Avcleaner – C/C++ Source Obfuscator For Antivirus Bypass

~ Dade Murphy

KitPloit – PenTest Tools!–

C/C++ source obfuscator for antivirus bypass.

Build

docker build . -t avcleaner
docker run -v ~/dev/scrt/avcleaner:/home/toto -it avcleaner bash #adapt ~/dev/scrt/avcleaner to the path where you cloned avcleaner
sudo pacman -Syu
mkdir CMakeBuild && cd CMakeBuild
cmake ..
make -j 2
./avcleaner.bin --help

Usage
For simple programs, this is as easy as:

avcleaner.bin test/strings_simplest.c --strings=true --

However, you should know that you’re using a compiler frontend, which can only work well if you give it the path to ALL the includes required to build your project. As an example, test/string_simplest.c includes headers from the WinSDK, and the script run_example.sh shows how to handle such scenarios.

Common errors

CommandLine Error: Option 'non-global-value-max-name-size' registered more than once! LLVM ERROR: inconsistency in registered CommandLine options

In case you encounter this error, please use CMakeLists_archlinux.txt instead of CMakeLists.txt and it shoud go away.

View original article on KitPloit – PenTest Tools!

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s