search

TheWover / donut

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
BSD 3-Clause "New" or "Revised" License
3.52k stars 626 forks source link

Problem executing Golang binaries #152

Open 0sm1les opened 4 months ago

0sm1les commented 4 months ago

I am testing donut using a simple go program:

package main

import (
    "fmt"
    "os"
)

func main() {
    fmt.Println("test")
    f, err := os.Create("test")
    if err != nil {
        panic(err)
    }
    n, err := f.WriteString("test")
    if err != nil {
        panic(err)
    }
    fmt.Println(n)
    f.Close()
}

go environment

GO111MODULE=''
GOARCH='amd64'
GOBIN=''
GOCACHE='/home/*/.cache/go-build'
GOENV='/home/*/.config/go/env'
GOEXE=''
GOEXPERIMENT=''
GOFLAGS=''
GOHOSTARCH='amd64'
GOHOSTOS='linux'
GOINSECURE=''
GOMODCACHE='/home/*/go/pkg/mod'
GONOPROXY=''
GONOSUMDB=''
GOOS='linux'
GOPATH='/home/*/go'
GOPRIVATE=''
GOPROXY='https://proxy.golang.org,direct'
GOROOT='/usr/local/go'
GOSUMDB='sum.golang.org'
GOTMPDIR=''
GOTOOLCHAIN='auto'
GOTOOLDIR='/usr/local/go/pkg/tool/linux_amd64'
GOVCS=''
GOVERSION='go1.22.2'
GCCGO='gccgo'
GOAMD64='v1'
AR='ar'
CC='gcc'
CXX='g++'
CGO_ENABLED='1'
GOMOD='/dev/null'
GOWORK=''
CGO_CFLAGS='-O2 -g'
CGO_CPPFLAGS=''
CGO_CXXFLAGS='-O2 -g'
CGO_FFLAGS='-O2 -g'
CGO_LDFLAGS='-O2 -g'
PKG_CONFIG='pkg-config'
GOGCCFLAGS='-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -ffile-prefix-map=/tmp/go-build2062461114=/tmp/go-build -gno-record-gcc-switches'

go build command

GOOS=windows GOARCH=amd64 go build test.go

donut building

*@*:~/Desktop/donut$ ./donut -f 6 --input:../test.exe

  [ Donut shellcode generator v1 (built May 18 2024 16:09:18)
  [ Copyright (c) 2019-2021 TheWover, Odzhan

  [ Instance type : Embedded
  [ Module file   : "../test.exe"
  [ Entropy       : Random names + Encryption
  [ File type     : EXE
  [ Target CPU    : x86+amd64
  [ AMSI/WDLP/ETW : continue
  [ PE Headers    : overwrite
  [ Shellcode     : "loader.ps1"
  [ Exit          : Thread

expected behaviour: a named "test" is created containing the content "test".

what actually happens: powershell script hangs for a moment then exits.

additional information: windows defender is disabled

0sm1les commented 4 months ago

I would like to add that I'm using the latest donut version from master branch.

0sm1les commented 4 months ago

I have also tried recreating this example from a previous issue https://github.com/TheWover/donut/issues/9#issue-494343001 and does not seem to be working but works otherwise with rundll32.

I am thinking maybe its something wrong with my build environment? What information should I gather to help diagnose the problem.