5 - On Cross Compilation

Topics

  1. Introduction to the Windows Shells

  2. Windows Permissions

  3. Reverse Shells in Windows

  4. SeImpersonatePrivilege Exploitation

  5. On Cross Compilation

  6. Windows Services

  7. Weak Service Permissions

  8. Unquoted Service Path

  9. DLL Hijacking

  10. Always Install Elevated

  11. Files with Sensitive Data

  12. Windows Hashes

  13. Stored Credentials and the Windows Vault

  14. Scheduled Task

  15. Critical Registry Paths

  16. Useful Tools

  17. AMSI Bypass

On Compilation

Compilation is the process of translating source code written in a high-level programming language (e.g., C, C++, Python) into machine code that can execute on a specific CPU architecture.

Overview of the Compilation Process

Source code -> Compilation -> Binary

Binaries generated through compilation are tailored for a specific environment, which includes:

  • Hardware Architecture: The type of CPU (e.g., x86, ARM, MIPS).

  • Operating System: The platform (e.g., Windows, Linux, macOS).

  • User-Space Programs and Configurations: Dependencies, libraries, or runtime environments.

Modern compilation often involves several stages, such as preprocessing, parsing, optimization, and code generation, to produce efficient executables.


On Cross Compilation

Cross compilation refers to compiling source code on one system (the "host") to produce binaries for another system (the "target"). This technique is essential when the target environment differs from the host, such as:

  • Developing software for embedded systems (e.g., IoT devices).

  • Compiling Windows binaries on a Linux system.

This process requires a cross-compiler, which is a compiler configured to generate code for the target platform.


Compiling for Windows on Linux

Practical Example - Scenario

You are running Linux (which uses the ELF binary format) and need to compile a program to run on a Windows machine (which uses the PE binary format).

Key Binary Formats

  • ELF: Executable and Linkable Format (used on Linux).

  • PE: Portable Executable (used on Windows).

Example Source Code

Here is a simple hello.c program:

#include <stdio.h>

int main(void) {
    printf("Hello World!\n");
    return 0;
}

Compiling for the Host Environment (Linux)

If you compile this code on Linux using gcc, the output will be an ELF binary:

gcc hello.c -o hello

Check the binary format:

file hello

Output:

hello: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 4.4.0, not stripped

This binary will not work on a Windows machine.


Cross-Compiling for the Target Environment (Windows)

To compile for Windows, you need a cross-compiler such as mingw-w64. Install it on your Linux system:

sudo apt install mingw-w64      #debian/ubuntu
sudo pacman -S mingw-w64-gcc    #archlinux

Compile the program for Windows using the x86_64-w64-mingw32-g++ compiler:

x86_64-w64-mingw32-g++ hello.c -static -o hello.exe
  • Use x86_64-w64-mingw32-g++ for 64-bit architectures.

  • Use i686-w64-mingw32-gcc for 32-bit architectures.

Check the binary format of the output:

file hello.exe

Output:

hello.exe: PE32+ executable (console) x86-64, for MS Windows, 20 sections

Transferring the Compiled Binary

Once the binary is ready, transfer it to the target Windows machine.

  1. Using Netcat: On the Linux machine:

    nc -lvnp 4321 < hello.exe

    On the Windows machine:

    nc64.exe 192.168.122.1 4321 > hello.exe
  2. Alternative Methods:

    • Use scp for secure transfer.

    • Host an HTTP server on Linux (e.g., python3 -m http.server) and download the file on Windows.

Disclaimer

❗ Never use tools and techniques on real IP addresses, hosts or networks without proper authorization!

Last updated