Static Stealth Build & www push #108
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Static Stealth Build & www push | |
on: [workflow_dispatch] | |
permissions: | |
contents: write | |
env: | |
OPENSSL_VER: 1.1.1w | |
BINDIR: ${{ github.ref == 'refs/heads/master' && 'bin' || 'beta/bin' }} | |
# OPENSSL_OPTS: no-tests no-dso no-threads no-shared | |
OPENSSL_OPTS: no-tests no-dso no-threads no-shared no-zlib no-bf no-cast no-dh no-md2 no-mdc2 no-rc2 no-rc4 no-rc5 no-idea no-md4 no-rmd160 no-dsa no-ssl no-ssl2 -no-tls1_3 no-camellia no-seed no-afalgeng no-autoerrinit no-autoload-config no-capieng no-cms no-comp no-ct no-dgram no-engine no-err no-filenames no-gost no-ocsp no-hw-padlock no-pic no-srtp no-ssl-trace no-ui-console no-ssl3-method no-tls1-method no-tls1_1-method no-dtls1-method no-dtls1_2-method no-deprecated | |
jobs: | |
MacOS: | |
runs-on: macos-13 | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Compile | |
run: | | |
brew install automake | |
./bootstrap | |
./configure --prefix=/opt --enable-static --enable-stealth | |
make all | |
strip tools/gs-netcat | |
mv tools/gs-netcat tools/gs-netcat_mini-macOS-x86_64 | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v3 | |
with: | |
name: gsnc | |
path: tools/gs-netcat_mini-macOS-x86_64 | |
MacOS-arm64: | |
runs-on: macos-14 | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Compile | |
run: | | |
brew install automake | |
./bootstrap | |
./configure --prefix=/opt --enable-static --enable-stealth | |
make all | |
strip tools/gs-netcat | |
mv tools/gs-netcat tools/gs-netcat_mini-macOS-arm64 | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v3 | |
with: | |
name: gsnc | |
path: tools/gs-netcat_mini-macOS-arm64 | |
# https://github.com/vmactions/openbsd-vm | |
OpenBSD: | |
env: | |
OS: "openbsd" | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Starting the VM | |
uses: vmactions/openbsd-vm@v1 | |
with: | |
usesh: true | |
prepare: | | |
pkg_info -Q tar | |
pkg_info -Q autoconf | |
pkg_info -Q automake | |
pkg_add curl | |
#pkg_add autoconf-2.72p0 | |
pkg_add automake-1.16.5 | |
pkg_add openssl-3.0.8 | |
pkg_add gcc-11.2.0p3 | |
pkg_add gmake | |
pkg_add tar | |
# NOTE: ${OPENSSL_VER} is not passed to VM. Must use ${{ env.OPENSSL_VER }} | |
run: | | |
curl -SsfL https://www.openssl.org/source/openssl-${{ env.OPENSSL_VER }}.tar.gz | tar -xzf - -C /tmp/ | |
( cd /tmp/openssl-${{ env.OPENSSL_VER }} && \ | |
./Configure --prefix=/opt ${{ env.OPENSSL_OPTS }} BSD-generic64 && \ | |
make install_sw ) | |
rm -rf rm -rf /tmp/openssl-${{ env.OPENSSL_VER }} /opt/bin/openssl /opt/bin/c_rehash | |
export AUTOCONF_VERSION=2.69 | |
export AUTOMAKE_VERSION=1.16 | |
./bootstrap | |
./configure --enable-static --prefix=/opt --enable-stealth | |
make all | |
strip tools/gs-netcat | |
mv tools/gs-netcat tools/gs-netcat_mini-${{ env.OS }}-x86_64 | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v3 | |
with: | |
name: gsnc | |
path: tools/gs-netcat_mini-${{ env.OS }}-x86_64 | |
FreeBSD: | |
env: | |
OS: "freebsd" | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Starting the VM | |
uses: vmactions/freebsd-vm@v1 | |
with: | |
usesh: true | |
prepare: | | |
pkg install -y curl automake autoconf gcc | |
run: | | |
curl -SsfL https://www.openssl.org/source/openssl-${{ env.OPENSSL_VER }}.tar.gz | tar -xzf - -C /tmp/ | |
( cd /tmp/openssl-${{ env.OPENSSL_VER }} && \ | |
./Configure --prefix=/opt ${{ env.OPENSSL_OPTS }} BSD-generic64 && \ | |
make install_sw ) | |
rm -rf rm -rf /tmp/openssl-${{ env.OPENSSL_VER }} /opt/bin/openssl /opt/bin/c_rehash | |
./bootstrap | |
./configure --enable-static --prefix=/opt --enable-stealth | |
make -C lib libgsocket.a && make -C tools gs-netcat | |
strip tools/gs-netcat | |
md5sum tools/gs-netcat | |
tools/gs-netcat -g | |
mv tools/gs-netcat tools/gs-netcat_mini-${{ env.OS }}-x86_64 | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v3 | |
with: | |
name: gsnc | |
path: tools/gs-netcat_mini-${{ env.OS }}-x86_64 | |
Linux-Cross-Compile: | |
strategy: | |
matrix: | |
# arch: [x86_64, aarch64, mips64, mips32, mipsel, i686, arm, armv6, armv7l, powerpc, powerpc64, powerpcle, powerpc64le] | |
include: | |
- arch: x86_64 | |
cc: x86_64-linux-musl | |
ssl: linux-generic64 | |
# UPX apps get SIGSTOP on grsec/SELinux 3.10/CentOS Linux 7 (Core) | |
upx: 1 | |
- arch: aarch64 | |
cc: aarch64-linux-musl | |
ssl: linux-generic64 | |
upx: 1 | |
- arch: mips64 | |
cc: mips64-linux-musl | |
ssl: linux64-mips64 | |
- arch: mips32 | |
cc: mips-linux-muslsf | |
ssl: linux-mips32 | |
- arch: mipsel | |
cc: mipsel-linux-muslsf | |
ssl: linux-mips32 | |
- arch: i686 | |
cc: i686-linux-musl | |
ssl: linux-generic32 | |
- arch: arm | |
cc: arm-linux-musleabi | |
ssl: linux-generic32 | |
- arch: armv6 | |
cc: armv6-linux-musleabi | |
ssl: linux-generic32 | |
- arch: armv7l | |
cc: armv7l-linux-musleabihf | |
ssl: linux-generic32 | |
- arch: powerpc | |
cc: powerpc-linux-muslsf # Big Endian, 32bit | |
ssl: linux-generic32 | |
- arch: powerpc64 | |
cc: powerpc64-linux-musl # Big Endian, 64bit | |
ssl: linux-generic64 | |
- arch: powerpcle | |
cc: powerpcle-linux-muslsf # Little Endian, 32bit | |
ssl: linux-generic32 | |
- arch: powerpc64le | |
cc: powerpc64le-linux-musl # Little Endian, 64bit | |
ssl: linux-generic64 | |
runs-on: ubuntu-latest | |
container: | |
image: muslcc/x86_64:${{ matrix.cc }} | |
options: --user root | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Add build dependencies | |
run: | | |
apk add --update --no-cache --no-progress bash perl make curl upx tar dpkg autoconf automake patchelf | |
- name: Cache SSL | |
id: cachessl | |
uses: actions/cache@v3 | |
with: | |
path: /opt | |
key: ${{ matrix.arch }}-ssl | |
- name: Generate OpenSSL | |
if: steps.cachessl.outputs.cache-hit != 'true' | |
run: | | |
curl -SsfL https://www.openssl.org/source/openssl-${{ env.OPENSSL_VER }}.tar.gz | tar -xzf - -C /tmp/ | |
( cd /tmp/openssl-${{ env.OPENSSL_VER }} && \ | |
./Configure --prefix=/opt ${{ env.OPENSSL_OPTS }} ${{ matrix.ssl }} && \ | |
make install_sw ) | |
rm -rf rm -rf /tmp/openssl-${{ env.OPENSSL_VER }} /opt/bin/openssl /opt/bin/c_rehash | |
- name: SaveCache | |
if: steps.cachessl.outputs.cache-hit != 'true' | |
uses: actions/cache/save@v3 | |
with: | |
path: /opt | |
key: ${{ matrix.arch }}-ssl | |
- name: Compile-${{ matrix.arch }} | |
run: | | |
[ ! -d /opt/dist ] && mkdir -p /opt/dist | |
./bootstrap | |
./configure --prefix=/opt --enable-realprefix=/usr --enable-static --host=${{ matrix.arch }} --enable-stealth | |
make all | |
strip tools/gs-netcat | |
if [ "${{ matrix.upx }}" != '' ]; then | |
upx tools/gs-netcat | |
#patchelf --add-needed linux-vdso.so.1 tools/gs-netcat | |
perl -i -0777 -pe 's/^(.{64})(.{0,256})UPX!.{4}/$1$2\0\0\0\0\0\0\0\0/s' tools/gs-netcat | |
perl -i -0777 -pe 's/^(.{64})(.{0,256})\x7fELF/$1$2\0\0\0\0/s' tools/gs-netcat | |
cat tools/gs-netcat \ | |
| perl -e 'local($/);$_=<>;s/(.*)(\$Info:[^\0]*)(.*)/print "$1";print "\0"x length($2); print "$3"/es;' \ | |
| perl -e 'local($/);$_=<>;s/(.*)(\$Id:[^\0]*)(.*)/print "$1";print "\0"x length($2); print "$3"/es;' \ | |
| perl -e 'local($/);$_=<>;s/(.*)(PROT_EXEC\|PROT_WRI[^\0]*)(.*)/print "$1";print "\0"x length($2); print "$3"/es;' >x | |
cat x>tools/gs-netcat | |
rm -f x | |
perl -i -0777 -pe 's/UPX!/\0\0\0\0/sg' tools/gs-netcat | |
# bbe -b 64:256 -e 'y/UPX/AAA/' gs-pl -o foo | |
fi | |
mv tools/gs-netcat tools/gs-netcat_mini-linux-${{ matrix.arch }} | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v3 | |
with: | |
name: gsnc | |
path: tools/gs-netcat_mini-linux-${{ matrix.arch }} | |
deploy: | |
needs: [Linux-Cross-Compile, MacOS, OpenBSD, FreeBSD] | |
name: Deploy to gsocket.io | |
runs-on: ubuntu-latest | |
steps: | |
- name: Add build dependencies | |
uses: actions/checkout@v3 | |
- name: Download artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
path: /tmp | |
- name: Deploy to gsocket.io/bin | |
env: | |
SSH_DEPLOY_KEY: ${{ secrets.SSH_DEPLOY_KEY }} | |
run: | | |
mkdir ~/.ssh && echo "$SSH_DEPLOY_KEY" >~/.ssh/id_ed25519 && chmod 600 ~/.ssh/id_ed25519 | |
cd /tmp | |
git clone -b gh-pages --single-branch [email protected]:hackerschoice/gsocket.io.git | |
cd gsocket.io/${BINDIR:-/dev/null} | |
mv /tmp/gsnc/gs-netcat_* . | |
pwd | |
ls -alR | |
git config --local user.name "GitHub Action" | |
git config --local user.email "[email protected]" | |
git add gs-netcat_* && git commit -m "stealth binary" && git push | |