Compiling Exploits

Compiling Exploits:

In certain cases, exploit code will be developed in C/C++/C#, as a result, you will need to compile the exploit code in to a PE (Portable Executable) or binary.

When compiling try to compile a 32 bit exploit so it will run on both systems archs, unless otherwise.

Cross Compilation Exploits:

Cross-Compiling is the process of compiling code for a platform other than the one performing the compilation.
What this mean is that most of the times we use Kali Linux machine to do pentests so when there's a target that's Windows or any other system other than Linux we want to compile the exploit to the target system.

Tools:

1. Minge-w64

creates microsoft windows Portable Executable (PE) Applications on Linux.
Targets 32/64-bit Windows Systems.

To install sudo apt install mingw-w64

How to compile a 32-bit exploit:

i686-w64-mingw32-gcc <target_exploit> -o <output_name> -<specify_32-bit>

E.g.

i686-w64-mingw32-gcc 9303.c -o exploit -lws2_32

How to compile a 64-bit exploit:

i686-w64-mingw32-gcc <target_exploit> -o <output_name>

E.g.

i686-w64-mingw32-gcc 9303.c -o exploit

2. gcc

GNU Compiler Collection is an Open-Source compiler used to compile C/C++ code or Linux Exploits

E.g Compiling Dirty Cow Exploit:

This exploit has a very good guide on how to compile it.... (Its an ELF binary which means it can only be run on Linux systems)
https://www.exploit-db.com/exploits/40839

Compilation Intruction:

gcc -pthread 40839.c -o exploit -lcrypt

3. Precompiled Binaries

:LiGithub: https://gitlab.com/exploit-database/exploitdb-bin-sploits