View Issue Details

IDProjectCategoryView StatusLast Update
0001952Kali LinuxTool Upgrade Requestpublic2017-06-15 09:45
Reporterg0tmi1k Assigned Tosbrun  
PrioritynormalSeverityminorReproducibilityhave not tried
Status resolvedResolutionfixed 
Fixed in Version2017.2 
Summary0001952: Update Hyperion v1.2
Description

Name: Hyperion
Version v1.1
Date: 2014-09-05
Homepage: http://www.nullsecurity.net/tools/binary.html
Download: http://www.nullsecurity.net/tools/binary/Hyperion-1.1.zip
Description:

Hyperion is a runtime encrypter for 32-bit portable executables. It is a reference implementation and bases on the paper "Hyperion: Implementation of a PE-Crypter". The paper describes the implementation details which aren't in the scope of this readme file.

The crypter is a C/C++ project and can be compiled with the corresponding makefile (tested with Mingw and Visual Studio). Afterwards it is started via the command line and encrypts an input executable with AES-128. The encrypted file decrypts itself on startup (bruteforcing the AES key which may take a few seconds) and generates a log file for debug purpose.

Additional Information

CHANGELOG:

v1.1:

  • code cleanup and refactoring (more leightweighted and increased maintainability)
  • change key space size via the command line
  • change key length via the command line
  • disable logfile generation of the container via commandline
  • display verbose informations while running

Relationships

has duplicate 0002461 closedg0tmi1k Hyperion 1.2 is available, stock Kali has 1.0 in windows-binaries folder 

Activities

g0tmi1k

g0tmi1k

2015-02-20 11:28

administrator   ~0003093

v1.2 is now out.
Download: https://github.com/nullsecuritynet/tools/raw/master/binary/hyperion/release/Hyperion-1.2.zip

v1.2

  • added windows 8 and 8.1 support (thx to CoolOppo)
sbrun

sbrun

2017-05-18 12:36

manager   ~0006715

do you want a linux binary or a windows binary (or both)?

g0tmi1k

g0tmi1k

2017-05-18 12:37

administrator   ~0006716

Last edited: 2017-05-18 12:37

Both if possible!

sbrun

sbrun

2017-05-22 13:33

manager   ~0006734

version 1.2-0kali2 is in kali-rolling

I didn't find a way to build a linux binary. The windows binary (build with mingw) is in /usr/share/windows-binaries

g0tmi1k

g0tmi1k

2017-06-08 10:06

administrator   ~0006799

There is a 'clash' with the "windows-binaries" package:

root@kali:~# ls -lah /usr/share/windows-binaries/yperion
-rw-r--r-- 1 root root 254K Aug 16 2016 /usr/share/windows-binaries/Hyperion-1.0.zip
root@kali:~#
root@kali:~# dpkg -S /usr/share/windows-binaries/Hyperion-1.0.zip
windows-binaries: /usr/share/windows-binaries/Hyperion-1.0.zip
root@kali:~#
root@kali:~# apt install hyperion
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
hyperion
0 upgraded, 1 newly installed, 0 to remove and 394 not upgraded.
Need to get 68.9 kB of archives.
After this operation, 445 kB of additional disk space will be used.
Get:1 http://nl.mirror.babylon.network/kali kali-rolling/main amd64 hyperion all 1.2-0kali2 [68.9 kB]
Fetched 68.9 kB in 1s (66.3 kB/s)
Selecting previously unselected package hyperion.
(Reading database ... 305978 files and directories currently installed.)
Preparing to unpack .../hyperion_1.2-0kali2_all.deb ...
Unpacking hyperion (1.2-0kali2) ...
Setting up hyperion (1.2-0kali2) ...
root@kali:~#
root@kali:~# ls -lah /usr/share/windows-binaries/yperion
-rw-r--r-- 1 root root 254K Aug 16 2016 /usr/share/windows-binaries/Hyperion-1.0.zip
-rwxr-xr-x 1 root root 419K May 19 03:34 /usr/share/windows-binaries/hyperion.exe
root@kali:~#

g0tmi1k

g0tmi1k

2017-06-08 10:34

administrator   ~0006800

This hasn't been statically compiled:

root@kali:~# wine /usr/share/windows-binaries/hyperion.exe
err:module:import_dll Library libgcc_s_sjlj-1.dll (which is needed by L"Z:\usr\share\windows-binaries\hyperion.exe") not found
err:module:import_dll Library libstdc++-6.dll (which is needed by L"Z:\usr\share\windows-binaries\hyperion.exe") not found
err:module:LdrInitializeThunk Main exe initialization for L"Z:\usr\share\windows-binaries\hyperion.exe" failed, status c0000135
root@kali:~#
root@kali:~#
root@kali:~#
root@kali:~# apt install -y gcc-mingw-w64-i686 g++-mingw-w64-i686
...SNIP...
root@kali:~#
root@kali:~# find / -name libgcc_s_sjlj-1.dll 2>/dev/null
/usr/lib/gcc/i686-w64-mingw32/6.3-win32/libgcc_s_sjlj-1.dll
/usr/lib/gcc/i686-w64-mingw32/6.3-posix/libgcc_s_sjlj-1.dll
root@kali:~#
root@kali:~# cp /usr/lib/gcc/i686-w64-mingw32/6.3-win32/libgcc_s_sjlj-1.dll .
root@kali:~#
root@kali:~# find / -name libstdc++-6.dll 2>/dev/null
/usr/lib/gcc/i686-w64-mingw32/6.3-win32/libstdc++-6.dll
/usr/lib/gcc/i686-w64-mingw32/6.3-posix/libstdc++-6.dll
root@kali:~#
root@kali:~# cp /usr/lib/gcc/i686-w64-mingw32/6.3-win32/libstdc++-6.dll .
root@kali:~#
root@kali:~#
root@kali:~#
root@kali:~# wine /usr/share/windows-binaries/hyperion.exe
Hyperion PE-Crypter
Version 1.2 by Christian Ammann
Http://www.nullsecurity.net

Usage: hyperion.exe <options> <infile> <outfile>
List of available options:
-k <size> Length of random AES key in bytes.
Default value is 6.
-s <size> Each byte of the key has a range between
0 and <size-1>. Default value is 4.
-l, --logile The packed executable generates a log.txt
on startup for debugging purpose
-v, --verbose Print verbose informations while running.
root@kali:~#


Solution

root@kali:~# apt-get source hyperion
...SNIP...
root@kali:~# cd hyperion-1.2/
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2# ls
debian Examples Fasm FasmAES-1.0 license.txt Makefile Obj readme.txt Src
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2# make
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/createoutput.o Src/Crypter/createoutput.cpp
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/fileaccess.o Src/Crypter/fileaccess.cpp
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/peanalysis.o Src/Crypter/peanalysis.cpp
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/pe.o Src/Crypter/pe.cpp
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/hyperion.o Src/Crypter/hyperion.cpp
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/ostreamlog.o Src/Crypter/ostreamlog.cpp
i686-w64-mingw32-g++-win32 -o ./hyperion.exe Obj/hyperion.o Obj/pe.o Obj/peanalysis.o Obj/fileaccess.o Obj/createoutput.o Obj/ostreamlog.o
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2# ls
debian Examples Fasm FasmAES-1.0 hyperion.exe license.txt Makefile Obj readme.txt Src
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2# wine hyperion.exe
err:module:import_dll Library libgcc_s_sjlj-1.dll (which is needed by L"Z:\root\hyperion-1.2\hyperion.exe") not found
err:module:import_dll Library libstdc++-6.dll (which is needed by L"Z:\root\hyperion-1.2\hyperion.exe") not found
err:module:LdrInitializeThunk Main exe initialization for L"Z:\root\hyperion-1.2\hyperion.exe" failed, status c0000135
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2# cp Makefile{,.old}
root@kali:~/hyperion-1.2# vim Makefile
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2# diff Makefile*
6d5
< CFLAGS2 = -static-libgcc -static-libstdc++
10c9
< $(CC) $(CFLAGS2) -o $(BIN)/hyperion.exe $(OBJ)/hyperion.o $(OBJ)/pe.o $(OBJ)/peanalysis.o $(OBJ)/fileaccess.o $(OBJ)/createoutput.o $(OBJ)/ostreamlog.o

$(CC) -o $(BIN)/hyperion.exe $(OBJ)/hyperion.o $(OBJ)/pe.o $(OBJ)/peanalysis.o $(OBJ)/fileaccess.o $(OBJ)/createoutput.o $(OBJ)/ostreamlog.o
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2# make clean
rm -f ./hyperion.exe && rm -f Obj/*.o
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2# make
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/createoutput.o Src/Crypter/createoutput.cpp
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/fileaccess.o Src/Crypter/fileaccess.cpp
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/peanalysis.o Src/Crypter/peanalysis.cpp
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/pe.o Src/Crypter/pe.cpp
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/hyperion.o Src/Crypter/hyperion.cpp
i686-w64-mingw32-g++-win32 -ansi -c -Wall -pedantic -O2 -m32 -o Obj/ostreamlog.o Src/Crypter/ostreamlog.cpp
i686-w64-mingw32-g++-win32 -static-libgcc -static-libstdc++ -o ./hyperion.exe Obj/hyperion.o Obj/pe.o Obj/peanalysis.o Obj/fileaccess.o Obj/createoutput.o Obj/ostreamlog.o
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2#
root@kali:~/hyperion-1.2# wine hyperion.exe
Hyperion PE-Crypter
Version 1.2 by Christian Ammann
Http://www.nullsecurity.net

Usage: hyperion.exe <options> <infile> <outfile>
List of available options:
-k <size> Length of random AES key in bytes.
Default value is 6.
-s <size> Each byte of the key has a range between
0 and <size-1>. Default value is 4.
-l, --logile The packed executable generates a log.txt
on startup for debugging purpose
-v, --verbose Print verbose informations while running.
root@kali:~/hyperion-1.2#

g0tmi1k

g0tmi1k

2017-06-08 10:36

administrator   ~0006801

Patch file

root@kali:~/hyperion-1.2# diff -Naur Makefile.old Makefile
--- Makefile.old 2017-06-08 06:32:15.441281676 -0400
+++ Makefile 2017-06-08 06:32:46.258339834 -0400
@@ -3,10 +3,11 @@
BIN = .
OBJ = Obj
CFLAGS = -ansi -c -Wall -pedantic -O2 -m32
+CFLAGS2 = -static-libgcc -static-libstdc++

.PHONY:all
all: createoutput.o fileaccess.o peanalysis.o pe.o hyperion.o ostreamlog.o

  • $(CC) -o $(BIN)/hyperion.exe $(OBJ)/hyperion.o $(OBJ)/pe.o $(OBJ)/peanalysis.o $(OBJ)/fileaccess.o $(OBJ)/createoutput.o $(OBJ)/ostreamlog.o
  • $(CC) $(CFLAGS2) -o $(BIN)/hyperion.exe $(OBJ)/hyperion.o $(OBJ)/pe.o $(OBJ)/peanalysis.o $(OBJ)/fileaccess.o $(OBJ)/createoutput.o $(OBJ)/ostreamlog.o

    createoutput.o: $(SRC)/createoutput.cpp
    $(CC) $(CFLAGS) -o $(OBJ)/createoutput.o $(SRC)/createoutput.cpp
    root@kali:~/hyperion-1.2#

g0tmi1k

g0tmi1k

2017-06-08 10:37

administrator   ~0006802

Re-opening due to it not being statically compiled as well as package conflicts (windows-binaries)

sbrun

sbrun

2017-06-13 07:15

manager   ~0006817

I uploaded a new version 1.2-0kali3 that fixes the issues.
Everything is installed in /usr/share/windows-binaries/hyperion/
It doesn't conflict with the package windows-binaries but I will remove Hyperion in this package since it is packaged separatly.

Issue History

Date Modified Username Field Change
2014-12-11 16:30 g0tmi1k New Issue
2015-02-20 11:28 g0tmi1k Note Added: 0003093
2015-08-03 18:44 g0tmi1k Relationship added has duplicate 0002461
2017-05-16 12:51 sbrun Assigned To => sbrun
2017-05-16 12:51 sbrun Status new => assigned
2017-05-18 12:36 sbrun Note Added: 0006715
2017-05-18 12:37 g0tmi1k Note Added: 0006716
2017-05-18 12:37 g0tmi1k Note Edited: 0006716
2017-05-22 13:33 sbrun Status assigned => resolved
2017-05-22 13:33 sbrun Resolution open => fixed
2017-05-22 13:33 sbrun Note Added: 0006734
2017-06-08 10:06 g0tmi1k Note Added: 0006799
2017-06-08 10:34 g0tmi1k Note Added: 0006800
2017-06-08 10:36 g0tmi1k Status resolved => feedback
2017-06-08 10:36 g0tmi1k Resolution fixed => reopened
2017-06-08 10:36 g0tmi1k Note Added: 0006801
2017-06-08 10:37 g0tmi1k Note Added: 0006802
2017-06-08 10:37 g0tmi1k Status feedback => assigned
2017-06-08 10:47 g0tmi1k Note View State: 0006801: public
2017-06-08 10:47 g0tmi1k Note View State: 0006799: public
2017-06-08 10:47 g0tmi1k Note View State: 0006800: public
2017-06-13 07:15 sbrun Note Added: 0006817
2017-06-15 07:32 sbrun Status assigned => resolved
2017-06-15 07:32 sbrun Resolution reopened => fixed
2017-06-15 09:43 g0tmi1k Fixed in Version => 2017.2
2017-06-15 09:43 g0tmi1k Summary Hyperion v1.1 => Update Hyperion v1.2
2017-06-15 09:45 g0tmi1k Category New Tool Requests => Tool Upgrade
2021-05-31 13:37 rhertzog Category Tool Upgrade => Tool Upgrade Request