Giters

phra / PEzor

Open-Source Shellcode & PE Packer

Home Page:https://iwantmore.pizza/posts/PEzor.html

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

PEzor/inject.cpp:98:16: error: cannot initialize return object of type 'LPVOID' (aka 'void *')

johnjohnsp1 opened this issue · comments

commented

$ PEzor -unhook -antidebug -text -self -rx -sleep=120 mimikatz/x64/mimikatz.exe

< PEzor!! v3.0.0 >

  \                    / \  //\
   \    |\___/|      /   \//  \\
        /0  0  \__  /    //  | \ \    
       /     /  \/_/    //   |  \  \  
       @_^_@'/   \/_   //    |   \   \ 
       //_^_/     \/_ //     |    \    \
    ( //) |        \///      |     \     \
  ( / /) _|_ /   )  //       |      \     _\
( // /) '/,_ _ _/  ( ; -.    |    _ _\.-~        .-~~~^-.

(( / / )) ,-{ _ -.|.-~-. .~ .
(( // / )) '/\ / -. _ .- .-^-.
(( /// )) . { } / \ \ (( / )) .----~-.\ \-' .~ \ . ^-.
///.----..> \ _ - . ^- ^-_
///-._ _ _ _ _ _ _}^ - - - - ~ -- ,.-
/.-~

Read the blog posts here:
https://iwantmore.pizza/posts/PEzor.html
https://iwantmore.pizza/posts/PEzor2.html
https://iwantmore.pizza/posts/PEzor3.html
Based on:
https://github.com/TheWover/donut
https://github.com/EgeBalci/sgn
https://github.com/JustasMasiulis/inline_syscall
https://github.com/CylanceVulnResearch/ReflectiveDLLRefresher

[?] Unhook enabled
[?] Anti-debug enabled
[?] Payload will be put in .text section
[?] Self-executing payload
[?] Allocating RX memory for execution
[*] Warning: -rx supports RX shellcode only
[?] Waiting 120 seconds before executing the payload
[?] Processing mimikatz/x64/mimikatz.exe
[?] PE detected: mimikatz/x64/mimikatz.exe: PE32+ executable (console) x86-64, for MS Windows
[?] Building executable
[?] Executing donut

[ Donut shellcode generator v0.9.3 (built Jul 8 2021 19:48:53)
[ Copyright (c) 2019-2021 TheWover, Odzhan

[ Instance type : Embedded
[ Module file : "mimikatz/x64/mimikatz.exe"
[ Entropy : Random names + Encryption
[ File type : EXE
[ Target CPU : x86+amd64
[ AMSI/WDLP : continue
[ PE Headers : overwrite
[ Shellcode : "/tmp/shellcode.bin.donut"
[ Exit : Thread
/home/utente/PEzor/loader.c:437:10: warning: cast to smaller integer type 'DWORD' (aka 'unsigned long') from 'PCHAR' (aka 'char *') [-Wpointer-to-int-cast]
if (((DWORD)lpProcName & 0xFFFF0000) == 0x00000000)
^~~~~~~~~~~~~~~~~
/home/utente/PEzor/loader.c:443:43: warning: cast to smaller integer type 'DWORD' (aka 'unsigned long') from 'PCHAR' (aka 'char *') [-Wpointer-to-int-cast]
uiAddressArray += ((IMAGE_ORDINAL((DWORD)lpProcName) - pExportDirectory->Base) * sizeof(DWORD));
^~~~~~~~~~~~~~~~~
/usr/x86_64-w64-mingw32/include/winnt.h:7220:48: note: expanded from macro 'IMAGE_ORDINAL'
#define IMAGE_ORDINAL(Ordinal) IMAGE_ORDINAL64(Ordinal)
^~~~~~~
/usr/x86_64-w64-mingw32/include/winnt.h:7191:35: note: expanded from macro 'IMAGE_ORDINAL64'
#define IMAGE_ORDINAL64(Ordinal) (Ordinal & 0xffffull)
^~~~~~~
2 warnings generated.
/home/utente/PEzor/inject.cpp:98:16: error: cannot initialize return object of type 'LPVOID' (aka 'void *') with an rvalue of type 'int'
return (*func)();
^~~~~~~~~
1 error generated.

using Linux kalidev 5.10.0-kali9-amd64 #1 SMP Debian 5.10.46-1kali1 (2021-06-25) x86_64 GNU/Linux
did
sudo bash install.sh
all went fine no error or anything during the installation process.
did a reboot
either using a C# code or mimikatz.exe (from website) im getting this error
i do something wrong or miss anything ?
thanks