From 8239d7c3c00d2e86fd25cd9b709818b39d96f846 Mon Sep 17 00:00:00 2001 From: Ana Maria Martinez Gomez Date: Fri, 29 Sep 2023 11:40:16 +0200 Subject: [PATCH 1/2] Introduce Packers category Introduce Packers category as the Utilities folder is getting big and to make easier finding tools. Move upx to the Packers category. This change likely breaks updates. --- .github/ISSUE_TEMPLATE/new_metapackage.yml | 1 + .github/ISSUE_TEMPLATE/new_package.yml | 1 + categories.txt | 1 + packages/upx.vm/tools/chocolateyinstall.ps1 | 2 +- packages/upx.vm/tools/chocolateyuninstall.ps1 | 2 +- packages/upx.vm/upx.vm.nuspec | 2 +- 6 files changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/new_metapackage.yml b/.github/ISSUE_TEMPLATE/new_metapackage.yml index 534dfa0e9..2b4d8cb3b 100644 --- a/.github/ISSUE_TEMPLATE/new_metapackage.yml +++ b/.github/ISSUE_TEMPLATE/new_metapackage.yml @@ -70,6 +70,7 @@ body: - Lateral Movement - Networking - Office + - Packers - Password Attacks - Payload Development - PDF diff --git a/.github/ISSUE_TEMPLATE/new_package.yml b/.github/ISSUE_TEMPLATE/new_package.yml index fdc11a0ca..0455fec53 100644 --- a/.github/ISSUE_TEMPLATE/new_package.yml +++ b/.github/ISSUE_TEMPLATE/new_package.yml @@ -89,6 +89,7 @@ body: - Lateral Movement - Networking - Office + - Packers - Password Attacks - Payload Development - PDF diff --git a/categories.txt b/categories.txt index 585808a2c..b9558d62b 100644 --- a/categories.txt +++ b/categories.txt @@ -18,6 +18,7 @@ Javascript Lateral Movement Networking Office +Packers Password Attacks Payload Development PDF diff --git a/packages/upx.vm/tools/chocolateyinstall.ps1 b/packages/upx.vm/tools/chocolateyinstall.ps1 index 9c3d23736..508fc5f81 100644 --- a/packages/upx.vm/tools/chocolateyinstall.ps1 +++ b/packages/upx.vm/tools/chocolateyinstall.ps1 @@ -2,7 +2,7 @@ $ErrorActionPreference = 'Stop' Import-Module vm.common -Force -DisableNameChecking $toolName = 'upx' -$category = 'Utilities' +$category = 'Packers' $zipUrl = "https://github.com/upx/upx/releases/download/v4.1.0/upx-4.1.0-win32.zip" $zipSha256 = "066c62993ce904f9f377ce849e85b77d1e2cf477d554c36c5ff89f6d3f0fa072" diff --git a/packages/upx.vm/tools/chocolateyuninstall.ps1 b/packages/upx.vm/tools/chocolateyuninstall.ps1 index 9684090d7..472237d25 100644 --- a/packages/upx.vm/tools/chocolateyuninstall.ps1 +++ b/packages/upx.vm/tools/chocolateyuninstall.ps1 @@ -2,6 +2,6 @@ $ErrorActionPreference = 'Continue' Import-Module vm.common -Force -DisableNameChecking $toolName = 'upx' -$category = 'Utilities' +$category = 'Packers' VM-Uninstall $toolName $category diff --git a/packages/upx.vm/upx.vm.nuspec b/packages/upx.vm/upx.vm.nuspec index 511bbbf96..cfd18f4dc 100644 --- a/packages/upx.vm/upx.vm.nuspec +++ b/packages/upx.vm/upx.vm.nuspec @@ -2,7 +2,7 @@ upx.vm - 4.1.0 + 4.1.0.20230929 markus-oberhumer UPX is a free, secure, portable, extendable, high-performance executable packer for several executable formats. From cf3fe3e468775ec260bf61ad409d814d004ed789 Mon Sep 17 00:00:00 2001 From: Ana Maria Martinez Gomez Date: Fri, 29 Sep 2023 12:06:36 +0200 Subject: [PATCH 2/2] Add pkg-unpacker Add pkg-unpacker, a nodejs tool installed similarly to malware-jail. --- .../pkg-unpacker.vm/pkg-unpacker.vm.nuspec | 13 +++++++++++++ .../tools/chocolateyinstall.ps1 | 19 +++++++++++++++++++ .../tools/chocolateyuninstall.ps1 | 7 +++++++ 3 files changed, 39 insertions(+) create mode 100644 packages/pkg-unpacker.vm/pkg-unpacker.vm.nuspec create mode 100644 packages/pkg-unpacker.vm/tools/chocolateyinstall.ps1 create mode 100644 packages/pkg-unpacker.vm/tools/chocolateyuninstall.ps1 diff --git a/packages/pkg-unpacker.vm/pkg-unpacker.vm.nuspec b/packages/pkg-unpacker.vm/pkg-unpacker.vm.nuspec new file mode 100644 index 000000000..b39ac1d5c --- /dev/null +++ b/packages/pkg-unpacker.vm/pkg-unpacker.vm.nuspec @@ -0,0 +1,13 @@ + + + + pkg-unpacker.vm + 1.0.0 + LockBlock-dev + Unpacker for pkg applications. + + + + + + diff --git a/packages/pkg-unpacker.vm/tools/chocolateyinstall.ps1 b/packages/pkg-unpacker.vm/tools/chocolateyinstall.ps1 new file mode 100644 index 000000000..2cc736110 --- /dev/null +++ b/packages/pkg-unpacker.vm/tools/chocolateyinstall.ps1 @@ -0,0 +1,19 @@ +$ErrorActionPreference = 'Stop' +Import-Module vm.common -Force -DisableNameChecking + +try { + $toolName = 'pkg-unpacker' + $category = 'Packers' + $zipUrl = 'https://github.com/LockBlock-dev/pkg-unpacker/archive/b1fd5200e1bf656dedef6817c177c8bb2dc38028.zip' + $zipSha256 = '6eed1d492d37ca3934a3bc838c2256719a3e78ccf72ce1b1ca07684519ace16c' + $powershellCommand = "Write-Output '> node unpack.js'; node unpack.js" + + $toolDir = VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -powershellCommand $powershellCommand + + # Get absolute path as npm is not in path until Powershell is restarted + $npmPath = Join-Path ${Env:ProgramFiles} "\nodejs\npm.cmd" -Resolve + # Install tool dependencies with npm + Set-Location $toolDir; & "$npmPath" install | Out-Null +} catch { + VM-Write-Log-Exception $_ +} diff --git a/packages/pkg-unpacker.vm/tools/chocolateyuninstall.ps1 b/packages/pkg-unpacker.vm/tools/chocolateyuninstall.ps1 new file mode 100644 index 000000000..6bb7b577f --- /dev/null +++ b/packages/pkg-unpacker.vm/tools/chocolateyuninstall.ps1 @@ -0,0 +1,7 @@ +$ErrorActionPreference = 'Continue' +Import-Module vm.common -Force -DisableNameChecking + +$toolName = 'pkg-unpacker' +$category = 'Packers' + +VM-Uninstall $toolName $category