search

oddcod3 / Phantom-Evasion

Python antivirus evasion tool
GNU General Public License v3.0
1.38k stars 333 forks source link

i have a probleme with keeping process alive #79

Closed TheNewAttacker64 closed 2 years ago

TheNewAttacker64 commented 4 years ago

[+] MODULE DESCRIPTION:

None Press Enter to continue:

[>] Insert Target architecture (default:x86):

[>] Insert fullpath to file to add to startup: C:\Users\USER\Desktop\payload.exe

[>] Insert name for the reg/task/service (default:random):

[>] Insert name of the process to keep alive:paylod.exe

[>] Insert time interval in millisecond between check (default:600000):

[>] Insert Junkcode Intesity value (default:10):

[>] Insert Junkcode Frequency value (default: 10):

[>] Insert Junkcode Reinjection Frequency (default: 0):

[>] Insert Evasioncode Frequency value (default: 10):

[>] Dynamically load windows API? (Y/n):n

[>] Add Ntdll api Unhooker? (Y/n):n

[>] Masq peb process? (Y/n):n

[>] Strip executable? (Y/n):n

[>] Use certificate spoofer and sign executable? (Y/n):n

[>] Insert output format (default:exe):

[>] Insert output filename:persistence

[>] Generating code...

[>] Compiling...

In file included from Source.c:1: /usr/share/mingw-w64/include/tlhelp32.h:15:3: error: unknown type name ‘HANDLE’ 15 | HANDLE WINAPI CreateToolhelp32Snapshot(DWORD dwFlags,DWORD th32ProcessID); | ^~ /usr/share/mingw-w64/include/tlhelp32.h:15:17: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘CreateToolhelp32Snapshot’ 15 | HANDLE WINAPI CreateToolhelp32Snapshot(DWORD dwFlags,DWORD th32ProcessID); | ^~~~~~~~ /usr/share/mingw-w64/include/tlhelp32.h:26:5: error: unknown type name ‘SIZE_T’ 26 | SIZE_T dwSize; | ^~ /usr/share/mingw-w64/include/tlhelp32.h:27:5: error: unknown type name ‘DWORD’ 27 | DWORD th32ProcessID; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:28:5: error: unknown type name ‘ULONG_PTR’ 28 | ULONG_PTR th32HeapID; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:29:5: error: unknown type name ‘DWORD’ 29 | DWORD dwFlags; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:37:3: error: unknown type name ‘WINBOOL’ 37 | WINBOOL WINAPI Heap32ListFirst(HANDLE hSnapshot,LPHEAPLIST32 lphl); | ^~~ /usr/share/mingw-w64/include/tlhelp32.h:37:18: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘Heap32ListFirst’ 37 | WINBOOL WINAPI Heap32ListFirst(HANDLE hSnapshot,LPHEAPLIST32 lphl); | ^~~~~~~ /usr/share/mingw-w64/include/tlhelp32.h:38:3: error: unknown type name ‘WINBOOL’ 38 | WINBOOL WINAPI Heap32ListNext(HANDLE hSnapshot,LPHEAPLIST32 lphl); | ^~~ /usr/share/mingw-w64/include/tlhelp32.h:38:18: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘Heap32ListNext’ 38 | WINBOOL WINAPI Heap32ListNext(HANDLE hSnapshot,LPHEAPLIST32 lphl); | ^~~~~~ /usr/share/mingw-w64/include/tlhelp32.h:41:5: error: unknown type name ‘SIZE_T’ 41 | SIZE_T dwSize; | ^~ /usr/share/mingw-w64/include/tlhelp32.h:42:5: error: unknown type name ‘HANDLE’ 42 | HANDLE hHandle; | ^~ /usr/share/mingw-w64/include/tlhelp32.h:43:5: error: unknown type name ‘ULONG_PTR’ 43 | ULONG_PTR dwAddress; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:44:5: error: unknown type name ‘SIZE_T’ 44 | SIZE_T dwBlockSize; | ^~ /usr/share/mingw-w64/include/tlhelp32.h:45:5: error: unknown type name ‘DWORD’ 45 | DWORD dwFlags; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:46:5: error: unknown type name ‘DWORD’ 46 | DWORD dwLockCount; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:47:5: error: unknown type name ‘DWORD’ 47 | DWORD dwResvd; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:48:5: error: unknown type name ‘DWORD’ 48 | DWORD th32ProcessID; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:49:5: error: unknown type name ‘ULONG_PTR’ 49 | ULONG_PTR th32HeapID; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:58:3: error: unknown type name ‘WINBOOL’ 58 | WINBOOL WINAPI Heap32First(LPHEAPENTRY32 lphe,DWORD th32ProcessID,ULONG_PTR th32HeapID); | ^~~ /usr/share/mingw-w64/include/tlhelp32.h:58:18: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘Heap32First’ 58 | WINBOOL WINAPI Heap32First(LPHEAPENTRY32 lphe,DWORD th32ProcessID,ULONG_PTR th32HeapID); | ^~~ /usr/share/mingw-w64/include/tlhelp32.h:59:3: error: unknown type name ‘WINBOOL’ 59 | WINBOOL WINAPI Heap32Next(LPHEAPENTRY32 lphe); | ^~~ /usr/share/mingw-w64/include/tlhelp32.h:59:18: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘Heap32Next’ 59 | WINBOOL WINAPI Heap32Next(LPHEAPENTRY32 lphe); | ^~~~~~ /usr/share/mingw-w64/include/tlhelp32.h:60:3: error: unknown type name ‘WINBOOL’ 60 | WINBOOL WINAPI Toolhelp32ReadProcessMemory(DWORD th32ProcessID,LPCVOID lpBaseAddress,LPVOID lpBuffer,SIZE_T cbRead,SIZE_T lpNumberOfBytesRead); | ^~~ /usr/share/mingw-w64/include/tlhelp32.h:60:18: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘Toolhelp32ReadProcessMemory’ 60 | WINBOOL WINAPI Toolhelp32ReadProcessMemory(DWORD th32ProcessID,LPCVOID lpBaseAddress,LPVOID lpBuffer,SIZE_T cbRead,SIZE_T lpNumberOfBytesRead); | ^~~~~~~ In file included from Source.c:1: /usr/share/mingw-w64/include/tlhelp32.h:63:5: error: unknown type name ‘DWORD’ 63 | DWORD dwSize; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:64:5: error: unknown type name ‘DWORD’ 64 | DWORD cntUsage; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:65:5: error: unknown type name ‘DWORD’ 65 | DWORD th32ProcessID; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:66:5: error: unknown type name ‘ULONG_PTR’ 66 | ULONG_PTR th32DefaultHeapID; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:67:5: error: unknown type name ‘DWORD’ 67 | DWORD th32ModuleID; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:68:5: error: unknown type name ‘DWORD’ 68 | DWORD cntThreads; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:69:5: error: unknown type name ‘DWORD’ 69 | DWORD th32ParentProcessID; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:70:5: error: unknown type name ‘LONG’ 70 | LONG pcPriClassBase; | ^~~~ /usr/share/mingw-w64/include/tlhelp32.h:71:5: error: unknown type name ‘DWORD’ 71 | DWORD dwFlags; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:72:5: error: unknown type name ‘WCHAR’ 72 | WCHAR szExeFile[MAX_PATH]; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:72:21: error: ‘MAX_PATH’ undeclared here (not in a function) 72 | WCHAR szExeFile[MAX_PATH]; | ^~~~ /usr/share/mingw-w64/include/tlhelp32.h:77:3: error: unknown type name ‘WINBOOL’ 77 | WINBOOL WINAPI Process32FirstW(HANDLE hSnapshot,LPPROCESSENTRY32W lppe); | ^~~ /usr/share/mingw-w64/include/tlhelp32.h:77:18: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘Process32FirstW’ 77 | WINBOOL WINAPI Process32FirstW(HANDLE hSnapshot,LPPROCESSENTRY32W lppe); | ^~~~~~~ /usr/share/mingw-w64/include/tlhelp32.h:78:3: error: unknown type name ‘WINBOOL’ 78 | WINBOOL WINAPI Process32NextW(HANDLE hSnapshot,LPPROCESSENTRY32W lppe); | ^~~ /usr/share/mingw-w64/include/tlhelp32.h:78:18: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘Process32NextW’ 78 | WINBOOL WINAPI Process32NextW(HANDLE hSnapshot,LPPROCESSENTRY32W lppe); | ^~~~~~ /usr/share/mingw-w64/include/tlhelp32.h:81:5: error: unknown type name ‘DWORD’ 81 | DWORD dwSize; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:82:5: error: unknown type name ‘DWORD’ 82 | DWORD cntUsage; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:83:5: error: unknown type name ‘DWORD’ 83 | DWORD th32ProcessID; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:84:5: error: unknown type name ‘ULONG_PTR’ 84 | ULONG_PTR th32DefaultHeapID; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:85:5: error: unknown type name ‘DWORD’ 85 | DWORD th32ModuleID; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:86:5: error: unknown type name ‘DWORD’ 86 | DWORD cntThreads; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:87:5: error: unknown type name ‘DWORD’ 87 | DWORD th32ParentProcessID; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:88:5: error: unknown type name ‘LONG’ 88 | LONG pcPriClassBase; | ^~~~ /usr/share/mingw-w64/include/tlhelp32.h:89:5: error: unknown type name ‘DWORD’ 89 | DWORD dwFlags; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:90:5: error: unknown type name ‘CHAR’ 90 | CHAR szExeFile[MAX_PATH]; | ^~~~ /usr/share/mingw-w64/include/tlhelp32.h:95:3: error: unknown type name ‘WINBOOL’ 95 | WINBOOL WINAPI Process32First(HANDLE hSnapshot,LPPROCESSENTRY32 lppe); | ^~~ /usr/share/mingw-w64/include/tlhelp32.h:95:18: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘Process32First’ 95 | WINBOOL WINAPI Process32First(HANDLE hSnapshot,LPPROCESSENTRY32 lppe); | ^~~~~~ /usr/share/mingw-w64/include/tlhelp32.h:96:3: error: unknown type name ‘WINBOOL’ 96 | WINBOOL WINAPI Process32Next(HANDLE hSnapshot,LPPROCESSENTRY32 lppe); | ^~~ /usr/share/mingw-w64/include/tlhelp32.h:96:18: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘Process32Next’ 96 | WINBOOL WINAPI Process32Next(HANDLE hSnapshot,LPPROCESSENTRY32 lppe); | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:107:5: error: unknown type name ‘DWORD’ 107 | DWORD dwSize; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:108:5: error: unknown type name ‘DWORD’ 108 | DWORD cntUsage; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:109:5: error: unknown type name ‘DWORD’ 109 | DWORD th32ThreadID; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:110:5: error: unknown type name ‘DWORD’ 110 | DWORD th32OwnerProcessID; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:111:5: error: unknown type name ‘LONG’ 111 | LONG tpBasePri; | ^~~~ /usr/share/mingw-w64/include/tlhelp32.h:112:5: error: unknown type name ‘LONG’ 112 | LONG tpDeltaPri; | ^~~~ /usr/share/mingw-w64/include/tlhelp32.h:113:5: error: unknown type name ‘DWORD’ 113 | DWORD dwFlags; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:118:3: error: unknown type name ‘WINBOOL’ 118 | WINBOOL WINAPI Thread32First(HANDLE hSnapshot,LPTHREADENTRY32 lpte); | ^~~ /usr/share/mingw-w64/include/tlhelp32.h:118:18: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘Thread32First’ 118 | WINBOOL WINAPI Thread32First(HANDLE hSnapshot,LPTHREADENTRY32 lpte); | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:119:3: error: unknown type name ‘WINBOOL’ 119 | WINBOOL WINAPI Thread32Next(HANDLE hSnapshot,LPTHREADENTRY32 lpte); | ^~~ /usr/share/mingw-w64/include/tlhelp32.h:119:18: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘Thread32Next’ 119 | WINBOOL WINAPI Thread32Next(HANDLE hSnapshot,LPTHREADENTRY32 lpte); | ^~~~ /usr/share/mingw-w64/include/tlhelp32.h:122:5: error: unknown type name ‘DWORD’ 122 | DWORD dwSize; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:123:5: error: unknown type name ‘DWORD’ 123 | DWORD th32ModuleID; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:124:5: error: unknown type name ‘DWORD’ 124 | DWORD th32ProcessID; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:125:5: error: unknown type name ‘DWORD’ 125 | DWORD GlblcntUsage; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:126:5: error: unknown type name ‘DWORD’ 126 | DWORD ProccntUsage; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:127:5: error: unknown type name ‘BYTE’ 127 | BYTE modBaseAddr; | ^~~~ /usr/share/mingw-w64/include/tlhelp32.h:128:5: error: unknown type name ‘DWORD’ 128 | DWORD modBaseSize; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:129:5: error: unknown type name ‘HMODULE’ 129 | HMODULE hModule; | ^~~ /usr/share/mingw-w64/include/tlhelp32.h:130:5: error: unknown type name ‘WCHAR’ 130 | WCHAR szModule[MAX_MODULE_NAME32 + 1]; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:131:5: error: unknown type name ‘WCHAR’ 131 | WCHAR szExePath[MAX_PATH]; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:136:3: error: unknown type name ‘WINBOOL’ 136 | WINBOOL WINAPI Module32FirstW(HANDLE hSnapshot,LPMODULEENTRY32W lpme); | ^~~ /usr/share/mingw-w64/include/tlhelp32.h:136:18: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘Module32FirstW’ 136 | WINBOOL WINAPI Module32FirstW(HANDLE hSnapshot,LPMODULEENTRY32W lpme); | ^~~~~~ /usr/share/mingw-w64/include/tlhelp32.h:137:3: error: unknown type name ‘WINBOOL’ 137 | WINBOOL WINAPI Module32NextW(HANDLE hSnapshot,LPMODULEENTRY32W lpme); | ^~~ /usr/share/mingw-w64/include/tlhelp32.h:137:18: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘Module32NextW’ 137 | WINBOOL WINAPI Module32NextW(HANDLE hSnapshot,LPMODULEENTRY32W lpme); | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:140:5: error: unknown type name ‘DWORD’ 140 | DWORD dwSize; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:141:5: error: unknown type name ‘DWORD’ 141 | DWORD th32ModuleID; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:142:5: error: unknown type name ‘DWORD’ 142 | DWORD th32ProcessID; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:143:5: error: unknown type name ‘DWORD’ 143 | DWORD GlblcntUsage; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:144:5: error: unknown type name ‘DWORD’ 144 | DWORD ProccntUsage; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:145:5: error: unknown type name ‘BYTE’ 145 | BYTE modBaseAddr; | ^~~~ /usr/share/mingw-w64/include/tlhelp32.h:146:5: error: unknown type name ‘DWORD’ 146 | DWORD modBaseSize; | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:147:5: error: unknown type name ‘HMODULE’ 147 | HMODULE hModule; | ^~~ /usr/share/mingw-w64/include/tlhelp32.h:154:3: error: unknown type name ‘WINBOOL’ 154 | WINBOOL WINAPI Module32First(HANDLE hSnapshot,LPMODULEENTRY32 lpme); | ^~~ /usr/share/mingw-w64/include/tlhelp32.h:154:18: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘Module32First’ 154 | WINBOOL WINAPI Module32First(HANDLE hSnapshot,LPMODULEENTRY32 lpme); | ^~~~~ /usr/share/mingw-w64/include/tlhelp32.h:155:3: error: unknown type name ‘WINBOOL’ 155 | WINBOOL WINAPI Module32Next(HANDLE hSnapshot,LPMODULEENTRY32 lpme); | ^~~ /usr/share/mingw-w64/include/tlhelp32.h:155:18: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘Module32Next’ 155 | WINBOOL WINAPI Module32Next(HANDLE hSnapshot,LPMODULEENTRY32 lpme); | ^~~~ Source.c: In function ‘main’: Source.c:108:20: warning: implicit declaration of function ‘CreateToolhelp32Snapshot’ [-Wimplicit-function-declaration] 108 | HANDLE MuJaCEVbr = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0); | ^~~~~~~~ Source.c:108:20: warning: initialization of ‘HANDLE’ {aka ‘void *’} from ‘int’ makes pointer from integer without a cast [-Wint-conversion] Source.c:114:5: warning: implicit declaration of function ‘Process32First’ [-Wimplicit-function-declaration] 114 | if (Process32First(MuJaCEVbr, &QpLbyJxDTAnfhwHQRi)){ | ^~~~~~ Source.c:127:8: warning: implicit declaration of function ‘Process32Next’ [-Wimplicit-function-declaration] 127 | while (Process32Next(MuJaCEVbr, &QpLbyJxDTAnfhwHQRi)){ | ^~~~~ Source.c:147:76: error: incomplete universal character name \U 147 | if (EDcdmNNoPuCylpJp == FALSE ){WinExec("C:\Users\USER\Desktop\payload.exe",0);}} | ^ Source.c:147:76: error: incomplete universal character name \U Source.c:147:76: warning: unknown escape sequence: '\D' Source.c:147:76: warning: unknown escape sequence: '\p'

[<>] File saved in Phantom-Evasion folder

ghost commented 2 years ago

This error is not from phantom but from your compiler Please provide your compiler's information (like versions,your running system....)

TheNewAttacker64 commented 2 years ago

This is from 2020 i fixed the problem already ty anyway