Could anyone help me with this? Executing native instructions in GoLang

agolangf · · 610 次点击    
这是一个分享于 的资源,其中的信息可能已经有所发展或是发生改变。
<p>Hi! I was wondering how to execute shellcode with golang. I added a question at stackoverflow <a href="http://stackoverflow.com/questions/30468532/how-can-i-execute-native-instructions-in-golang">http://stackoverflow.com/questions/30468532/how-can-i-execute-native-instructions-in-golang</a> could anyone help me out? Thanks</p> <hr/>**评论:**<br/><br/>xcombelle: <pre><p>answered</p></pre>guitmz: <pre><p>still not working :/</p></pre>bonekeeper: <pre><p>You would have to write the shellcode to a buffer and then use assembly to set EIP/RIP to the beginning of that buffer.</p></pre>guitmz: <pre><p>Yeah but if you check the stackoverflow question, I added 2 test instructions (NOP and RET) and they were executed. Someone was even further and did this: <a href="http://pastebin.com/eHb6zMyD" rel="nofollow">http://pastebin.com/eHb6zMyD</a> which is also working and when I replace the codes with something else, it wont run</p></pre>binaryblade: <pre><p><a href="https://golang.org/pkg/os/exec/" rel="nofollow">this</a> is the package you want if you really NEED to fork out to a shell executable.</p></pre>guitmz: <pre><p>Sorry but that would imply writing a properly formatted file (like ELF on Linux, PE on Windows etc). That&#39;s not my point here. I&#39;m trying to inject bytes into an memory space and execute them directly, there is no physical file in the hard drive.</p></pre>binaryblade: <pre><p>I am trying to think of a scenario where doing that is sensible and I can&#39;t come up with any beyond trying to learn. It sounds like you are trying to jump to and execute a bunch of bytes in memory which is difficult for a whole host of reasons. What is it you are trying to accomplish.</p></pre>guitmz: <pre><p>I&#39;m simply trying to execute a shellcode in GoLang. Like this C code for example: <a href="http://pastebin.com/AnsHdX9w" rel="nofollow">http://pastebin.com/AnsHdX9w</a></p></pre>binaryblade: <pre><p>There are two things you might want to try, the first is the RawSyscall function in the Syscall package used in the same way. The other thing you might want to try is use the unsafe package to convert a pointer to the first element in the slice into a function pointer and execute it in much the same manner that your C code is doing it.</p></pre>guitmz: <pre><p>yeah, check the answer below for more examples</p></pre>akcom: <pre><p>hooking system calls is the first thing that comes to mind. there are any number of usage cases though.</p></pre>guitmz: <pre><p>so here: <a href="https://github.com/debasishm89/C-Codes/blob/master/shellcode-exp.c" rel="nofollow">https://github.com/debasishm89/C-Codes/blob/master/shellcode-exp.c</a> we have a working C example. I did ported it (except the shellcode itself, which im using other - tested and working fine): <a href="http://pastebin.com/mRjGL6G3" rel="nofollow">http://pastebin.com/mRjGL6G3</a></p> <p>is not working either.. i believe is a pretty decent port and it should work but nothing so far.. Windows 8.1 x64</p></pre>

入群交流(和以上内容无关):加入Go大咖交流群,或添加微信:liuxiaoyan-s 备注:入群;或加QQ群:692541889

610 次点击  
加入收藏 微博
暂无回复
添加一条新回复 (您需要 登录 后才能回复 没有账号 ?)
  • 请尽量让自己的回复能够对别人有帮助
  • 支持 Markdown 格式, **粗体**、~~删除线~~、`单行代码`
  • 支持 @ 本站用户;支持表情(输入 : 提示),见 Emoji cheat sheet
  • 图片支持拖拽、截图粘贴等方式上传