mirror of
https://github.com/Astatin3/unshell.git
synced 2026-06-08 22:38:01 -06:00
Add base62 encoding
This commit is contained in:
Michael Mikovsky
@@ -1,59 +0,0 @@
|
||||
// --- Add these imports to the top of src/lib.rs ---
|
||||
use aes::{
|
||||
Aes256,
|
||||
cipher::{BlockEncryptMut, KeyIvInit},
|
||||
};
|
||||
use cbc::Encryptor;
|
||||
use cbc::cipher::block_padding::Pkcs7;
|
||||
use hex;
|
||||
use sha2::{Digest, Sha256};
|
||||
|
||||
use crate::{BACKUP_ENV_KEY, ENV_KEY_NAME};
|
||||
|
||||
// type Aes256CbcEncryptor = ;
|
||||
|
||||
// A static, hardcoded IV. This is fine for obfuscation,
|
||||
// as we're not protecting against replay attacks, just static analysis.
|
||||
// This is the hex for "my_static_iv_012".
|
||||
const STATIC_IV: [u8; 16] = [
|
||||
0x6d, 0x79, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x69, 0x63, 0x5f, 0x69, 0x76, 0x5f, 0x30, 0x31, 0x32,
|
||||
];
|
||||
|
||||
fn pkcs7_padded_length(input_len: usize) -> usize {
|
||||
let block_size = 16;
|
||||
((input_len / block_size) + 1) * block_size
|
||||
}
|
||||
|
||||
pub fn get_obfuscated_symbol_name(input: &str) -> String {
|
||||
// 1. Get the key from the environment
|
||||
// let key_str =
|
||||
// std::env::var(ENV_KEY_NAME).expect(&format!("'{}' env var not set", ENV_KEY_NAME));
|
||||
|
||||
let key_str = std::env::var(ENV_KEY_NAME).unwrap_or(BACKUP_ENV_KEY.to_owned());
|
||||
|
||||
// 2. Hash the env key to get a 32-byte (256-bit) AES key
|
||||
let mut hasher = Sha256::new();
|
||||
hasher.update(key_str.as_bytes());
|
||||
let key: [u8; 32] = hasher.finalize().into();
|
||||
|
||||
// 3. Encrypt the input string
|
||||
let cipher = Encryptor::<Aes256>::new(&key.into(), &STATIC_IV.into());
|
||||
let mut plaintext = input.to_string();
|
||||
let plaintext = unsafe { plaintext.as_bytes_mut() };
|
||||
|
||||
let buf_len = pkcs7_padded_length(plaintext.len());
|
||||
let mut buf: Vec<u8> = vec![0; buf_len];
|
||||
|
||||
buf[..plaintext.len()].copy_from_slice(plaintext);
|
||||
let ciphertext = cipher
|
||||
.encrypt_padded_mut::<Pkcs7>(&mut buf, plaintext.len())
|
||||
.expect("Could not encrypt");
|
||||
|
||||
// 4. Hex-encode the result
|
||||
let hex_encoded = hex::encode(ciphertext);
|
||||
|
||||
hex_encoded
|
||||
|
||||
// 5. Prepend a prefix
|
||||
// format!("obf_{}", hex_encoded)
|
||||
}
|
||||
@@ -3,10 +3,7 @@
|
||||
|
||||
use proc_macro::TokenStream;
|
||||
use quote::quote;
|
||||
use syn::{Expr, ItemFn, LitStr, parse_macro_input};
|
||||
|
||||
#[cfg(feature = "obfuscate")]
|
||||
mod encrypt;
|
||||
use syn::{ItemFn, parse_macro_input};
|
||||
|
||||
mod format_helper;
|
||||
use format_helper::*;
|
||||
@@ -14,11 +11,12 @@ use format_helper::*;
|
||||
// Put all encrypt-related dependencies in a module, so they are easier to use with the feature flag
|
||||
#[cfg(feature = "obfuscate")]
|
||||
mod obs_deps {
|
||||
pub use crate::encrypt::get_obfuscated_symbol_name;
|
||||
pub use syn::LitStr;
|
||||
|
||||
pub const ENV_KEY_NAME: &str = "OBFUSCATION_KEY";
|
||||
pub const BACKUP_ENV_KEY: &str = "OBFUSCATION_KEY_DO_NOT_USE";
|
||||
pub use unshell_crypt::BACKUP_ENV_KEY;
|
||||
pub use unshell_crypt::ENV_KEY_NAME;
|
||||
pub use unshell_crypt::STATIC_IV;
|
||||
pub use unshell_crypt::aes::encrypt_aes_lines;
|
||||
pub use unshell_crypt::fill;
|
||||
}
|
||||
#[cfg(feature = "obfuscate")]
|
||||
use obs_deps::*;
|
||||
@@ -49,13 +47,18 @@ pub fn symbol(input: TokenStream) -> TokenStream {
|
||||
#[cfg(feature = "obfuscate")]
|
||||
pub fn obfuscated_symbol(_attr: TokenStream, item: TokenStream) -> TokenStream {
|
||||
// Parse the input function
|
||||
|
||||
use unshell_crypt::aes::encrypt_aes;
|
||||
let func = parse_macro_input!(item as ItemFn);
|
||||
|
||||
// Get the original function name
|
||||
let fn_name = func.sig.ident.to_string();
|
||||
|
||||
// get the encryption key
|
||||
let key_str = std::env::var(ENV_KEY_NAME).unwrap_or(BACKUP_ENV_KEY.to_owned());
|
||||
|
||||
// Generate the new, obfuscated name
|
||||
let obfuscated_name = get_obfuscated_symbol_name(&fn_name);
|
||||
let obfuscated_name = encrypt_aes_lines(&fn_name, &key_str, STATIC_IV);
|
||||
|
||||
// Create a new string literal for the name
|
||||
let new_name_lit = LitStr::new(&obfuscated_name, func.sig.ident.span());
|
||||
@@ -77,8 +80,11 @@ pub fn symbol(input: TokenStream) -> TokenStream {
|
||||
let lit_str = parse_macro_input!(input as LitStr);
|
||||
let original_name = lit_str.value();
|
||||
|
||||
// get the encryption key
|
||||
let key_str = std::env::var(ENV_KEY_NAME).unwrap_or(BACKUP_ENV_KEY.to_owned());
|
||||
|
||||
// Generate the exact same obfuscated name
|
||||
let obfuscated_name = get_obfuscated_symbol_name(&original_name);
|
||||
let obfuscated_name = encrypt_aes_lines(&original_name, &key_str, STATIC_IV);
|
||||
|
||||
// Expand to a static string literal
|
||||
TokenStream::from(quote! {
|
||||
@@ -106,7 +112,7 @@ pub fn obs(input: TokenStream) -> TokenStream {
|
||||
|
||||
// 1. Generate a unique, random key for this string
|
||||
let mut key = vec![0u8; len];
|
||||
getrandom::fill(&mut key).expect("Failed to get random bytes for XOR key");
|
||||
fill(&mut key).expect("Failed to get random bytes for XOR key");
|
||||
|
||||
// 2. XOR the string with the key
|
||||
let mut obfuscated = Vec::with_capacity(len);
|
||||
|
||||
Reference in New Issue
Block a user