Hi,
I’ve downloaded the latest LLVM 18 release from GitHub, tried to make a simple cmd script to make a .bin file, but that didn’t work:
code.c:
typedef void *(__stdcall *GetProcAddress_t)(void *hModule, const char *symbol);
typedef int (__stdcall *MessageBoxA_t)(void *hWnd, const char *text, const char *cap, unsigned type);
// ideally should be the first thing in the file (offs=0)
void _start(GetProcAddress_t gpa) {
char user32[] = "user32.dll"; // will be preloaded before this is called
char msgboxa[] = "MessageBoxA";
char text[] = "hi";
char cap[] = "lolwut";
MessageBoxA_t MessageBoxA = gpa(user32, msgboxa);
MessageBoxA(0, text, cap, 0);
}
make.cmd:
@echo off
set LLVM_PATH=D:\SDK\LLVM1812\bin
set CC=%LLVM_PATH%\clang
set LD=%LLVM_PATH%\ld.lld
%CC% code.c -v -nostdlib -target x86_64-windows-gnu -fPIC -fpie -fuse-ld=lld -o code.bin
:: %LD% code.o --oformat binary -o code.bin
clang complains about “mainCRTStartup”, which is the entrypoint of MSVC applications, ok, I can always rename _start to that. Even though I don’t really care about any MSVC libraries here, nor do I need a CRT in this payload.
But even after renaming, lld complains that “oformat” is apparently an unknown argument, even though it’s listed in --help. When I try to call lld separately of clang (through -c and then lld) it complains that the input format of an object isn’t known.
Is there a way to force clang into generating flat raw binary code files for Win64?