free
hit counters

Now I will show how GoLang interacts with ELF files in a generic example. You could look further into the native module here. I do recommend reading it, I am using some bits of code extracted directly from the module source. It is basically the same idea as the PE, similar module. You can extend it depending on your needs. Here you go. package main import ( "fmt" "io" "os" "debug/elf" ) func check(e error) { if e != nil { panic(e) } } func ioReader(file string) io.ReaderAt { r, err := os.Open(file) check(err) return r } func main() { if len(os.…

New blog design, new post. Today I will show how GoLang interacts with PE files in a generic example. You could look further into the native module here or even check its source code here. I do recommend reading it, I am using some bits of code extracted directly from the module source. Here you go. package main import ( "fmt" "debug/pe" "os" "io" "encoding/binary" ) func check(e error) { if e != nil { panic(e) } } func ioReader(file string) io.ReaderAt { r, err := os.Open(file) check(err) return r } func main() { if len(os.Args) Compile with: go build…

So I decided to port my Linux.Liora Go infector to Win32 and it worked great. Minor tweaks were needed in the code, you can run a diff between both and check it out. EDIT: Fixed the PE verification routine, it checks for a proper PE file now. Thanks hh86! Virus source: /* * Win32.Liora.B - This is a POC PE prepender written in Go by TMZ (2015). * * Win32.Liora.B (May 2015) - Simple binary infector in GoLang (prepender). * This version encrypts the host code with AES and decrypts it at runtime. * It's almost a direct port from my…

So this guy asks me in a job interview last week "Have you ever developed in Go?" and well what's best to learn a language than writting a prepender (probably a lot of things but don't kill my thrill)? There you have it, the probably first ever binary infector written in GoLang (SPTH LIP page "outdately" confirms that). Basically a port from my Linux.Zariche 'cause my life is in a hurry. I need some time in now to improve those beauties. Here's the virus source code: /* * Linux.Liora - This is a POC ELF prepender written in Go by…

Today I'm going to share a way to call APIs without DLLImport. I've first saw this years ago at OpenSC.ws as far as I remember and got into the idea. The code was lost since then but I found a copy. Program.cs using System; using System.Reflection; namespace APICaller { class Program { public static void Main(string[] args) { Console.Title = "Dynamic API Caller"; Console.WriteLine("Press any key to call your API!"); Console.ReadKey(true); string className = MethodBase.GetCurrentMethod().DeclaringType.Name; //getting our current class name string asmName = Assembly.GetExecutingAssembly().FullName; //getting our current assembly name string methodName = MethodBase.…