Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

COFFLoader x86 release 1.0.14 uses libgcc_s_dw2-1.dll #1716

Open
ljgs-git opened this issue Jun 12, 2024 · 1 comment
Open

COFFLoader x86 release 1.0.14 uses libgcc_s_dw2-1.dll #1716

ljgs-git opened this issue Jun 12, 2024 · 1 comment
Labels
armory

Comments

@ljgs-git
Copy link

Describe the bug
Trying to use Coffloader (or any BOF-Extension) on x86 Windows will fail as sliver tries to load an unknown module (libgcc_s_dw2-1.dll) and errors.

To Reproduce
Steps to reproduce the behavior:

  1. run coffloader on a session on x86 windows

Expected behavior
Coffloader runs normally.

Objdump
Working x64

└─$ objdump -x COFFLoader.x64.dll | grep dll
COFFLoader.x64.dll:     file format pei-x86-64
COFFLoader.x64.dll
        DLL Name: ADVAPI32.dll
        DLL Name: KERNEL32.dll
        DLL Name: msvcrt.dll
Name                            000000000000f032 COFFLoader.x64.dll
[  0](sec -2)(fl 0x00)(ty    0)(scl 103) (nx 1) 0x000000000000003a crtdll.c
[ 22](sec  3)(fl 0x00)(ty    0)(scl   3) (nx 1) 0x0000000000000830 .rdata$.refptr.__native_dllmain_reason
[ 75](sec -2)(fl 0x00)(ty    0)(scl 103) (nx 1) 0x000000000000005b dll.c
[499](sec -2)(fl 0x00)(ty    0)(scl 103) (nx 1) 0x000000000000020f dllentry.c
[1520](sec -1)(fl 0x00)(ty    0)(scl   2) (nx 0) 0x0000000000000160 __dll_characteristics__
[1523](sec  2)(fl 0x00)(ty    0)(scl   2) (nx 0) 0x0000000000000000 __mingw_module_is_dll
[1574](sec -1)(fl 0x00)(ty    0)(scl   2) (nx 0) 0x0000000000000000 __dll__
[1582](sec  2)(fl 0x00)(ty    0)(scl   2) (nx 0) 0x0000000000000234 __native_dllmain_reason
[1689](sec  3)(fl 0x00)(ty    0)(scl   2) (nx 0) 0x0000000000000830 .refptr.__native_dllmain_reason

Broken x86

└─$ objdump -x COFFLoader.x86.dll | grep dll
COFFLoader.x86.dll:     file format pei-i386
COFFLoader.x86.dll
        DLL Name: ADVAPI32.dll
        DLL Name: KERNEL32.dll
        DLL Name: msvcrt.dll
        DLL Name: libgcc_s_dw2-1.dll
Name                            0000d032 COFFLoader.x86.dll
[  0](sec -2)(fl 0x00)(ty    0)(scl 103) (nx 1) 0x00000024 crtdll.c
[ 56](sec -2)(fl 0x00)(ty    0)(scl 103) (nx 1) 0x00000046 dll.c
[439](sec -2)(fl 0x00)(ty    0)(scl 103) (nx 1) 0x000001cf dllentry.c
[1505](sec -1)(fl 0x00)(ty    0)(scl   2) (nx 0) 0x00000140 __dll_characteristics__
[1540](sec  7)(fl 0x00)(ty    0)(scl   2) (nx 0) 0x00000688 _libgcc_s_dw2_1_dll_iname
[1553](sec -1)(fl 0x00)(ty    0)(scl   2) (nx 0) 0x00000000 __dll__
[1614](sec  7)(fl 0x00)(ty    0)(scl   2) (nx 0) 0x0000003c __head_libgcc_s_dw2_1_dll
[1649](sec  2)(fl 0x00)(ty    0)(scl   2) (nx 0) 0x00000000 ___mingw_module_is_dll
[1651](sec  2)(fl 0x00)(ty    0)(scl   2) (nx 0) 0x00000148 ___native_dllmain_reason
@ljgs-git
Copy link
Author

Seems to be a build pipeline issue. I built the 1.0.14 on my machine and the library is not linked. Maybe try rebuilduing it?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
armory
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rkervella @ljgs-git