error when compiling the Sigloader bof #2
Comments
|
Not an error, just a warning, you should still be able to compile into an object file. Will fix the warning messages in the next few. |
|
it couldn't compile :( |
|
works fine on my side, i'm using Mingw-w64 on OSX. Can you share the error (not the warnings) you're getting ? |
|
its the warning I already copied sooner, there is no output on the Sigloader folder: ➜ i686-w64-mingw32-gcc -c sigflip.c -o sigflip.x86.o >>>>> this one is OK I'm also on Mac intel based x64 |
|
It seems the reason I'm not getting the same error because I'm using an old version of mingw-64 (v8.0.0_3), you're getting the error because i can see from the screenshot above you're using v9.0.0.2, a quick fix for this is to comment out sigloader.c lines 10 <-> 13. SigFlip/Bof/SigLoader/sigloader.c Lines 10 to 13 in 57f605a If you try and compile again this time, it should compile fine. let me know if that temporarily fixed it. |
|
it compiled well this time, i need to just the bof on cobalt now :) thanks and i will probably degrade to mingw 8 |
|
here is an error when execting the sigflip command on the script console of cobaltstrike: "Function call &beacon_inline_execute failed: The BOF content (arg 2) is empty. Did you read the right file? at sigflip.cna:39" |
|
Make sure all pre-compiled obejct files are located in the same directory as sigflip.cna, then load sigflip.cna script to cobalt strike. |
|
fixed :) but I need to recompile with version 8of mingw (windows 7 crashed completely. smb beacon crashed, and even https beacon crashed) I think compiling should be done with mingw 8 to avoid beacon crashing. |
|
Interesting, thanks for bringing this up, will do more testing using >v9 and get it fixed. |
|
perfect I guess it needs some time to update it to V9 without commenting out code and crashing |
here is a sample of the error when trying to compile Sigloader(BOF):
In file included from sigloader.c:1:
common.h:42:102: note: expected 'SIZE_T' {aka 'long unsigned int'} but argument is of type 'void *'
42 | DECLSPEC_IMPORT WINBASEAPI BOOL WINAPI KERNEL32$WriteProcessMemory (HANDLE, LPVOID, LPCVOID, SIZE_T, SIZE_T);
| ^~~~~~
sigloader.c:184:58: warning: passing argument 3 of 'KERNEL32$QueueUserAPC' makes integer from pointer without a cast [-Wint-conversion]
184 | KERNEL32$QueueUserAPC((PAPCFUNC)apcRoutine, hThread, NULL);
| ^~~~
| |
| void *
In file included from sigloader.c:1:
common.h:40:82: note: expected 'ULONG_PTR' {aka 'long unsigned int'} but argument is of type 'void *'
40 | DECLSPEC_IMPORT WINBASEAPI DWORD WINAPI KERNEL32$QueueUserAPC (PAPCFUNC, HANDLE, ULONG_PTR);
| ^~~~~~~~~
sigloader.c:199:43: warning: passing argument 1 of 'MSVCRT$free' discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers]
199 | if (sProcess) MSVCRT$free(sProcess);
| ^~~~~~~~
The text was updated successfully, but these errors were encountered: