astatin3/unshell
1
0
Fork 0
mirror of https://github.com/Astatin3/unshell.git synced 2026-06-08 22:38:01 -06:00
Code Issues Packages Projects Releases Wiki Activity

Rename things to ush for brevity. Add Tree system.

Browse Source
This commit is contained in:
Michael Mikovsky
2026-02-09 10:27:15 -07:00
parent ebeaa29d5b
commit 2a18639d84
86 changed files with 368 additions and 419 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ush-obfuscate/src/crypt/aes_decrypt.rs
+51
View File
@@ -0,0 +1,51 @@
pub fn decrypt_aes(input: &str, key_str: &str, iv: [u8; 16]) -> Result<String, String> {
// Hash the env key to get a 32-byte (256-bit) AES key
let mut key = hash(key_str.as_bytes());
let mut cipher_bytes = Base62::decode_full(input, &key).unwrap();
let salt = cipher_bytes.remove(0);
// XOR the salt bytes with the key bytes
// This replicates
for i in 0..32 {
key[i] ^= salt;
}
// Create buffer for result
let buf_len = cipher_bytes.len();
let mut buf: Vec<u8> = vec![0; buf_len];
buf[..cipher_bytes.len()].copy_from_slice(&cipher_bytes);
let pt = cbc::Decryptor::<aes::Aes256>::new(&key.into(), &iv.into())
.decrypt_padded_mut::<Pkcs7>(&mut buf)
.map_err(|_| "decryption failed".to_string())?;
Ok(String::from_utf8_lossy(pt).to_string())
}
pub fn decrypt_aes_lines(input: &str, key_str: &str, iv: [u8; 16]) -> String {
let mut decrypted_result = input.to_string();
let mut total_offset = 0;
// Split input by segments of base62 chars, denoted by two _'s, and attempt to decode
for aes_block in Regex::new(r"_([0-9a-zA-Z]*?)_").unwrap().find_iter(&input) {
let range = aes_block.range();
let aes_block = aes_block.as_str()[1..(aes_block.len() - 1)].to_string();
// If the decryption is successful, offset the current offset position
if let Ok(decrypted_block) = decrypt_aes(&aes_block, key_str, iv) {
let range = (range.start + total_offset as usize)..(range.end + total_offset as usize);
// Offset range by the difference between the decrypted block length and the original range length
total_offset += decrypted_block.len().clone() - (range.end - range.start);
decrypted_result.replace_range(range, &decrypted_block);
} else {
// If the decode is unsuccessful, leave the underscore-denoted region as is
continue;
}
}
decrypted_result
}
ush-obfuscate/src/crypt/aes_encrypt.rs
+53
View File
@@ -0,0 +1,53 @@
use crate::crypt::{base62::Base62, hash};
use aes::cipher::{BlockEncryptMut, KeyIvInit};
use cbc::cipher::block_padding::Pkcs7;
fn pkcs7_padded_length(input_len: usize) -> usize {
let block_size = 16;
((input_len / block_size) + 1) * block_size
}
pub fn encrypt_aes(plaintext: &str, key_str: &str, iv: [u8; 16]) -> String {
let plaintext = plaintext.as_bytes();
// Hash the env key to get a 32-byte (256-bit) AES key
let key = hash(key_str.as_bytes());
// Generate a psudo-random salt byte based on the plaintext
// I hope this does not break the encryption.
let mut salt = 0;
for byte in plaintext {
salt ^= byte;
}
let mut key_salted = key.clone();
// Salt the key by XORing the salt byte with all the key bytes.
// This ensures that the "hash" generated from the plaintext will
// make the encrypted result extremely different.
for i in 0..32 {
key_salted[i] ^= salt;
}
let buf_len = pkcs7_padded_length(plaintext.len());
let mut buf = vec![0u8; buf_len];
let pt_len = plaintext.len();
buf[..pt_len].copy_from_slice(&plaintext);
let mut ct = cbc::Encryptor::<aes::Aes256>::new(&key_salted.into(), &iv.into())
.encrypt_padded_mut::<Pkcs7>(&mut buf, pt_len)
.unwrap()
.to_vec();
// Add the salt byte to the key byte,
ct.insert(0, salt);
// Encode result in base62
Base62::encode_full(&ct, &key)
}
pub fn encrypt_aes_lines(plaintext: &str, key_str: &str, iv: [u8; 16]) -> String {
format!("_{}_", encrypt_aes(plaintext, key_str, iv))
}
ush-obfuscate/src/crypt/base62.rs
+225
View File
@@ -0,0 +1,225 @@
use crate::crypt::{STATIC_BYTE_MAP, hash};
// Randomly mapped Base62 characters
pub struct Base62 {
charset: [char; 62],
}
pub const BASE62_CHARS: [char; 62] = [
'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I',
'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b',
'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u',
'v', 'w', 'x', 'y', 'z',
];
// Const for ratio
const ENCODING_RATIO: f64 = 8.0 / 5.954196310386875; // 8.0 / log2(62.0)
impl Base62 {
pub fn new(key: &[u8], nonce: usize) -> Self {
// Hash key again, for the chance that this random function can be used to derive the key
let key = hash(key);
let mut charset: [char; 62] = [0 as char; 62];
// Create a vector of indices from 0 to 61
let mut current_indicies = (0..62).map(|i| i as usize).collect::<Vec<usize>>();
// Loop through each byte in the key until all chars are filled
for i in 0..62 as usize {
let rand = STATIC_BYTE_MAP[(key[i as usize % key.len()] as usize + nonce) % 255];
let index_index = rand as usize % current_indicies.len();
let put_index = current_indicies.remove(index_index);
charset[put_index] = BASE62_CHARS[i];
}
return Self { charset };
}
// Convert character to base-62 value using custom charset
fn char_to_value(&self, ch: char) -> Result<u8, String> {
self.charset
.iter()
.position(|&c| c == ch)
.map(|pos| pos as u8)
.ok_or_else(|| format!("Invalid character for this charset: '{}'", ch))
}
/// Encodes a byte slice into a base-62 string using a custom character set
/// Supports arbitrary length input by using big integer arithmetic
pub fn encode(&self, data: &[u8]) -> String {
if data.is_empty() {
return String::new();
}
// Count leading zeros
let leading_zeros = data.iter().take_while(|&&b| b == 0).count();
// Skip leading zeros for conversion
let data = &data[leading_zeros..];
if data.is_empty() {
return self.charset[0].to_string().repeat(leading_zeros);
}
let mut result = Vec::new();
let mut num = data.to_vec();
// Convert to base-62 using division
while !is_zero(&num) {
let remainder = div_mod_62(&mut num);
result.push(self.charset[remainder]);
}
// Add leading zeros
for _ in 0..leading_zeros {
result.push(self.charset[0]);
}
// Reverse since we built it backwards
result.reverse();
result.into_iter().collect()
}
/// Decodes a base-62 string back into bytes using a custom character set
/// Supports arbitrary length output
pub fn decode(&self, encoded: &str) -> Result<Vec<u8>, String> {
if encoded.is_empty() {
return Ok(Vec::new());
}
// Count leading zeros (first character in charset)
let zero_char = self.charset[0];
let leading_zeros = encoded.chars().take_while(|&c| c == zero_char).count();
// Skip leading zeros for conversion
let encoded = &encoded[leading_zeros..];
if encoded.is_empty() {
return Ok(vec![0; leading_zeros]);
}
// Convert base-62 string to bytes using multiplication
let mut num = vec![0u8];
for ch in encoded.chars() {
let value = self.char_to_value(ch)?;
mul_add(&mut num, 62, value);
}
// Add leading zero bytes
let mut result = vec![0u8; leading_zeros];
result.append(&mut num);
Ok(result)
}
pub fn encode_full(data: &[u8], key: &[u8]) -> String {
// Predict the length of the encoded data
let length = predict_base62_len(data);
let base = Base62::new(&key, length % 255);
let encoded = base.encode(data);
// For the case that the encoded length is not equal to the predicted length
// The nonce must be derived from this length, so this needs to be ensured
//
// Re-encode with the correct length
if encoded.len() != length {
let len = encoded.len();
let base = Base62::new(&key, len % 255);
let encoded = base.encode(data);
assert_eq!(encoded.len(), len);
encoded
} else {
encoded
}
}
pub fn decode_full(data: &str, key: &[u8]) -> Result<Vec<u8>, String> {
let base = Base62::new(&key, data.len() % 255);
base.decode(data)
}
}
// Helper: Check if big integer (as bytes) is zero
fn is_zero(num: &[u8]) -> bool {
num.iter().all(|&b| b == 0)
}
// Helper: Divide big integer by 62 and return remainder
// Modifies num in place to be the quotient
fn div_mod_62(num: &mut Vec<u8>) -> usize {
let mut remainder = 0u16;
let mut all_zero = true;
for byte in num.iter_mut() {
let current = (remainder << 8) | (*byte as u16);
*byte = (current / 62) as u8;
remainder = current % 62;
if *byte != 0 {
all_zero = false;
}
}
// Remove leading zeros from quotient
if all_zero {
num.clear();
num.push(0);
} else {
let first_nonzero = num.iter().position(|&b| b != 0).unwrap_or(0);
if first_nonzero > 0 {
num.drain(0..first_nonzero);
}
}
remainder as usize
}
// Helper: Multiply big integer by 62 and add a value
// Modifies num in place
fn mul_add(num: &mut Vec<u8>, multiplier: u16, add: u8) {
let mut carry = add as u16;
for byte in num.iter_mut().rev() {
let product = (*byte as u16) * multiplier + carry;
*byte = (product & 0xFF) as u8;
carry = product >> 8;
}
// Add remaining carry bytes
while carry > 0 {
num.insert(0, (carry & 0xFF) as u8);
carry >>= 8;
}
}
/// Predicts the byte length of the decoded output given a base-62 encoded string
/// This calculates the length without performing the full decoding
pub fn predict_base62_len(input_bytes: &[u8]) -> usize {
if input_bytes.is_empty() {
return 0;
}
// 1. Count leading zero bytes.
let num_leading_zeros = input_bytes.iter().take_while(|&&b| b == 0).count();
// 2. Calculate length of the rest of the bytes.
let num_rest_bytes = input_bytes.len() - num_leading_zeros;
if num_rest_bytes == 0 {
// If all bytes were zeros, the length is just the number of zeros.
num_leading_zeros
} else {
// 3. Calculate the mathematical upper bound for the non-zero part.
// This is ceil(num_rest_bytes * 8_bits / log2(62))
// which is ceil(num_rest_bytes * log_62(256))
let rest_len = (num_rest_bytes as f64 * ENCODING_RATIO).ceil();
// 4. Total length is zeros + rest_len
num_leading_zeros + rest_len as usize
}
}
ush-obfuscate/src/crypt/mod.rs
+34
View File
@@ -0,0 +1,34 @@
pub mod aes_encrypt;
#[allow(dead_code)]
pub mod base62;
pub const ENV_KEY_NAME: &str = "OBFUSCATION_KEY";
pub const BACKUP_ENV_KEY: &str = "OBFUSCATION_KEY_DO_NOT_USE";
pub const STATIC_IV: [u8; 16] = [
0x6d, 0x79, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x69, 0x63, 0x5f, 0x69, 0x76, 0x5f, 0x30, 0x31, 0x32,
];
pub const STATIC_BYTE_MAP: [u8; 256] = [
58, 177, 23, 16, 227, 134, 93, 239, 201, 3, 74, 162, 228, 195, 126, 157, 136, 57, 98, 86, 175,
111, 71, 39, 205, 49, 139, 116, 143, 182, 250, 222, 59, 36, 18, 79, 37, 84, 190, 42, 7, 142,
167, 168, 105, 54, 218, 230, 203, 83, 52, 129, 144, 184, 41, 73, 29, 72, 128, 75, 160, 149, 20,
32, 207, 155, 131, 125, 199, 220, 56, 76, 94, 78, 247, 214, 165, 33, 19, 241, 69, 206, 172,
113, 225, 90, 150, 242, 107, 232, 8, 77, 100, 187, 240, 104, 31, 180, 53, 253, 63, 192, 252,
30, 140, 158, 1, 210, 24, 44, 243, 145, 197, 80, 202, 65, 196, 45, 51, 11, 55, 236, 186, 22,
224, 118, 200, 204, 153, 114, 117, 229, 47, 159, 96, 219, 234, 183, 13, 70, 81, 137, 46, 211,
254, 255, 127, 138, 246, 87, 61, 89, 189, 66, 208, 221, 85, 251, 188, 43, 248, 102, 146, 170,
132, 213, 178, 103, 62, 92, 27, 6, 38, 122, 185, 181, 215, 12, 179, 4, 169, 226, 209, 0, 112,
154, 120, 17, 101, 64, 194, 193, 212, 198, 121, 135, 99, 115, 244, 14, 133, 26, 156, 10, 5,
238, 163, 164, 25, 88, 95, 152, 40, 108, 216, 21, 109, 2, 123, 233, 237, 235, 119, 60, 82, 191,
68, 151, 161, 124, 48, 35, 249, 171, 50, 141, 166, 34, 15, 176, 97, 148, 147, 91, 9, 28, 223,
67, 130, 217, 231, 106, 245, 110, 173, 174,
];
use sha2::{Digest, Sha256};
pub fn hash(input: &[u8]) -> [u8; 32] {
let mut hasher = Sha256::new();
hasher.update(input);
hasher.finalize().into()
}
ush-obfuscate/src/format_helper.rs
+97
View File
@@ -0,0 +1,97 @@
use syn::parse::{Parse, ParseStream};
use syn::{Expr, Lit, Token};
pub struct PrintlnArgs {
pub format_str: String,
pub args: Vec<Expr>,
}
impl Parse for PrintlnArgs {
fn parse(input: ParseStream) -> syn::Result<Self> {
let format_expr: Expr = input.parse()?;
let format_str = match format_expr {
Expr::Lit(ref lit) => {
if let Lit::Str(ref s) = lit.lit {
s.value()
} else {
return Err(syn::Error::new_spanned(lit, "Expected string literal"));
}
}
_ => {
return Err(syn::Error::new_spanned(
format_expr,
"Expected string literal",
));
}
};
let mut args = Vec::new();
while !input.is_empty() {
input.parse::<Token![,]>()?;
if input.is_empty() {
break;
}
args.push(input.parse()?);
}
Ok(PrintlnArgs { format_str, args })
}
}
#[derive(Debug)]
pub enum FormatSegment {
Static(String),
Dynamic(String, usize), // format spec, arg index
}
pub fn parse_format_string(fmt: &str) -> Vec<FormatSegment> {
let mut segments = Vec::new();
let mut current_static = String::new();
let mut chars = fmt.chars().peekable();
let mut arg_idx = 0;
while let Some(ch) = chars.next() {
if ch == '{' {
if chars.peek() == Some(&'{') {
chars.next();
current_static.push('{');
continue;
}
// Save current static segment
if !current_static.is_empty() {
segments.push(FormatSegment::Static(current_static.clone()));
current_static.clear();
}
// Parse format spec
let mut spec = String::new();
while let Some(&next_ch) = chars.peek() {
if next_ch == '}' {
chars.next();
break;
}
spec.push(chars.next().unwrap());
}
segments.push(FormatSegment::Dynamic(spec, arg_idx));
arg_idx += 1;
} else if ch == '}' {
if chars.peek() == Some(&'}') {
chars.next();
current_static.push('}');
} else {
current_static.push(ch);
}
} else {
current_static.push(ch);
}
}
if !current_static.is_empty() {
segments.push(FormatSegment::Static(current_static));
}
segments
}
ush-obfuscate/src/lib.rs
+127
View File
@@ -0,0 +1,127 @@
#![feature(proc_macro_quote)]
#![feature(proc_macro_span)]
use proc_macro::TokenStream;
use quote::quote;
use syn::parse_macro_input;
mod format_helper;
use format_helper::*;
mod crypt;
#[allow(dead_code, unused_imports)]
mod no_obfuscate;
#[allow(dead_code, unused_imports)]
mod obfuscate;
#[cfg(not(feature = "obfuscate"))]
use no_obfuscate as obs;
#[cfg(feature = "obfuscate")]
use obfuscate as obs;
// String obfuscation
#[proc_macro]
pub fn obs(input: TokenStream) -> TokenStream {
obs::xor(input)
}
#[proc_macro_attribute]
pub fn obfuscated_symbol(_attr: TokenStream, item: TokenStream) -> TokenStream {
obs::aes_fn_name(_attr, item)
}
#[proc_macro]
pub fn symbol(input: TokenStream) -> TokenStream {
obs::aes_str(input)
}
#[proc_macro]
pub fn junk_asm(input: TokenStream) -> TokenStream {
obs::junk_asm(input)
}
//
#[proc_macro]
pub fn file_symbol(_input: TokenStream) -> TokenStream {
// Get the call site span to extract file information
let span = proc_macro::Span::call_site();
let source_file = span.source();
let file_path = source_file.file();
let line_num = source_file.line();
let concatted = format!("{}:{}", file_path, line_num);
// Return as a string literal
let output = quote! {
obfuscate::symbol!(#concatted)
};
// let output = quote! {
// #concatted
// };
output.into()
}
#[proc_macro]
pub fn format_obs(input: TokenStream) -> TokenStream {
let PrintlnArgs { format_str, args } = parse_macro_input!(input as PrintlnArgs);
let segments = parse_format_string(&format_str);
if segments.is_empty() {
return quote! {
print!("\n")
}
.into();
}
let mut parts = Vec::new();
for segment in segments {
match segment {
FormatSegment::Static(text) => {
parts.push(quote! {
obfuscate::symbol!(#text).to_string()
});
}
FormatSegment::Dynamic(spec, idx) => {
if idx >= args.len() {
return syn::Error::new(
proc_macro2::Span::call_site(),
format!("argument {} is missing", idx),
)
.to_compile_error()
.into();
}
let arg = &args[idx];
let fmt_spec = if spec.is_empty() {
quote! { "{}" }
} else {
let full_spec = format!("{{{}}}", spec);
quote! { #full_spec }
};
// quote! {
// println!(#fmt_spec, #arg);
// }
parts.push(quote! {
format!(#fmt_spec, #arg)
});
}
}
}
(quote! {
{
let mut string = String::new();
#(
string.push_str(&#parts);
)*
string
}
})
.into()
}
ush-obfuscate/src/no_obfuscate.rs
+27
View File
@@ -0,0 +1,27 @@
use proc_macro::TokenStream;
use quote::quote;
use syn::{ItemFn, LitStr, parse_macro_input};
pub fn xor(input: TokenStream) -> TokenStream {
let input = parse_macro_input!(input as LitStr);
(quote::quote! {
String::from(#input)
})
.into()
}
pub fn aes_fn_name(_attr: TokenStream, item: TokenStream) -> TokenStream {
let func = parse_macro_input!(item as ItemFn);
TokenStream::from(quote! {
#[unsafe(no_mangle)]
#func
})
}
pub fn aes_str(input: TokenStream) -> TokenStream {
input
}
pub fn junk_asm(_input: TokenStream) -> TokenStream {
TokenStream::new()
}
ush-obfuscate/src/obfuscate/mod.rs
+18
View File
@@ -0,0 +1,18 @@
mod obs_junk_asm;
mod obs_xor;
mod sym_aes_strings;
pub use obs_junk_asm::junk_asm;
pub use obs_xor::xor;
pub use sym_aes_strings::*;
use crate::crypt::{BACKUP_ENV_KEY, ENV_KEY_NAME};
fn get_encryption_key() -> String {
std::env::var(ENV_KEY_NAME).unwrap_or({
println!("Using default encryption key!");
BACKUP_ENV_KEY.to_owned()
})
}
// pub fn
ush-obfuscate/src/obfuscate/obs_junk_asm.rs
+234
View File
@@ -0,0 +1,234 @@
use proc_macro::TokenStream;
use quote::quote;
use rand::rngs::SmallRng;
use rand::{Rng, SeedableRng};
use syn::{LitFloat, parse_macro_input};
// const MIN_TAGS: u32 = 1; // Maximum instructions per recursive block
// const MAX_TAGS: u32 = 22; // Maximum instructions per recursive block
// const MIN_INSTRUCTIONS: u32 = 1; // Maximum instructions per recursive block
// const MAX_INSTRUCTIONS: u32 = 22; // Maximum instructions per recursive block
// const MIN_JUMPS: u32 = 1;
// const MAX_JUMPS: u32 = 5;
const CHAIN_WEIGHT: f64 = 1.0;
const TAG_WEIGHT: f64 = 1.0;
const INST_WEIGHT: f64 = 3.0;
const JUMP_WEIGHT: f64 = 2.0;
// The full list of 64-bit registers in AT&T syntax (used by default in asm!)
const REGISTERS: &[&str] = &[
"%rax", "%rbx", "%rcx", "%rdx", "%rsi", "%rdi", "%r8", "%r9", "%r10", "%r11", "%r12", "%r13",
"%r14", "%r15",
];
// Conditional Jumps in AT&T syntax.
const COND_JUMPS: &[&str] = &[
"je", "jne", "jg", "jge", "jl", "jle", "ja", "jnb", "jc", "jnc", "jz", "jnz",
];
// Arithmetic/Logic operations with the 'q' (quad-word) suffix.
const ARITHITHMETIC_OPS: &[&str] = &["addq", "subq", "xorq", "andq", "orq"];
// --- Helper Functions for Modular Generation ---
/// Generates a unique label name for the given depth and ID.
fn generate_label(prefix: &str, depth: usize, id: usize) -> String {
format!(".L_{}_{}_{}", prefix, depth, id)
}
/// Generates a highly randomized, complex instruction using different addressing modes.
fn generate_complex_mutation(rng: &mut SmallRng) -> String {
let op = ARITHITHMETIC_OPS[rng.random_range(0..ARITHITHMETIC_OPS.len())];
match rng.random_range(0..3) {
// Pattern 0: Register-Immediate
// Example: "addq $0x1234, %rax"
0 => {
let reg = REGISTERS[rng.random_range(0..REGISTERS.len())];
let immediate = rng.random_range(1..=0xFFFF);
format!("\t{} ${}, {}", op, immediate, reg)
}
// Pattern 1: Register-Register
// Example: "xorq %rbx, %rcx"
1 => {
let reg_src = REGISTERS[rng.random_range(0..REGISTERS.len())];
let reg_dst = REGISTERS[rng.random_range(0..REGISTERS.len())];
format!("\t{} {}, {}", op, reg_src, reg_dst)
}
// Pattern 2: LEA (Complex Address Calculation)
// Example: "leaq (%rax, %rbx, 4), %rcx"
2 => {
let reg_base = REGISTERS[rng.random_range(0..REGISTERS.len())];
let reg_index = REGISTERS[rng.random_range(0..REGISTERS.len())];
let reg_dst = REGISTERS[rng.random_range(0..REGISTERS.len())];
let scale = 1 << rng.random_range(0..4); // Scale is 1, 2, 4, or 8
format!(
"\tleaq ({}, {}, {}), {}",
reg_base, reg_index, scale, reg_dst
)
}
_ => String::new(), // Should not happen
}
}
/// Generates a comparison followed by a conditional jump to a specific label.
fn generate_conditional_jump(rng: &mut SmallRng, label: &str) -> String {
let reg1 = REGISTERS[rng.random_range(0..REGISTERS.len())];
let reg2 = REGISTERS[rng.random_range(0..REGISTERS.len())];
let jump = COND_JUMPS[rng.random_range(0..COND_JUMPS.len())];
// Example: "cmpq %rdx, %rsi; jg .L_target_"
format!("\tcmpq {}, {}; {} {}\n", reg1, reg2, jump, label)
}
// --- The Core DAG Recursive Algorithm ---
fn generate_dag_block(weight: f64, rng: &mut SmallRng, total_count: usize) -> String {
let labels = (0..total_count)
.map(|i| {
(0..{
let mut n = 1;
while !rng.random_bool((weight.sqrt() * TAG_WEIGHT).min(1.)) {
n += 1;
}
n
})
.map(|j| generate_label("dag", i, j))
.collect::<Vec<String>>()
})
// .flatten()
.collect::<Vec<Vec<String>>>();
let mut assembly_block = String::new();
// 3. Instruction Loop and DAG construction
for i in 0..total_count {
let chain_labels = &labels[i];
let num_labels = chain_labels.len();
for j in 0..num_labels {
let current_label = &chain_labels[j];
assembly_block.push_str(&format!("{}:\n", current_label));
let mut inst_count = 1;
while !rng.random_bool((weight * INST_WEIGHT).min(1.)) {
inst_count += 1;
}
for _ in 0..inst_count {
assembly_block.push_str(&format!("{}\n", generate_complex_mutation(rng)));
}
// Conditional Forward Jump (Creates DAG edges)
if i < total_count - 1 {
let mut jump_count = 1;
while !rng.random_bool((weight.sqrt() * JUMP_WEIGHT).min(1.)) {
jump_count += 1;
}
for _ in 0..jump_count {
// Jump to a random label strictly ahead of the current one
let target_chain = if j + 1 < num_labels {
rng.random_range(i..total_count)
} else {
rng.random_range(i + 1..total_count)
};
let chain_labels = &labels[target_chain];
let target_index = if target_chain == i {
rng.random_range((j + 1)..num_labels)
} else {
rng.random_range(0..chain_labels.len())
};
let target_label = &chain_labels[target_index];
assembly_block.push_str(&generate_conditional_jump(rng, target_label));
}
// }
}
}
}
// 4. Backward Conditional Jump (Adds controlled cycles)
// Only at the end of the block, allowing a chance to loop back to an earlier instruction.
// if num_labels > 1 && rng.random_bool(weight * 3.) {
// let target_index = rng.random_range(0..num_labels as usize - 1);
// let target_label = &labels[target_index];
// assembly_block.push_str(&format!("{}\n", generate_complex_mutation(rng)));
// assembly_block.push_str(&generate_conditional_jump(rng, target_label));
// assembly_block.push_str("// Backward Conditional Jump to maintain short execution\n");
// }
assembly_block
}
pub fn junk_asm(input: TokenStream) -> TokenStream {
// 1. Parse the input (expecting an optional f32 weight)
let weight: f64 = if input.is_empty() {
None
} else {
match parse_macro_input!(input as LitFloat).base10_parse::<f64>() {
Ok(w) => Some(1. / (w + 1.)), // Move weight variable to be more
Err(_) => None,
}
}
.expect("Expected F64");
// let final_weight = input_weight.unwrap_or(WEIGHT);
// 2. Setup
let mut rng = SmallRng::from_os_rng();
let count = {
let mut n = 1;
while !rng.random_bool((weight.sqrt() * CHAIN_WEIGHT).min(1.)) {
n += 1;
}
n
};
// eeeeeeeeeeee
// 3. Generate Assembly
// let main_assembly = (0..count)
// .map(|i| generate_dag_block(weight, &mut rng, i, count))
// .into_iter()
// .collect::<String>();
let main_assembly = generate_dag_block(weight, &mut rng, count);
// println!("{}", main_assembly);
// 4. Wrap in `asm!`
let expanded = quote! {
// Output will replace the junk_asm!(...) call
{
// Execute the code using the standard `asm!` macro.
unsafe {
#[allow(named_asm_labels)]
core::arch::asm!(
// The generated junk code
// Note: We MUST use AT&T syntax (e.g., %rax, $100) due to options(att_syntax)
// The code is generated in AT&T syntax.
#main_assembly,
// Pass the simulated external address into a temporary register (%r15)
// This allows instructions to reference an "external" scope using memory reads/writes.
// in(reg) external_addr_ref,
// Clobber all general-purpose registers to force saving/restoring
clobber_abi("sysv64"),
// Correct options for non-volatile junk code
options(att_syntax, nomem, nostack, preserves_flags)
);
}
}
};
expanded.into()
}
// NOTE: To make the example runnable, the `src/main.rs` file would now call
// junk_asm!(0.2) or junk_asm!(). The instruction sizes and jump structure
// are now compliant with your requirements.
ush-obfuscate/src/obfuscate/obs_xor.rs
+52
View File
@@ -0,0 +1,52 @@
use getrandom::fill;
use proc_macro::TokenStream;
use quote::quote;
use syn::{LitStr, parse_macro_input};
/// XOR encrypt strings
pub fn xor(input: TokenStream) -> TokenStream {
// Parse the input as a string literal
let lit_str = parse_macro_input!(input as LitStr);
let original_str = lit_str.value();
// Handle empty strings explicitly
if original_str.is_empty() {
return TokenStream::from(quote! { String::new() });
}
// --- Obfuscated Branch Logic ---
// This code runs at compile-time
let str_bytes = original_str.as_bytes();
let len = str_bytes.len();
// 1. Generate a unique, random key for this string
let mut key = vec![0u8; len];
fill(&mut key).expect("Failed to get random bytes for XOR key");
// 2. XOR the string with the key
let mut obfuscated = Vec::with_capacity(len);
for i in 0..len {
obfuscated.push(str_bytes[i] ^ key[i]);
}
// 3. This is the code that will be injected into the user's binary
// It runs at *runtime* to decrypt the string.
let obfuscated_expansion = quote! {
{
// These static arrays are stored directly in your binary
static OBFUSCATED_DATA: [u8; #len] = [ #( #obfuscated ),* ];
static KEY_DATA: [u8; #len] = [ #( #key ),* ];
let mut decrypted = Vec::with_capacity(#len);
for i in 0..#len {
decrypted.push(OBFUSCATED_DATA[i] ^ KEY_DATA[i]);
}
// We can trust this since the source was a valid String literal
String::from_utf8(decrypted).unwrap()
}
};
TokenStream::from(obfuscated_expansion)
}
ush-obfuscate/src/obfuscate/sym_aes_strings.rs
+44
View File
@@ -0,0 +1,44 @@
use crate::crypt::{BACKUP_ENV_KEY, ENV_KEY_NAME, STATIC_IV, aes_encrypt::encrypt_aes_lines};
use proc_macro::TokenStream;
use quote::quote;
use syn::{ItemFn, LitStr, parse_macro_input};
use crate::obfuscate::get_encryption_key;
/// Obfuscate function names by encrypting in AES
pub fn aes_fn_name(_attr: TokenStream, item: TokenStream) -> TokenStream {
// Parse the input function
let func = parse_macro_input!(item as ItemFn);
// Get the original function name
let fn_name = func.sig.ident.to_string();
// Generate the new, obfuscated name
let obfuscated_name = encrypt_aes_lines(&fn_name, &get_encryption_key(), STATIC_IV);
// Create a new string literal for the name
let new_name_lit = LitStr::new(&obfuscated_name, func.sig.ident.span());
// Re-build the function, but add #[no_mangle]
// and rename the *exported* symbol via #[export_name]
TokenStream::from(quote! {
#[unsafe(export_name = #new_name_lit)]
#func
})
}
/// Obfuscate strings by encrypting in AES
pub fn aes_str(input: TokenStream) -> TokenStream {
// Parse the input as a string literal
let lit_str = parse_macro_input!(input as LitStr);
let original_name = lit_str.value();
// Generate the exact same obfuscated name
let obfuscated_name = encrypt_aes_lines(&original_name, &get_encryption_key(), STATIC_IV);
// Expand to a static string literal
TokenStream::from(quote! {
#obfuscated_name
})
}