Skip to content

Commit 9cfd28e

Browse files
h3zh1h3zh1
committed
bump v0.1.2
1 parent 15993c2 commit 9cfd28e

File tree

208 files changed

+14569
-4465
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

208 files changed

+14569
-4465
lines changed

Cargo.lock

Lines changed: 1125 additions & 384 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Cargo.toml

Lines changed: 48 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,54 @@ members = [
1515
"malefic-3rd",
1616
]
1717

18+
exclude = [
19+
"malefic-proxydll",
20+
]
21+
22+
[workspace.dependencies]
23+
# Core async and error handling
24+
anyhow = "1.0.89"
25+
thiserror = "1.0.64"
26+
futures = "0.3.31"
27+
futures-timer = "3.0.3"
28+
async-trait = "0.1.89"
29+
30+
tokio = "1"
31+
32+
# Utilities
33+
lazy_static = "1.5.0"
34+
obfstr = "0.4.3"
35+
cfg-if = "1.0.0"
36+
37+
# Serialization
38+
prost = "0.14.1"
39+
serde = { version = "1.0.210", features = ["derive"] }
40+
base64 = "0.22"
41+
42+
# Macros
43+
strum = "0.26.3"
44+
strum_macros = "0.26.4"
45+
46+
# Time and scheduling
47+
chrono = {version="0.4", default-features = false, features =["clock"]}
48+
49+
# Crypto and hashing (2+ uses)
50+
sha2 = {version="0.10.9",default-features = false}
51+
52+
byteorder = "1.4"
53+
regex = "1.11.2"
54+
55+
tar = "0.4"
56+
57+
url = "2.5.4"
58+
59+
libc = "0.2"
60+
61+
windows = "0.58.0"
62+
63+
prost-build = "0.14.1"
64+
embed-resource = "3.0.5"
65+
1866
[profile.dev]
1967
opt-level = 1
2068

config_lint.json

Lines changed: 211 additions & 54 deletions
Original file line numberDiff line numberDiff line change
@@ -1,80 +1,256 @@
11
{
2+
"$schema": "http://json-schema.org/draft-07/schema#",
23
"type": "object",
34
"properties": {
45
"basic": {
56
"type": "object",
67
"properties": {
7-
"targets": {
8-
"type": "array",
9-
"items": { "type": "string" }
8+
"name": {"type": "string"},
9+
"proxy": {
10+
"type": "object",
11+
"properties": {
12+
"use_env_proxy": {"type": "boolean"},
13+
"url": {"type": "string"}
14+
}
15+
},
16+
"cron": {"type": "string"},
17+
"jitter": {"type": "number"},
18+
"server_retry": {"type": "integer"},
19+
"global_retry": {"type": "integer"},
20+
"encryption": {"type": "string"},
21+
"key": {"type": "string"},
22+
"secure": {
23+
"type": "object",
24+
"properties": {
25+
"enable": {"type": "boolean"},
26+
"private_key": {"type": "string"},
27+
"public_key": {"type": "string"}
28+
},
29+
"required": ["enable"]
1030
},
11-
"protocol" : { "type": "string" },
12-
"tls": {
31+
"dga": {
1332
"type": "object",
1433
"properties": {
15-
"enable": { "type": "boolean" },
16-
"version": {
17-
"type": "string",
18-
"enum": ["auto", "1.2", "1.3"]
34+
"enable": {"type": "boolean"},
35+
"key": {"type": "string"},
36+
"interval_hours": {"type": "integer"}
37+
}
38+
},
39+
"guardrail": {
40+
"type": "object",
41+
"properties": {
42+
"enable": {"type": "boolean"},
43+
"require_all": {"type": "boolean"},
44+
"ip_addresses": {
45+
"type": "array",
46+
"items": {"type": "string"}
1947
},
20-
"cert_verification": {
21-
"type": "string",
22-
"enum": ["none", "system"]
48+
"usernames": {
49+
"type": "array",
50+
"items": {"type": "string"}
2351
},
24-
"sni": { "type": "string" },
25-
"mtls": {
26-
"type": "object",
27-
"properties": {
28-
"enable": { "type": "boolean" },
29-
"cert_path": { "type": "string" },
30-
"key_path": { "type": "string" }
31-
},
32-
"required": ["enable"]
52+
"server_names": {
53+
"type": "array",
54+
"items": {"type": "string"}
55+
},
56+
"domains": {
57+
"type": "array",
58+
"items": {"type": "string"}
3359
}
3460
},
3561
"required": ["enable"]
3662
},
37-
"interval": { "type": "integer" },
38-
"jitter": { "type": "number" }
63+
"targets": {
64+
"type": "array",
65+
"items": {
66+
"type": "object",
67+
"properties": {
68+
"address": {"type": "string"},
69+
"domain_suffix": {"type": "string"},
70+
"http": {
71+
"type": "object",
72+
"properties": {
73+
"method": {"type": "string"},
74+
"path": {"type": "string"},
75+
"version": {"type": "string"},
76+
"headers": {
77+
"type": "object",
78+
"additionalProperties": {"type": "string"}
79+
}
80+
}
81+
},
82+
"tcp": {"type": "object"},
83+
"tls": {
84+
"type": "object",
85+
"properties": {
86+
"enable": {"type": "boolean"},
87+
"sni": {"type": "string"},
88+
"skip_verification": {"type": "boolean"}
89+
}
90+
},
91+
"rem": {
92+
"type": "object",
93+
"properties": {
94+
"link": {"type": "string"}
95+
}
96+
}
97+
},
98+
"required": ["address"]
99+
}
100+
}
39101
},
40-
"required": ["targets", "interval", "protocol", "tls", "jitter"]
102+
"required": ["server_retry","global_retry","encryption","key", "cron", "jitter", "targets"]
103+
},
104+
"build": {
105+
"type": "object",
106+
"properties": {
107+
"zigbuild": {"type": "boolean"},
108+
"remap": {"type": "boolean"},
109+
"toolchain": {"type": "string"},
110+
"srdi": {"type": "boolean"},
111+
"objcopy": {"type": "boolean"},
112+
"signforge": {
113+
"type": "object",
114+
"properties": {
115+
"input_file": {"type": "string"},
116+
"signature_path": {"type": "string"}
117+
}
118+
},
119+
"ollvm": {
120+
"type": "object",
121+
"properties": {
122+
"enable": {"type": "boolean"},
123+
"bcfobf": {"type": "boolean"},
124+
"splitobf": {"type": "boolean"},
125+
"subobf": {"type": "boolean"},
126+
"fco": {"type": "boolean"},
127+
"constenc": {"type": "boolean"}
128+
}
129+
},
130+
"metadata": {
131+
"type": "object",
132+
"properties": {
133+
"remap_path": {"type": "string"},
134+
"icon": {"type": "string"},
135+
"compile_time": {"type": "string"},
136+
"file_version": {"type": "string"},
137+
"product_version": {"type": "string"},
138+
"company_name": {"type": "string"},
139+
"product_name": {"type": "string"},
140+
"original_filename": {"type": "string"},
141+
"file_description": {"type": "string"},
142+
"internal_name": {"type": "string"},
143+
"require_admin": {"type": "boolean"},
144+
"require_uac": {"type": "boolean"}
145+
}
146+
}
147+
}
148+
},
149+
"pulse": {
150+
"type": "object",
151+
"properties": {
152+
"flags": {
153+
"type": "object",
154+
"properties": {
155+
"start": {"type": "integer"},
156+
"end": {"type": "integer"},
157+
"magic": {"type": "string"},
158+
"artifact_id": {"type": "integer"}
159+
}
160+
},
161+
"encryption": {"type": "string"},
162+
"key": {"type": "string"},
163+
"target": {"type": "string"},
164+
"protocol": {"type": "string"},
165+
"http": {
166+
"type": "object",
167+
"properties": {
168+
"method": {"type": "string"},
169+
"path": {"type": "string"},
170+
"host": {"type": "string"},
171+
"version": {"type": "string"},
172+
"headers": {
173+
"type": "object",
174+
"additionalProperties": {"type": "string"}
175+
}
176+
}
177+
}
178+
}
41179
},
42180
"implants": {
43181
"type": "object",
44182
"properties": {
45-
"mod": { "type": "string" },
46-
"register_info": { "type": "boolean"},
183+
"runtime": {"type": "string"},
184+
"mod": {"type": "string"},
185+
"register_info": {"type": "boolean"},
186+
"hot_load": {"type": "boolean"},
47187
"modules": {
48188
"type": "array",
49-
"items": { "type": "string" }
189+
"items": {"type": "string"}
190+
},
191+
"enable_3rd": {"type": "boolean"},
192+
"3rd_modules": {
193+
"type": "array",
194+
"items": {"type": "string"}
195+
},
196+
"autorun": {"type": "string"},
197+
"pack": {
198+
"type": "array",
199+
"items": {
200+
"type": "object",
201+
"properties": {
202+
"src": {"type": "string"},
203+
"dst": {"type": "string"}
204+
}
205+
}
206+
},
207+
"flags": {
208+
"type": "object",
209+
"properties": {
210+
"start": {"type": "integer"},
211+
"end": {"type": "integer"},
212+
"magic": {"type": "string"},
213+
"artifact_id": {"type": "integer"}
214+
}
215+
},
216+
"anti": {
217+
"type": "object",
218+
"properties": {
219+
"sandbox": {"type": "boolean"},
220+
"vm": {"type": "boolean"},
221+
"debug": {"type": "boolean"},
222+
"disasm": {"type": "boolean"},
223+
"emulator": {"type": "boolean"},
224+
"forensic": {"type": "boolean"}
225+
}
50226
},
51227
"apis": {
52228
"type": "object",
53229
"properties": {
54-
"level": { "type": "string" },
230+
"level": {"type": "string"},
55231
"priority": {
56232
"type": "object",
57233
"properties": {
58234
"normal": {
59235
"type": "object",
60236
"properties": {
61-
"enable": { "type": "boolean" },
237+
"enable": {"type": "boolean"},
62238
"type": {"type": "string"}
63239
},
64240
"required": ["enable", "type"]
65241
},
66242
"dynamic": {
67243
"type": "object",
68244
"properties": {
69-
"enable": { "type": "boolean" },
245+
"enable": {"type": "boolean"},
70246
"type": {"type": "string"}
71247
},
72248
"required": ["enable", "type"]
73249
},
74250
"syscalls": {
75251
"type": "object",
76252
"properties": {
77-
"enable": { "type": "boolean" },
253+
"enable": {"type": "boolean"},
78254
"type": {"type": "string"}
79255
},
80256
"required": ["enable", "type"]
@@ -86,36 +262,17 @@
86262
"required": ["level", "priority"]
87263
},
88264
"alloctor": {
89-
"type":"object",
265+
"type": "object",
90266
"properties": {
91267
"inprocess": {"type": "string"},
92268
"crossprocess": {"type": "string"}
93269
},
94270
"required": ["inprocess", "crossprocess"]
95271
},
96-
"sleep_mask": { "type": "boolean" },
97-
"sacrifice_process": { "type": "boolean" },
98-
"fork_and_run": { "type": "boolean" },
99-
"hook_exit": { "type": "boolean" },
100-
"thread_stack_spoofer": { "type": "boolean" },
101-
"pe_signature_modify": {
102-
"type": "object",
103-
"properties": {
104-
"feature": { "type": "boolean" },
105-
"modify": {
106-
"type": "object",
107-
"properties": {
108-
"magic": { "type": "string" },
109-
"signature": { "type": "string" }
110-
},
111-
"required": ["magic", "signature"]
112-
}
113-
},
114-
"required": ["feature", "modify"]
115-
}
272+
"thread_stack_spoofer": {"type": "boolean"}
116273
},
117-
"required": ["mod","modules", "apis", "alloctor", "sleep_mask", "sacrifice_process", "fork_and_run", "hook_exit", "thread_stack_spoofer", "pe_signature_modify"]
274+
"required": ["runtime", "mod", "register_info", "hot_load", "modules" ]
118275
}
119276
},
120-
"required": ["basic", "implants"]
277+
"required": ["basic", "build", "pulse", "implants"]
121278
}

0 commit comments

Comments
 (0)