Description: In this video we cover the creation of the DLL scaffold. Note to the copyright notice in the scaffold: It is NOT forbidden in any way to reuse any of the code I put out in this tutorial series with or without attribution. The simple copyright statement there is in case it evolves into a commercial service post video so I don't forget to put it there...
Tags: aking1012 , Andrew King , AV , Bypass , Part 2 , securitytube ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Thanks a lot Andrew !!! keep them coming.
Thanks you Andrew! You r doing great Job!
greeting mutex
Awesome! I like the way this series is going. Looking forward to more :) I am picking up some interesting things here.
I think this will turn out to be a great series. Thanks a lot for your dedication Andrew!
This looks like its shaping up to be a great series! I look forward to seeing more videos :D
Thank you for taking the time to make these videos. I'm looking forward to doing some more programming.
You could improve your uploads by adding a link to mediafire or so with the files you used.
Never the less, very interesting stuff, highly appreciated!
I don't include the code in an upload due to the "save, run someone else's code, kthxbai" phenomenon. If Vivek decides that providing DVDs of the videos with associated slide decks and code samples is something he wants to do on the site, you could expect that I would put code broken out by video progress on there. It's my understanding that if this was done it would be at low cost to help support the authors and the site. I may provide the code at the end of the series. Not providing it at this point is forcing users to do the learn by hands on thing. There isn't really any hands on involved if you just run 'tar -xvzf samplecode.tar.gz && cd samples && make all'. Thought I would put the reasoning out there. I may put the code up on github at some point.
Would save me some pause & typing ;)
But yea I know what you mean and Vivek should definitely try that to get some copy kiddies to pay
Thanks Andrew ;) Good Video! Waiting for the next parts =)
Just a note: there were some errors in the code. I corrected them for a user that tried. If you want me to take a look at your code if it isn't compiling send me a mail with the code you're working with attached.
I've finally managed to set some time aside to do some coding. I've used mingw in the past to create executables but never used it to create a dll. I *think* I've managed to enter the code of dll.c, dll.h and loader.c correctly (although it was difficult to read some of the code), but I'm stumped about how to use a makefile. Is it essential? Can I use a series of commands to generate the dll? I've looked at the mingw site and there's a sample dll demo here - http://www.mingw.org/wiki/sampleDLL but that doesn't really help.
@Ignatius - I forgot to change hello.c to loader.c in the makefile...if you rename loader.c to hello.c the included makefile should work. You could use a series of commands...I'll correct the filenames/makefile in the next video. I just put it all in the makefile so I didn't have to type/paste five lines every time I want to recompile the thing. If you're on the linux side it's as simple as make clean && make
after the code errors are corrected that is...
@Ignatius:
rm -rf *o hello.exe *.dll *a
i586-mingw32msvc-gcc -c -DBUILD_DLL -DWIN32 dll.c
i586-mingw32msvc-gcc -shared -o test.dll dll.o -Wl,--out-implib,libmessage.a
i586-mingw32msvc-gcc -c loader.c
i586-mingw32msvc-gcc -o loader.exe loader.o test.dll
should do it...
replace hello.exe with loader.exe...sorry
@Andrew - thank you for the rapid responses.
As we're creating a DLL, I figured it would be logical to work with mingw on Windows because I could (eventually) test everything and see if I have managed to evade the AV that I have installed. I know I could use Linux and copy the file over to a Windows PC to test this final element of the project.
As I mentioned, I tested out the demonstration DLL code from the mingw site to which I linked in my last post and everything went fine - I created the test EXE and DLL and the executable ran fine. It also whinged when I moved the DLL out of the same folder, so I know that my mingw installation is behaving as it should.
I just need to be able to create the DLL from the code segments that you have provided ... I *think* I've entered the code correctly but, as I can't go to the next stage and see any error messages, I can't be sure. I would like to have a go at correcting any final errors myself but if I fail, I might have to send copies to you for your expert eye!
I'll check out the commands that you posted in your previous message. The rm -rf... command reminded me of one of the famous 7 Deadly Linux Commands! (http://www.junauza.com/2008/11/7-deadly-linux-commands.html)
@Andrew - after a lot of googling the errors and pulling my hair out, I've managed to create the DLL and EXE files without any errors. I retained the names of the files as dll.c, dll.h and loader.c. The commands that I used in mingw on my Windows XP are:
gcc -c -DBUILD_DLL -DWIN32 dll.c
gcc -shared -o test.dll dll.o -Wl,--out-implib,libmessage.a
gcc -c loader.c
gcc -o hello.exe loader.o test.dll
When I executed hello.exe, the output was:
LoadLibrary Working.
Hello World.
Infinite loop to check things in a debugger if you like.
and when I commented out the infinite loop, the output was:
LoadLibrary Working.
Hello World.
Unload working.
so it *seems* that everything's working. Can I assume that?
I understand your comment about not just uploading the source files because that might make folks just copy/paste without actually doing some work. I was inclined to put the working code in this thread but I decided against that, although it would be good to have you check the code that I am using.
Finally, I've been fairly explicit in what I've done to get this working on my Windows system, just in case it might help someone else. I was determined to get this working before you post the next video in this series.
Not sure why you should have to comment out the infinite loop...maybe something wasn't commented out completely? @Ignatius - The scaffold code will be posted as a starting point for the next video. Glad you worked through it. I plan to post starting points for the videos that I verify compiling. Part of the issue is that I have the thing implemented and I was cutting out code sections. I didn't verify the cut up parts. The latter parts of the series where there is a lot of randomization and actually putting together the encoder will be mostly theory with example outputs(I can't in good conscience put that code out there...it would definitely be abused).
@Andrew - that's interesting, but also confusing! I was happy to see it hang before I commented out the infinite loop as I assumed it was doing as planned ... going around an infinite loop doing nothing. I suppose I might have made an error which, whilst having the correct syntax, made the executable not function perfectly. I'm looking forward to seeing the scaffold dll code again. It was difficult to differentiate ( from {, : from ; etc., although a bit of research and dusting off my programming books helped!
I'm hoping to learn lots from this series and appreciate that the later stages might be more "sketchy" but I hope that there will be enough detail in the series to allow me to complete the project.
nice work andrew
@all thanks for the interest. I have an awful lot on my plate right now.
Passed the GIAC test last week, did 3/4 of the coursework for another class and got pass, working on the code, thesis to 52 pages, trying to organize the ST users defcon meetup, getting videos done. Something has to give. The other ones == money soon. something has to give and I have to have priorities. I hope you understand. I was going for a once a week release cycle. I'll try to release two at end of week.
Congratulations on your success. It sounds like you're just like Vivek who needs at least 25 hours in each day to complete his busy schedule! I'm sure that everyone is waiting patiently for your further videos.