lawndoc / jaws Goto Github PK

Jaws is an invisible programming language! Inject invisible code into other languages and files! Created for security research -- see blog post

Home Page: https://www.palehat.net/jaws-research/

License: GNU General Public License v3.0

Makefile 3.14% Lex 1.49% Yacc 20.28% Roff 0.23% C 74.86%

programming-language flex-bison compiler virtual-machine security-research malware-research interpreter interpreted-programming-language polyglot c-programming

jaws's Introduction

Hi, I'm C.J.

I work in InfoSec, but I have broad interests encompassing many areas of IT. Most of my interests are driven by my curiosity and love for programming and automation. Whenever I think of something cool or have an idea to make my life easier, it becomes a project on my GitHub. If you find one of my projects useful, please consider becoming a sponsor so I can dedicate more time to my open source work.

💗 My GitHub Sponsor Page

Here's some information on my projects and contributions:

✨ My top repos: ✨

Connect with me on social media:

PGP Public Key 🔒

jaws's People

Contributors

Stargazers

Watchers

Forkers

simonsan raphaelflipo thebkaviya justinforbes inheritance silocityit rnshah9 mayhemheroes 00mjk

jaws's Issues

Add an extractor to the VM

Add the capability to dump interpreted instructions back into their own file, effectively making an extractor that can pull raw Jaws code out of any type of file.

Header not complex enough

I was trying to concatenate jaws code to the end of an elf binary for a CTF, but I ran into an issue where a false header was being picked up in the binary before it got to the actual jaws code.

To decrease the likelihood of this happening when injecting jaws into various files, I might need to consider making the header more complex/unique. The easiest way would just be to make it reasonably longer with additional spaces and tabs.

Definitely a breaking change, but jaws isn't that popular so it's not a huge deal... I'll be thinking about it.

Create YARA rule for the jaws VM

Create a YARA rule to detect the compiled jaws binary as it would be created by the default Makefile.

Windows network instructions not working

The test program netcon.jaws works when the Jaws vm is built for Linux, but doesn't work on Windows. The Windows implementation uses winsocks2 rather than unix sockets, so the first place to look would be the Windows netcon implementation in runtime.c

The research behind Jaws aims to build awareness that unknown interpreters can be dangerous.

but that would require said VM to be actually installed on the target machine in the first place?

Since Jaws code is composed entirely of whitespace characters, it can easily coexist with other programming languages to create polyglot code.

Since most languages have code formatters and linters, some even auto format on save can it really survive?

then you have whitespace sensitive languages such as Python that casts doubt on this premise?

also note: under emacs one can use the M-x fixup-whitespace