Doesn't work on windows

Question

Doesn't work on windows

bluecanarybe opened this issue 4 years ago · 12 comments

Hi, I've tried embedding an exe file in my go binary, but it doesn't seem to work to execute that exe file in memory. Any advice?

Answer 1 · 2020-11-16T14:23:57.000Z

Hi, unfortunately I don't have a windows machine around.

Anyway what error are you getting?

Answer 2 · 2020-11-16T14:36:14.000Z

I’m trying to execute SharpHound.exe in my go binary using the following code:

First I’ll use go-bindata -o binaries.go binaries to embed SharpHound.exe in my ./binaries folder in my go program.

Then I’ll use following code to execute it:

SharpHound, err := Asset("binaries/SharpHound.exe")
if err != nil {
	return err
}

exe, err := memexec.New(SharpHound)
if err != nil {
	return err
}
defer exe.Close()

cmd := exe.Command() // runs without arguments
cmd.Output()

Am I doing anything wrong?

Answer 3 · 2020-11-16T19:28:17.000Z

b, err := cmd.CombinedOutput()
if err != nil {
	// what's the error value?
}

Answer 4 · 2020-11-19T19:52:26.000Z

Apologies, I'm not sure where the CombinedOutput() should be declared ?

Answer 5 · 2020-11-19T20:44:54.000Z

Just after you initialize cmd := exe.Command()

Answer 6 · 2020-12-20T18:34:42.000Z

b, err := cmd.CombinedOutput()
if err != nil {
	// what's the error value?
}

"C:\Users\ADMINI~1\AppData\Local\Temp\go-memexec-112079703": file does not exist

Answer 7 · 2020-12-20T18:39:11.000Z

so.. memexec is fake?
dump the binary to disk then run it. delete it at last , that's memexec?

Answer 8 · 2020-12-21T07:50:57.000Z

I'm not sure why this happens, unfortunately I don't have a windows machine to check it on.

In essence yes, binary loaders are very complicated pieces of software. This is the most straightforward and safe way to implement one.

Answer 9 · 2021-04-03T16:25:52.000Z

so.. memexec is fake?
dump the binary to disk then run it. delete it at last , that's memexec?

Would you like to change it to this one?
(memexec.go)

before

// New creates new memory execution object that can be
// used for executing commands on a memory based binary.
func New(b []byte) (*Exec, error) {
	f, err := ioutil.TempFile("", "go-memexec-")
	if err != nil {
		return nil, err

after (add exe file extension)

// New creates new memory execution object that can be
// used for executing commands on a memory based binary.
func New(b []byte) (*Exec, error) {
	f, err := ioutil.TempFile("", "go-memexec-*.exe")
	if err != nil {
		return nil, err

Answer 10 · 2021-04-04T10:23:38.000Z

@whoraks can you try the latest master?

Answer 11 · 2021-04-05T02:45:28.000Z

@whoraks can you try the latest master?

Works fine in my environment: WINDOWS 10 Home (20H2) 19042.906

# go get github.com/amenzhinsky/go-memexec@master
go: downloading github.com/amenzhinsky/go-memexec v0.3.1-0.20210404102315-40de27353318
go get: upgraded github.com/amenzhinsky/go-memexec v0.3.0 => v0.3.1-0.20210404102315-40de27353318

Answer 12 · 2021-04-05T13:01:08.000Z

https://github.com/amenzhinsky/go-memexec/releases/tag/v0.4.0