-i No icon on the output

Question

-i No icon on the output

Closed this issue 5 years ago · 2 comments

Hi,
First I have to tell a lot of thanks for sharing this awesome tool.
Works really great but I have a problem with the -i command.
When I use ./tvasion.ps1 -t exe /mypayload.exe -i /myicon.ico -o /home/Desktop the icon is never set to the generated output file. What’s the problem and how can I solve it?
Is this the right way to do it ?

I’m on Debian Kali-Linux 2019.2 or maybe .3 don’t really know

Answer 1 · 2019-09-18T07:17:40.000Z

Thanks for reporting.

Can you post tvasion / error ouput?
Is your icon file valid?
You already checked if mono mcs -win32icon: compiler option is working?

You can check source also. Maybe do output at line ~ 420 in tvasion.ps1 see this:

        # use icon for executable if set
        if (!$this.iconPath -eq "") {
            $this.iconPath = "-win32icon:`"$($this.iconPath)`"";
        }

change to this:

        # use icon for executable if set
        if (!$this.iconPath -eq "") {
            $this.iconPath = "-win32icon:`"$($this.iconPath)`"";
            write-host $this.iconPath;
        }

I rechecked this:

Icon seems to appear for me on all test systems.

I checked your github account. So...
The icon doesn't appear if you use a Windows system to view executable file?

So I'm not sure what you doing...
Maybe try this and recheck icon on windows:

./tvasion.ps1 -t exe ./mypayload.exe -i  -i tests/ghost.ico

In this case mypayload.exe need to be in tvasion root directory and output is generated in ./output .

Keep in mind that this AV evasion makes sense if you change template only.
Please do not use tvasion if your not able to create your own template file. There's no auto awesomeness included at the moment.

Answer 2 · 2019-09-18T11:08:58.000Z

Hi, thanks for the reply.
I use tvasion on Debian and checked the .exe output on Windows 10 x64 VM in VirtualBox.
I never check if mono mcs -win32icon: was working before but I know my icon file is valid.

Here's what I type in terminal to generate a exe file

./tvasion.ps1 -t exe /home/Debian/Bureau/MyPayload.exe -i /home/Debian/Téléchargements/yygf9ndq_400x400_wLe_icon.ico -o /home/Debian/Bureau/ -d where -d as you know is only to generate debug for me to see what's happn and how it's work.

Here's what tvasion tell me generating output :

/home/Debian/Bureau//82e63a54a5_DEBUG.cs(127,20): warning CS0219: The variable z' is assigned but its value is never used
/home/Debian/Bureau//82e63a54a5_DEBUG.cs(384,28): warning CS0219: The variable ntHeadersSignature' is assigned but its value is never used -win32icon:"/home/Debian/Téléchargements/yygf9ndq_400x400_wLe_icon.ico" tvasion: payload written to file: /home/Debian/Bureau//82e63a54a5.exe

After changing this:

# use icon for executable if set if (!$this.iconPath -eq "") { $this.iconPath = "-win32icon:"$($this.iconPath)""; }

to this:

# use icon for executable if set if (!$this.iconPath -eq "") { $this.iconPath = "-win32icon:"$($this.iconPath)""; write-host $this.iconPath; }

It works great. A lof of thaks. I can close the issue.

As you said, I understand I need to change template but I'm not very friendly with it. I'm not here to play with your tool but to learn and i'm tryng to understand how it works.

Anyway, great tool, going to learn a lot with it.