<p>Hi! I was wondering how to execute shellcode with golang. I added a question at stackoverflow <a href="http://stackoverflow.com/questions/30468532/how-can-i-execute-native-instructions-in-golang">http://stackoverflow.com/questions/30468532/how-can-i-execute-native-instructions-in-golang</a> could anyone help me out? Thanks</p>
<hr/>**评论:**<br/><br/>xcombelle: <pre><p>answered</p></pre>guitmz: <pre><p>still not working :/</p></pre>bonekeeper: <pre><p>You would have to write the shellcode to a buffer and then use assembly to set EIP/RIP to the beginning of that buffer.</p></pre>guitmz: <pre><p>Yeah but if you check the stackoverflow question, I added 2 test instructions (NOP and RET) and they were executed. Someone was even further and did this: <a href="http://pastebin.com/eHb6zMyD" rel="nofollow">http://pastebin.com/eHb6zMyD</a> which is also working and when I replace the codes with something else, it wont run</p></pre>binaryblade: <pre><p><a href="https://golang.org/pkg/os/exec/" rel="nofollow">this</a> is the package you want if you really NEED to fork out to a shell executable.</p></pre>guitmz: <pre><p>Sorry but that would imply writing a properly formatted file (like ELF on Linux, PE on Windows etc). That's not my point here. I'm trying to inject bytes into an memory space and execute them directly, there is no physical file in the hard drive.</p></pre>binaryblade: <pre><p>I am trying to think of a scenario where doing that is sensible and I can't come up with any beyond trying to learn. It sounds like you are trying to jump to and execute a bunch of bytes in memory which is difficult for a whole host of reasons. What is it you are trying to accomplish.</p></pre>guitmz: <pre><p>I'm simply trying to execute a shellcode in GoLang. Like this C code for example: <a href="http://pastebin.com/AnsHdX9w" rel="nofollow">http://pastebin.com/AnsHdX9w</a></p></pre>binaryblade: <pre><p>There are two things you might want to try, the first is the RawSyscall function in the Syscall package used in the same way. The other thing you might want to try is use the unsafe package to convert a pointer to the first element in the slice into a function pointer and execute it in much the same manner that your C code is doing it.</p></pre>guitmz: <pre><p>yeah, check the answer below for more examples</p></pre>akcom: <pre><p>hooking system calls is the first thing that comes to mind. there are any number of usage cases though.</p></pre>guitmz: <pre><p>so here: <a href="https://github.com/debasishm89/C-Codes/blob/master/shellcode-exp.c" rel="nofollow">https://github.com/debasishm89/C-Codes/blob/master/shellcode-exp.c</a> we have a working C example. I did ported it (except the shellcode itself, which im using other - tested and working fine): <a href="http://pastebin.com/mRjGL6G3" rel="nofollow">http://pastebin.com/mRjGL6G3</a></p>
<p>is not working either.. i believe is a pretty decent port and it should work but nothing so far.. Windows 8.1 x64</p></pre>
