Skip to content
/ GoBofRunner Public

A standalone/cmdline BOF runner implemented in pure Go and CGO.

15 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

parzel/GoBofRunner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
bof
bof
 
 
helper
helper
 
 
screenshots
screenshots
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

Go BOF Runner

A standalone/cmdline BOF runner implemented in pure Go and CGO.

Background

This is a stitched together project of the GoCoffLoader by latortuga71, the BOF compatibility layer from trustedsec's COFFLoader and the BOF packer of sliver. The code is not using any Windows APIs but indirect syscalls via Acheron.

In the code I how you can link back the callbacks from the BOF to your Go implant but I only implemented this for BeaconOutput and BeaconPrintf as this is only a small PoC. There are probably smarter ways how to integrate the Beacon functions during relocation but this was the quickest way I could imagine.

This code is not field-tested and probably buggy, so be aware :)

Usage

.\bof_loader.exe CS-Situational-Awareness-BOF\SA\probe\probe.x64.o string:192.168.56.1 int:8000

Compile

CGO_ENABLED=1 GOOS=windows GOARCH=amd64 CC=x86_64-w64-mingw32-gcc go build

Credits

GOCoffLoader by latortuga71
COFFLoader by trustedsec
sliver by BishopFox
Acheron by f1zm0

Other Projects

Go Sleep / Heap Encryption

About

A standalone/cmdline BOF runner implemented in pure Go and CGO.

Resources

Readme
Activity

Stars

15 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages