New blog design, new post.
Today I will show how GoLang interacts with PE files in a generic example. You could look further into the native module here or even check its source code here. I do recommend reading it, I am using some bits of code extracted directly from the module source.
Here you go.
package main import ( "fmt" "debug/pe" "os" "io" "encoding/binary" ) func check(e error) { if e !
So I decided to port my Linux.Liora (https://github.com/guitmz/go-liora) Go infector to Win32 and it worked great. Minor tweaks were needed in the code, you can run a diff between both and check it out.
EDIT: Fixed the PE verification routine, it checks for a proper PE file now. Thanks hh86!
Virus source:
/* * Win32.Liora.B - This is a POC PE prepender written in Go by TMZ (2015). * * Win32.
Today I’m going to share a way to call APIs without DLLImport. I’ve first saw this years ago at OpenSC.ws as far as I remember and got into the idea. The code was lost since then but I found a copy.
Program.cs
using System; using System.Reflection; namespace APICaller { class Program { ``` public static void Main(string[] args) { Console.Title = "Dynamic API Caller"; Console.WriteLine("Press any key to call your API!