A mistake inside the lesson "Cross-Compiling Exploits"


Inside the lesson “Cross-Compiling Exploits”, course “Host & Network Penetration Testing: Exploitation”, learning path Penetration Testing Student v2, area Cyber Security, it is mistakenly reported that the compiler i686-w64-mingw32-gcc compiles for default in 64-bit.

i686-w64-mingw32-gcc just compiles in 32-bit, and this is easily demonstrated running “readpe” software (to install it in Kali Linux: sudo apt-get install pev). For example, if you try to run the following commands in order to compile a .C source file named exploit.c and then check the compilation result, you’ll verify that the compiled EXE is just a PE32 (i.e. 32-bit Portable Executable) and not a PE32+ (i.e. 64-bit Portable Executable):

i686-w64-mingw32-gcc exploit.c -o exploit.exe&&readpe exploit.exe|grep PE32

To compile in 64-bit you have to use a completely different compiler: x86_64-w64-mingw32-gcc.

For example, the following command will correctly display that the compiled source is a 64-bit executable (PE32+) :

x86_64-w64-mingw32-gcc exploit.c -o exploit.exe&&readpe exploit.exe|grep PE32

By the way, to check and verify the characteristics of PE files it is also possible using the following command

objdump -f [filename.exe]

Please, fix that lesson.