From 8aab9be63880e57cddb82a962e120d3a2bb8a1dd Mon Sep 17 00:00:00 2001 From: Andrew Rioux Date: Sun, 7 May 2023 14:17:28 -0400 Subject: [PATCH] build: made it so dev containers can partly debug symbol tables appear to be messed up and it doesn't work with async Rust, so will try to refactor the code to be sync and see how it fares --- .devcontainer/Dockerfile.buster | 7 ++-- .devcontainer/devcontainer.json | 2 +- .vscode/launch.json | 64 ++++----------------------------- .vscode/tasks.json | 30 ++++++++++++++++ Makefile.toml | 11 ++++++ README.org | 3 +- docker-compose.yml | 20 +++++------ 7 files changed, 62 insertions(+), 75 deletions(-) create mode 100644 .vscode/tasks.json diff --git a/.devcontainer/Dockerfile.buster b/.devcontainer/Dockerfile.buster index b281c20..1971b43 100644 --- a/.devcontainer/Dockerfile.buster +++ b/.devcontainer/Dockerfile.buster @@ -38,8 +38,5 @@ RUN apt-get update && \ --component rustfmt --component rust-src --component clippy && \ rm rustup-init && \ chmod -R a+w $RUSTUP_HOME $CARGO_HOME && \ - echo "alias make='cargo make'" >> /etc/profile - -USER vscode - -RUN cargo install cargo-make convco \ No newline at end of file + echo "alias make='cargo make'" >> /etc/profile && \ + cargo install cargo-make convco \ No newline at end of file diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 699f815..840c1f1 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -25,11 +25,11 @@ "runArgs": [ "--privileged", "--cap-add=SYS_PTRACE", + "--cap-add=NET_RAW", "--security-opt", "seccomp=unconfined" ], "postStartCommand": "cargo make setup", - "remoteUser": "vscode", "features": { "ghcr.io/devcontainers/features/docker-in-docker": {} } diff --git a/.vscode/launch.json b/.vscode/launch.json index 5419c5c..b61334c 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -4,43 +4,6 @@ // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387 "version": "0.2.0", "configurations": [ - { - "type": "lldb", - "request": "launch", - "name": "Debug unit tests in library 'pcap-sys'", - "cargo": { - "args": [ - "test", - "--no-run", - "--lib", - "--package=pcap-sys" - ], - "filter": { - "name": "pcap-sys", - "kind": "lib" - } - }, - "args": [], - "cwd": "${workspaceFolder}" - }, - { - "type": "lldb", - "request": "launch", - "name": "Debug executable 'nl-sys'", - "cargo": { - "args": [ - "build", - "--bin=nl-sys", - "--package=nl-sys" - ], - "filter": { - "name": "nl-sys", - "kind": "bin" - } - }, - "args": [], - "cwd": "${workspaceFolder}" - }, { "type": "lldb", "request": "launch", @@ -61,27 +24,19 @@ "cwd": "${workspaceFolder}" }, { + "name": "Debug executable 'ex-bind-shell-backdoor'", "type": "lldb", "request": "launch", - "name": "Debug executable 'ex-bind-shell-backdoor'", - "cargo": { - "args": [ - "build", - "--bin=ex-bind-shell-backdoor", - "--package=ex-bind-shell-backdoor" - ], - "filter": { - "name": "ex-bind-shell-backdoor", - "kind": "bin" - } - }, + "preLaunchTask": "Build project", + "program": "${workspaceFolder}/target/debug/ex-bind-shell-backdoor", "args": [], - "cwd": "${workspaceFolder}" + "cwd": "${workspaceFolder}", + "breakpointMode": "path" }, { + "name": "Attach to 'ex-bind-shell-backdoor'", "type": "lldb", "request": "attach", - "name": "Debug executable 'ex-bind-shell-backdoor' (attach)", "program": "ex-bind-shell-backdoor" }, { @@ -101,13 +56,6 @@ }, "args": [], "cwd": "${workspaceFolder}" - }, - { - "name": "test launch", - "type": "lldb", - "request": "launch", - "program": "${workspaceFolder}/ex-bind-shell-backdoor", - "args": [] } ] } \ No newline at end of file diff --git a/.vscode/tasks.json b/.vscode/tasks.json new file mode 100644 index 0000000..296e0cc --- /dev/null +++ b/.vscode/tasks.json @@ -0,0 +1,30 @@ +{ + "version": "2.0.0", + "tasks": [ + { + "label": "Build project", + "type": "shell", + "command": "cargo make build", + "problemMatcher": [ + "$rustc" + ] + }, + { + "label": "Watch project", + "type": "shell", + "command": "cargo make check-watch", + "problemMatcher": [ + "$rustc-watch" + ] + }, + { + "label": "Assign capabilities", + "type": "shell", + "command": "find ${workspaceFolder}/target/debug -maxdepth 1 -type f -executable -exec sudo setcap cap_net_raw=eip {} \\;", + "dependsOn": [ + "Build project" + ], + "problemMatcher": [] + } + ] +} \ No newline at end of file diff --git a/Makefile.toml b/Makefile.toml index 7f16460..43219f1 100644 --- a/Makefile.toml +++ b/Makefile.toml @@ -26,6 +26,17 @@ workspace = false command = "docker-compose" args = ["run", "build", "test", "${@}"] +[tasks.clean] +workspace = false +command = "cargo" +args = ["clean"] + +[tasks.check-watch] +workspace = false +command = "docker-compose" +args = ["run", "build", "check", "${@}"] +watch = { watch = ["nl-sys/src", "pcap-sys/src"] } + #----------------------- # # Git tasks diff --git a/README.org b/README.org index cd7fc41..63dbc69 100644 --- a/README.org +++ b/README.org @@ -3,7 +3,8 @@ Developed using libpcap to enable evading local firewalls and with an eye towards hiding itself from inspection * Packages -** [[./pcap-sys/README.org][pcap-sys]] +** [[./pcap-sys/README.org][pcap-sys]]: A Rust wrapper around the libpcap library for Linux +** [[./nl-sys/README.org][nl-sys]]: A Rust wrapper around the netlink (nl) library on Linux * Development To develop or compile this project, open it in GitHub Codespaces or using Visual Studio Code's Dev Container extension (requires Docker to be installed) diff --git a/docker-compose.yml b/docker-compose.yml index 2b8f258..1f87b2d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -6,8 +6,8 @@ services: dockerfile: Dockerfile.alpine volumes: - ${CARGO_HOME}/registry:${CARGO_HOME}/registry - - ${PWD}:/sparse - working_dir: /sparse + - /workspaces/sparse:/workspaces/sparse + working_dir: /workspaces/sparse entrypoint: /usr/local/cargo/bin/cargo tty: true @@ -16,31 +16,31 @@ services: context: examples/secure-image dockerfile: Dockerfile volumes: - - ./target:/backdoor - command: /backdoor/release/ex-bind-shell-backdoor + - ./target:/workspaces/sparse/target + command: /workspaces/sparse/target/debug/ex-bind-shell-backdoor # privileged flag is for iptables, not for the backdoor privileged: true examples_bindshell_client: image: alpine volumes: - - ./target:/backdoor - command: /backdoor/release/ex-bind-shell-client examples_bindshell_target:54248 + - ./target:/workspaces/sparse/target + command: /workspaces/sparse/target/debug/ex-bind-shell-client examples_bindshell_target:54248 examples_revshell_beacon: build: context: examples/secure-image dockerfile: Dockerfile volumes: - - ./target:/bacodkkr - command: /backdoor/release/ex-revshell-beacon + - ./target:/workspaces/sparse/target + command: /workspaces/sparse/target/debug/ex-revshell-beacon # privileged flag is for iptables, not for the backdoor privileged: true examples_revshell_server: image: alpine volumes: - - ./target:/backdoor + - ./target:/workspaces/sparse/target expose: - '54248/udp' - command: /backdoor/release/ex-revshell-server \ No newline at end of file + command: /workspaces/sparse/target/debug/ex-revshell-server \ No newline at end of file