Comments (9)
Hi! I will give you my answer here.
I use ubuntu20.04 with the initial environment:
sudo apt-get install cmake gcc g++ -y
gcc 9.3.0
g++ 9.3.0
cmake 3.16.3
step by step
- download the branch.
git clone -b llvm-4.0 --depth=1 https://github.com/obfuscator-llvm/obfuscator.git
- switch gcc and g++ version.(should run on version 8)
sudo apt-get install gcc-8 g++-8 -y
sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-8 8
sudo update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-8 8
sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-9 9
sudo update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-9 9
sudo update-alternatives --config gcc # choose version 8
sudo update-alternatives --config g++ # choose version 8
gcc --version
g++ --version
- modify the source code.
vim path_to_ollvm/include/llvm/ExecutionEngine/Orc/OrcRemoteTargetClient.h
Line number 690. Change <char>>
to <uint_8>>
. Or it will be wrong when u compile the project.
- build ollvm
mkdir build
cd build
cmake -DCMAKE_BUILD_TYPE=Release -DLLVM_INCLUDE_TESTS=OFF ../obfuscator/
make -j7
after one or two hour. You will see Linking CXX shared library ../../../../lib/libclang.so
. Ending with make error 2.
But don't worry. Files you need are ready to be used.
Enjoy!
Although it took me half day to figure it out (
Reference link:
obfuscator-llvm/obfuscator#151
https://www.jianshu.com/p/9136f7257e46
https://linuxconfig.org/how-to-switch-between-multiple-gcc-and-g-compiler-versions-on-ubuntu-20-04-lts-focal-fossa
from nimcrypt2.
Thank you
Did you move the folders /lib and /include to the below location?
/usr/lib/clang/version_number
@icyguider any ideas what is causing the below errors?
si@kali:~/Tools/Nimcrypt2$ ./nimcrypt -f apollo.bin -t raw -g -l ___ .-'
'.
/
| ;
| | .--,
.. |0) ~ (0) | .---'__.-( (_. __.--'
.. '..\ '--. _.-' ,.--'
"" ( ,.--'
',_ /./; ;, '..' __ _
) ) .---..' / | |\ _..--"" ""'--.,
---' .'.''-._.-'
./ /\ '. \ .-~~~````~~~-.-.__.' | | .' _.-' | | \ \ '.
~---`
\ / .' \ \ '. '-.)
/ / \ \ `=.__`-. Nimcrypt v2` ) ) .-'.' '.'. | (
jgs / /\ `) ) / / `"".`
, _.-'.'\ \ / / ( ( / / 3-in-1 C#, PE, & Raw Shellcode Loader
`--
(/` ( (` ) ) '-;
` '-; (-'
[+] Using explorer.exe for shellcode injection
[+] GetSyscallStub enabled
[+] String encryption disabled
[+] Sandbox checks enabled
[+] Unhooking ntdll.dll disabled
[+] Verbose messages disabled
[+] Syscall name randomization enabled
[+] Using Obfuscator-LLVM to compile
Hint: used config file '/home/si/.choosenim/toolchains/nim-1.6.4/config/nim.cfg' [Conf]
Hint: used config file '/home/si/.choosenim/toolchains/nim-1.6.4/config/config.nims' [Conf]
....................................................................................................................................................................................
/home/si/Tools/Nimcrypt2/GetSyscallStub.nim(6, 8) Hint: duplicate import of 'winim'; previous import here: /home/si/Tools/Nimcrypt2/stub.nim(5, 8) [DuplicateModuleImport]
/home/si/Tools/Nimcrypt2/GetSyscallStub.nim(7, 8) Hint: duplicate import of 'strutils'; previous import here: /home/si/Tools/Nimcrypt2/stub.nim(9, 8) [DuplicateModuleImport]
/home/si/Tools/Nimcrypt2/GetSyscallStub.nim(8, 8) Hint: duplicate import of 'ptr_math'; previous import here: /home/si/Tools/Nimcrypt2/stub.nim(10, 8) [DuplicateModuleImport]
/home/si/Tools/Nimcrypt2/GetSyscallStub.nim(73, 9) Hint: 'oldProtection' is declared but not used [XDeclaredButNotUsed]
/home/si/Tools/Nimcrypt2/GetSyscallStub.nim(74, 9) Hint: 'low2' is declared but not used [XDeclaredButNotUsed]
/home/si/Tools/Nimcrypt2/stub.nim(60, 5) Hint: 'JkMGUQgesFovfWdECwlHpaSC' is declared but not used [XDeclaredButNotUsed]
/home/si/Tools/Nimcrypt2/stub.nim(80, 5) Hint: 'xMOWrqOUUtmbqlMssMrHdroB' is declared but not used [XDeclaredButNotUsed]
CC: stdlib_digitsutils.nim
CC: stdlib_assertions.nim
CC: stdlib_dollars.nim
CC: stdlib_widestrs.nim
CC: stdlib_io.nim
CC: stdlib_system.nim
CC: ../../.nimble/pkgs/winim-3.8.0/winim/inc/winbase.nim
CC: ../../.nimble/pkgs/winim-3.8.0/winim/inc/tlhelp32.nim
In file included from /home/si/.cache/nim/stub_r/stdlib_system.nim.c:8:
In file included from /usr/x86_64-w64-mingw32/include/windows.h:69:
In file included from /usr/x86_64-w64-mingw32/include/windef.h:9:
In file included from /usr/x86_64-w64-mingw32/include/minwindef.h:163:
In file included from /usr/x86_64-w64-mingw32/include/winnt.h:1555:
In file included from /usr/bin/../include/clang/13.0.1/include/x86intrin.h:15:
In file included from /usr/bin/../include/clang/13.0.1/include/immintrin.h:488:
/usr/bin/../include/clang/13.0.1/include/amxintrin.h:238:10: error: returning 'int' from a function with incompatible result type '_tile1024i' (vector of 256 'int' values)
return __builtin_ia32_tileloadd64_internal(m, n, base,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/bin/../include/clang/13.0.1/include/amxintrin.h:246:10: error: returning 'int' from a function with incompatible result type '_tile1024i' (vector of 256 'int' values)
return __builtin_ia32_tileloaddt164_internal(m, n, base,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/bin/../include/clang/13.0.1/include/amxintrin.h:254:10: error: returning 'int' from a function with incompatible result type '_tile1024i' (vector of 256 'int' values)
return __builtin_ia32_tdpbssd_internal(m, n, k, dst, src1, src2);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fatal error: too many errors emitted, stopping now [-ferror-limit=]
CC: ../../.nimble/pkgs/winim-3.8.0/winim/utils.nim
CC: stdlib_parseutils.nim
4 errors generated.
Error: execution of an external compiler program 'x86_64-w64-mingw32-clang -c -w -ferror-limit=3 -DWIN32_LEAN_AND_MEAN -mllvm -bcf -mllvm -sub -mllvm -fla -mllvm -split -aesSeed=GEOU236HCU8FJNUBZ19H4Z8VS74Z6UBP -Os -I/home/si/.choosenim/toolchains/nim-1.6.4/lib -I/home/si/Tools/Nimcrypt2 -o /home/si/.cache/nim/stub_r/stdlib_system.nim.c.o /home/si/.cache/nim/stub_r/stdlib_system.nim.c' failed with exit code: 1
[!] Stub compilation failed! Check stub for errors.
`
from nimcrypt2.
please make sure you are using the right clang from ollvm. try:
which clang
ls -la `which clang`
make sure you have build ollvm the right way. And do all the stuff in readme.
from nimcrypt2.
I built Obfuscator-LLVM and replaced the clang in /usr/bin with the newly built clang.
To build I used:
mkdir build
cd build
cmake -G "Unix Makefiles" -DCMAKE_BUILD_TYPE=Release -DLLVM_INCLUDE_TESTS=OFF ../obfuscator/
make -j7
If I run: x86_64-w64-mingw32-clang -v
it shows "Obfuscator-LLVM" in the output.
Did you move the folders /lib and /include to /usr/lib/clang/clang_version
I'm unsure about what to do in this below step:
Backup existing clang library files, copy new newly built Obfuscator-LLVM library includes to /usr/lib/clang/OLD_VERSION/
I am trying now with the version of Ubuntu you are using Fankaren. I have followed your instructions and ollvm is currently building.
from nimcrypt2.
Essentially you should now just need to replace the system include directory that's seen in the error message you last posted (/usr/include/clang/13.0.1/) with the clang include folder from your ollvm build. Here's how I would do it for your system:
#Create Backup of original system clang include directory
mv /usr/include/clang/13.0.1/ /usr/include/clang/13.0.1_BACKUP/
#Create new system clang include directory
mkdir -p /usr/include/clang/13.0.1/
#Copy clang include folder from ollvm build directory into the new system clang include directory
cp -R ~/build/lib/clang/5.0.2/include/ /usr/include/clang/13.0.1/
Of course for the last command you will need to give it the build folder of wherever you compiled Obfuscator-LLVM. Hope this works for you.
@Fankaren Thanks so much for assisting. I really appreciate it!
from nimcrypt2.
Thank you guys. I really appreciate all your help. I understand now @icyguider
Working now. I used Obfuscator-llvm 9.0.1. The below fixed my issue, thanks @icyguider
cp -R ~/build/lib/clang/5.0.2/include/ /usr/include/clang/13.0.1/
from nimcrypt2.
Kali :
install gcc-8 g++-8 -y
sudo apt-get install gcc-8 g++-8 -y
[sudo] password for kali:
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Package g++-8 is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
E: Unable to locate package gcc-8
E: Package 'g++-8' has no installation candidate
from nimcrypt2.
This helped get the proper versions of gcc & g++
sudo apt update
wget http://mirrors.kernel.org/ubuntu/pool/universe/g/gcc-8/gcc-8_8.4.0-3ubuntu2_amd64.deb
wget http://mirrors.edge.kernel.org/ubuntu/pool/universe/g/gcc-8/gcc-8-base_8.4.0-3ubuntu2_amd64.deb
wget http://mirrors.kernel.org/ubuntu/pool/universe/g/gcc-8/libgcc-8-dev_8.4.0-3ubuntu2_amd64.deb
wget http://mirrors.kernel.org/ubuntu/pool/universe/g/gcc-8/cpp-8_8.4.0-3ubuntu2_amd64.deb
wget http://mirrors.kernel.org/ubuntu/pool/universe/g/gcc-8/libmpx2_8.4.0-3ubuntu2_amd64.deb
wget http://mirrors.kernel.org/ubuntu/pool/main/i/isl/libisl22_0.22.1-1_amd64.deb
sudo apt install ./libisl22_0.22.1-1_amd64.deb ./libmpx2_8.4.0-3ubuntu2_amd64.deb ./cpp-8_8.4.0-3ubuntu2_amd64.deb ./libgcc-8-dev_8.4.0-3ubuntu2_amd64.deb ./gcc-8-base_8.4.0-3ubuntu2_amd64.deb ./gcc-8_8.4.0-3ubuntu2_amd64.deb
wget http://mirrors.kernel.org/ubuntu/pool/universe/g/gcc-8/libstdc++-8-dev_8.4.0-3ubuntu2_amd64.deb
wget http://mirrors.kernel.org/ubuntu/pool/universe/g/gcc-8/g++-8_8.4.0-3ubuntu2_amd64.deb
sudo apt install ./libstdc++-8-dev_8.4.0-3ubuntu2_amd64.deb ./g++-8_8.4.0-3ubuntu2_amd64.deb
from nimcrypt2.
wget http://ftp.us.debian.org/debian/pool/main/g/gcc-8/libgcc-8-dev_8.3.0-6_amd64.deb
on kali , dont work
from nimcrypt2.
Related Issues (19)
- question HOT 6
- Generating a DLL HOT 1
- FAILED to write decoded payload to allocated memory: 1
- Issue executing PE file HOT 2
- Limits.h file not found HOT 3
- Cannot compile x86 binary
- How to build Obfuscator-LLVM HOT 2
- Cannot run output file from a x64bit PE. HOT 1
- Stub compilation failed! Check stub for errors HOT 1
- Packing and thereafter using DavRelayUp.exe
- unhook ntdll false HOT 1
- direct process for shellcode injection
- Error: cannot open file: nimcrypto HOT 4
- cannot execute the output file HOT 6
- Error: cannot open file: strenc [!] Stub compilation failed! Check stub for errors.
- how to implement "-mwindows" for wclang HOT 3
- Add Self Injection HOT 2
- Error: unhandled exception: unable to invoke specified member: Invoke (0x80131604) [CLRError] HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nimcrypt2.