Added C++ redistributable required for windows and brought back UPX

2019-10-07 09:53:18 +03:00 · 2019-10-07 09:53:18 +03:00 · dff71eabc4
parent 97542107dc
commit dff71eabc4
3 changed files with 25 additions and 0 deletions
--- a/deployment_scripts/config.ps1
+++ b/deployment_scripts/config.ps1
@ -29,13 +29,18 @@ $MK64_DLL = "mk64.zip"
 $TEMP_PYTHON_INSTALLER = ".\python.exe"
 $TEMP_MONGODB_ZIP = ".\mongodb.zip"
 $TEMP_OPEN_SSL_ZIP = ".\openssl.zip"
+$TEMP_CPP_INSTALLER = "cpp.exe"
 $TEMP_NPM_INSTALLER = "node.msi"
 $TEMP_PYWIN32_INSTALLER = "pywin32.exe"
+$TEMP_UPX_ZIP = "upx.zip"
+$UPX_FOLDER = "upx394w"

 # Other url's
 $MONGODB_URL = "https://downloads.mongodb.org/win32/mongodb-win32-x86_64-2008plus-ssl-latest.zip"
 $OPEN_SSL_URL = "https://indy.fulgan.com/SSL/Archive/openssl-1.0.2l-i386-win32.zip"
+$CPP_URL = "https://go.microsoft.com/fwlink/?LinkId=746572"
 $NPM_URL = "https://nodejs.org/dist/v10.13.0/node-v10.13.0-x64.msi"
 $PYWIN32_URL = "https://github.com/mhammond/pywin32/releases/download/b225/pywin32-225.win-amd64-py3.7.exe"
 $MK32_DLL_URL = "https://github.com/guardicore/mimikatz/releases/download/1.1.0/mk32.zip"
 $MK64_DLL_URL = "https://github.com/guardicore/mimikatz/releases/download/1.1.0/mk64.zip"
+$UPX_URL = "https://github.com/upx/upx/releases/download/v3.94/upx394w.zip"
--- a/deployment_scripts/deploy_windows.ps1
+++ b/deployment_scripts/deploy_windows.ps1
@ -107,6 +107,12 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName,
    "Removing zip file"
    Remove-Item $TEMP_OPEN_SSL_ZIP

+    # Download and install C++ redistributable
+    "Downloading C++ redistributable ..."
+    $webClient.DownloadFile($CPP_URL, $TEMP_CPP_INSTALLER)
+    Start-Process -Wait $TEMP_CPP_INSTALLER -ErrorAction Stop
+    Remove-Item $TEMP_CPP_INSTALLER
+
    # Generate ssl certificate
    "Generating ssl certificate"
    Push-Location -Path (Join-Path -Path $monkey_home -ChildPath $MONKEY_ISLAND_DIR)
@ -158,6 +164,19 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName,
    $binDir = (Join-Path -Path $monkey_home -ChildPath $MONKEY_DIR | Join-Path -ChildPath "\bin")
    New-Item -ItemType directory -path $binaries -ErrorAction SilentlyContinue

+    # Download upx
+    if(!(Test-Path -Path (Join-Path -Path $binDir -ChildPath "upx.exe") )){
+        "Downloading upx ..."
+        $webClient.DownloadFile($UPX_URL, $TEMP_UPX_ZIP)
+        "Unzipping upx"
+        Expand-Archive $TEMP_UPX_ZIP -DestinationPath $binDir -ErrorAction SilentlyContinue
+        Move-Item -Path (Join-Path -Path $binDir -ChildPath $UPX_FOLDER | Join-Path -ChildPath "upx.exe") -Destination $binDir
+        # Remove unnecessary files
+        Remove-Item -Recurse -Force (Join-Path -Path $binDir -ChildPath $UPX_FOLDER)
+        "Removing zip file"
+        Remove-Item $TEMP_UPX_ZIP
+    }
+
    # Download mimikatz binaries
    $mk32_path = Join-Path -Path $binDir -ChildPath $MK32_DLL
    if(!(Test-Path -Path $mk32_path )){
--- a/monkey/infection_monkey/monkey.spec
+++ b/monkey/infection_monkey/monkey.spec
@ -38,6 +38,7 @@ def main():
              debug=False,
              strip=get_exe_strip(),
              upx=True,
+              upx_exclude=['vcruntime140.dll'],
              console=True,
              icon=get_exe_icon())