bump v0.3.0

Author: h3zh1

.cargo/config.toml

@@ -0,0 +1,36 @@
+[build]
+jobs=8
+
+
+[target.x86_64-pc-windows-gnu]
+rustflags = [
+    "-C", "link-arg=-s",
+    "-C", "link-arg=-Wl,--gc-sections",
+]
+
+[target.x86_64-pc-windows-msvc]
+rustflags = [
+    "-C","link-arg=/DEBUG:NONE",
+    "-C", "target-feature=+crt-static",
+]
+
+[target.i686-pc-windows-msvc]
+rustflags = [
+    "-C", "link-args=/SUBSYSTEM:CONSOLE,5.01",
+]
+
+[target.'cfg(target_os = "macos")']
+rustflags = [
+    "-C", "link-arg=-dead_strip"
+]
+
+[target.'cfg(target_os = "linux")']
+rustflags = [
+    "-C", "link-arg=-Wl,--gc-sections",
+    "-C", "link-arg=-Wl,--strip-all",
+]
+
+# [target.'cfg(target_os = "windows")']
+# rustflags = [
+#     "-C", "target-feature=+crt-static",
+# ]

.github/workflows/check.yaml

@@ -0,0 +1,123 @@
+name: check
+
+on:
+  push:
+    branches: [main, master]
+  pull_request:
+    branches: [main, master]
+  workflow_dispatch:
+    inputs:
+      target:
+        description: '指定 target（留空跑全部）'
+        required: false
+        default: ''
+      phase:
+        description: 'check / feature / test / mutant / profile / all'
+        required: false
+        default: 'all'
+      toolchain:
+        description: 'Rust toolchain (e.g. nightly-2024-09-18)'
+        required: false
+        default: 'nightly-2024-09-18'
+
+permissions:
+  contents: read
+
+jobs:
+  check-linux:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        target:
+          - x86_64-unknown-linux-musl
+          - x86_64-pc-windows-gnu
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          submodules: recursive
+          token: ${{ secrets.GH_PAT }}
+
+      - name: Install Rust toolchain
+        uses: dtolnay/rust-toolchain@master
+        with:
+          toolchain: ${{ github.event.inputs.toolchain || 'nightly-2024-09-18' }}
+          targets: ${{ matrix.target }}
+
+      - name: Install cross-compilation tools
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y gcc-mingw-w64-x86-64 musl-tools protobuf-compiler
+          sudo ln -sf /usr/bin/musl-gcc /usr/local/bin/x86_64-linux-musl-gcc
+
+      - name: Rust cache
+        uses: Swatinem/rust-cache@v2
+        with:
+          shared-key: "check-${{ matrix.target }}"
+          cache-targets: true
+          cache-all-crates: true
+          save-if: ${{ github.event_name == 'push' || github.event_name == 'workflow_dispatch' }}
+
+      - name: Fix line endings
+        run: |
+          sudo apt-get install -y dos2unix 2>/dev/null || true
+          find scripts/check -name '*.sh' -exec dos2unix {} + 2>/dev/null || \
+          find scripts/check -name '*.sh' -exec sed -i 's/\r$//' {} +
+
+      - name: Determine phase
+        id: phase
+        run: |
+          if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
+            echo "value=${{ github.event.inputs.phase || 'all' }}" >> $GITHUB_OUTPUT
+          else
+            echo "value=test" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Run checks
+        run: |
+          chmod +x scripts/check/check.sh scripts/check/profile.sh
+          ./scripts/check/check.sh --target ${{ matrix.target }} --phase ${{ steps.phase.outputs.value }} --ci
+
+  check-darwin:
+    runs-on: macos-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          submodules: recursive
+          token: ${{ secrets.GH_PAT }}
+
+      - name: Install protobuf
+        run: brew install protobuf
+
+      - name: Install Rust toolchain
+        uses: dtolnay/rust-toolchain@master
+        with:
+          toolchain: ${{ github.event.inputs.toolchain || 'nightly-2024-09-18' }}
+
+      - name: Rust cache
+        uses: Swatinem/rust-cache@v2
+        with:
+          shared-key: "check-aarch64-apple-darwin"
+          cache-targets: true
+          cache-all-crates: true
+          save-if: ${{ github.event_name == 'push' || github.event_name == 'workflow_dispatch' }}
+
+      - name: Fix line endings
+        run: |
+          find scripts/check -name '*.sh' -exec sed -i '' 's/\r$//' {} +
+
+      - name: Determine phase
+        id: phase
+        run: |
+          if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
+            echo "value=${{ github.event.inputs.phase || 'all' }}" >> $GITHUB_OUTPUT
+          else
+            echo "value=test" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Run checks
+        run: |
+          chmod +x scripts/check/check.sh scripts/check/profile.sh
+          ./scripts/check/check.sh --target aarch64-apple-darwin --phase ${{ steps.phase.outputs.value }} --ci

.github/workflows/generate.yaml

@@ -0,0 +1,233 @@
+name: generate malefic
+
+on:
+  workflow_dispatch:
+    inputs:
+      remark:
+        description: 'You can write something here, it will appear in the TITLE of `gh run list`, and help u find the artifact easily.'
+        required: false
+        default: ''
+      release:
+        description: 'Release version (default: none, if you want to upload to a GitHub Release, create a release and provide the version).'
+        required: false
+        default: "none"
+      targets:
+        description: 'Target to compile (comma separated, e.g., windows-x64-gnu,windows-x32-gnu)'
+        required: true
+      edition:
+        description: 'Edition'
+        required: false
+        default: 'community'
+      package:
+        description: 'Package'
+        required: true
+        default: 'beacon'
+      malefic_modules_features:
+        description: 'Malefic modules features'
+        required: false
+        default: 'full'
+      malefic_config_yaml:
+        description: 'Malefic config (Base64-encoded content of implant.yaml , will be masked in logs)'
+        required: false
+      autorun_yaml:
+        description: 'Autorun config (Base64-encoded content of prelude.yaml , will be masked in logs)'
+        required: false
+
+run-name: ${{ github.event.inputs.remark }}
+
+permissions:
+  contents: write
+
+jobs:
+  set_targets:
+    runs-on: ubuntu-22.04
+    outputs:
+      targets_json: ${{ steps.set_targets.outputs.targets_json }}
+    steps:
+      - name: Set matrix
+        id: set_targets
+        run: |
+          TARGETS="${{ github.event.inputs.targets }}"
+          TARGETS_JSON=$(echo "[\"${TARGETS//,/\",\"}\"]")
+          echo "targets_json=$TARGETS_JSON" >> $GITHUB_OUTPUT
+
+  generate:
+    needs: set_targets
+    runs-on: ubuntu-22.04
+    strategy:
+      matrix:
+        target: ${{ fromJson(needs.set_targets.outputs.targets_json) }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.GH_PAT }}
+          submodules: recursive
+          fetch-depth: 0
+
+      - name: Judge platform and arch
+        run: |
+          if [[ "${{matrix.target}}" == *"windows"* ]]; then
+            echo "platform=win" >> $GITHUB_ENV
+          elif [[ "${{matrix.target}}" == *"linux"* ]]; then
+            echo "platform=linux" >> $GITHUB_ENV
+          elif [[ "${{matrix.target}}" == *"darwin"* ]]; then
+            echo "platform=darwin" >> $GITHUB_ENV
+          fi
+          
+          if [[ "${{matrix.target}}" == *"x86_64"* ]]; then
+            echo "arch=x64" >> $GITHUB_ENV
+          else
+            echo "arch=x86" >> $GITHUB_ENV
+          fi
+
+      - name: Setup resources
+        run: |
+          # Community edition: resources (prebuild .a/.lib) are already in the repository
+          ls resources/
+
+      - name: Generate cache key
+        id: mutant_cache_key
+        run: |
+          HASH=$(find malefic-mutant -name "*.rs" -o -name "Cargo.toml" -o -name "Cargo.lock" | sort | xargs cat | sha256sum | cut -d' ' -f1)
+          echo "key=mutant-$HASH" >> $GITHUB_OUTPUT
+
+      - name: Cache malefic-mutant binary
+        id: cache_mutant
+        uses: actions/cache@v4
+        with:
+          path: |
+            target/x86_64-unknown-linux-musl/release/malefic-mutant
+          key: ${{ steps.mutant_cache_key.outputs.key }}
+
+      - name: Pull Docker image
+        run: |
+          docker pull ghcr.io/chainreactors/malefic-builder:latest
+
+      - name: Build malefic-mutant
+        if: steps.cache_mutant.outputs.cache-hit != 'true'
+        run: |
+          docker run -v $(pwd):/root/src ghcr.io/chainreactors/malefic-builder:latest \
+           bash -c "cargo build -p malefic-mutant --release --target x86_64-unknown-linux-musl"
+
+      - name: Setup malefic-mutant
+        run: |
+          mkdir -p target/x86_64-unknown-linux-musl/release/
+          cp target/x86_64-unknown-linux-musl/release/malefic-mutant malefic-mutant-x86_64-unknown-linux-musl
+          chmod +x malefic-mutant-x86_64-unknown-linux-musl
+
+      - name: Generate implant.yaml
+        if : ${{ github.event.inputs.malefic_config_yaml != null }}
+        run: |
+          SECRET_CONFIG_YAML_CONTENT=$(jq -r '.inputs.malefic_config_yaml' $GITHUB_EVENT_PATH)
+          echo "::add-mask::$SECRET_CONFIG_YAML_CONTENT"
+          echo $SECRET_CONFIG_YAML_CONTENT
+          echo "SECRET_CONFIG_YAML_CONTENT=$SECRET_CONFIG_YAML_CONTENT" >> $GITHUB_ENV
+          echo "$SECRET_CONFIG_YAML_CONTENT" | base64 -d > config.yaml
+
+      - name: Generate prelude.yaml
+        if : ${{ github.event.inputs.autorun_yaml != null }}
+        run: |
+          SECRET_AUTORUN_YAML_CONTENT=$(jq -r '.inputs.autorun_yaml' $GITHUB_EVENT_PATH)
+          echo "::add-mask::$SECRET_AUTORUN_YAML_CONTENT"
+          echo "SECRET_AUTORUN_YAML_CONTENT=$SECRET_AUTORUN_YAML_CONTENT" >> $GITHUB_ENV
+          echo "$SECRET_AUTORUN_YAML_CONTENT" | base64 -d > autorun.yaml
+
+      - name: Setup Cargo cache directories
+        run: |
+          mkdir -p ~/.cargo/registry
+          mkdir -p ~/.cargo/git
+          mkdir -p ./cargo-cache/registry
+          mkdir -p ./cargo-cache/git
+
+      - name: Cache Rust dependencies
+        id: cache_rust
+        uses: actions/cache@v4
+        with:
+          path: |
+            ./cargo-cache/registry
+            ./cargo-cache/git
+            target
+          key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}-${{ matrix.target }}-${{ github.event.inputs.package }}
+          restore-keys: |
+            ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}-${{ matrix.target }}-
+            ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}-
+            ${{ runner.os }}-cargo-
+
+      - name: Verify cache restore
+        run: |
+          echo "Cache hit: ${{ steps.cache_rust.outputs.cache-hit }}"
+          echo "Checking cargo cache directories:"
+          ls -la ./cargo-cache/ || echo "cargo-cache directory not found"
+          ls -la ./cargo-cache/registry/ || echo "registry directory not found"
+          ls -la ./cargo-cache/git/ || echo "git directory not found"
+
+      - name: Build(${{ github.event.inputs.package }}, ${{matrix.target}})
+        if : ${{ github.event.inputs.package == 'beacon' }}
+        shell: 'script --return --quiet --log-out /dev/null --command "bash -e {0}"'
+        run: |
+          docker run -v $(pwd):/root/src -v $(pwd)/cargo-cache/registry:/root/cargo/registry -v $(pwd)/cargo-cache/git:/root/cargo/git ghcr.io/chainreactors/malefic-builder:latest \
+           bash -c "./malefic-mutant-x86_64-unknown-linux-musl generate beacon && ./malefic-mutant-x86_64-unknown-linux-musl build malefic --target ${{matrix.target}}"
+
+      - name: Build(${{ github.event.inputs.package }}, ${{matrix.target}})
+        if : ${{ github.event.inputs.package == 'pulse' }}
+        shell: 'script --return --quiet --log-out /dev/null --command "bash -e {0}"'
+        run: |
+          docker run -v $(pwd):/root/src -v $(pwd)/cargo-cache/registry:/root/cargo/registry -v $(pwd)/cargo-cache/git:/root/cargo/git ghcr.io/chainreactors/malefic-builder:latest \
+           bash -c "./malefic-mutant-x86_64-unknown-linux-musl generate pulse -p $platform -a $arch && ./malefic-mutant-x86_64-unknown-linux-musl build pulse --target ${{matrix.target}}"
+
+      - name: Build(${{ github.event.inputs.package }}, ${{matrix.target}})
+        if : ${{ github.event.inputs.package == 'bind' }}
+        shell: 'script --return --quiet --log-out /dev/null --command "bash -e {0}"'
+        run: |
+          docker run -v $(pwd):/root/src -v $(pwd)/cargo-cache/registry:/root/cargo/registry -v $(pwd)/cargo-cache/git:/root/cargo/git ghcr.io/chainreactors/malefic-builder:latest \
+           bash -c "./malefic-mutant-x86_64-unknown-linux-musl generate bind && ./malefic-mutant-x86_64-unknown-linux-musl build bind --target ${{matrix.target}}"
+
+      - name: Build(${{ github.event.inputs.package }}, ${{matrix.target}})
+        if : ${{ github.event.inputs.package == 'prelude' }}
+        shell: 'script --return --quiet --log-out /dev/null --command "bash -e {0}"'
+        run: |
+          docker run -v $(pwd):/root/src -v $(pwd)/cargo-cache/registry:/root/cargo/registry -v $(pwd)/cargo-cache/git:/root/cargo/git ghcr.io/chainreactors/malefic-builder:latest \
+          bash -c "./malefic-mutant-x86_64-unknown-linux-musl generate prelude autorun.yaml && ./malefic-mutant-x86_64-unknown-linux-musl build prelude --target ${{matrix.target}}"
+
+      - name: Build(${{ github.event.inputs.package }},${{matrix.target}})
+        if : ${{ github.event.inputs.package == '3rd' }}
+        shell: 'script --return --quiet --log-out /dev/null --command "bash -e {0}"'
+        run: |
+          docker run -v $(pwd):/root/src -v $(pwd)/cargo-cache/registry:/root/cargo/registry -v $(pwd)/cargo-cache/git:/root/cargo/git ghcr.io/chainreactors/malefic-builder:latest \
+           bash -c "./malefic-mutant-x86_64-unknown-linux-musl generate modules -m full && ./malefic-mutant-x86_64-unknown-linux-musl build 3rd -m ${{ github.event.inputs.malefic_modules_features }} --target ${{matrix.target}}"
+
+      - name: Build(${{ github.event.inputs.package }},${{matrix.target}})
+        if : ${{ github.event.inputs.package == 'modules' }}
+        shell: 'script --return --quiet --log-out /dev/null --command "bash -e {0}"'
+        run: |
+          docker run -v $(pwd):/root/src -v $(pwd)/cargo-cache/registry:/root/cargo/registry -v $(pwd)/cargo-cache/git:/root/cargo/git ghcr.io/chainreactors/malefic-builder:latest \
+           bash -c "./malefic-mutant-x86_64-unknown-linux-musl generate modules -m ${{ github.event.inputs.malefic_modules_features }} && ./malefic-mutant-x86_64-unknown-linux-musl build modules -m ${{ github.event.inputs.malefic_modules_features }} --target ${{matrix.target}}"
+
+      - name: Move ${{ github.event.inputs.package }} to output
+        run: |
+          mkdir -p output
+          sudo chmod -R 777 target
+          sudo chmod -R 777 output
+          export prefix=./target/${{matrix.target}}/release
+          export suffix=$([ "$platform" = "win" ] && echo ".exe" || echo "")
+          tree ./target
+          if ${{ github.event.inputs.package == 'beacon' }} || ${{ github.event.inputs.package == 'bind' }}; then \
+            mv $prefix/malefic$suffix output/malefic-${{ github.event.inputs.package }}$suffix; \
+          elif ${{ github.event.inputs.package == 'prelude' }}; then \
+            mv $prefix/malefic-prelude$suffix output/malefic-prelude$suffix; \
+          elif ${{ github.event.inputs.package == 'pulse' }}; then \
+            mv $prefix/malefic-pulse$suffix output/malefic-pulse$suffix;
+          elif ${{ github.event.inputs.package == 'modules' }}; then \
+            mv $prefix/malefic_modules.dll output/malefic_modules-${{matrix.target}}.dll; \
+          elif ${{ github.event.inputs.package == '3rd' }}; then \
+            mv $prefix/malefic_3rd.dll output/malefic_3rd-${{matrix.target}}.dll; \
+          fi
+
+      - name: Upload artifact ${{matrix.target}}
+        if: ${{ github.event.inputs.release == 'none' }}
+        uses: actions/upload-artifact@v4
+        with:
+          name: malefic-${{matrix.target}}-${{ github.run_id }}
+          path: output/*
+          retention-days: 2 # you can change this value