example of using dlopen and dlsym to dynamically resolve call to `puts`. String reference to `puts` is also obfuscated.

dynamic_loading.c

// how to compile: gcc dynamic_loading.c -o dynamic_loading -ldl
#include <stdlib.h>
#include <stdio.h>
#include <dlfcn.h>
#include <string.h>
 
int main(int argc, char **argv) {
    void *handle;
    void (*go)(char *);
 
    // get a handle to the library that contains 'puts' function
    handle = dlopen ("/lib/x86_64-linux-gnu/libc.so.6", RTLD_LAZY);
 
    // each character in 'otsr' plus 1 in ascii is 'puts'
    char *encoded = "otsr";
    int encoded_length = strlen(encoded);
    char *decoded = (char*)malloc((encoded_length+1) * sizeof(char));
    for (int i = 0; i < encoded_length; i++){
        decoded[i] = encoded[i]+1;
    }
    *decoded += '\0';
 
    // reference to the dynamically-resolved function 'puts'
    go = dlsym(handle, decoded);
 
    go("hi"); // == puts("hi");
 
    // cleanup
    free(decoded);
    dlclose(handle);
}

Why not just dlsym(handle, "puts");??

It is to also obfuscate string reference to "puts". Otherwise, the string "puts" can easily be uncovered by the strings utility since it will simply be placed in the .data section of the executable binary.

why can't i pass the paramter to cgo so file...

#cgo LDFLAGS: -ldl
#include <stdio.h>
#include <stdlib.h>
#include <dlfcn.h>
#include <string.h>

static void cmd_read(const char *c) {
    void (*fn)(char *);
	void *h;

	h = dlopen("./cgo_cmd.so", RTLD_LAZY);
    if (!h) {
        fprintf(stderr, "Error: %s\n", dlerror());
        return;
    }

    fn = dlsym(h, "ReadFromCMD");

    fn(c);
    dlclose(h);
}