Compile CPP files (C++ source) with g++ of Cygwin on Windows

Why Compile CPP files and what are they

CPP files (*.cpp) are C++ coding language source files, which you can compile (convert) them to EXE (executable). There many POCs of malware / zero days available on the web, so anyone can analyze them and check against their organizational controls. One way to send / distribute them is by providing the source instead of the compiled executable (EXE) file. The easiest way that I found to compile CPP files on Windows is by using Cygwin GNU and Open Source tools. Cygwin provides Linux like functionality on Windows, which include applications like ls, bash, gcc, g++, etc.

Affiliate: Experience limitless no-code automation, streamline your workflows, and effortlessly transfer data between apps with Make.com.

How to install Cygwin

1. All steps of obtaining and installing basic Cygwin package is in our Cygwin Linux Tools for Windows Install and Dependency Check article. When you get to step “3.b.”, continue to the next step.
2. You will need to specify 3 packages for “g++” functionality to compile CPP files (g++, gdb, make):

"Select Packages"
    View: [Category]
    Expand: [+] All
    Search: g++
    Expand: [+] Devel
        [gcc-g++] => [arrow down] in "Skip" cell (same row) => select latest stable version (not Test).
    Search: gdb
    *** [-] Devel will be already expanded, if not - expand.
        [gdb] => [arrow down] in "Skip" cell (same row) => select latest stable version (not Test).
    Search: make
    *** [-] Devel will be already expanded, if not - expand.
        [make] => [arrow down] in "Skip" cell (same row) => select latest stable version (not Test).
    [Next]

3. You can return to the Cygwin installation article to finish the setup and when you finish step “4” of the Cygwin installation article, you can return here.

Compile CPP files to executable

Since we added the “bin” directory to PATH Environment Variable, we can use “g++” anywhere we want. Run in “cmd.exe”:

g++ YourSourceFile.cpp -o YourExecutable.exe

Some Explanations:
g++: is the name of C++ compiler that resides in “c:\cygwin64\bin\g++.exe”.
YourSourceFile.cpp: is full path to your CPP file, you can just drag and drop it to CMD window.
-o: Output file. If you will not specify it, it will compile the executable with default file name “a.out”.
YourExecutable.exe: Is full path to your compiled executable file name.

If you get errors while executing “g++” like:

C:/cygwin64/lib/gcc/x86_64-pc-cygwin/10/cc1plus.exe: error while loading shared libraries: ?: cannot open shared object file: No such file or directory

There can be a problem with shared Cygwin dependencies. The steps for troubleshooting are in our Cygwin Installation article (linked on current page in step 1), at the bottom.

You are good to go if you want to execute the compiled program on the same host. Since, the main point of running malware POC is on Virtual Machine or any test host with controls, probably the target host will not have the Cygwin installed. You will need to provide the “cygwin1.dll” with the executable. The DLL is in:

C:\cygwin64\bin\cygwin1.dll

You can copy it and place on the target host in the same directory as the compiled executable. If for some reason it will not work, you can place the “cygwin1.dll” in the “C:\Windows\System32” folder on the target host, since it is already in the PATH Environment Variable.