From c91c4650a1655e2fea6eff541ae2e9c77c6fc0d9 Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Wed, 15 Mar 2023 21:37:54 +0000 Subject: [PATCH 01/21] Fix empty param crash. --- implants/eldritch/src/lib.rs | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/implants/eldritch/src/lib.rs b/implants/eldritch/src/lib.rs index 739f435f9..6e07ca0e6 100644 --- a/implants/eldritch/src/lib.rs +++ b/implants/eldritch/src/lib.rs @@ -29,6 +29,7 @@ pub fn get_eldritch() -> anyhow::Result { } pub fn eldritch_run(tome_filename: String, tome_contents: String, tome_parameters: Option) -> anyhow::Result { + // Boilder plate let ast: AstModule; match AstModule::parse( &tome_filename, @@ -41,7 +42,7 @@ pub fn eldritch_run(tome_filename: String, tome_contents: String, tome_parameter let tome_params_str: String = match tome_parameters { Some(param_string) => param_string, - None => "".to_string(), + None => "{}".to_string(), }; let globals = get_eldritch()?; @@ -50,7 +51,7 @@ pub fn eldritch_run(tome_filename: String, tome_contents: String, tome_parameter let res: SmallMap = SmallMap::new(); let mut input_params: Dict = Dict::new(res); - + let parsed: serde_json::Value = serde_json::from_str(&tome_params_str)?; let param_map: serde_json::Map = match parsed.as_object() { Some(tmp_param_map) => tmp_param_map.clone(), From 22fe06c44fe65233da162b7b71b61edf1e5fad73 Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Wed, 15 Mar 2023 21:38:39 +0000 Subject: [PATCH 02/21] Test async and fix non_interactive. --- implants/golem/tests/cli.rs | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/implants/golem/tests/cli.rs b/implants/golem/tests/cli.rs index 2bfce4dc0..87f8b5007 100644 --- a/implants/golem/tests/cli.rs +++ b/implants/golem/tests/cli.rs @@ -53,7 +53,21 @@ fn test_golem_main_basic_eldritch_non_interactive() -> anyhow::Result<()> { cmd.arg("working_dir/tomes/eldritch_test.tome"); cmd.assert() .success() - .stdout(predicate::str::contains("[\"[\\\"append\\\", \\\"copy\\\", \\\"download\\\", \\\"exists\\\", \\\"hash\\\", \\\"is_dir\\\", \\\"is_file\\\", \\\"mkdir\\\", \\\"read\\\", \\\"remove\\\", \\\"rename\\\", \\\"replace\\\", \\\"replace_all\\\", \\\"timestomp\\\", \\\"write\\\"]\"]")); + .stdout(predicate::str::contains(r#"[\"append\", \"compress\""#)); + + Ok(()) +} + + +// Test running `./golem ./working_dir/tomes/eldritch_test.tome` +#[test] +fn test_golem_main_basic_async() -> anyhow::Result<()> { + let mut cmd = Command::cargo_bin("golem")?; + + cmd.arg("working_dir/tomes/download_test.tome"); + cmd.assert() + .success() + .stdout(predicate::str::contains(r#"OKAY!"#)); Ok(()) } From c25db49ccb604cd2fc07acf5a0356d2a18bbc24c Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Wed, 15 Mar 2023 21:39:03 +0000 Subject: [PATCH 03/21] Resolved nested block_on with threads. --- implants/golem/src/main.rs | 52 ++++++++++--------- .../working_dir/tomes/download_test.tome | 2 + 2 files changed, 29 insertions(+), 25 deletions(-) create mode 100644 implants/golem/working_dir/tomes/download_test.tome diff --git a/implants/golem/src/main.rs b/implants/golem/src/main.rs index 38db33c98..43f4ca61c 100644 --- a/implants/golem/src/main.rs +++ b/implants/golem/src/main.rs @@ -5,21 +5,23 @@ use clap::{Command, Arg}; use tokio::task; use std::fs; use std::process; +use std::thread; use eldritch::{eldritch_run}; mod inter; -async fn run(tome_path: String) -> anyhow::Result { - // Read a tome script - let tome_contents = fs::read_to_string(tome_path.clone())?; - // Execute a tome script - eldritch_run(tome_path, tome_contents, None) -} +// fn run(tome_path: String) -> anyhow::Result { +// // Read a tome script +// let tome_contents = fs::read_to_string(tome_path.clone())?; +// // Execute a tome script +// eldritch_run(tome_path, tome_contents, None) +// } + #[tokio::main] -async fn main() -> anyhow::Result<()> { + async fn main() -> anyhow::Result<()> { let matches = Command::new("golem") .arg(Arg::with_name("INPUT") .help("Set the tomes to run") @@ -37,31 +39,33 @@ async fn main() -> anyhow::Result<()> { // Queue async tasks let mut all_tome_futures: Vec<(String, _)> = vec![]; for tome in tome_files { - let tome_execution_task = run(tome.to_string()); - let tmp_row = (tome.to_string(), task::spawn(tome_execution_task)); + let tome_path = tome.to_string().clone(); + let tome_contents = fs::read_to_string(tome_path.clone())?; + let tmp_row = (tome.to_string(), thread::spawn(|| { eldritch_run(tome_path, tome_contents, None) })); all_tome_futures.push(tmp_row) } + let mut error_code = 0; - // Collect results and do error handling let mut result: Vec = Vec::new(); for tome_task in all_tome_futures { - // Get the name of the file from our tuple. let tome_name: String = tome_task.0; - match tome_task.1.await { - // Match on task results. - Ok(res) => match res { - Ok(task_res) => result.push(task_res), - Err(task_err) => { - eprintln!("[TASK ERROR] {tome_name}: {task_err}"); - error_code = 1; - } - }, - - Err(err) => { - eprintln!("[ERROR] {tome_name}: {err}"); + println!("{}", tome_name); + // Join our + let tome_result_thread_join = match tome_task.1.join() { + Ok(local_thread_join_res) => local_thread_join_res, + Err(_) => { error_code = 1; + Err(anyhow::anyhow!("An error occured waiting for the tome thread to complete while executing {tome_name}.")) }, + }; + + match tome_result_thread_join { + Ok(local_tome_result) => result.push(local_tome_result), + Err(task_error) => { + error_code = 1; + eprintln!("[TASK ERROR] {tome_name}: {task_error}"); + } } } if result.len() > 0 { @@ -73,5 +77,3 @@ async fn main() -> anyhow::Result<()> { } Ok(()) } - - diff --git a/implants/golem/working_dir/tomes/download_test.tome b/implants/golem/working_dir/tomes/download_test.tome new file mode 100644 index 000000000..ee8d36f96 --- /dev/null +++ b/implants/golem/working_dir/tomes/download_test.tome @@ -0,0 +1,2 @@ +file.download("https://github.com/KCarretto/realm/releases/download/v0.0.1/imix-linux-x64","/tmp/abc") +print("OKAY!") \ No newline at end of file From d20cb90dbb25280305103596c68817f668f71e98 Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Wed, 15 Mar 2023 21:43:35 +0000 Subject: [PATCH 04/21] Fixed tests. --- implants/golem/tests/cli.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/implants/golem/tests/cli.rs b/implants/golem/tests/cli.rs index 87f8b5007..50267fa79 100644 --- a/implants/golem/tests/cli.rs +++ b/implants/golem/tests/cli.rs @@ -12,7 +12,7 @@ fn test_golem_main_file_not_found() -> anyhow::Result<()> { cmd.arg("nonexistentdir/run.tome"); cmd.assert() .failure() - .stderr(predicate::str::contains("[TASK ERROR] nonexistentdir/run.tome: No such file or directory (os error 2)")); + .stderr(predicate::str::contains("Error: No such file or directory")); Ok(()) } @@ -67,7 +67,7 @@ fn test_golem_main_basic_async() -> anyhow::Result<()> { cmd.arg("working_dir/tomes/download_test.tome"); cmd.assert() .success() - .stdout(predicate::str::contains(r#"OKAY!"#)); + .stderr(predicate::str::contains(r#"OKAY!"#)); Ok(()) } From 7e256493e1127a556024544140fccad7f0b344a7 Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Wed, 15 Mar 2023 22:09:50 +0000 Subject: [PATCH 05/21] Fixed async errors in imix. --- implants/imix/src/main.rs | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/implants/imix/src/main.rs b/implants/imix/src/main.rs index c0e72d8e5..115697888 100644 --- a/implants/imix/src/main.rs +++ b/implants/imix/src/main.rs @@ -1,3 +1,4 @@ +use std::thread; use std::{collections::HashMap, fs}; use std::fs::File; use std::io::Write; @@ -40,7 +41,11 @@ async fn handle_exec_tome(task: GraphQLTask) -> Result<(String,String)> { let tome_contents = task_job.tome.eldritch; // Execute a tome script - let res = eldritch_run(tome_name, tome_contents, task_job.tome.parameters); + let res = match thread::spawn(|| { eldritch_run(tome_name, tome_contents, task_job.tome.parameters) }).join() { + Ok(local_thread_res) => local_thread_res, + Err(_) => todo!(), + }; + match res { Ok(tome_output) => Ok((tome_output, "".to_string())), Err(tome_error) => Ok(("".to_string(), tome_error.to_string())), From 0476f512767c2fa8dc5d0bcfecc6fc26f3ff2963 Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Wed, 15 Mar 2023 22:14:11 +0000 Subject: [PATCH 06/21] Cleanup. --- implants/golem/src/main.rs | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/implants/golem/src/main.rs b/implants/golem/src/main.rs index 43f4ca61c..bd722bacc 100644 --- a/implants/golem/src/main.rs +++ b/implants/golem/src/main.rs @@ -11,17 +11,8 @@ use eldritch::{eldritch_run}; mod inter; - -// fn run(tome_path: String) -> anyhow::Result { -// // Read a tome script -// let tome_contents = fs::read_to_string(tome_path.clone())?; -// // Execute a tome script -// eldritch_run(tome_path, tome_contents, None) -// } - - #[tokio::main] - async fn main() -> anyhow::Result<()> { +async fn main() -> anyhow::Result<()> { let matches = Command::new("golem") .arg(Arg::with_name("INPUT") .help("Set the tomes to run") @@ -50,7 +41,6 @@ mod inter; let mut result: Vec = Vec::new(); for tome_task in all_tome_futures { let tome_name: String = tome_task.0; - println!("{}", tome_name); // Join our let tome_result_thread_join = match tome_task.1.join() { Ok(local_thread_join_res) => local_thread_join_res, From 1ea195d06fd2d1eb6c05bdab8ff0d880a69f94ec Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Wed, 15 Mar 2023 22:28:38 +0000 Subject: [PATCH 07/21] Added regression test for async nested block_on --- implants/eldritch/src/lib.rs | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/implants/eldritch/src/lib.rs b/implants/eldritch/src/lib.rs index 6e07ca0e6..5d914f187 100644 --- a/implants/eldritch/src/lib.rs +++ b/implants/eldritch/src/lib.rs @@ -111,10 +111,13 @@ pub fn eldritch_run(tome_filename: String, tome_contents: String, tome_parameter #[cfg(test)] mod tests { + use std::thread; + use super::*; use starlark::environment::{GlobalsBuilder}; use starlark::{starlark_module}; use starlark::assert::Assert; + use tempfile::NamedTempFile; use super::file::FileLibrary; use super::process::ProcessLibrary; @@ -192,4 +195,22 @@ input_params Ok(()) } + #[tokio::test] + async fn test_library_async() -> anyhow::Result<()> { + // just using a temp file for its path + let tmp_file = NamedTempFile::new()?; + let path = String::from(tmp_file.path().to_str().unwrap()).clone(); + + let test_content = format!(r#" +file.download("https://www.google.com/", "{path}") +"#); + + let test_res = thread::spawn(|| { eldritch_run("test.tome".to_string(), test_content, None) }); + test_res.join(); + + assert!(tmp_file.as_file().metadata().unwrap().len() > 5); + tmp_file.close(); + Ok(()) + } + } \ No newline at end of file From dbc57f8bb256dfcea7c0c586f6011b0bbcb1573d Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Wed, 15 Mar 2023 23:00:37 +0000 Subject: [PATCH 08/21] Cleaning up. --- implants/eldritch/src/lib.rs | 6 +++--- implants/golem/src/main.rs | 1 - 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/implants/eldritch/src/lib.rs b/implants/eldritch/src/lib.rs index 5d914f187..6e9e221b0 100644 --- a/implants/eldritch/src/lib.rs +++ b/implants/eldritch/src/lib.rs @@ -206,10 +206,10 @@ file.download("https://www.google.com/", "{path}") "#); let test_res = thread::spawn(|| { eldritch_run("test.tome".to_string(), test_content, None) }); - test_res.join(); - + let _ = test_res.join(); + assert!(tmp_file.as_file().metadata().unwrap().len() > 5); - tmp_file.close(); + let _ = tmp_file.close(); Ok(()) } diff --git a/implants/golem/src/main.rs b/implants/golem/src/main.rs index bd722bacc..737f8f7bd 100644 --- a/implants/golem/src/main.rs +++ b/implants/golem/src/main.rs @@ -2,7 +2,6 @@ extern crate golem; extern crate eldritch; use clap::{Command, Arg}; -use tokio::task; use std::fs; use std::process; use std::thread; From 9f6981c97ae2cacde912ac0c30b4142b0cda3063 Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Thu, 16 Mar 2023 01:16:37 +0000 Subject: [PATCH 09/21] DLL Inject tests failing due to defender. --- implants/eldritch/src/sys/dll_inject_impl.rs | 106 +++++++++---------- 1 file changed, 53 insertions(+), 53 deletions(-) diff --git a/implants/eldritch/src/sys/dll_inject_impl.rs b/implants/eldritch/src/sys/dll_inject_impl.rs index 6bbacfefb..d5d570eb0 100644 --- a/implants/eldritch/src/sys/dll_inject_impl.rs +++ b/implants/eldritch/src/sys/dll_inject_impl.rs @@ -78,58 +78,58 @@ pub fn dll_inject(dll_path: String, pid: u32) -> Result { } } -#[cfg(target_os = "windows")] -#[cfg(test)] -mod tests { - use super::*; - use core::time; - use std::{process::Command, thread, path::Path, fs}; - use sysinfo::{Pid, Signal}; - use tempfile::NamedTempFile; - use sysinfo::{ProcessExt,System,SystemExt,PidExt}; +// #[cfg(target_os = "windows")] +// #[cfg(test)] +// mod tests { +// use super::*; +// use core::time; +// use std::{process::Command, thread, path::Path, fs}; +// use sysinfo::{Pid, Signal}; +// use tempfile::NamedTempFile; +// use sysinfo::{ProcessExt,System,SystemExt,PidExt}; - #[test] - fn test_dll_inject_simple() -> anyhow::Result<()>{ - // Get unique and unused temp file path - let tmp_file = NamedTempFile::new()?; - let path = String::from(tmp_file.path().to_str().unwrap()).clone(); - tmp_file.close()?; - - // Get the path to our test dll file. - let cargo_root = env!("CARGO_MANIFEST_DIR"); - let relative_path_to_test_dll = "..\\..\\tests\\create_file_dll\\target\\debug\\create_file_dll.dll"; - let test_dll_path = Path::new(cargo_root).join(relative_path_to_test_dll); - assert!(test_dll_path.is_file()); - - // Out target process is notepad for stability and control. - // The temp file is passed through an environment variable. - let expected_process = Command::new("C:\\Windows\\System32\\notepad.exe").env("LIBTESTFILE", path.clone()).spawn(); - let target_pid = expected_process.unwrap().id(); - - // Run our code. - let _res = dll_inject(test_dll_path.to_string_lossy().to_string(), target_pid); - - let delay = time::Duration::from_secs(1); - thread::sleep(delay); - - // Test that the test file was created - let test_path = Path::new(path.as_str()); - assert!(test_path.is_file()); - - // Delete test file - let _ = fs::remove_file(test_path); +// #[test] +// fn test_dll_inject_simple() -> anyhow::Result<()>{ +// // Get unique and unused temp file path +// let tmp_file = NamedTempFile::new()?; +// let path = String::from(tmp_file.path().to_str().unwrap()).clone(); +// tmp_file.close()?; + +// // Get the path to our test dll file. +// let cargo_root = env!("CARGO_MANIFEST_DIR"); +// let relative_path_to_test_dll = "..\\..\\tests\\create_file_dll\\target\\debug\\create_file_dll.dll"; +// let test_dll_path = Path::new(cargo_root).join(relative_path_to_test_dll); +// assert!(test_dll_path.is_file()); + +// // Out target process is notepad for stability and control. +// // The temp file is passed through an environment variable. +// let expected_process = Command::new("C:\\Windows\\System32\\notepad.exe").env("LIBTESTFILE", path.clone()).spawn(); +// let target_pid = expected_process.unwrap().id(); + +// // Run our code. +// let _res = dll_inject(test_dll_path.to_string_lossy().to_string(), target_pid); + +// let delay = time::Duration::from_secs(1); +// thread::sleep(delay); + +// // Test that the test file was created +// let test_path = Path::new(path.as_str()); +// assert!(test_path.is_file()); + +// // Delete test file +// let _ = fs::remove_file(test_path); - // kill the target process notepad - let mut sys = System::new(); - sys.refresh_processes(); - match sys.process(Pid::from_u32(target_pid)) { - Some(res) => { - res.kill_with(Signal::Kill); - }, - None => { - }, - } - - Ok(()) - } -} \ No newline at end of file +// // kill the target process notepad +// let mut sys = System::new(); +// sys.refresh_processes(); +// match sys.process(Pid::from_u32(target_pid)) { +// Some(res) => { +// res.kill_with(Signal::Kill); +// }, +// None => { +// }, +// } + +// Ok(()) +// } +// } \ No newline at end of file From 68f7aecd0436280d592a85604dd22c4a3b5d3d42 Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Thu, 16 Mar 2023 01:20:29 +0000 Subject: [PATCH 10/21] Resolve nit. --- implants/eldritch/src/lib.rs | 1 - 1 file changed, 1 deletion(-) diff --git a/implants/eldritch/src/lib.rs b/implants/eldritch/src/lib.rs index 6e9e221b0..f430f99dc 100644 --- a/implants/eldritch/src/lib.rs +++ b/implants/eldritch/src/lib.rs @@ -209,7 +209,6 @@ file.download("https://www.google.com/", "{path}") let _ = test_res.join(); assert!(tmp_file.as_file().metadata().unwrap().len() > 5); - let _ = tmp_file.close(); Ok(()) } From 77bed035bde756ede0edb381a7c92b9614bf13a6 Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Thu, 16 Mar 2023 01:39:09 +0000 Subject: [PATCH 11/21] CI again. --- implants/eldritch/src/lib.rs | 1 - 1 file changed, 1 deletion(-) diff --git a/implants/eldritch/src/lib.rs b/implants/eldritch/src/lib.rs index f430f99dc..d49f7da9a 100644 --- a/implants/eldritch/src/lib.rs +++ b/implants/eldritch/src/lib.rs @@ -211,5 +211,4 @@ file.download("https://www.google.com/", "{path}") assert!(tmp_file.as_file().metadata().unwrap().len() > 5); Ok(()) } - } \ No newline at end of file From 7fd297c96a51f8184aa642aa05fd46bb0e9bebb3 Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Thu, 16 Mar 2023 03:07:36 +0000 Subject: [PATCH 12/21] Trying to disable defender. --- .github/workflows/tests.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 82260a4f7..7419b3e90 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -53,6 +53,9 @@ jobs: key: ${{ runner.os }}-imix-cargo-${{ hashFiles('**/Cargo.lock') }} restore-keys: | ${{ runner.os }}-imix-cargo- + - if matrix.os == 'windows-latest' + run: powershell -ArgumentList '/c','Set-MpPreference -DisableRealtimeMonitoring $true' -verb RunAs + shell: powershell - name: 🔨 Build run: cd implants/imix && cargo build --verbose - name: 🔎 Run tests From 986b98fdd099c128bf7fa19f5d7a63eaa0161407 Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Thu, 16 Mar 2023 03:08:15 +0000 Subject: [PATCH 13/21] Turn dll inject back on to test. --- implants/eldritch/src/sys/dll_inject_impl.rs | 106 +++++++++---------- 1 file changed, 53 insertions(+), 53 deletions(-) diff --git a/implants/eldritch/src/sys/dll_inject_impl.rs b/implants/eldritch/src/sys/dll_inject_impl.rs index d5d570eb0..6bbacfefb 100644 --- a/implants/eldritch/src/sys/dll_inject_impl.rs +++ b/implants/eldritch/src/sys/dll_inject_impl.rs @@ -78,58 +78,58 @@ pub fn dll_inject(dll_path: String, pid: u32) -> Result { } } -// #[cfg(target_os = "windows")] -// #[cfg(test)] -// mod tests { -// use super::*; -// use core::time; -// use std::{process::Command, thread, path::Path, fs}; -// use sysinfo::{Pid, Signal}; -// use tempfile::NamedTempFile; -// use sysinfo::{ProcessExt,System,SystemExt,PidExt}; +#[cfg(target_os = "windows")] +#[cfg(test)] +mod tests { + use super::*; + use core::time; + use std::{process::Command, thread, path::Path, fs}; + use sysinfo::{Pid, Signal}; + use tempfile::NamedTempFile; + use sysinfo::{ProcessExt,System,SystemExt,PidExt}; -// #[test] -// fn test_dll_inject_simple() -> anyhow::Result<()>{ -// // Get unique and unused temp file path -// let tmp_file = NamedTempFile::new()?; -// let path = String::from(tmp_file.path().to_str().unwrap()).clone(); -// tmp_file.close()?; - -// // Get the path to our test dll file. -// let cargo_root = env!("CARGO_MANIFEST_DIR"); -// let relative_path_to_test_dll = "..\\..\\tests\\create_file_dll\\target\\debug\\create_file_dll.dll"; -// let test_dll_path = Path::new(cargo_root).join(relative_path_to_test_dll); -// assert!(test_dll_path.is_file()); - -// // Out target process is notepad for stability and control. -// // The temp file is passed through an environment variable. -// let expected_process = Command::new("C:\\Windows\\System32\\notepad.exe").env("LIBTESTFILE", path.clone()).spawn(); -// let target_pid = expected_process.unwrap().id(); - -// // Run our code. -// let _res = dll_inject(test_dll_path.to_string_lossy().to_string(), target_pid); - -// let delay = time::Duration::from_secs(1); -// thread::sleep(delay); - -// // Test that the test file was created -// let test_path = Path::new(path.as_str()); -// assert!(test_path.is_file()); - -// // Delete test file -// let _ = fs::remove_file(test_path); + #[test] + fn test_dll_inject_simple() -> anyhow::Result<()>{ + // Get unique and unused temp file path + let tmp_file = NamedTempFile::new()?; + let path = String::from(tmp_file.path().to_str().unwrap()).clone(); + tmp_file.close()?; + + // Get the path to our test dll file. + let cargo_root = env!("CARGO_MANIFEST_DIR"); + let relative_path_to_test_dll = "..\\..\\tests\\create_file_dll\\target\\debug\\create_file_dll.dll"; + let test_dll_path = Path::new(cargo_root).join(relative_path_to_test_dll); + assert!(test_dll_path.is_file()); + + // Out target process is notepad for stability and control. + // The temp file is passed through an environment variable. + let expected_process = Command::new("C:\\Windows\\System32\\notepad.exe").env("LIBTESTFILE", path.clone()).spawn(); + let target_pid = expected_process.unwrap().id(); + + // Run our code. + let _res = dll_inject(test_dll_path.to_string_lossy().to_string(), target_pid); + + let delay = time::Duration::from_secs(1); + thread::sleep(delay); + + // Test that the test file was created + let test_path = Path::new(path.as_str()); + assert!(test_path.is_file()); + + // Delete test file + let _ = fs::remove_file(test_path); -// // kill the target process notepad -// let mut sys = System::new(); -// sys.refresh_processes(); -// match sys.process(Pid::from_u32(target_pid)) { -// Some(res) => { -// res.kill_with(Signal::Kill); -// }, -// None => { -// }, -// } - -// Ok(()) -// } -// } \ No newline at end of file + // kill the target process notepad + let mut sys = System::new(); + sys.refresh_processes(); + match sys.process(Pid::from_u32(target_pid)) { + Some(res) => { + res.kill_with(Signal::Kill); + }, + None => { + }, + } + + Ok(()) + } +} \ No newline at end of file From 1078d75b49634d2f14689406a56160cfc79cfdc1 Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Thu, 16 Mar 2023 03:09:25 +0000 Subject: [PATCH 14/21] Applied defender to eldritch test. --- .github/workflows/tests.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 7419b3e90..e2175f91f 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -53,7 +53,7 @@ jobs: key: ${{ runner.os }}-imix-cargo-${{ hashFiles('**/Cargo.lock') }} restore-keys: | ${{ runner.os }}-imix-cargo- - - if matrix.os == 'windows-latest' + - if: matrix.os == 'windows-latest' run: powershell -ArgumentList '/c','Set-MpPreference -DisableRealtimeMonitoring $true' -verb RunAs shell: powershell - name: 🔨 Build @@ -82,6 +82,9 @@ jobs: key: ${{ runner.os }}-eldritch-cargo-${{ hashFiles('**/Cargo.lock') }} restore-keys: | ${{ runner.os }}-eldritch-cargo- + - if: matrix.os == 'windows-latest' + run: powershell -ArgumentList '/c','Set-MpPreference -DisableRealtimeMonitoring $true' -verb RunAs + shell: powershell - name: 🔨 Build run: cd implants/eldritch && cargo build --verbose - name: 🔎 Run tests From dbd96facad1eb88f389ed3b043f204a258e73a3c Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Thu, 16 Mar 2023 03:12:07 +0000 Subject: [PATCH 15/21] Fixed command. --- .github/workflows/tests.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index e2175f91f..535463343 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -54,7 +54,7 @@ jobs: restore-keys: | ${{ runner.os }}-imix-cargo- - if: matrix.os == 'windows-latest' - run: powershell -ArgumentList '/c','Set-MpPreference -DisableRealtimeMonitoring $true' -verb RunAs + run: start-process -filepath powershell -ArgumentList '/c','Set-MpPreference -DisableRealtimeMonitoring $true' -verb RunAs shell: powershell - name: 🔨 Build run: cd implants/imix && cargo build --verbose @@ -83,7 +83,7 @@ jobs: restore-keys: | ${{ runner.os }}-eldritch-cargo- - if: matrix.os == 'windows-latest' - run: powershell -ArgumentList '/c','Set-MpPreference -DisableRealtimeMonitoring $true' -verb RunAs + run: start-process -filepath powershell -ArgumentList '/c','Set-MpPreference -DisableRealtimeMonitoring $true' -verb RunAs shell: powershell - name: 🔨 Build run: cd implants/eldritch && cargo build --verbose From 3388261812502883b5cf6643f44545dc53ebe07e Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Thu, 16 Mar 2023 03:31:45 +0000 Subject: [PATCH 16/21] Disable debug output in test dlll. --- tests/create_file_dll/src/lib.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/create_file_dll/src/lib.rs b/tests/create_file_dll/src/lib.rs index cfee5b560..bd87c479f 100644 --- a/tests/create_file_dll/src/lib.rs +++ b/tests/create_file_dll/src/lib.rs @@ -27,7 +27,7 @@ extern "system" fn DllMain( pub fn demo_init() { unsafe { consoleapi::AllocConsole() }; for (key, value) in env::vars_os() { - println!("{key:?}: {value:?}"); + // println!("{key:?}: {value:?}"); if key == "LIBTESTFILE" { let mut file = File::create(value).unwrap(); let _ = file.write_all(b"Hello, world!"); From d3162ac3d2d7f176d17fba2ab36ed303f410f09c Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Thu, 16 Mar 2023 03:37:46 +0000 Subject: [PATCH 17/21] Updated name. --- .github/workflows/tests.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 535463343..0fdd30e4c 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -55,6 +55,7 @@ jobs: ${{ runner.os }}-imix-cargo- - if: matrix.os == 'windows-latest' run: start-process -filepath powershell -ArgumentList '/c','Set-MpPreference -DisableRealtimeMonitoring $true' -verb RunAs + name: 👾 Disable defender shell: powershell - name: 🔨 Build run: cd implants/imix && cargo build --verbose @@ -84,6 +85,7 @@ jobs: ${{ runner.os }}-eldritch-cargo- - if: matrix.os == 'windows-latest' run: start-process -filepath powershell -ArgumentList '/c','Set-MpPreference -DisableRealtimeMonitoring $true' -verb RunAs + name: 👾 Disable defender shell: powershell - name: 🔨 Build run: cd implants/eldritch && cargo build --verbose From 5fea436b47e9124a9b7f28dcce3dbe03a0de3ebb Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Thu, 16 Mar 2023 03:39:38 +0000 Subject: [PATCH 18/21] Added debug statementes. --- implants/eldritch/src/lib.rs | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/implants/eldritch/src/lib.rs b/implants/eldritch/src/lib.rs index d49f7da9a..887e466a4 100644 --- a/implants/eldritch/src/lib.rs +++ b/implants/eldritch/src/lib.rs @@ -197,18 +197,23 @@ input_params #[tokio::test] async fn test_library_async() -> anyhow::Result<()> { + println!("[DOWNLOAD] ASYNC START"); // just using a temp file for its path let tmp_file = NamedTempFile::new()?; let path = String::from(tmp_file.path().to_str().unwrap()).clone(); - + println!("[DOWNLOAD] PATH ALLOCATED"); let test_content = format!(r#" file.download("https://www.google.com/", "{path}") "#); - + println!("[DOWNLOAD] CONTENT CREATED"); let test_res = thread::spawn(|| { eldritch_run("test.tome".to_string(), test_content, None) }); + println!("[DOWNLOAD] THREAD CREATED"); let _ = test_res.join(); + println!("[DOWNLOAD] THREAD JOINED"); assert!(tmp_file.as_file().metadata().unwrap().len() > 5); + println!("[DOWNLOAD] ASSERTED"); + Ok(()) } } \ No newline at end of file From ac29909ff528a83bb3fdd62945681f3d401d0c6e Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Thu, 16 Mar 2023 03:51:21 +0000 Subject: [PATCH 19/21] More debugging. --- implants/eldritch/src/lib.rs | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/implants/eldritch/src/lib.rs b/implants/eldritch/src/lib.rs index 887e466a4..95c5fd0a7 100644 --- a/implants/eldritch/src/lib.rs +++ b/implants/eldritch/src/lib.rs @@ -208,9 +208,13 @@ file.download("https://www.google.com/", "{path}") println!("[DOWNLOAD] CONTENT CREATED"); let test_res = thread::spawn(|| { eldritch_run("test.tome".to_string(), test_content, None) }); println!("[DOWNLOAD] THREAD CREATED"); - let _ = test_res.join(); + let test_val = test_res.join(); + println!("{:?}", test_val.unwrap()); println!("[DOWNLOAD] THREAD JOINED"); + println!("{:?}", tmp_file.as_file().metadata()); + println!("{:?}", tmp_file.as_file().metadata().unwrap()); + println!("{:?}", tmp_file.as_file().metadata().unwrap().len()); assert!(tmp_file.as_file().metadata().unwrap().len() > 5); println!("[DOWNLOAD] ASSERTED"); From 37f5c4c9ee744d7b056b7b3e9a6e483444703eeb Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Thu, 16 Mar 2023 04:02:30 +0000 Subject: [PATCH 20/21] Fixed windows stupid file paths. --- implants/eldritch/src/lib.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/implants/eldritch/src/lib.rs b/implants/eldritch/src/lib.rs index 95c5fd0a7..a04c27a68 100644 --- a/implants/eldritch/src/lib.rs +++ b/implants/eldritch/src/lib.rs @@ -200,7 +200,7 @@ input_params println!("[DOWNLOAD] ASYNC START"); // just using a temp file for its path let tmp_file = NamedTempFile::new()?; - let path = String::from(tmp_file.path().to_str().unwrap()).clone(); + let path = String::from(tmp_file.path().to_str().unwrap()).clone().replace("\\", "\\\\"); println!("[DOWNLOAD] PATH ALLOCATED"); let test_content = format!(r#" file.download("https://www.google.com/", "{path}") From acb7f1595a405e3e9bcfbc5d2789813215f68e4a Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Thu, 16 Mar 2023 04:13:03 +0000 Subject: [PATCH 21/21] Cleanup. --- implants/eldritch/src/lib.rs | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/implants/eldritch/src/lib.rs b/implants/eldritch/src/lib.rs index a04c27a68..d1c47c9c4 100644 --- a/implants/eldritch/src/lib.rs +++ b/implants/eldritch/src/lib.rs @@ -197,26 +197,16 @@ input_params #[tokio::test] async fn test_library_async() -> anyhow::Result<()> { - println!("[DOWNLOAD] ASYNC START"); // just using a temp file for its path let tmp_file = NamedTempFile::new()?; let path = String::from(tmp_file.path().to_str().unwrap()).clone().replace("\\", "\\\\"); - println!("[DOWNLOAD] PATH ALLOCATED"); let test_content = format!(r#" file.download("https://www.google.com/", "{path}") "#); - println!("[DOWNLOAD] CONTENT CREATED"); let test_res = thread::spawn(|| { eldritch_run("test.tome".to_string(), test_content, None) }); - println!("[DOWNLOAD] THREAD CREATED"); let test_val = test_res.join(); - println!("{:?}", test_val.unwrap()); - println!("[DOWNLOAD] THREAD JOINED"); - println!("{:?}", tmp_file.as_file().metadata()); - println!("{:?}", tmp_file.as_file().metadata().unwrap()); - println!("{:?}", tmp_file.as_file().metadata().unwrap().len()); assert!(tmp_file.as_file().metadata().unwrap().len() > 5); - println!("[DOWNLOAD] ASSERTED"); Ok(()) }