From 0babcb18ff3d3587abe5f33e86590d226f2585b5 Mon Sep 17 00:00:00 2001 From: Ly Tuan Kiet Date: Sat, 5 Jul 2025 05:28:15 +0000 Subject: [PATCH] Enhance Dockerfile.optimized to include binutils for objcopy command and improve UPX compression strategy. Added steps to remove residual padding and compare compression results, ensuring the smallest binary size. --- brute/source/Dockerfile.optimized | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/brute/source/Dockerfile.optimized b/brute/source/Dockerfile.optimized index 2514cce..d98592c 100644 --- a/brute/source/Dockerfile.optimized +++ b/brute/source/Dockerfile.optimized @@ -7,7 +7,8 @@ FROM alpine:latest AS build # musl-dev: C library headers for static linking # linux-headers: Kernel headers for system calls # upx: Ultimate Packer for eXecutables - binary compression tool -RUN apk add --no-cache build-base musl-dev linux-headers upx +# binutils: For objcopy command +RUN apk add --no-cache build-base musl-dev linux-headers upx binutils # Set working directory for all subsequent operations WORKDIR /src @@ -58,10 +59,17 @@ RUN gcc -static -Os -s \ --remove-section=.note.* \ --remove-section=.eh_frame \ bruteforce \ - # UPX compression with maximum settings: - # --lzma: Use LZMA compression algorithm (better ratio than default) - # --ultra-brute: Try all compression methods and use the best result - && upx --lzma --ultra-brute bruteforce + # === Remove residual padding BEFORE compression === \ + && objcopy --pad-to=0 --gap-fill=0 bruteforce bruteforce.pad \ + && mv bruteforce.pad bruteforce \ + # === UPX variant shoot-out: keep smaller of two compressions === \ + && cp bruteforce bruteforce.ultra && upx --ultra-brute bruteforce.ultra \ + && cp bruteforce bruteforce.lzma && upx --lzma --best --no-align bruteforce.lzma \ + && if [ $(stat -c%s bruteforce.ultra) -le $(stat -c%s bruteforce.lzma) ]; then \ + mv bruteforce.ultra bruteforce; rm bruteforce.lzma; \ + else \ + mv bruteforce.lzma bruteforce; rm bruteforce.ultra; \ + fi # Final stage: Start with completely empty image (scratch) # This ensures absolute minimum size - no OS layer at all