Introduction
Creating Reverse Shells and bypassing Anti-Virus (AV) with Golang. Using Golang in security has become very popular over the last few years. In this article, I want to cover several existing Golang scripts that you can use to create Reverse Shells and possibly even bypass Anti-Virus. We will start our journey looking at a one-line reverse shell in Go, and then cover a couple apps that can generate multiple different shells. This article isn’t about writing custom Go scripts or post exploit - what to do after you get a remote shell. It is simply a quick and dirty overview of some existing Go shellcode for Pentesters and Red Teams.
Swissky’s one-line Go shell is up first. This one-line reverse shell works great against Linux based targets. Next, we will look at Girsh, a menu driven script that can create multiple different reverse shells for both Linux and Windows. Lastly, we will look at Go-Shellcode, a very good Go reverse shell that, at last testing and with the right payload, still bypasses most common Windows antivirus products.
As always, this article is for educational & informational purposes only.
Never try to access systems without permission.
I used two Kali Linux VMs for this article, one a target and the other an attack system. Golang was already installed on the attacking system. I also used a Windows 11 system and a Windows Server 2022 (not shown) for testing the Go-Shellcode Early Bird code.
Swissky Repo – Payload All....>
Author
- Daniel W. Dieterle, aka “CyberArms”, has been in the computer industry for over twenty years, and currently is a Security Author, Researcher & Consultant. He is an Internationally Published Author that just released his eighth book, “Security Testing with Raspberry Pi, Second Edition”. He is also working on his next book, a complete overhaul of his original, “Basic Security Testing with Kali Linux” which will be available next year. Daniel runs two tech blogs - https://www.cyberarms.wordpress.com & https://www.DanTheIOTMan.com, and is very active as a mentor, helping those new to the security field. More information on his books can be found on his Amazon Author Page - https://www.amazon.com/stores/Daniel-W.-Dieterle/author/B00M8YU0YM
- OfficialMarch 8, 2023Getting Offensive with Go
- OfficialFebruary 14, 2023Weaponizing Raspberry Pi with The PenTesters Framework