https://github.com/safedv/rustic64

64-bit, position-independent implant template for Windows in Rust.
https://github.com/safedv/rustic64

position-independent-code redteam rust-lang

Last synced: 9 months ago
JSON representation

64-bit, position-independent implant template for Windows in Rust.

• Host: GitHub
• URL: https://github.com/safedv/rustic64
• Owner: safedv
• License: mit
• Created: 2024-09-23T17:24:18.000Z (over 1 year ago)
• Default Branch: master
• Last Pushed: 2024-10-05T01:06:01.000Z (over 1 year ago)
• Last Synced: 2025-03-30T01:05:39.188Z (10 months ago)
• Topics: position-independent-code, redteam, rust-lang
• Language: Rust
• Homepage:
• Size: 11.7 KB
• Stars: 116
• Watchers: 1
• Forks: 20
• Open Issues: 0
• Metadata Files:
  • Readme: readme.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Rustic64

**Rustic64** is a 64-bit, position-independent shellcode template inspired by the design principles of [Stardust](https://github.com/Cracked5pider/Stardust). Unlike traditional methods, this template adopts a fully **position-independent** architecture tailored for the **Windows** environment, providing a modern and flexible solution for position-independent implant development.

A common challenge with position-independent implants is managing global variables or raw strings. **Rustic64** addresses this by introducing a global instance to maintain state across different parts of the shellcode, enabling seamless access to APIs, modules, configuration data, and more.

In addition, **Rustic64** incorporates a custom allocator that uses the native NT Heap API. Initialized with `RtlCreateHeap` and managed through functions like `RtlAllocateHeap` and `RtlFreeHeap`, this allocator allows for the use of heap-allocated types like `Vec` and `String` in a position-independent context, integrated via a global instance.

This project is primarily a personal learning journey in modern implant development. It is shared in the spirit of collaboration and growth, inviting feedback, suggestions, and improvements from the community.

## Disclaimer

This project is intended **for educational and research purposes only**. It is designed to showcase a modern approach to implant design using Rust and should not be used for any illegal or unethical activities. The code provided here is a demonstration template, and the creators of this repository are not responsible for any misuse of this information.

Always make sure to follow ethical guidelines and legal frameworks when conducting any security research.

## Credits

- Inspired by [Stardust](https://github.com/Cracked5pider/Stardust) by [Cracked5pider](https://github.com/Cracked5pider). A big thanks to the creator for sharing his work.

- Thanks to [@0x64616e](https://x.com/0x64616e/status/1769723870867509531) for sharing the technique used for managing global context without syscalls.

## Contributions

Contributions are welcome to help enhance the capabilities of Rustic64. If you'd like to contribute new features or report bugs, feel free to open a pull request or an issue in the repository.

---