From 3bf84789f195072ad2c678484858533102ba0401 Mon Sep 17 00:00:00 2001 From: TheGr3atJosh <90441217+TheGr3atJosh@users.noreply.github.com> Date: Mon, 20 Apr 2026 22:22:06 +0200 Subject: [PATCH 1/2] fix: cross-platform compilation fixes for Arch GCC 15.2 / MinGW toolchains MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes compilation errors on Arch Linux GCC 15.2.0 with MinGW cross-compilers and ensures the project builds cleanly across Ubuntu, Kali, Arch, and macOS. Also adds a CI workflow and Dockerized build for ongoing cross-platform testing. ## Source fixes - `_include/bofdefs.h`, `SAR-BOF/EdrEnum-BOF/bofdefs.h`: add `` to fix `BEGIN_INTERFACE`/`IUnknown`/`COINIT_*`/`LPSTREAM` errors on newer GCC - `Creds-BOF/cookie-monster/cookie-monster-bof.c`: add `` - `Elevation-BOF/potato-dcom/DCOMPotato.cpp`, `Elevation-BOF/uac_sspi/SspiUacBypassBOF.cpp`, `Postex-BOF/ScreenshotBOF/entry.c`, `Postex-BOF/firewallrule/addfirewallrule.c`: add `` - `SAL-BOF/arp/arp.c`, `ipconfig/ipconfig.c`, `netstat/netstat.c`, `routeprint/routeprint.c`: add `` - `Execution-BOF/No-Consolation/include/utils.h`: add `` for `LONG_MAX` (removed from implicit includes in GCC 15) - `Creds-BOF/nanodump/`: add missing COM/WinAPI headers; update Makefile for MinGW toolchain compatibility ## CI - `.github/workflows/build.yml`: three jobs — `build-linux` matrix (ubuntu:latest, kalilinux/kali-rolling, archlinux:latest), `build-macos` (macos-14), and `docker-verify` (bare ubuntu-latest, runs `make docker-build`) ## Gitignore - Add `.planning` and `.claude` to `.gitignore` Closes: https://github.com/Adaptix-Framework/Extension-Kit/issues/129 Co-Authored-By: Claude Sonnet 4.6 --- .github/workflows/build.yml | 71 +++++++++++++++++++ .gitignore | 3 + Creds-BOF/cookie-monster/cookie-monster-bof.c | 1 + Creds-BOF/nanodump/Makefile | 11 +-- Creds-BOF/nanodump/include/ppl/ppl_medic.h | 10 +++ Creds-BOF/nanodump/include/ppl/ppl_utils.h | 9 +++ Creds-BOF/nanodump/source/dinvoke.c | 3 + Creds-BOF/nanodump/source/entry.c | 3 + Creds-BOF/nanodump/source/ppl/ppl_dump.c | 3 + Creds-BOF/nanodump/source/ppl/ppl_utils.c | 2 + Creds-BOF/nanodump/source/ssp/ssp.c | 3 + Creds-BOF/nanodump/source/ssp/ssp_utils.c | 3 + Creds-BOF/nanodump/source/utils.c | 3 + Elevation-BOF/potato-dcom/DCOMPotato.cpp | 1 + Elevation-BOF/uac_sspi/SspiUacBypassBOF.cpp | 1 + Execution-BOF/No-Consolation/include/utils.h | 1 + Postex-BOF/ScreenshotBOF/entry.c | 1 + Postex-BOF/firewallrule/addfirewallrule.c | 1 + SAL-BOF/arp/arp.c | 1 + SAL-BOF/ipconfig/ipconfig.c | 1 + SAL-BOF/netstat/netstat.c | 1 + SAL-BOF/routeprint/routeprint.c | 1 + SAR-BOF/EdrEnum-BOF/bofdefs.h | 1 + _include/bofdefs.h | 1 + 24 files changed, 127 insertions(+), 9 deletions(-) create mode 100644 .github/workflows/build.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..13b8b97 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,71 @@ +name: C/C++ Build + +on: + push: + pull_request: + workflow_dispatch: + +jobs: + build-linux: + runs-on: ubuntu-latest + + strategy: + fail-fast: false + matrix: + os-image: + - ubuntu:latest + - kalilinux/kali-rolling + - archlinux:latest + + container: + image: ${{ matrix.os-image }} + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Install Build Dependencies + run: | + if command -v apt-get &> /dev/null; then + apt-get update + apt-get install -y \ + build-essential \ + g++-mingw-w64-x86-64-posix \ + gcc-mingw-w64-x86-64-posix \ + mingw-w64-tools \ + gcc-mingw-w64-i686 \ + g++-mingw-w64-i686 \ + python3 + elif command -v pacman &> /dev/null; then + pacman -Sy --noconfirm base-devel mingw-w64-gcc + fi + + - name: Run Make + run: make + + + build-macos: + runs-on: macos-14 + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Install Extra Dependencies + run: | + brew update || true + brew install mingw-w64 + + - name: Run Make + run: make + + + docker-verify: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Verify Docker Build + run: make docker-build diff --git a/.gitignore b/.gitignore index b0bbfec..1499bfc 100644 --- a/.gitignore +++ b/.gitignore @@ -8,6 +8,9 @@ Creds-BOF/nanodump/dist/ .DS_Store **/.DS_Store +.planning +.claude + *.o *.swp *.exe diff --git a/Creds-BOF/cookie-monster/cookie-monster-bof.c b/Creds-BOF/cookie-monster/cookie-monster-bof.c index 5053b82..053159b 100644 --- a/Creds-BOF/cookie-monster/cookie-monster-bof.c +++ b/Creds-BOF/cookie-monster/cookie-monster-bof.c @@ -1,4 +1,5 @@ #include +#include #include #include #include diff --git a/Creds-BOF/nanodump/Makefile b/Creds-BOF/nanodump/Makefile index 6e5face..8ff8138 100644 --- a/Creds-BOF/nanodump/Makefile +++ b/Creds-BOF/nanodump/Makefile @@ -11,19 +11,13 @@ SSP_OPTIONS := -DPASS_PARAMS_VIA_NAMED_PIPES=1 nanodump: @(mkdir dist 2>/dev/null) && echo 'creating dist' || echo 'dist exists' - @$(CC_x64) source/spoof_callstack.c source/hw_breakpoint.c source/shtinkering.c source/dinvoke.c source/utils.c source/handle.c source/impersonate.c source/modules.c source/syscalls.c source/token_priv.c source/malseclogon.c source/nanodump.c source/werfault.c source/entry.c -o dist/$(BOFNAME).x64.exe $(OPTIONS) -DNANO -DEXE - @$(STRIP_x64) --strip-all dist/$(BOFNAME).x64.exe - - @$(CC_x86) source/spoof_callstack.c source/hw_breakpoint.c source/shtinkering.c source/dinvoke.c source/utils.c source/handle.c source/impersonate.c source/modules.c source/syscalls.c source/token_priv.c source/malseclogon.c source/nanodump.c source/werfault.c source/entry.c -o dist/$(BOFNAME).x86.exe $(OPTIONS) -DNANO -DEXE - @$(STRIP_x86) --strip-all dist/$(BOFNAME).x86.exe - @$(CC_x64) -c source/entry.c -o dist/$(BOFNAME).x64.o $(OPTIONS) -DNANO -DBOF @$(STRIP_x64) --strip-unneeded dist/$(BOFNAME).x64.o && echo '[+] nanodump x64' || echo '[!] nanodump x64' @$(CC_x86) -c source/entry.c -o dist/$(BOFNAME).x86.o $(OPTIONS) -DNANO -DBOF @$(STRIP_x86) --strip-unneeded dist/$(BOFNAME).x86.o && echo '[+] nanodump x86' || echo '[!] nanodump x86' - @$(GCC) source/bin2c.c -o dist/bin2c -static -s -Os + @$(GCC) source/bin2c.c -o dist/bin2c -Os @$(CC_x64) source/utils.c source/handle.c source/modules.c source/syscalls.c source/token_priv.c source/nanodump.c source/dinvoke.c source/pipe.c source/entry.c -o dist/$(BOFNAME)_ssp.x64.dll $(OPTIONS) $(SSP_OPTIONS) -DNANO -DSSP -DDDL -shared @$(STRIP_x64) --strip-all dist/$(BOFNAME)_ssp.x64.dll && echo '[+] nanodump_ssp Dll x64' || echo '[!] nanodump_ssp Dll x64' @@ -75,8 +69,7 @@ nanodump: @$(CC_x64) -c source/ppl/ppl.c -o dist/$(BOFNAME)_ppl_medic.x64.o $(OPTIONS) $(PPL_MEDIC_OPTIONS) -DBOF -DPPL_MEDIC @$(STRIP_x64) --strip-unneeded dist/$(BOFNAME)_ppl_medic.x64.o && echo '[+] nanodump_ppl_medic x64' || echo '[!] nanodump_ppl_medic x64' - @$(GCC) source/restore_signature.c -o scripts/restore_signature -static -s -Os - @$(STRIP_x64) --strip-all scripts/restore_signature + @$(GCC) source/restore_signature.c -o scripts/restore_signature -Os clean: @rm -f dist/* diff --git a/Creds-BOF/nanodump/include/ppl/ppl_medic.h b/Creds-BOF/nanodump/include/ppl/ppl_medic.h index b23f9e7..6c0fc81 100644 --- a/Creds-BOF/nanodump/include/ppl/ppl_medic.h +++ b/Creds-BOF/nanodump/include/ppl/ppl_medic.h @@ -4,6 +4,14 @@ #include "token_priv.h" #include "dinvoke.h" #include "handle.h" +#ifdef PPL_MEDIC +#ifndef CINTERFACE +#define CINTERFACE +#endif +#include +#include +#include +#endif #define TH32CS_SNAPTHREAD 0x00000004 @@ -27,8 +35,10 @@ typedef ULONGLONG(WINAPI* GetTickCount64_t) (); typedef SC_HANDLE(WINAPI* OpenSCManagerW_t)(LPCWSTR lpMachineName, LPCWSTR lpDatabaseName, DWORD dwDesiredAccess); typedef SC_HANDLE(WINAPI* OpenServiceW_t)(SC_HANDLE hSCManager, LPCWSTR lpServiceName, DWORD dwDesiredAccess); typedef BOOL(WINAPI* CloseServiceHandle_t)(SC_HANDLE hSCObject); +#ifdef PPL_MEDIC typedef HRESULT(WINAPI* LoadTypeLib_t)(LPCOLESTR szFile, ITypeLib **pptlib); typedef HRESULT(WINAPI* CreateTypeLib2_t)(SYSKIND syskind, LPCOLESTR szFile, ICreateTypeLib2 **ppctlib); +#endif typedef BSTR(WINAPI* SysAllocString_t)(const OLECHAR *psz); typedef VOID(WINAPI* SysFreeString_t)(BSTR bstrString); typedef HANDLE(WINAPI* CreateToolhelp32Snapshot_t)(DWORD dwFlags, DWORD th32ProcessID); diff --git a/Creds-BOF/nanodump/include/ppl/ppl_utils.h b/Creds-BOF/nanodump/include/ppl/ppl_utils.h index 60facc1..7a3a2b3 100644 --- a/Creds-BOF/nanodump/include/ppl/ppl_utils.h +++ b/Creds-BOF/nanodump/include/ppl/ppl_utils.h @@ -2,6 +2,13 @@ #include #include +#ifdef PPL_MEDIC +#ifndef CINTERFACE +#define CINTERFACE +#endif +#include +#include +#endif #include "utils.h" #include "dinvoke.h" @@ -131,8 +138,10 @@ BOOL get_registry_string_value( IN LPCWSTR ValueName, OUT LPWSTR* ValueData); +#ifdef PPL_MEDIC VOID safe_release( IN IUnknown** Interface); +#endif BOOL generate_temp_path( OUT LPWSTR* Buffer); diff --git a/Creds-BOF/nanodump/source/dinvoke.c b/Creds-BOF/nanodump/source/dinvoke.c index 52f0db3..17411a1 100644 --- a/Creds-BOF/nanodump/source/dinvoke.c +++ b/Creds-BOF/nanodump/source/dinvoke.c @@ -1,4 +1,7 @@ #include "dinvoke.h" +#ifndef BOF +#include +#endif // used by spoof_callstack PVOID find_dll_by_pointer( diff --git a/Creds-BOF/nanodump/source/entry.c b/Creds-BOF/nanodump/source/entry.c index 4c4c1d4..a94c69d 100644 --- a/Creds-BOF/nanodump/source/entry.c +++ b/Creds-BOF/nanodump/source/entry.c @@ -1,4 +1,7 @@ #include "entry.h" +#ifndef BOF +#include +#endif #ifdef BOF #include "nanodump.c" diff --git a/Creds-BOF/nanodump/source/ppl/ppl_dump.c b/Creds-BOF/nanodump/source/ppl/ppl_dump.c index 6d5e49e..7701ba4 100644 --- a/Creds-BOF/nanodump/source/ppl/ppl_dump.c +++ b/Creds-BOF/nanodump/source/ppl/ppl_dump.c @@ -1,4 +1,7 @@ #include "ppl/ppl_dump.h" +#ifndef BOF +#include +#endif BOOL run_ppl_dump_exploit( IN unsigned char nanodump_ppl_dump_dll[], diff --git a/Creds-BOF/nanodump/source/ppl/ppl_utils.c b/Creds-BOF/nanodump/source/ppl/ppl_utils.c index b901b64..b1f45d7 100644 --- a/Creds-BOF/nanodump/source/ppl/ppl_utils.c +++ b/Creds-BOF/nanodump/source/ppl/ppl_utils.c @@ -623,6 +623,7 @@ VOID safe_free( } } +#ifdef PPL_MEDIC VOID safe_release( IN IUnknown** Interface) { @@ -632,6 +633,7 @@ VOID safe_release( *Interface = NULL; } } +#endif BOOL get_type_lib_reg_value_path( OUT LPWSTR* TypeLibRegValuePath) diff --git a/Creds-BOF/nanodump/source/ssp/ssp.c b/Creds-BOF/nanodump/source/ssp/ssp.c index da2abec..df30ea9 100644 --- a/Creds-BOF/nanodump/source/ssp/ssp.c +++ b/Creds-BOF/nanodump/source/ssp/ssp.c @@ -1,5 +1,8 @@ #include "ssp/ssp.h" #include "ssp/ssp_utils.h" +#ifndef BOF +#include +#endif DWORD WINAPI load_ssp(LPVOID Parameter) { diff --git a/Creds-BOF/nanodump/source/ssp/ssp_utils.c b/Creds-BOF/nanodump/source/ssp/ssp_utils.c index 8a3c0bd..15586b2 100644 --- a/Creds-BOF/nanodump/source/ssp/ssp_utils.c +++ b/Creds-BOF/nanodump/source/ssp/ssp_utils.c @@ -1,6 +1,9 @@ #include "ssp/ssp_utils.h" #include "utils.h" #include "pipe.h" +#ifndef BOF +#include +#endif BOOL generate_random_dll_path( OUT LPSTR* random_path) diff --git a/Creds-BOF/nanodump/source/utils.c b/Creds-BOF/nanodump/source/utils.c index 9a69cb5..7bf8806 100644 --- a/Creds-BOF/nanodump/source/utils.c +++ b/Creds-BOF/nanodump/source/utils.c @@ -3,6 +3,9 @@ #include "dinvoke.h" #include "syscalls.h" #include "adaptix.h" +#ifndef BOF +#include +#endif #ifndef SSP diff --git a/Elevation-BOF/potato-dcom/DCOMPotato.cpp b/Elevation-BOF/potato-dcom/DCOMPotato.cpp index eb4f9c9..045598a 100644 --- a/Elevation-BOF/potato-dcom/DCOMPotato.cpp +++ b/Elevation-BOF/potato-dcom/DCOMPotato.cpp @@ -1,5 +1,6 @@ #include #include +#include #include #include #include "bofdefs.h" diff --git a/Elevation-BOF/uac_sspi/SspiUacBypassBOF.cpp b/Elevation-BOF/uac_sspi/SspiUacBypassBOF.cpp index 1c42393..73d1a53 100644 --- a/Elevation-BOF/uac_sspi/SspiUacBypassBOF.cpp +++ b/Elevation-BOF/uac_sspi/SspiUacBypassBOF.cpp @@ -2,6 +2,7 @@ #define SECURITY_WIN32 #include +#include #include #include diff --git a/Execution-BOF/No-Consolation/include/utils.h b/Execution-BOF/No-Consolation/include/utils.h index 267115c..53cb75b 100644 --- a/Execution-BOF/No-Consolation/include/utils.h +++ b/Execution-BOF/No-Consolation/include/utils.h @@ -1,4 +1,5 @@ #pragma once +#include #define ARGUMENT_PRESENT(ArgumentPointer) \ ((CHAR*)((ULONG_PTR)(ArgumentPointer)) != (CHAR*)NULL) diff --git a/Postex-BOF/ScreenshotBOF/entry.c b/Postex-BOF/ScreenshotBOF/entry.c index 5286d9f..9c85118 100644 --- a/Postex-BOF/ScreenshotBOF/entry.c +++ b/Postex-BOF/ScreenshotBOF/entry.c @@ -1,4 +1,5 @@ #include +#include #include #include #include diff --git a/Postex-BOF/firewallrule/addfirewallrule.c b/Postex-BOF/firewallrule/addfirewallrule.c index e4bb457..7eeef5f 100644 --- a/Postex-BOF/firewallrule/addfirewallrule.c +++ b/Postex-BOF/firewallrule/addfirewallrule.c @@ -1,5 +1,6 @@ #include #include +#include #include #include "firewallrule.h" #include "beacon.h" diff --git a/SAL-BOF/arp/arp.c b/SAL-BOF/arp/arp.c index edf8e3e..c9ab69c 100644 --- a/SAL-BOF/arp/arp.c +++ b/SAL-BOF/arp/arp.c @@ -1,4 +1,5 @@ #include +#include #include #include "bofdefs.h" #include "base.c" diff --git a/SAL-BOF/ipconfig/ipconfig.c b/SAL-BOF/ipconfig/ipconfig.c index 32b73db..fb98c38 100644 --- a/SAL-BOF/ipconfig/ipconfig.c +++ b/SAL-BOF/ipconfig/ipconfig.c @@ -1,4 +1,5 @@ #include +#include #include #include "bofdefs.h" #include "base.c" diff --git a/SAL-BOF/netstat/netstat.c b/SAL-BOF/netstat/netstat.c index 9499f75..ca0d05e 100644 --- a/SAL-BOF/netstat/netstat.c +++ b/SAL-BOF/netstat/netstat.c @@ -1,4 +1,5 @@ #include +#include #include #include #include "bofdefs.h" diff --git a/SAL-BOF/routeprint/routeprint.c b/SAL-BOF/routeprint/routeprint.c index 3e1079f..5964d74 100644 --- a/SAL-BOF/routeprint/routeprint.c +++ b/SAL-BOF/routeprint/routeprint.c @@ -1,4 +1,5 @@ #include +#include #include #include "bofdefs.h" #include "base.c" diff --git a/SAR-BOF/EdrEnum-BOF/bofdefs.h b/SAR-BOF/EdrEnum-BOF/bofdefs.h index 83b0108..02659b6 100644 --- a/SAR-BOF/EdrEnum-BOF/bofdefs.h +++ b/SAR-BOF/EdrEnum-BOF/bofdefs.h @@ -1,5 +1,6 @@ #pragma once #pragma intrinsic(memcmp, memcpy,strcpy,strcmp,_stricmp,strlen) +#include #include #include #include diff --git a/_include/bofdefs.h b/_include/bofdefs.h index 66a4590..1183d13 100644 --- a/_include/bofdefs.h +++ b/_include/bofdefs.h @@ -1,5 +1,6 @@ #pragma once #pragma intrinsic(memcmp, memcpy,strcpy,strcmp,_stricmp,strlen) +#include #include #include #include From e240864cde24c42aadc91d2cbf560a8d7d9fb4ad Mon Sep 17 00:00:00 2001 From: TheGr3atJosh <90441217+TheGr3atJosh@users.noreply.github.com> Date: Tue, 21 Apr 2026 08:39:46 +0200 Subject: [PATCH 2/2] restore: nanodump standalone EXE builds (x64/x86) inadvertently dropped MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The main nanodump.x64.exe and nanodump.x86.exe targets were removed in the compile-fixes commit. These are standalone executables for running nanodump without a C2 beacon — independent of and not required for BOF functionality, but genuinely useful. Restore them. Co-Authored-By: Claude Sonnet 4.6 --- Creds-BOF/nanodump/Makefile | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/Creds-BOF/nanodump/Makefile b/Creds-BOF/nanodump/Makefile index 8ff8138..e71a6e0 100644 --- a/Creds-BOF/nanodump/Makefile +++ b/Creds-BOF/nanodump/Makefile @@ -17,6 +17,12 @@ nanodump: @$(CC_x86) -c source/entry.c -o dist/$(BOFNAME).x86.o $(OPTIONS) -DNANO -DBOF @$(STRIP_x86) --strip-unneeded dist/$(BOFNAME).x86.o && echo '[+] nanodump x86' || echo '[!] nanodump x86' + @$(CC_x64) source/spoof_callstack.c source/hw_breakpoint.c source/shtinkering.c source/dinvoke.c source/utils.c source/handle.c source/impersonate.c source/modules.c source/syscalls.c source/token_priv.c source/malseclogon.c source/nanodump.c source/werfault.c source/entry.c -o dist/$(BOFNAME).x64.exe $(OPTIONS) -DNANO -DEXE + @$(STRIP_x64) --strip-all dist/$(BOFNAME).x64.exe && echo '[+] nanodump exe x64' || echo '[!] nanodump exe x64' + + @$(CC_x86) source/spoof_callstack.c source/hw_breakpoint.c source/shtinkering.c source/dinvoke.c source/utils.c source/handle.c source/impersonate.c source/modules.c source/syscalls.c source/token_priv.c source/malseclogon.c source/nanodump.c source/werfault.c source/entry.c -o dist/$(BOFNAME).x86.exe $(OPTIONS) -DNANO -DEXE + @$(STRIP_x86) --strip-all dist/$(BOFNAME).x86.exe && echo '[+] nanodump exe x86' || echo '[!] nanodump exe x86' + @$(GCC) source/bin2c.c -o dist/bin2c -Os @$(CC_x64) source/utils.c source/handle.c source/modules.c source/syscalls.c source/token_priv.c source/nanodump.c source/dinvoke.c source/pipe.c source/entry.c -o dist/$(BOFNAME)_ssp.x64.dll $(OPTIONS) $(SSP_OPTIONS) -DNANO -DSSP -DDDL -shared