diff --git a/README.md b/README.md index 39376f0..c45c136 100644 --- a/README.md +++ b/README.md @@ -10,6 +10,8 @@ Precompiled versions of Nmap are available for the following operating systems/a * [Linux x86](bin/linux/x86) (nmap, ncat, nping) * [Linux x86_64](bin/linux/x86_64) (nmap, ncat, nping) +* [Linux armhf](bin/linux/armhf) (nmap, ncat, nping) +* [Linux aarch64](bin/linux/aarch64) (nmap, ncat, nping) * [Windows x86](bin/windows/x86) (nmap) ### Packaged Archives @@ -22,3 +24,17 @@ Precompiled versions of socat are available for the following operating systems/ * [Linux x86](bin/linux/x86) * [Linux x86_64](bin/linux/x86_64) + +# Building with Vagrant + +The recipes are supposed to be built in Docker containers. In case Docker is not available, it is recommended to use Vagrant to built everything in a VM, e.g. Nmap for Linux x86: + +``` +vagrant up +vagrant ssh +cd /vagrant/recipes/nmap/linux_x86 +sudo docker build -t static-toolbox-nmap-x86 . +sudo docker run -v $(pwd)/output:/output static-toolbox-nmap-x86 +``` + +This is also the recommended way to run the build scripts without Docker without creating directories like `/build` and `/output` on your host system. diff --git a/Vagrantfile b/Vagrantfile new file mode 100644 index 0000000..ad257f5 --- /dev/null +++ b/Vagrantfile @@ -0,0 +1,24 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +Vagrant.configure("2") do |config| + config.vm.box = "ubuntu/xenial64" + + config.vm.provider "virtualbox" do |vb| + vb.memory = "1024" + end + + config.vm.provision "shell", inline: <<-SHELL + apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D + echo "deb https://apt.dockerproject.org/repo ubuntu-xenial main" > /etc/apt/sources.list.d/docker.list + apt update + apt install -y linux-image-extra-$(uname -r) linux-image-extra-virtual + apt install -y docker-engine + service docker start + apt install -y python3-pip + pip3 install --upgrade pip + pip3 install docker-compose + systemctl daemon-reload + systemctl restart docker + SHELL +end diff --git a/bin/linux/aarch64/ncat-fcac8c6 b/bin/linux/aarch64/ncat-fcac8c6 new file mode 100755 index 0000000..927dba6 --- /dev/null +++ b/bin/linux/aarch64/ncat-fcac8c6 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d3a2e105b3dadf29d04f206e89e550ecad0d0505337bad843cd720379a1c8e58 +size 2240744 diff --git a/bin/linux/aarch64/nmap-fcac8c6 b/bin/linux/aarch64/nmap-fcac8c6 new file mode 100755 index 0000000..be652bc --- /dev/null +++ b/bin/linux/aarch64/nmap-fcac8c6 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:85e921b9bad77c454881ede3dbc9794c79f6720c07831074a4204941cb37953e +size 6108760 diff --git a/bin/linux/aarch64/nping-fcac8c6 b/bin/linux/aarch64/nping-fcac8c6 new file mode 100755 index 0000000..45d2aa8 --- /dev/null +++ b/bin/linux/aarch64/nping-fcac8c6 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1e64c1bc6359a5f9d8a72d14600249ad247712f3de1c1f9d7bc3e836653dabd9 +size 3090752 diff --git a/bin/linux/armhf/ncat-fcac8c6 b/bin/linux/armhf/ncat-fcac8c6 new file mode 100755 index 0000000..6919c46 --- /dev/null +++ b/bin/linux/armhf/ncat-fcac8c6 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:413fcd3c6238561fa02567f9c51305fe517de660a289f798eb07803aae6c5d45 +size 2111488 diff --git a/bin/linux/armhf/nmap-fcac8c6 b/bin/linux/armhf/nmap-fcac8c6 new file mode 100755 index 0000000..9648c50 --- /dev/null +++ b/bin/linux/armhf/nmap-fcac8c6 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:b9bb59108da720ebaef08444876f5c4a5475ce6c1fefd257b213369e591a7dfa +size 5865372 diff --git a/bin/linux/armhf/nping-fcac8c6 b/bin/linux/armhf/nping-fcac8c6 new file mode 100755 index 0000000..6955848 --- /dev/null +++ b/bin/linux/armhf/nping-fcac8c6 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e98024c84b9eaca750d462c03d65cb58caa5fdfdaafe4f02d71ae36f282b0322 +size 2850308 diff --git a/bin/linux/x86/socat b/bin/linux/x86/socat old mode 100644 new mode 100755 diff --git a/bin/linux/x86_64/socat b/bin/linux/x86_64/socat old mode 100644 new mode 100755 diff --git a/packaged/nmap-7.60SVN-fcac8c6-aarch64-portable.zip b/packaged/nmap-7.60SVN-fcac8c6-aarch64-portable.zip new file mode 100644 index 0000000..5b0d526 --- /dev/null +++ b/packaged/nmap-7.60SVN-fcac8c6-aarch64-portable.zip @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:c37775c042c53ecfb3c6ff439e97608c3c8ab08ca24b535da321f1a512016097 +size 9551494 diff --git a/packaged/nmap-7.60SVN-fcac8c6-armhf-portable.zip b/packaged/nmap-7.60SVN-fcac8c6-armhf-portable.zip new file mode 100644 index 0000000..914a16e --- /dev/null +++ b/packaged/nmap-7.60SVN-fcac8c6-armhf-portable.zip @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:0f4668f0aecbec832bd9fc7acaa402c501739b4284476a35632973cb4a59596d +size 9405771 diff --git a/recipes/nmap/README.md b/recipes/nmap/README.md index 72e84f2..4e5d76a 100644 --- a/recipes/nmap/README.md +++ b/recipes/nmap/README.md @@ -1,19 +1,33 @@ # Nmap -## Build x86 +## Build Linux x86 ``` sudo docker build -t static-toolbox-nmap-x86 . sudo docker run -v $(pwd)/output:/output static-toolbox-nmap-x86 ``` -## Build x86_64 +## Build Linux x86_64 ``` sudo docker build -t static-toolbox-nmap-x86-64 . sudo docker run -v $(pwd)/output:/output static-toolbox-nmap-x86-64 ``` +## Build Linux armhf + +``` +sudo docker build -t static-toolbox-nmap-armhf . +sudo docker run -v $(pwd)/output:/output static-toolbox-nmap-armhf +``` + +## Build Linux aarch64 + +``` +sudo docker build -t static-toolbox-nmap-aarch64 . +sudo docker run -v $(pwd)/output:/output static-toolbox-nmap-aarch64 +``` + ## Using the Nmap data directory In order to use features like script scanning, we also need the Nmap data files that are typically installed into `/usr/share/nmap`. They are available in the `data/nmap` directory. Just copy this directory to the target system, e.g. into `/tmp/nmap-data` and run Nmap like this: diff --git a/recipes/nmap/linux_aarch64/Dockerfile b/recipes/nmap/linux_aarch64/Dockerfile new file mode 100644 index 0000000..91d395e --- /dev/null +++ b/recipes/nmap/linux_aarch64/Dockerfile @@ -0,0 +1,19 @@ +FROM ubuntu:xenial +RUN apt-get update && \ + apt upgrade -yy && \ + apt install -yy \ + automake \ + cmake \ + build-essential \ + checkinstall \ + libgmp-dev \ + libmpfr-dev \ + libmpc-dev \ + wget \ + git \ + pkg-config \ + python +RUN mkdir /build +ADD . /build +RUN chmod +x /build/build_aarch64.sh +CMD /build/build_aarch64.sh diff --git a/recipes/nmap/linux_aarch64/build_aarch64.sh b/recipes/nmap/linux_aarch64/build_aarch64.sh new file mode 100644 index 0000000..94908dc --- /dev/null +++ b/recipes/nmap/linux_aarch64/build_aarch64.sh @@ -0,0 +1,102 @@ +#!/bin/bash +#set -e +set -o pipefail +set -x +NMAP_COMMIT= + +fetch(){ + if [ ! -d "/build/musl" ];then + #git clone https://github.com/GregorR/musl-cross.git /build/musl + git clone https://github.com/takeshixx/musl-cross.git /build/musl + fi + if [ ! -d "/build/openssl" ];then + git clone https://github.com/drwetter/openssl-pm-snapshot.git /build/openssl + fi + if [ ! -d "/build/nmap" ];then + git clone https://github.com/nmap/nmap.git /build/nmap + fi + NMAP_COMMIT=$(cd /build/nmap/ && git rev-parse --short HEAD) +} + +build_musl_aarch64() { + cd /build/musl + git clean -fdx + echo "ARCH=arm64" >> config.sh + echo "GCC_BUILTIN_PREREQS=yes" >> config.sh + echo "TRIPLE=aarch64-linux-musleabi" >> config.sh + ./build.sh + echo "[+] Finished building musl-cross aarch64" +} + +build_openssl_aarch64() { + cd /build/openssl + git clean -fdx + make clean + CC='/opt/cross/aarch64-linux-musleabi/bin/aarch64-linux-musleabi-gcc -static' ./Configure no-shared linux-generic64 + make -j4 + echo "[+] Finished building OpenSSL aarch64" +} + +build_nmap_aarch64() { + cd /build/nmap + git clean -fdx + make clean + cd /build/nmap/libz + CC='/opt/cross/aarch64-linux-musleabi/bin/aarch64-linux-musleabi-gcc -static -fPIC' \ + CXX='/opt/cross/aarch64-linux-musleabi/bin/aarch64-linux-musleabi-g++ -static -static-libstdc++ -fPIC' \ + cmake -DBUILD_SHARED_LIBS=OFF -DCMAKE_LINKER=/opt/cross/aarch64-linux-musleabi/bin/aarch64-linux-musleabi-ld . + make zlibstatic + cd /build/nmap + CC='/opt/cross/aarch64-linux-musleabi/bin/aarch64-linux-musleabi-gcc -static -fPIC' \ + CXX='/opt/cross/aarch64-linux-musleabi/bin/aarch64-linux-musleabi-g++ -static -static-libstdc++ -fPIC' \ + CXXFLAGS="-I/build/nmap/libz" \ + LD=/opt/cross/aarch64-linux-musleabi/bin/aarch64-linux-musleabi-ld \ + LDFLAGS="-L/build/openssl -L/build/nmap/libz" \ + ./configure \ + --host=aarch64-none-linux-gnueabi \ + --without-ndiff \ + --without-zenmap \ + --without-nmap-update \ + --without-libssh2 \ + --with-pcap=linux \ + --with-libz=/build/nmap/libz \ + --with-openssl=/build/openssl \ + --with-liblua=included + sed -i -e 's/shared\: /shared\: #/' libpcap/Makefile + sed -i 's|LIBS = |& libz/libz.a |' Makefile + make -j4 + if [ ! -f "/build/nmap/nmap" -o ! -f "/build/nmap/ncat/ncat" -o ! -f "/build/nmap/nping/nping" ];then + echo "[-] Building Nmap armhf failed!" + exit 1 + fi + if [ -f "/build/nmap/nmap" -a -f "/build/nmap/ncat/ncat" -a -f "/build/nmap/nping/nping" ];then + /opt/cross/aarch64-linux-musleabi/bin/aarch64-linux-musleabi-strip nmap ncat/ncat nping/nping + fi +} + +build_aarch64(){ + OUT_DIR_AARCH64=/output/`uname | tr 'A-Z' 'a-z'`/aarch64 + mkdir -p $OUT_DIR_AARCH64 + build_musl_aarch64 + build_openssl_aarch64 + build_nmap_aarch64 + if [ ! -f "/build/nmap/nmap" -o ! -f "/build/nmap/ncat/ncat" -o ! -f "/build/nmap/nping/nping" ];then + echo "[-] Building Nmap aarch64 failed!" + exit 1 + fi + cp /build/nmap/nmap "${OUT_DIR_AARCH64}/nmap-${NMAP_COMMIT}" + cp /build/nmap/ncat/ncat "${OUT_DIR_AARCH64}/ncat-${NMAP_COMMIT}" + cp /build/nmap/nping/nping "${OUT_DIR_AARCH64}/nping-${NMAP_COMMIT}" + echo "[+] Finished building Nmap aarch64" +} + +main() { + if [ ! -d "/output" ];then + echo "[-] /output does not exist, creating it" + mkdir /output + fi + fetch + build_aarch64 +} + +main diff --git a/recipes/nmap/linux_armhf/Dockerfile b/recipes/nmap/linux_armhf/Dockerfile new file mode 100644 index 0000000..2a3103c --- /dev/null +++ b/recipes/nmap/linux_armhf/Dockerfile @@ -0,0 +1,19 @@ +FROM ubuntu:xenial +RUN apt-get update && \ + apt upgrade -yy && \ + apt install -yy \ + automake \ + cmake \ + build-essential \ + checkinstall \ + libgmp-dev \ + libmpfr-dev \ + libmpc-dev \ + wget \ + git \ + pkg-config \ + python +RUN mkdir /build +ADD . /build +RUN chmod +x /build/build_armhf.sh +CMD /build/build_armhf.sh diff --git a/recipes/nmap/linux_armhf/build_armhf.sh b/recipes/nmap/linux_armhf/build_armhf.sh new file mode 100644 index 0000000..49c1b78 --- /dev/null +++ b/recipes/nmap/linux_armhf/build_armhf.sh @@ -0,0 +1,104 @@ +#!/bin/bash +#set -e +set -o pipefail +set -x +NMAP_COMMIT= + +fetch(){ + if [ ! -d "/build/musl" ];then + #git clone https://github.com/GregorR/musl-cross.git /build/musl + git clone https://github.com/takeshixx/musl-cross.git /build/musl + fi + if [ ! -d "/build/openssl" ];then + git clone https://github.com/drwetter/openssl-pm-snapshot.git /build/openssl + fi + if [ ! -d "/build/nmap" ];then + git clone https://github.com/nmap/nmap.git /build/nmap + fi + NMAP_COMMIT=$(cd /build/nmap/ && git rev-parse --short HEAD) +} + +build_musl_armhf() { + cd /build/musl + git clean -fdx + echo "ARCH=arm" >> config.sh + echo "GCC_BUILTIN_PREREQS=yes" >> config.sh + echo "TRIPLE=arm-linux-musleabihf" >> config.sh + echo "GCC_BOOTSTRAP_CONFFLAGS='--with-arch=armv7-a --with-float=hard --with-fpu=vfpv3-d16'" >> config.sh + echo "GCC_CONFFLAGS='--with-arch=armv7-a --with-float=hard --with-fpu=vfpv3-d16'" >> config.sh + ./build.sh + echo "[+] Finished building musl-cross armhf" +} + +build_openssl_armhf() { + cd /build/openssl + git clean -fdx + make clean + CC='/opt/cross/arm-linux-musleabihf/bin/arm-linux-musleabihf-gcc -static' ./Configure no-shared linux-generic32 + make -j4 + echo "[+] Finished building OpenSSL armhf" +} + +build_nmap_armhf() { + cd /build/nmap + git clean -fdx + make clean + cd /build/nmap/libz + CC='/opt/cross/arm-linux-musleabihf/bin/arm-linux-musleabihf-gcc -static -fPIC' \ + CXX='/opt/cross/arm-linux-musleabihf/bin/arm-linux-musleabihf-g++ -static -static-libstdc++ -fPIC' \ + cmake -DBUILD_SHARED_LIBS=OFF -DCMAKE_LINKER=/opt/cross/arm-linux-musleabihf/bin/arm-linux-musleabihf-ld . + make zlibstatic + cd /build/nmap + CC='/opt/cross/arm-linux-musleabihf/bin/arm-linux-musleabihf-gcc -static -fPIC' \ + CXX='/opt/cross/arm-linux-musleabihf/bin/arm-linux-musleabihf-g++ -static -static-libstdc++ -fPIC' \ + CXXFLAGS="-I/build/nmap/libz" \ + LD=/opt/cross/arm-linux-musleabihf/bin/arm-linux-musleabihf-ld \ + LDFLAGS="-L/build/openssl -L/build/nmap/libz" \ + ./configure \ + --host=arm-none-linux-gnueabi \ + --without-ndiff \ + --without-zenmap \ + --without-nmap-update \ + --without-libssh2 \ + --with-pcap=linux \ + --with-libz=/build/nmap/libz \ + --with-openssl=/build/openssl \ + --with-liblua=included + sed -i -e 's/shared\: /shared\: #/' libpcap/Makefile + sed -i 's|LIBS = |& libz/libz.a |' Makefile + make -j4 + if [ ! -f "/build/nmap/nmap" -o ! -f "/build/nmap/ncat/ncat" -o ! -f "/build/nmap/nping/nping" ];then + echo "[-] Building Nmap armhf failed!" + exit 1 + fi + if [ -f "/build/nmap/nmap" -a -f "/build/nmap/ncat/ncat" -a -f "/build/nmap/nping/nping" ];then + /opt/cross/arm-linux-musleabihf/bin/arm-linux-musleabihf-strip nmap ncat/ncat nping/nping + fi +} + +build_armhf(){ + OUT_DIR_ARMHF=/output/`uname | tr 'A-Z' 'a-z'`/armhf + mkdir -p $OUT_DIR_ARMHF + build_musl_armhf + build_openssl_armhf + build_nmap_armhf + if [ ! -f "/build/nmap/nmap" -o ! -f "/build/nmap/ncat/ncat" -o ! -f "/build/nmap/nping/nping" ];then + echo "[-] Building Nmap armhf failed!" + exit 1 + fi + cp /build/nmap/nmap "${OUT_DIR_ARMHF}/nmap-${NMAP_COMMIT}" + cp /build/nmap/ncat/ncat "${OUT_DIR_ARMHF}/ncat-${NMAP_COMMIT}" + cp /build/nmap/nping/nping "${OUT_DIR_ARMHF}/nping-${NMAP_COMMIT}" + echo "[+] Finished building Nmap armhf" +} + +main() { + if [ ! -d "/output" ];then + echo "[-] /output does not exist, creating it" + mkdir /output + fi + fetch + build_armhf +} + +main