2017-11-20 03:51 UTC

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0001952Kali Linux[All Projects] Tool Upgradepublic2017-06-15 09:45
Reporterg0tmi1k 
Assigned Tosbrun 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusresolvedResolutionfixed 
Product Version 
Target VersionFixed in Version2017.2 
Summary0001952: Update Hyperion v1.2
DescriptionName: Hyperion
Version v1.1
Date: 2014-09-05
Homepage: http://www.nullsecurity.net/tools/binary.html
Download: http://www.nullsecurity.net/tools/binary/Hyperion-1.1.zip
Description:

Hyperion is a runtime encrypter for 32-bit portable executables. It is a reference implementation and bases on the paper "Hyperion: Implementation of a PE-Crypter". The paper describes the implementation details which aren't in the scope of this readme file.

The crypter is a C/C++ project and can be compiled with the corresponding makefile (tested with Mingw and Visual Studio). Afterwards it is started via the command line and encrypts an input executable with AES-128. The encrypted file decrypts itself on startup (bruteforcing the AES key which may take a few seconds) and generates a log file for debug purpose.
Additional Information CHANGELOG:
                                                                   
 v1.1:
 - code cleanup and refactoring (more leightweighted and increased maintainability)
 - change key space size via the command line
 - change key length via the command line
 - disable logfile generation of the container via commandline
 - display verbose informations while running
Attached Files

-Relationships
has duplicate 0002461closedg0tmi1k Hyperion 1.2 is available, stock Kali has 1.0 in windows-binaries folder 
+Relationships

-Notes

~0003093

g0tmi1k (administrator)

v1.2 is now out.
Download: https://github.com/nullsecuritynet/tools/raw/master/binary/hyperion/release/Hyperion-1.2.zip



 v1.2
- added windows 8 and 8.1 support (thx to CoolOppo)

~0006715

sbrun (manager)

do you want a linux binary or a windows binary (or both)?

~0006716

g0tmi1k (administrator)

Last edited: 2017-05-18 12:37

View 2 revisions

Both if possible!

~0006734

sbrun (manager)

version 1.2-0kali2 is in kali-rolling

I didn't find a way to build a linux binary. The windows binary (build with mingw) is in /usr/share/windows-binaries

~0006799

g0tmi1k (administrator)

There is a 'clash' with the "windows-binaries" package:

root@kali:~# ls -lah /usr/share/windows-binaries/*yperion*
-rw-r--r-- 1 root root 254K Aug 16 2016 /usr/share/windows-binaries/Hyperion-1.0.zip
root@kali:~#
root@kali:~# dpkg -S /usr/share/windows-binaries/Hyperion-1.0.zip
windows-binaries: /usr/share/windows-binaries/Hyperion-1.0.zip
root@kali:~#
root@kali:~# apt install hyperion
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
  hyperion
0 upgraded, 1 newly installed, 0 to remove and 394 not upgraded.
Need to get 68.9 kB of archives.
After this operation, 445 kB of additional disk space will be used.
Get:1 http://nl.mirror.babylon.network/kali kali-rolling/main amd64 hyperion all 1.2-0kali2 [68.9 kB]
Fetched 68.9 kB in 1s (66.3 kB/s)
Selecting previously unselected package hyperion.
(Reading database ... 305978 files and directories currently installed.)
Preparing to unpack .../hyperion_1.2-0kali2_all.deb ...
Unpacking hyperion (1.2-0kali2) ...
Setting up hyperion (1.2-0kali2) ...
root@kali:~#
root@kali:~# ls -lah /usr/share/windows-binaries/*yperion*
-rw-r--r-- 1 root root 254K Aug 16 2016 /usr/share/windows-binaries/Hyperion-1.0.zip
-rwxr-xr-x 1 root root 419K May 19 03:34 /usr/share/windows-binaries/hyperion.exe
root@kali:~#

~0006800

g0tmi1k (administrator)

This hasn't been statically compiled:


root@kali:~# wine /usr/share/windows-binaries/hyperion.exe
err:module:import_dll Library libgcc_s_sjlj-1.dll (which is needed by L"Z:\\usr\\share\\windows-binaries\\hyperion.exe") not found
err:module:import_dll Library libstdc++-6.dll (which is needed by L"Z:\\usr\\share\\windows-binaries\\hyperion.exe") not found
err:module:LdrInitializeThunk Main exe initialization for L"Z:\\usr\\share\\windows-binaries\\hyperion.exe" failed, status c0000135
root@kali:~#
root@kali:~#
root@kali:~#
root@kali:~# apt install -y gcc-mingw-w64-i686 g++-mingw-w64-i686
...SNIP...
root@kali:~#
root@kali:~# find / -name libgcc_s_sjlj-1.dll 2>/dev/null
/usr/lib/gcc/i686-w64-mingw32/6.3-win32/libgcc_s_sjlj-1.dll
/usr/lib/gcc/i686-w64-mingw32/6.3-posix/libgcc_s_sjlj-1.dll
root@kali:~#
root@kali:~# cp /usr/lib/gcc/i686-w64-mingw32/6.3-win32/libgcc_s_sjlj-1.dll .
root@kali:~#
root@kali:~# find / -name libstdc++-6.dll 2>/dev/null
/usr/lib/gcc/i686-w64-mingw32/6.3-win32/libstdc++-6.dll
/usr/lib/gcc/i686-w64-mingw32/6.3-posix/libstdc++-6.dll
root@kali:~#
root@kali:~# cp /usr/lib/gcc/i686-w64-mingw32/6.3-win32/libstdc++-6.dll .
root@kali:~#
root@kali:~#
root@kali:~#
root@kali:~# wine /usr/share/windows-binaries/hyperion.exe
Hyperion PE-Crypter
Version 1.2 by Christian Ammann
Http://www.nullsecurity.net

Usage: hyperion.exe <options> <infile> <outfile>
List of available options:
  -k <size> Length of random AES key in bytes.
                 Default value is 6.
  -s <size> Each byte of the key has a range between
                 0 and <size-1>. Default value is 4.
  -l, --logile The packed executable generates a log.txt
               on startup for debugging purpose
  -v, --verbose Print verbose informations while running.
root@kali:~#


- - -


## Solution

root@kali:~# apt-get source hyperion
...SNIP...
root@kali:~# cd hyperion-1.2/
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2# ls
debian Examples Fasm FasmAES-1.0 license.txt Makefile Obj readme.txt Src
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2# make
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/createoutput.o Src/Crypter/createoutput.cpp
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/fileaccess.o Src/Crypter/fileaccess.cpp
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/peanalysis.o Src/Crypter/peanalysis.cpp
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/pe.o Src/Crypter/pe.cpp
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/hyperion.o Src/Crypter/hyperion.cpp
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/ostreamlog.o Src/Crypter/ostreamlog.cpp
i686-w64-mingw32-g++-win32 -o ./hyperion.exe Obj/hyperion.o Obj/pe.o Obj/peanalysis.o Obj/fileaccess.o Obj/createoutput.o Obj/ostreamlog.o
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2# ls
debian Examples Fasm FasmAES-1.0 hyperion.exe license.txt Makefile Obj readme.txt Src
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2# wine hyperion.exe
err:module:import_dll Library libgcc_s_sjlj-1.dll (which is needed by L"Z:\\root\\hyperion-1.2\\hyperion.exe") not found
err:module:import_dll Library libstdc++-6.dll (which is needed by L"Z:\\root\\hyperion-1.2\\hyperion.exe") not found
err:module:LdrInitializeThunk Main exe initialization for L"Z:\\root\\hyperion-1.2\\hyperion.exe" failed, status c0000135
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2# cp Makefile{,.old}
root@kali:~/hyperion-1.2# vim Makefile
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2# diff Makefile*
6d5
< CFLAGS2 = -static-libgcc -static-libstdc++
10c9
< $(CC) $(CFLAGS2) -o $(BIN)/hyperion.exe $(OBJ)/hyperion.o $(OBJ)/pe.o $(OBJ)/peanalysis.o $(OBJ)/fileaccess.o $(OBJ)/createoutput.o $(OBJ)/ostreamlog.o
---
> $(CC) -o $(BIN)/hyperion.exe $(OBJ)/hyperion.o $(OBJ)/pe.o $(OBJ)/peanalysis.o $(OBJ)/fileaccess.o $(OBJ)/createoutput.o $(OBJ)/ostreamlog.o
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2# make clean
rm -f ./hyperion.exe && rm -f Obj/*.o
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2# make
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/createoutput.o Src/Crypter/createoutput.cpp
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/fileaccess.o Src/Crypter/fileaccess.cpp
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/peanalysis.o Src/Crypter/peanalysis.cpp
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/pe.o Src/Crypter/pe.cpp
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/hyperion.o Src/Crypter/hyperion.cpp
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/ostreamlog.o Src/Crypter/ostreamlog.cpp
i686-w64-mingw32-g++-win32 -static-libgcc -static-libstdc++ -o ./hyperion.exe Obj/hyperion.o Obj/pe.o Obj/peanalysis.o Obj/fileaccess.o Obj/createoutput.o Obj/ostreamlog.o
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2# wine hyperion.exe
Hyperion PE-Crypter
Version 1.2 by Christian Ammann
Http://www.nullsecurity.net

Usage: hyperion.exe <options> <infile> <outfile>
List of available options:
  -k <size> Length of random AES key in bytes.
                 Default value is 6.
  -s <size> Each byte of the key has a range between
                 0 and <size-1>. Default value is 4.
  -l, --logile The packed executable generates a log.txt
               on startup for debugging purpose
  -v, --verbose Print verbose informations while running.
root@kali:~/hyperion-1.2#

~0006801

g0tmi1k (administrator)

Patch file

root@kali:~/hyperion-1.2# diff -Naur Makefile.old Makefile
--- Makefile.old 2017-06-08 06:32:15.441281676 -0400
+++ Makefile 2017-06-08 06:32:46.258339834 -0400
@@ -3,10 +3,11 @@
 BIN = .
 OBJ = Obj
 CFLAGS = -ansi -c -Wall -pedantic -O2 -m32
+CFLAGS2 = -static-libgcc -static-libstdc++
 
 .PHONY:all
 all: createoutput.o fileaccess.o peanalysis.o pe.o hyperion.o ostreamlog.o
- $(CC) -o $(BIN)/hyperion.exe $(OBJ)/hyperion.o $(OBJ)/pe.o $(OBJ)/peanalysis.o $(OBJ)/fileaccess.o $(OBJ)/createoutput.o $(OBJ)/ostreamlog.o
+ $(CC) $(CFLAGS2) -o $(BIN)/hyperion.exe $(OBJ)/hyperion.o $(OBJ)/pe.o $(OBJ)/peanalysis.o $(OBJ)/fileaccess.o $(OBJ)/createoutput.o $(OBJ)/ostreamlog.o
          
 createoutput.o: $(SRC)/createoutput.cpp
     $(CC) $(CFLAGS) -o $(OBJ)/createoutput.o $(SRC)/createoutput.cpp
root@kali:~/hyperion-1.2#

~0006802

g0tmi1k (administrator)

Re-opening due to it not being statically compiled as well as package conflicts (windows-binaries)

~0006817

sbrun (manager)

I uploaded a new version 1.2-0kali3 that fixes the issues.
Everything is installed in /usr/share/windows-binaries/hyperion/
It doesn't conflict with the package windows-binaries but I will remove Hyperion in this package since it is packaged separatly.
+Notes

-Issue History
Date Modified Username Field Change
2014-12-11 16:30 g0tmi1k New Issue
2015-02-20 11:28 g0tmi1k Note Added: 0003093
2015-08-03 18:44 g0tmi1k Relationship added has duplicate 0002461
2017-05-16 12:51 sbrun Assigned To => sbrun
2017-05-16 12:51 sbrun Status new => assigned
2017-05-18 12:36 sbrun Note Added: 0006715
2017-05-18 12:37 g0tmi1k Note Added: 0006716
2017-05-18 12:37 g0tmi1k Note Edited: 0006716 View Revisions
2017-05-22 13:33 sbrun Status assigned => resolved
2017-05-22 13:33 sbrun Resolution open => fixed
2017-05-22 13:33 sbrun Note Added: 0006734
2017-06-08 10:06 g0tmi1k Note Added: 0006799
2017-06-08 10:34 g0tmi1k Note Added: 0006800
2017-06-08 10:36 g0tmi1k Status resolved => feedback
2017-06-08 10:36 g0tmi1k Resolution fixed => reopened
2017-06-08 10:36 g0tmi1k Note Added: 0006801
2017-06-08 10:37 g0tmi1k Note Added: 0006802
2017-06-08 10:37 g0tmi1k Status feedback => assigned
2017-06-08 10:47 g0tmi1k Note View State: 0006801: public
2017-06-08 10:47 g0tmi1k Note View State: 0006799: public
2017-06-08 10:47 g0tmi1k Note View State: 0006800: public
2017-06-13 07:15 sbrun Note Added: 0006817
2017-06-15 07:32 sbrun Status assigned => resolved
2017-06-15 07:32 sbrun Resolution reopened => fixed
2017-06-15 09:43 g0tmi1k Fixed in Version => 2017.2
2017-06-15 09:43 g0tmi1k Summary Hyperion v1.1 => Update Hyperion v1.2
2017-06-15 09:45 g0tmi1k Category New Tool Requests => Tool Upgrade
+Issue History