inceptor
inceptor copied to clipboard
klezVirus
No template found with given criteria
Describe the bug I am trying to build using a provided example for syscalls and unhooking. Inceptor errors that "No template found with given criteria".
To Reproduce Steps to reproduce the behavior (at least the command line used):
- example:
python inceptor.py native -m unhook -m syscalls C:\path\test.raw -o C:\path\inceptor_x64.exe
The .exe will build if I specify -P for process injection templates, but the produced .exe errors out with:
[-] Missing PID... Finding... [-] Process not found
Expected behavior Expect the syscalls and unhook exe to be built and run, do i need to specify a template?
Screenshots If applicable, add screenshots to help explain your problem.
Debug Info:
- Go to your config.ini file
- In DEBUG, mark all as 1
- Reproduce the bug again
- Paste the output given by the tool
Complete! Files written to:
C:\Users\Administrator\Desktop\inceptor\inceptor\temp\tmpjilv_sh1.h
C:\Users\Administrator\Desktop\inceptor\inceptor\temp\tmpjilv_sh1.c
C:\Users\Administrator\Desktop\inceptor\inceptor\temp\tmpjilv_sh1_.asm
[-] Compiler: File C:\Users\Administrator\Desktop\inceptor\inceptor\temp\tmpjilv_sh1.asm not found
"C:\Program Files (x86)\Microsoft Visual Studio\2019\BuildTools\VC\Tools\MSVC\14.29.30133\bin\Hostx64\x64\ml64.exe" /c /nologo /Zi /Fo"C:\Users\Administrator\Desktop\inceptor\inceptor\temp\tmpjilv_sh1.0.obj" /W3 /errorReport:prompt /Ta
[-] Error: MASM : fatal error A1023:command-line option requires an argument : /Ta
Traceback (most recent call last):
File "C:\Users\Administrator\Desktop\inceptor\inceptor\compilers\Compiler.py", line 66, in compile
output = subprocess.check_output(cmd, stderr=subprocess.STDOUT)
File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\subprocess.py", line 424, in check_output
return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\subprocess.py", line 528, in run
raise CalledProcessError(retcode, process.args,
subprocess.CalledProcessError: Command '"C:\Program Files (x86)\Microsoft Visual Studio\2019\BuildTools\VC\Tools\MSVC\14.29.30133\bin\Hostx64\x64\ml64.exe" /c /nologo /Zi /Fo"C:\Users\Administrator\Desktop\inceptor\inceptor\temp\tmpjilv_sh1.0.obj" /W3 /errorReport:prompt /Ta ' returned non-zero exit status 1.
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Users\Administrator\Desktop\inceptor\inceptor\engine\modules\TemplateModule.py", line 84, in from_name
_instance = _class(kwargs=kwargs['kwargs'])
File "C:\Users\Administrator\Desktop\inceptor\inceptor\engine\modules\SyscallsModule.py", line 46, in __init__
self.build(kwargs=kwargs)
File "C:\Users\Administrator\Desktop\inceptor\inceptor\engine\modules\SyscallsModule.py", line 84, in build
masm.compile([f"{syscalls_basepath}.asm"])
File "C:\Users\Administrator\Desktop\inceptor\inceptor\compilers\Compiler.py", line 73, in compile
raise Exception("Compiler Error")
Exception: Compiler Error
[-] No template found with given criteria
Additional context Add any other context about the problem here.
Hi @rundro, the issue you're getting is due to the lack of a default syscall based template for self-injection or code-execution (whatever you want to call it).
Indeed, as you already experienced, it works with the -P flag. The output message your getting is not really an error, it just means you need to pass a target PID to the program to perform a code injection. You can also specify -P -PN <process-image-name> to use the "find process" functionality.
Regarding the error you pasted: that is unrelated, you can fix it by running the tool a second time. I'll explain briefly why it happens. For some reason, having an underscore in the temp filename breaks the tool execution flow. I've fixed it in branch but forgot to merge the fix into main. Thanks for the reminder! xD
