search

fortra / No-Consolation

A BOF that runs unmanaged PEs inline
https://www.coresecurity.com/core-labs/articles/running-pes-inline-without-console
MIT License
548 stars 64 forks source link

Doesn't work with Go binaries #6

Open tadmiller opened 1 month ago

tadmiller commented 1 month ago

Hi, I'm attempting to use No-Consolation with Go binaries. Unfortunately, any attempt to run them is causing my beacons to crash.

For the purpose of this issue, I compiled a Windows Go binary with the following code:

package main

import (
    "fmt"
)

func main() {
    fmt.Println("Test")
}

Upon executing the binary with No-Consolation, my beacon calls back and then crashes.

[10/16 21:13:12] beacon> noconsolation /files/go-example.exe
[10/16 21:13:57] [+] host called home, sent: 2056363 bytes

Other C/C++ binaries work totally fine for me.

S4ntiagoP commented 4 weeks ago

Hey there, I'll take a look whenever I find some time, but take into account that Go binaries are not officially supported.

tadmiller commented 4 weeks ago

Thank you!