Skip to content

Static Stealth Build & www push #114

Static Stealth Build & www push

Static Stealth Build & www push #114

Workflow file for this run

name: Static Stealth Build & www push
on: [workflow_dispatch]
permissions:
contents: write
env:
OPENSSL_VER: 1.1.1w
BINDIR: ${{ github.ref == 'refs/heads/master' && 'bin' || 'beta/bin' }}
# OPENSSL_OPTS: no-tests no-dso no-threads no-shared
OPENSSL_OPTS: no-tests no-dso no-threads no-shared no-zlib no-bf no-cast no-dh no-md2 no-mdc2 no-rc2 no-rc4 no-rc5 no-idea no-md4 no-rmd160 no-dsa no-ssl no-ssl2 -no-tls1_3 no-camellia no-seed no-afalgeng no-autoerrinit no-autoload-config no-capieng no-cms no-comp no-ct no-dgram no-engine no-err no-filenames no-gost no-ocsp no-hw-padlock no-pic no-srtp no-ssl-trace no-ui-console no-ssl3-method no-tls1-method no-tls1_1-method no-dtls1-method no-dtls1_2-method no-deprecated
jobs:
MacOS:
runs-on: macos-13
steps:
- uses: actions/checkout@v3
- name: Compile
run: |
brew install automake
./bootstrap
./configure --prefix=/opt --enable-static --enable-stealth
make all
strip tools/gs-netcat
mv tools/gs-netcat tools/gs-netcat_mini-macOS-x86_64
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: gsnc
path: tools/gs-netcat_mini-macOS-x86_64
MacOS-arm64:
runs-on: macos-14
steps:
- uses: actions/checkout@v3
- name: Compile
run: |
brew install automake
./bootstrap
./configure --prefix=/opt --enable-static --enable-stealth
make all
strip tools/gs-netcat
mv tools/gs-netcat tools/gs-netcat_mini-macOS-arm64
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: gsnc
path: tools/gs-netcat_mini-macOS-arm64
# https://github.com/vmactions/openbsd-vm
OpenBSD:
env:
OS: "openbsd"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Starting the VM
uses: vmactions/openbsd-vm@v1
with:
usesh: true
prepare: |
pkg_info -Q tar
pkg_info -Q autoconf
pkg_info -Q automake
pkg_add curl
#pkg_add autoconf-2.72p0
pkg_add automake-1.16.5
pkg_add openssl-3.0.8
pkg_add gcc-11.2.0p3
pkg_add gmake
pkg_add tar
# NOTE: ${OPENSSL_VER} is not passed to VM. Must use ${{ env.OPENSSL_VER }}
run: |
curl -SsfL https://www.openssl.org/source/openssl-${{ env.OPENSSL_VER }}.tar.gz | tar -xzf - -C /tmp/
( cd /tmp/openssl-${{ env.OPENSSL_VER }} && \
./Configure --prefix=/opt ${{ env.OPENSSL_OPTS }} BSD-generic64 && \
make install_sw )
rm -rf rm -rf /tmp/openssl-${{ env.OPENSSL_VER }} /opt/bin/openssl /opt/bin/c_rehash
export AUTOCONF_VERSION=2.69
export AUTOMAKE_VERSION=1.16
./bootstrap
./configure --enable-static --prefix=/opt --enable-stealth
make all
strip tools/gs-netcat
mv tools/gs-netcat tools/gs-netcat_mini-${{ env.OS }}-x86_64
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: gsnc
path: tools/gs-netcat_mini-${{ env.OS }}-x86_64
FreeBSD:
env:
OS: "freebsd"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Starting the VM
uses: vmactions/freebsd-vm@v1
with:
usesh: true
prepare: |
pkg install -y curl automake autoconf gcc
run: |
curl -SsfL https://www.openssl.org/source/openssl-${{ env.OPENSSL_VER }}.tar.gz | tar -xzf - -C /tmp/
( cd /tmp/openssl-${{ env.OPENSSL_VER }} && \
./Configure --prefix=/opt ${{ env.OPENSSL_OPTS }} BSD-generic64 && \
make install_sw )
rm -rf rm -rf /tmp/openssl-${{ env.OPENSSL_VER }} /opt/bin/openssl /opt/bin/c_rehash
./bootstrap
./configure --enable-static --prefix=/opt --enable-stealth
make -C lib libgsocket.a && make -C tools gs-netcat
strip tools/gs-netcat
md5sum tools/gs-netcat
tools/gs-netcat -g
mv tools/gs-netcat tools/gs-netcat_mini-${{ env.OS }}-x86_64
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: gsnc
path: tools/gs-netcat_mini-${{ env.OS }}-x86_64
Linux-Cross-Compile:
strategy:
matrix:
# arch: [x86_64, aarch64, mips64, mips32, mipsel, i686, arm, armv6, armv7l, powerpc, powerpc64, powerpcle, powerpc64le]
include:
- arch: x86_64
cc: x86_64-linux-musl
ssl: linux-generic64
# UPX apps get SIGSTOP on grsec/SELinux 3.10/CentOS Linux 7 (Core)
upx: 1
- arch: aarch64
cc: aarch64-linux-musl
ssl: linux-generic64
upx: 1
- arch: mips64
cc: mips64-linux-musl
ssl: linux64-mips64
- arch: mips32
cc: mips-linux-muslsf
ssl: linux-mips32
- arch: mipsel
cc: mipsel-linux-muslsf
ssl: linux-mips32
- arch: i686
cc: i686-linux-musl
ssl: linux-generic32
- arch: arm
cc: arm-linux-musleabi
ssl: linux-generic32
- arch: armv6
cc: armv6-linux-musleabi
ssl: linux-generic32
- arch: armv7l
cc: armv7l-linux-musleabihf
ssl: linux-generic32
- arch: powerpc
cc: powerpc-linux-muslsf # Big Endian, 32bit
ssl: linux-generic32
- arch: powerpc64
cc: powerpc64-linux-musl # Big Endian, 64bit
ssl: linux-generic64
- arch: powerpcle
cc: powerpcle-linux-muslsf # Little Endian, 32bit
ssl: linux-generic32
- arch: powerpc64le
cc: powerpc64le-linux-musl # Little Endian, 64bit
ssl: linux-generic64
runs-on: ubuntu-latest
container:
image: muslcc/x86_64:${{ matrix.cc }}
options: --user root
steps:
- uses: actions/checkout@v3
- name: Add build dependencies
run: |
apk add --update --no-cache --no-progress bash perl make curl upx tar dpkg autoconf automake patchelf
- name: Cache SSL
id: cachessl
uses: actions/cache@v3
with:
path: /opt
key: ${{ matrix.arch }}-ssl
- name: Generate OpenSSL
if: steps.cachessl.outputs.cache-hit != 'true'
run: |
curl -SsfL https://www.openssl.org/source/openssl-${{ env.OPENSSL_VER }}.tar.gz | tar -xzf - -C /tmp/
( cd /tmp/openssl-${{ env.OPENSSL_VER }} && \
./Configure --prefix=/opt ${{ env.OPENSSL_OPTS }} ${{ matrix.ssl }} && \
make install_sw )
rm -rf rm -rf /tmp/openssl-${{ env.OPENSSL_VER }} /opt/bin/openssl /opt/bin/c_rehash
- name: SaveCache
if: steps.cachessl.outputs.cache-hit != 'true'
uses: actions/cache/save@v3
with:
path: /opt
key: ${{ matrix.arch }}-ssl
- name: Compile-${{ matrix.arch }}
run: |
[ ! -d /opt/dist ] && mkdir -p /opt/dist
./bootstrap
./configure --prefix=/opt --enable-realprefix=/usr --enable-static --host=${{ matrix.arch }} --enable-stealth
make all
strip tools/gs-netcat
if [ "${{ matrix.upx }}" != '' ]; then
upx tools/gs-netcat
#patchelf --add-needed linux-vdso.so.1 tools/gs-netcat
perl -i -0777 -pe 's/^(.{64})(.{0,256})UPX!.{4}/$1$2\0\0\0\0\0\0\0\0/s' tools/gs-netcat
perl -i -0777 -pe 's/^(.{64})(.{0,256})\x7fELF/$1$2\0\0\0\0/s' tools/gs-netcat
cat tools/gs-netcat \
| perl -e 'local($/);$_=<>;s/(.*)(\$Info:[^\0]*)(.*)/print "$1";print "\0"x length($2); print "$3"/es;' \
| perl -e 'local($/);$_=<>;s/(.*)(\$Id:[^\0]*)(.*)/print "$1";print "\0"x length($2); print "$3"/es;' \
| perl -e 'local($/);$_=<>;s/(.*)(PROT_EXEC\|PROT_WRI[^\0]*)(.*)/print "$1";print "\0"x length($2); print "$3"/es;' >x
cat x>tools/gs-netcat
rm -f x
perl -i -0777 -pe 's/UPX!/\0\0\0\0/sg' tools/gs-netcat
# bbe -b 64:256 -e 'y/UPX/AAA/' gs-pl -o foo
fi
mv tools/gs-netcat tools/gs-netcat_mini-linux-${{ matrix.arch }}
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: gsnc
path: tools/gs-netcat_mini-linux-${{ matrix.arch }}
deploy:
needs: [Linux-Cross-Compile, MacOS, OpenBSD, FreeBSD]
name: Deploy to gsocket.io
runs-on: ubuntu-latest
steps:
- name: Add build dependencies
uses: actions/checkout@v3
- name: Download artifacts
uses: actions/download-artifact@v3
with:
path: /tmp
- name: Deploy to gsocket.io/bin
env:
SSH_DEPLOY_KEY: ${{ secrets.SSH_DEPLOY_KEY }}
run: |
mkdir ~/.ssh && echo "$SSH_DEPLOY_KEY" >~/.ssh/id_ed25519 && chmod 600 ~/.ssh/id_ed25519
cd /tmp
git clone -b gh-pages --single-branch [email protected]:hackerschoice/gsocket.io.git
cd gsocket.io/${BINDIR:-/dev/null}
mv /tmp/gsnc/gs-netcat_* .
pwd
ls -alR
git config --local user.name "GitHub Action"
git config --local user.email "[email protected]"
git add gs-netcat_* && git commit -m "stealth binary" && git push