mirror of
https://github.com/Astatin3/unshell.git
synced 2026-06-08 22:38:01 -06:00
Michael Mikovsky
fcb3b2be17
- Write PROTOCOL.md with full wire format spec and 8 real-world scenario
analyses (reconnect, multi-operator, large files, AV evasion, router crash,
malformed packets, future pivoting)
- Rewrite workspace structure:
- unshell lib: protocol types (PacketHeader, TreeRequest/Response,
HandshakeMessage/Ack), Transport trait, TcpTransport, Tree routing
- ush-router: router binary with per-node threads, NodeRegistry with
longest-prefix path matching, packet relay
- ush-payload: implant binary with reconnect loop, module tree, InfoModule
- ush-cli: operator REPL with rustyline, session management, command parser
- Protocol design: two-part rkyv frame [header][payload]; router reads only
header for routing, payload bytes forwarded opaque
- All code documented with doc comments and examples
- Zero warnings, zero errors across entire workspace
- 32 tests pass (unit tests for tree routing, TCP transport, framing,
command parsing, node registry)
183 lines
6.5 KiB
TOML
183 lines
6.5 KiB
TOML
cargo-features = ["trim-paths", "panic-immediate-abort"]
|
|
|
|
# =============================================================================
|
|
# UnShell Workspace
|
|
# =============================================================================
|
|
#
|
|
# Crate layout:
|
|
#
|
|
# unshell — core library: protocol types, transport trait, tree routing
|
|
# ush-router — the router/relay binary (runs on operator's VPS)
|
|
# ush-payload — the implant binary (runs on the target)
|
|
# ush-cli — the operator REPL binary (runs on the operator's machine)
|
|
# ush-obfuscate — proc-macro crate: compile-time string/code obfuscation
|
|
# base62 — base62 encoding (used for node IDs)
|
|
#
|
|
# Build profiles:
|
|
# dev — fast compile, debug info
|
|
# release — optimized
|
|
# minimize — size-optimized, for the payload binary
|
|
|
|
[workspace]
|
|
members = [
|
|
# Core binaries
|
|
"ush-router",
|
|
"ush-payload",
|
|
"ush-cli",
|
|
|
|
# Libraries
|
|
"ush-obfuscate",
|
|
"base62",
|
|
]
|
|
resolver = "2"
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Shared package metadata
|
|
# ---------------------------------------------------------------------------
|
|
[workspace.package]
|
|
version = "0.1.0"
|
|
edition = "2024"
|
|
authors = ["ASTATIN3"]
|
|
license = "MIT"
|
|
repository = "https://github.com/Astatin3/unshell"
|
|
include = ["LICENSE", "**/*.rs", "Cargo.toml"]
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Shared dependencies — all crates in the workspace can reference these
|
|
# with `dep.workspace = true` to get consistent versions.
|
|
# ---------------------------------------------------------------------------
|
|
[workspace.dependencies]
|
|
# Serialisation
|
|
rkyv = "0.8.15" # zero-copy deserialisation framework
|
|
serde = { version = "1.0.228", features = ["derive"] }
|
|
serde_json = "1.0.149"
|
|
|
|
# Concurrency
|
|
crossbeam-channel = "0.5.15" # multi-producer multi-consumer channels
|
|
|
|
# Error handling
|
|
thiserror = "2.0.18" # derive(Error) macro
|
|
|
|
# Logging / time
|
|
chrono = "0.4.42"
|
|
|
|
# Utilities
|
|
static_init = "1.0.4" # safe static initialisation
|
|
|
|
# Internal workspace crates (other crates depend on these)
|
|
unshell = { path = "." }
|
|
ush-obfuscate = { path = "./ush-obfuscate" }
|
|
base62 = { path = "./base62" }
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# The unshell core library
|
|
# ---------------------------------------------------------------------------
|
|
[package]
|
|
name = "unshell"
|
|
version.workspace = true
|
|
edition.workspace = true
|
|
description = "UnShell core library: protocol types, transport, and tree routing"
|
|
|
|
# The library must be no_std compatible so the payload can use it without
|
|
# a full standard library. It does, however, link `alloc` (heap allocation).
|
|
#
|
|
# Binaries (ush-router, ush-cli) link std and use the library's full API.
|
|
# The payload binary also links std for now but the library itself is no_std.
|
|
|
|
[features]
|
|
default = []
|
|
|
|
# Enable the structured logger (uses chrono for timestamps)
|
|
log = []
|
|
log_debug = ["log", "dep:chrono"]
|
|
|
|
# Enable TCP transport (requires std). All std binaries enable this.
|
|
# The payload binary can also enable it; only omit it for bare-metal embedded targets.
|
|
tcp = []
|
|
|
|
# Obfuscation support (compile-time string obfuscation via proc-macro)
|
|
obfuscate_aes = ["ush-obfuscate/obfuscate_aes"]
|
|
obfuscate_ref = ["ush-obfuscate/obfuscate_ref"]
|
|
|
|
[dependencies]
|
|
rkyv = { workspace = true }
|
|
crossbeam-channel = { workspace = true }
|
|
thiserror = { workspace = true }
|
|
chrono = { workspace = true, optional = true }
|
|
ush-obfuscate = { workspace = true }
|
|
static_init = { workspace = true }
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Build profiles
|
|
# ---------------------------------------------------------------------------
|
|
|
|
[profile.release]
|
|
opt-level = 2
|
|
|
|
# Even in debug builds, optimise all dependencies so test runs aren't sluggish.
|
|
[profile.dev.package."*"]
|
|
opt-level = 2
|
|
|
|
# Payload profile: strip everything possible, optimise for size.
|
|
# Use with: cargo build --profile minimize -p ush-payload
|
|
[profile.minimize]
|
|
inherits = "release"
|
|
strip = true # strip debug symbols and non-essential sections
|
|
opt-level = "z" # optimise for binary size
|
|
lto = true # link-time optimisation (cross-crate dead code elim)
|
|
codegen-units = 1 # single codegen unit for maximum LTO
|
|
panic = "immediate-abort"
|
|
debug = false
|
|
trim-paths = "all" # strip file paths from panic messages
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Lints — applied to the entire workspace
|
|
# ---------------------------------------------------------------------------
|
|
[lints]
|
|
workspace = true
|
|
|
|
[workspace.lints.rust]
|
|
elided_lifetimes_in_paths = "warn"
|
|
future_incompatible = { level = "warn", priority = -1 }
|
|
nonstandard_style = { level = "warn", priority = -1 }
|
|
rust_2018_idioms = { level = "warn", priority = -1 }
|
|
rust_2021_prelude_collisions = "warn"
|
|
semicolon_in_expressions_from_macros = "warn"
|
|
trivial_numeric_casts = "warn"
|
|
unsafe_op_in_unsafe_fn = "warn"
|
|
unused_extern_crates = "warn"
|
|
unused_import_braces = "warn"
|
|
unused_lifetimes = "warn"
|
|
trivial_casts = "allow"
|
|
unused_qualifications = "allow"
|
|
|
|
[workspace.lints.rustdoc]
|
|
all = "warn"
|
|
missing_crate_level_docs = "warn"
|
|
|
|
[workspace.lints.clippy]
|
|
# --- Correctness ---
|
|
get_unwrap = "warn"
|
|
unwrap_used = "warn"
|
|
indexing_slicing = "warn"
|
|
# --- Style ---
|
|
cloned_instead_of_copied = "warn"
|
|
explicit_into_iter_loop = "warn"
|
|
explicit_iter_loop = "warn"
|
|
manual_string_new = "warn"
|
|
needless_borrow = "warn"
|
|
needless_pass_by_value = "warn"
|
|
str_to_string = "warn"
|
|
string_to_string = "warn"
|
|
uninlined_format_args = "warn"
|
|
use_self = "warn"
|
|
# --- Documentation ---
|
|
missing_errors_doc = "warn"
|
|
missing_safety_doc = "warn"
|
|
undocumented_unsafe_blocks = "warn"
|
|
# --- Complexity ---
|
|
too_many_lines = "warn"
|
|
# --- Allowed (intentional style choices) ---
|
|
manual_range_contains = "allow"
|
|
map_unwrap_or = "allow"
|