mirror of
https://github.com/klezVirus/inceptor.git
synced 2024-06-25 16:28:35 +00:00
Added Hide Window feature
This commit is contained in:
d3adc0de
parent
19f6bfadd5
commit
d781c9267a
0
inceptor/compilers/CompilerExceptions.py
Normal file
0
inceptor/compilers/CompilerExceptions.py
Normal file
@ -9,6 +9,7 @@ from datetime import datetime
|
||||
from compilers.CscCompiler import CscCompiler
|
||||
from compilers.ILPacker import ILPacker
|
||||
from config.Config import Config
|
||||
from converters.Donut import ArchitectureMismatch
|
||||
from converters.TransformerFactory import TransformerFactory
|
||||
from encoders.EncoderChain import EncoderChain
|
||||
from encoders.HexEncoder import HexEncoder
|
||||
@ -39,12 +40,14 @@ class DotNetArtifactGenerator(Generator):
|
||||
process: str = None,
|
||||
arch: str = None,
|
||||
sign: bool = False,
|
||||
modules: list = None
|
||||
modules: list = None,
|
||||
hide_window: bool = False
|
||||
):
|
||||
super().__init__(file=file, chain=chain)
|
||||
if chain.is_empty():
|
||||
chain.push(HexEncoder())
|
||||
config = Config()
|
||||
self.hide_window = hide_window
|
||||
self.sgn = sgn
|
||||
self.obfuscate = obfuscate
|
||||
self.sign = sign
|
||||
@ -161,6 +164,8 @@ class DotNetArtifactGenerator(Generator):
|
||||
self.compiler.default_exe_args(outfile=self.outfiles["temp"])
|
||||
if self.dll:
|
||||
self.compiler.default_dll_args(outfile=self.outfiles["temp"])
|
||||
elif self.hide_window:
|
||||
self.compiler.hide_window()
|
||||
self.refresh_libraries()
|
||||
self.compiler.compile(self.writer.source_files)
|
||||
if not os.path.isfile(self.outfiles['temp']):
|
||||
@ -217,8 +222,11 @@ class DotNetArtifactGenerator(Generator):
|
||||
def generate(self):
|
||||
try:
|
||||
self.generate_wrapped()
|
||||
except ArchitectureMismatch as e:
|
||||
Console.auto_line(f"[-] {e}")
|
||||
except:
|
||||
traceback.print_exc()
|
||||
finally:
|
||||
self.clean()
|
||||
|
||||
def generate_wrapped(self):
|
||||
|
||||
@ -34,10 +34,12 @@ class NativeArtifactGenerator(Generator):
|
||||
obfuscate: bool = False,
|
||||
exports: str = None,
|
||||
compiler: str = "cl",
|
||||
modules: list = None
|
||||
modules: list = None,
|
||||
hide_window: bool = False
|
||||
):
|
||||
super().__init__(file=file, chain=chain)
|
||||
self.arch = arch
|
||||
self.hide_window = hide_window
|
||||
config = Config()
|
||||
self.placeholder = config.get("PLACEHOLDERS", "SHELLCODE")
|
||||
artifacts_path = config.get_path("DIRECTORIES", "ARTIFACTS")
|
||||
@ -59,15 +61,8 @@ class NativeArtifactGenerator(Generator):
|
||||
else:
|
||||
self.transformer = TransformerFactory.from_file(self.file)
|
||||
|
||||
# EXE Writer
|
||||
self.exe_writer = CodeWriter(language=Language.CPP,
|
||||
pinject=pinject,
|
||||
process=process,
|
||||
delay=delay,
|
||||
modules=modules,
|
||||
_filter=Filter(exclude=["dll"]),
|
||||
arch=arch)
|
||||
self.exe_writer.load_chain(chain=self.chain)
|
||||
self.exe_writer = None
|
||||
self.dll_writer = None
|
||||
working_directory = Config().get_path("DIRECTORIES", "WRITER")
|
||||
|
||||
basename = os.path.basename(os.path.splitext(outfile)[0])
|
||||
@ -81,20 +76,32 @@ class NativeArtifactGenerator(Generator):
|
||||
"exe-final": outfile,
|
||||
"dll-final": f"{basename}.dll",
|
||||
}
|
||||
|
||||
if obfuscate:
|
||||
compiler = "llvm"
|
||||
self.compiler = Compiler.from_name(compiler, args={}, arch=self.arch)
|
||||
self.compiler.default_exe_args(self.outfiles["exe-temp"])
|
||||
|
||||
if not self.dll:
|
||||
self.compiler.default_exe_args(self.outfiles["exe-temp"])
|
||||
|
||||
# EXE Writer
|
||||
self.exe_writer = CodeWriter(language=Language.CPP,
|
||||
pinject=pinject,
|
||||
process=process,
|
||||
delay=delay,
|
||||
modules=modules,
|
||||
_filter=Filter(exclude=["dll"]),
|
||||
arch=arch)
|
||||
self.exe_writer.load_chain(chain=self.chain)
|
||||
|
||||
# DLL Writer
|
||||
self.dll_writer = None
|
||||
if self.dll:
|
||||
_dll_filter = Filter(include=["dll"], exclude=["write-execute"])
|
||||
elif self.dll:
|
||||
_dll_filter = Filter(include=["dll"])
|
||||
|
||||
self.dll_writer = CodeWriter(
|
||||
language=Language.CPP,
|
||||
template=config.get_path("DIRECTORIES", "DLL"),
|
||||
pinject=pinject,
|
||||
process=process,
|
||||
delay=delay,
|
||||
_filter=_dll_filter,
|
||||
modules=modules
|
||||
)
|
||||
@ -152,7 +159,8 @@ class NativeArtifactGenerator(Generator):
|
||||
self.exe_writer.template.process_modules()
|
||||
self.compiler.default_exe_args(self.outfiles["exe-temp"])
|
||||
self.compiler.set_libraries(libs=self.exe_writer.template.libraries)
|
||||
|
||||
if self.hide_window:
|
||||
self.compiler.hide_window()
|
||||
status = self.compiler.compile([self.exe_writer.outfile] + self.obj_files)
|
||||
|
||||
if not os.path.isfile(self.outfiles["exe-temp"]):
|
||||
@ -163,9 +171,11 @@ class NativeArtifactGenerator(Generator):
|
||||
self.dll_payload = py_bin2sh(self.outfiles["exe-temp"])
|
||||
|
||||
def clean(self):
|
||||
artifacts = [self.exe_writer.outfile]
|
||||
artifacts = []
|
||||
if self.dll:
|
||||
artifacts.append(self.dll_writer.outfile)
|
||||
else:
|
||||
artifacts.append(self.exe_writer.outfile)
|
||||
for file in artifacts:
|
||||
os.unlink(file)
|
||||
base_paths = [".", "artifacts", "temp"]
|
||||
@ -231,8 +241,9 @@ class NativeArtifactGenerator(Generator):
|
||||
shellcode = self.chain.encode(shellcode_bytes)
|
||||
step += 1
|
||||
template = self.exe_writer.template.template_name if not self.dll else self.dll_writer.template.template_name
|
||||
temporary_file = f".\\temp\\{os.path.basename(self.exe_writer.outfile)}" if self.exe_writer else self.dll_writer.outfile
|
||||
Console.auto_line(f"[*] Phase {step}: Generating source files using {template}")
|
||||
Console.auto_line(f" [>] Phase {step}.{substep}: Writing CPP file in .\\temp\\{os.path.basename(self.exe_writer.outfile)}")
|
||||
Console.auto_line(f" [>] Phase {step}.{substep}: Writing CPP file in {temporary_file}")
|
||||
time.sleep(1)
|
||||
step += 1
|
||||
if not self.dll:
|
||||
|
||||
@ -90,6 +90,9 @@ inceptor: A Windows-based PE Packing framework designed to help
|
||||
'--dll', required=False, default=False, action='store_true', help='If set, generates a wrapper DLL')
|
||||
native_parser.add_argument(
|
||||
'--delay', required=False, default=None, type=int, help='Add a delay of n seconds before execution')
|
||||
native_parser.add_argument(
|
||||
'-hw', '--hide-window', required=False, action='store_true',
|
||||
help='Remove the starting console window when the executable is launched')
|
||||
native_parser.add_argument(
|
||||
'binary',
|
||||
help='Binary file to convert (EXE or RAW for Vanilla Injection)')
|
||||
@ -131,6 +134,9 @@ inceptor: A Windows-based PE Packing framework designed to help
|
||||
dotnet_parser.add_argument(
|
||||
'--delay', required=False, default=None, type=int,
|
||||
help='Add a delay of n seconds before execution (requires Delay module)')
|
||||
dotnet_parser.add_argument(
|
||||
'-hw', '--hide-window', required=False, action='store_true',
|
||||
help='Remove the starting console window when the executable is launched')
|
||||
dotnet_parser.add_argument(
|
||||
'binary',
|
||||
help='Binary file to convert (exe to perform PE Injection, DLL for RDI and RAW for Vanilla Injection)')
|
||||
@ -233,7 +239,8 @@ inceptor: A Windows-based PE Packing framework designed to help
|
||||
sign=args.sign,
|
||||
exports=args.exports,
|
||||
compiler=args.compiler,
|
||||
obfuscate=args.obfuscate)
|
||||
obfuscate=args.obfuscate,
|
||||
hide_window=args.hide_window)
|
||||
|
||||
elif action == "dotnet":
|
||||
args = dotnet_parser.parse_args(args=sys.argv[start:])
|
||||
@ -250,7 +257,8 @@ inceptor: A Windows-based PE Packing framework designed to help
|
||||
sgn=args.sgn,
|
||||
delay=args.delay,
|
||||
arch=args.arch,
|
||||
sign=args.sign)
|
||||
sign=args.sign,
|
||||
hide_window=args.hide_window)
|
||||
elif action == "powershell":
|
||||
args = powershell_parser.parse_args(args=sys.argv[start:])
|
||||
if filetype not in ["raw", "exe"] or (filetype == "exe" and not isDotNet(binary_abs_path)):
|
||||
|
||||
Loading…
Reference in New Issue
Block a user