Dev

Cargo.toml

@@ -1,5 +1,5 @@
 [package]
-authors = [ "VPR <0xvpr@god.io>" ]
+authors = [ "0xvpr <admin@0xvpr.io>" ]
 name    = "concept"
 version = "1.0.0"
 edition = "2021"
@@ -8,7 +8,6 @@ build   = "build.rs"
 
 [dependencies]
 winapi  = { version = "0.3.9", features = [ "fileapi", "winbase" ] }
-tokio   = { version = "1.0",   features = ["full"] }
 
 [profile.release]
 lto = true

Dockerfile

@@ -4,9 +4,9 @@
 # Created:      February 12th, 2024
 
 # Updated by:   VPR
-# Updated:      February 12th, 2024
+# Updated:      May 2nd, 2024
 
-FROM ubuntu:22.04
+FROM ubuntu:24.04
 
 # Set env to avoid user input interruption during installation
 ENV TZ=America/New_York
@@ -24,18 +24,49 @@ RUN apt-get install -y --no-install-recommends \
     mingw-w64-i686-dev \
     mingw-w64-x86-64-dev \
     mingw-w64-tools
+RUN update-ca-certificates
 
 # Create working environment
-USER root
-ENV HOME=/root
-WORKDIR /var/concept-dev/concept
+WORKDIR /var/opt/concept
+
+# Copy sources
+COPY res res
+COPY src src
+COPY config.toml config.toml
+COPY build.rs build.rs
+COPY rust-toolchain.toml rust-toolchain.toml
+COPY Cargo.toml Cargo.toml
+COPY Makefile Makefile
+
+# Set docker user to local user uid:gid
+ARG LOCAL_USER
+ARG LOCAL_UID
+ARG LOCAL_GID
+
+RUN if getent group $LOCAL_GID > /dev/null; \
+    then \
+        groupmod -n $LOCAL_USER `getent group $LOCAL_GID | cut -f1 -d:`; \
+    else \
+        groupadd -g $LOCAL_GID $LOCAL_USER; \
+    fi
+
+RUN if getent group $LOCAL_UID > /dev/null; \
+    then \
+        usermod -l $LOCAL_USER -d /home/$LOCAL_USER -m `getent passwd 1000 | cut -f1 -d:`; \
+    else \
+        useradd -m -u $LOCAL_UID -g $LOCAL_GID -s /bin/bash $LOCAL_USER; \
+    fi
+
+RUN chown -R $LOCAL_USER:$LOCAL_USER /var/opt/concept
+
+# Become user
+USER $LOCAL_USER
+ENV HOME=/home/$LOCAL_USER
 
 # Install & configure Rust
-RUN update-ca-certificates
 RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
-ENV PATH="/root/.cargo/bin:${PATH}"
-RUN rustup install nightly
-RUN rustup default nightly
-RUN rustup target add x86_64-pc-windows-gnu --toolchain nightly
-# RUN cargo build -Z build-std --target x86_64-pc-windows-gnu
-RUN rustup component add rust-src --toolchain nightly-x86_64-unknown-linux-gnu
+RUN . $HOME/.profile && rustup install nightly
+RUN . $HOME/.profile && rustup default nightly
+RUN . $HOME/.profile && rustup target add x86_64-pc-windows-gnu --toolchain nightly
+RUN . $HOME/.profile && rustup toolchain add nightly-x86_64-pc-windows-gnu
+RUN . $HOME/.profile && rustup component add rust-src --toolchain nightly-x86_64-pc-windows-gnu

Makefile

@@ -1,19 +1,37 @@
-PROJECT = concept
+PROJECT           = concept
+CONTAINER         = $(PROJECT)-dev
+
+LOCAL_UID         = $(shell id -u)
+LOCAL_GID         = $(shell id -g)
+LOCAL_USER        = $(shell whoami)
+BUILD_ARGS        = --build-arg LOCAL_USER="$(LOCAL_USER)" --build-arg LOCAL_UID="$(LOCAL_UID)" --build-arg LOCAL_GID="$(LOCAL_GID)"
+
+USER_SHARED_DIR   = $(shell pwd)/target
+DOCKER_SHARED_DIR = /var/opt/$(PROJECT)/target
+
+OWNER             = $(LOCAL_USER):$(LOCAL_USER)
+SHARED_VOLUME     = $(USER_SHARED_DIR):$(DOCKER_SHARED_DIR)
+
 
 all: docker-build
 all: docker-run
 
+
 .PHONY: docker-container
 docker-container:
-	docker build --no-cache -f "Dockerfile" -t "$(PROJECT)-dev" .
+	docker build -f Dockerfile .  -t "$(CONTAINER)" $(BUILD_ARGS)
 
 .PHONY: docker-build
 docker-build:
-	docker run -v "$(shell pwd):/var/$(PROJECT)-dev/$(PROJECT)" -u "root:root" "$(PROJECT)-dev" /bin/bash -c "cargo clean && cargo build --target x86_64-pc-windows-gnu"
+	docker run -u "$(OWNER)" "$(CONTAINER)" /bin/bash -c ". /home/$(USER)/.profile && make build"
+
+.PHONY: docker-cross-compile
+docker-cross-compile:
+	docker run -v "$(SHARED_VOLUME)" -u "$(OWNER)" "$(CONTAINER)" /bin/bash -c ". /home/$(USER)/.profile && make build"
 
 .PHONY: docker-run
-docker-run:
-	docker run -itv "$(shell pwd):/var/$(PROJECT)-dev/$(PROJECT)" -u "root:root" "$(PROJECT)-dev"
+docker-run: target
+	docker run -itv "$(SHARED_VOLUME)" -u "$(OWNER)" "$(CONTAINER)"
 
 .PHONY: clean
 clean:
@@ -27,3 +45,7 @@ build:
 .PHONY: run
 run:
 	target/x86_64-pc-windows-gnu/release/concept.exe
+
+.PHONY: target
+target:
+	mkdir -p target

README.md

@@ -1,6 +1,15 @@
-# Rust Malware Concept
-A Concept design of a backdoor that utilizes HTTP/TCP sockets,  
-Caesar encryption, api.smsglobal.com (for SMS), & more.  
+<h1 align="center">Rust Malware Concept</h1>
+<p align="center">
+  <img src="https://img.shields.io/badge/Windows-supported-44CC11"/>
+  <a href="https://mit-license.org/"/>
+    <img src="https://img.shields.io/badge/License-MIT-44CC11"/>
+  </a>
+  <img src="https://img.shields.io/github/actions/workflow/status/0xvpr/Rust-Malware-Concept/docker_build.yml?label=Build"/>
+</p>
+<br>
+---
+A Concept design of a simple malware executable compiled using rust.  
+The payload is calc.exe.
 
 ### Table of Contents
 - [How it works](#how-it-works)
@@ -13,26 +22,14 @@ inside of the target's **AppData** folder.
 
 **Detailed explanation**  
 The application is a Trojan that moves itself into the users <code>AppData</code> folder and sets its  
-attribute to hidden. The file then pings a user-defined host server that holds the malicious  
-payload and downloads it. In my case this file was the <code>Nishang Invoke-PowershellTcp.ps1</code>  
-You can set this to whatever you want obviously. Once the Payload is downloaded, the  
-application then attempts to run it with a reverse shell to another user-defined listening  
-server (In this case, defaulted to port 8080).  
-
-If successful, the listening receiver will have a Powershell like environment to do  
-whatever the receiver pleases with the victim's pc.
+attribute to hidden. In my case the payload is <code>calc.exe</code>  
+You can set this to whatever you want obviously. 
 
 ### Building It Yourself
-If you compile this code as is, it IS NOT malicious in any way shape or form. In fact, the  
-program will run for about 5 minutes before aborting.
+If you compile this code as is, it IS NOT malicious in any way shape or form.
 
 - WSL2/Ubuntu (Docker)
   ```bash
   make docker-container
   make docker-build
   ```
-
-### TODO
-- User-defined hostname that hosts the payload.
-- User-defined hostname that listens for the activation signal.
-- The actual payload that is hosted itself.

res/icon.rc

@@ -1 +1 @@
-id ICON "Viper.ico"
+id ICON "viper.ico"