Fix Zlib chain validation

2022-04-13 18:02:22 +01:00 · 2022-04-13 18:02:22 +01:00 · 159e226225
parent 6c635056ee
commit 159e226225
2 changed files with 21 additions and 1 deletions
--- a/inceptor/chain-validate.py
+++ b/inceptor/chain-validate.py
@ -1,5 +1,6 @@
 #!/usr/bin/env python
 import os
+import shutil
 import subprocess
 import sys
 import argparse
@ -10,6 +11,7 @@ from pathlib import Path

 from compilers.ClCompiler import ClCompiler
 from compilers.CscCompiler import CscCompiler
+from compilers.ILPacker import ILPacker
 from config.Config import Config
 from converters.Loader import Loader
 from encoders.EncoderChain import EncoderChain
@ -37,6 +39,16 @@ def clean(files):
            subprocess.call(cmd, shell=True, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)


+def pack_exe(infile, outfile, libraries):
+    packer_args = {
+        "/target": "exe",
+        "/out": f'"{outfile}"'
+    }
+    packer = ILPacker(args=packer_args)
+    packer.compile([infile] + libraries)
+    shutil.move(outfile, infile)
+
+
 if __name__ == '__main__':
    os.system('color')
    parser = argparse.ArgumentParser(description='chain-validate: inceptor chain validator', add_help=True)
@ -98,6 +110,13 @@ if __name__ == '__main__':
        if not os.path.isfile(compiled_file):
            print("[-] Error generating encoder file")
            sys.exit(1)
+
+        if len(writer.template.libraries) > 0 and lang == Language.CSHARP:
+            pack_exe(compiled_file, compiled_file + "2", writer.template.libraries)
+            if not os.path.isfile(compiled_file):
+                print("[-] Error generating encoder file")
+                sys.exit(1)
+
        loader = Loader()
        cmd = compiled_file
        if lang == Language.POWERSHELL:
@ -125,3 +144,4 @@ if __name__ == '__main__':
            print(f"  [*] Shellcode: {shellcode}")

        clean([compiled_file] + outfiles)
+
--- a/inceptor/encoders/ZlibEncoder.py
+++ b/inceptor/encoders/ZlibEncoder.py
@ -37,7 +37,7 @@ class ZlibEncoder(Encoder):

            module.name = self.__class__.__name__
            module.call_component = CallComponent("ZlibEncoder.Decode")
-            module.libraries = [str(Config().get_path("DIRECTORIES", "libs").joinpath(arch.value, "Zlib.Portable.dll"))]
+            module.libraries = [str(Config().get_path("DIRECTORIES", "libs").joinpath("Zlib.Portable.dll"))]
            module.components = [
                CodeComponent(code)
            ]