Tags
Author: TMZ - Replies: 0 - Views: 1194
Ezuri: Linux runtime crypter with memfd_create
A small Golang runtime crypter demonstrating memfd_create syscall usage to run ELF executables from memory in Linux. Works on kernel version is >= 3.17 (relies on the memfd_create syscall).

aes.go
[hide]
[code]
package main

import (
"crypto/aes"
"crypto/cipher"
)

func aesEnc(srcBytes []byte, key string, iv string) []byte {
block, err := aes.NewCipher([]byte(key))
check(err)

encrypter := cipher.NewCFBEncrypter(block, []byte(iv))
encrypted := make([]byte, len(srcBytes))