 291, in generate_wrapped self.compile_exe(shellcode) File "E:\bypassAV\inceptor\inceptor\generators\NativeArtifactGenerator.py", line 200, in compile_exe status = self.compiler.compile([self.exe_writer.outfile] + self.obj_files) File "E:\bypassAV\inceptor\inceptor\compilers\Compiler.py", line 68, in compile print(output.decode()) UnicodeDecodeError: 'utf-8' codec can't decode byte 0xa1 in position 389: invalid start byte
I think I solved this problem : region > manage > Change system locale > select Beta (utf-8)
It seems to be a coding problem
To Reproduce python3 inceptor.py native 1.raw -o packed.exe -m syscalls -m dinvoke -P
Complete! Files written to: E:\bypassAV\inceptor\inceptor\temp\tmp5h9qny5e.h E:\bypassAV\inceptor\inceptor\temp\tmp5h9qny5e.c E:\bypassAV\inceptor\inceptor\temp\tmp5h9qny5e.asm "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.29.30133\bin\Hostx64\x64\ml64.exe" /c /nologo /Zi /Fo"E:\bypassAV\inceptor\inceptor\temp\tmp5h9qny5e.0.obj" /W3 /errorReport:prompt "E:\bypassAV\inceptor\inceptor\temp\tmp5h9qny5e.asm" Assembling: E:\bypassAV\inceptor\inceptor\temp\tmp5h9qny5e.asm
"C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Auxiliary\Build\vcvarsall.bat" x64 & "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.29.30133\bin\Hostx64\x64\cl.exe" /permissive- /GS /GL /W3 /Gy /Zi /Gm- /O2 /sdl /Zc:inline /Zc:wchar_t /fp:precise /D "BUILD_DLL" /D "NDEBUG" /D "SAGAT_EXPORTS" /D "_WINDOWS" /D "_WINDLL" /D "_USRDLL" /D "_UNICODE" /D "UNICODE" /errorReport:prompt /WX- /Zc:forScope /Gd /Oi /MD /FC /EHsc /nologo /diagnostics:column /LD /Fo:"E:\bypassAV\inceptor\inceptor\temp\tmp5h9qny5e.1.obj" /I "E:\bypassAV\inceptor\inceptor\temp" "E:\bypassAV\inceptor\inceptor\temp\tmp5h9qny5e.c" Traceback (most recent call last): File "E:\bypassAV\inceptor\inceptor\engine\modules\TemplateModule.py", line 84, in from_name _instance = _class(kwargs=kwargs['kwargs']) File "E:\bypassAV\inceptor\inceptor\engine\modules\SyscallsModule.py", line 46, in init self.build(kwargs=kwargs) File "E:\bypassAV\inceptor\inceptor\engine\modules\SyscallsModule.py", line 95, in build cl.compile([f"{syscalls_basepath}.c"]) File "E:\bypassAV\inceptor\inceptor\compilers\Compiler.py", line 68, in compile print(output.decode()) UnicodeDecodeError: 'utf-8' codec can't decode byte 0xd5 in position 314: invalid continuation byte [DEBUG] Loading module Dinvoke [+] Native Artifact Generator Started At 2022-08-01 14:38:50.065093 [] Phase 0: Loading... [] Phase 1: Converting binary into shellcode [>] Transformer: Loader [] Phase 2: Encoding [] Phase 3: Generating source files using CLASSIC-DINVOKE_SYSCALLS [>] Phase 3.1: Writing CPP file in .\temp\tmpe259n97n.cpp [*] Phase 4: EXE compilation and Signing [>] Phase 4.1: Compiling EXE... "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Auxiliary\Build\vcvarsall.bat" x64 & "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.29.30133\bin\Hostx64\x64\cl.exe" /permissive- /Bt+ /GS /W3 /Gy /Zi /Gm- /O2i /sdl /Zc:inline /Zc:wchar_t /fp:precise /D "NDEBUG" /D "_CONSOLE" /D "_UNICODE" /D "UNICODE" /errorReport:prompt /WX- /Zc:forScope /Gd /MD /FC /EHsc /nologo /diagnostics:column /Fe:"E:\bypassAV\inceptor\inceptor\temp\packed-temp.exe" "E:\bypassAV\inceptor\inceptor\temp\tmpe259n97n.cpp" /link Traceback (most recent call last): File "E:\bypassAV\inceptor\inceptor\generators\NativeArtifactGenerator.py", line 248, in generate self.generate_wrapped() File "E:\bypassAV\inceptor\inceptor\generators\NativeArtifactGenerator.py", line 291, in generate_wrapped self.compile_exe(shellcode) File "E:\bypassAV\inceptor\inceptor\generators\NativeArtifactGenerator.py", line 200, in compile_exe status = self.compiler.compile([self.exe_writer.outfile] + self.obj_files) File "E:\bypassAV\inceptor\inceptor\compilers\Compiler.py", line 68, in compile print(output.decode()) UnicodeDecodeError: 'utf-8' codec can't decode byte 0xa1 in position 389: invalid start byte