book

Black Hat Go

by Tom Steele, Chris Patten, Dan Kottmann

January 2020

Intermediate to advanced

368 pages

9h 46m

English

No Starch Press

Read now

Unlock full access

Who This Book Is ForWhat This Book Isn’tWhy Use Go for Hacking?Why You Might Not Love GoChapter Overview
Setting Up a Development EnvironmentUnderstanding Go SyntaxSummary

Understanding the TCP HandshakeBypassing Firewalls with Port ForwardingWriting a TCP ScannerBuilding a TCP ProxySummary
HTTP Fundamentals with GoBuilding an HTTP Client That Interacts with ShodanInteracting with MetasploitParsing Document Metadata with Bing ScrapingSummary
HTTP Server BasicsCredential HarvestingKeylogging with the WebSocket APIMultiplexing Command-and-ControlSummary
Writing DNS ClientsWriting DNS ServersSummary
The SMB PackageUnderstanding SMBGuessing Passwords with SMBReusing Passwords with the Pass-the-Hash TechniqueRecovering NTLM PasswordsSummary
Setting Up Databases with DockerConnecting and Querying Databases in GoBuilding a Database MinerPillaging a FilesystemSummary
Setting Up Your EnvironmentIdentifying Devices by Using the pcap SubpackageLive Capturing and Filtering ResultsSniffing and Displaying Cleartext User CredentialsPort Scanning Through SYN-flood ProtectionsSummary
Creating a FuzzerPorting Exploits to GoCreating Shellcode in GoSummary
Using Go’s Native Plug-in SystemBuilding Plug-ins in LuaSummary
Reviewing Basic Cryptography ConceptsUnderstanding the Standard Crypto LibraryExploring HashingAuthenticating MessagesEncrypting DataBrute-Forcing RC2Summary
The Windows API’s OpenProcess() FunctionThe unsafe.Pointer and uintptr TypesPerforming Process Injection with the syscall PackageThe Portable Executable FileUsing C with GoSummary
Exploring the PNG FormatReading Image Byte DataWriting Image Byte Data to Implant a PayloadEncoding and Decoding Image Byte Data by Using XORSummaryAdditional Exercises
Getting StartedDefining and Building the gRPC APICreating the ServerCreating the Client ImplantBuilding the Admin ComponentRunning the RATImproving the RATSummary

Content preview from Black Hat Go

12WINDOWS SYSTEM INTERACTION AND ANALYSIS

There are countless ways of developing Microsoft Windows attacks—too many to cover in this chapter. Instead of discussing them all, we’ll introduce and investigate a few techniques that can help you attack Windows, whether initially or during your post-exploitation adventures.

After discussing the Microsoft API documentation and some safety concerns, we’ll cover three topics. First, we’ll use Go’s core syscall package to interact with various system-level Windows APIs by performing a process injection. Second, we’ll explore Go’s core package for the Windows Portable Executable (PE) format and write a PE ...