From 7a40f17a57fe375ca6069204a6cf0f40cecad3f9 Mon Sep 17 00:00:00 2001 From: 17ms <79069176+17ms@users.noreply.github.com> Date: Wed, 21 Feb 2024 16:29:18 +0200 Subject: [PATCH] rename cryptoutils lib --- Cargo.lock | 8 ++++---- Cargo.toml | 2 +- {utils => common}/Cargo.toml | 2 +- {utils => common}/src/lib.rs | 0 generator/Cargo.toml | 2 +- generator/src/main.rs | 6 +++--- injector/Cargo.toml | 2 +- injector/src/main.rs | 2 +- reflective_loader/Cargo.toml | 2 +- reflective_loader/src/lib.rs | 8 ++++---- 10 files changed, 17 insertions(+), 17 deletions(-) rename {utils => common}/Cargo.toml (70%) rename {utils => common}/src/lib.rs (100%) diff --git a/Cargo.lock b/Cargo.lock index b2ddc98..9ba9ab1 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3,7 +3,7 @@ version = 3 [[package]] -name = "airborne-utils" +name = "airborne-common" version = "0.1.0" [[package]] @@ -110,7 +110,7 @@ checksum = "acbf1af155f9b9ef647e42cdc158db4b64a1b61f743629225fde6f3e0be2a7c7" name = "generator" version = "0.1.0" dependencies = [ - "airborne-utils", + "airborne-common", "clap", "rand", "windows-sys", @@ -149,7 +149,7 @@ checksum = "13e3bf6590cbc649f4d1a3eefc9d5d6eb746f5200ffb04e5e142700b8faa56e7" name = "poc-injector" version = "0.1.0" dependencies = [ - "airborne-utils", + "airborne-common", "lexopt", "windows-sys", ] @@ -219,7 +219,7 @@ dependencies = [ name = "reflective-loader" version = "0.1.0" dependencies = [ - "airborne-utils", + "airborne-common", "windows-sys", ] diff --git a/Cargo.toml b/Cargo.toml index 8ea8f0c..91d0bfb 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -6,7 +6,7 @@ members = [ "payload", "generator", "reflective_loader", - "utils" + "common" ] [profile.release] diff --git a/utils/Cargo.toml b/common/Cargo.toml similarity index 70% rename from utils/Cargo.toml rename to common/Cargo.toml index c690815..d3571e1 100644 --- a/utils/Cargo.toml +++ b/common/Cargo.toml @@ -1,5 +1,5 @@ [package] -name = "airborne-utils" +name = "airborne-common" version = "0.1.0" edition = "2021" diff --git a/utils/src/lib.rs b/common/src/lib.rs similarity index 100% rename from utils/src/lib.rs rename to common/src/lib.rs diff --git a/generator/Cargo.toml b/generator/Cargo.toml index d8f3f1c..2b4a956 100644 --- a/generator/Cargo.toml +++ b/generator/Cargo.toml @@ -6,7 +6,7 @@ edition = "2021" [dependencies] clap = { version = "4.4.18", features = ["derive"] } rand = "0.8.5" -airborne-utils = { path = "../utils" } +airborne-common = { path = "../common" } [dependencies.windows-sys] version = "0.52.0" diff --git a/generator/src/main.rs b/generator/src/main.rs index 4ff521a..23a3700 100644 --- a/generator/src/main.rs +++ b/generator/src/main.rs @@ -3,7 +3,7 @@ use std::{ slice::from_raw_parts, }; -use airborne_utils::calc_hash; +use airborne_common::calc_hash; use clap::{ArgAction, Parser}; use windows_sys::Win32::{ System::Diagnostics::Debug::IMAGE_NT_HEADERS64, @@ -50,7 +50,7 @@ fn main() { let args = Args::parse(); // (bool, bool, bool) -(OR)-> u32 - let combined_flag = airborne_utils::create_u32_flag(args.no_delay, args.no_shuffle, args.ufn); + let combined_flag = airborne_common::create_u32_flag(args.no_delay, args.no_shuffle, args.ufn); // preserve the path from being dropped let output_path = args.output_path.clone(); @@ -97,7 +97,7 @@ fn main() { println!("\n[+] xor'ing shellcode"); let key = gen_xor_key(shellcode.len()); - airborne_utils::xor_cipher(&mut shellcode, &key); + airborne_common::xor_cipher(&mut shellcode, &key); let mut key_output_path = output_path.clone().into_os_string(); key_output_path.push(".key"); diff --git a/injector/Cargo.toml b/injector/Cargo.toml index 906f32c..2a25fde 100644 --- a/injector/Cargo.toml +++ b/injector/Cargo.toml @@ -5,7 +5,7 @@ edition = "2021" [dependencies] lexopt = "0.3.0" -airborne-utils = { path = "../utils" } +airborne-common = { path = "../common" } [dependencies.windows-sys] version = "0.52.0" diff --git a/injector/src/main.rs b/injector/src/main.rs index 8f02b3f..e25fe5c 100644 --- a/injector/src/main.rs +++ b/injector/src/main.rs @@ -51,7 +51,7 @@ fn main() { } println!("[+] xor'ing shellcode"); - airborne_utils::xor_cipher(&mut shellcode, &keyfile); + airborne_common::xor_cipher(&mut shellcode, &keyfile); println!("[+] injecting shellcode into {}", args.procname); unsafe { diff --git a/reflective_loader/Cargo.toml b/reflective_loader/Cargo.toml index ed4efb5..1ca48ce 100644 --- a/reflective_loader/Cargo.toml +++ b/reflective_loader/Cargo.toml @@ -7,7 +7,7 @@ edition = "2021" crate-type = ["cdylib"] [dependencies] -airborne-utils = { path = "../utils" } +airborne-common = { path = "../common" } [dependencies.windows-sys] version = "0.52.0" diff --git a/reflective_loader/src/lib.rs b/reflective_loader/src/lib.rs index 11d1b20..575c603 100644 --- a/reflective_loader/src/lib.rs +++ b/reflective_loader/src/lib.rs @@ -10,7 +10,7 @@ use core::{ slice::from_raw_parts, }; -use airborne_utils::Flags; +use airborne_common::Flags; use windows_sys::{ core::PWSTR, Win32::{ @@ -67,7 +67,7 @@ pub unsafe extern "system" fn loader( _shellcode_bin: *mut c_void, flags: u32, ) { - let flags = airborne_utils::parse_u32_flag(flags); + let flags = airborne_common::parse_u32_flag(flags); /* 1.) locate the required functions and modules from exports with their hashed names @@ -238,7 +238,7 @@ unsafe fn get_module_ptr(module_hash: u32) -> Option<*mut u8> { let name_slice_buf = from_raw_parts(transmute::(name_buf_ptr), name_len); // calculate the module hash and compare it - if module_hash == airborne_utils::calc_hash(name_slice_buf) { + if module_hash == airborne_common::calc_hash(name_slice_buf) { return Some((*table_entry_ptr).DllBase as _); } @@ -293,7 +293,7 @@ unsafe fn get_export_addr(module_base_ptr: *mut u8, function_hash: u32) -> Optio let name_len = get_cstr_len(name_ptr as _); let name_slice = from_raw_parts(name_ptr as _, name_len); - if function_hash == airborne_utils::calc_hash(name_slice) { + if function_hash == airborne_common::calc_hash(name_slice) { return Some(module_base_ptr as usize + funcs[ords[i as usize] as usize] as usize); } }