├── images ├── atexe.png ├── bashexe.png ├── err.png ├── gtfo.png └── logo.png ├── main.go └── readme.md /images/atexe.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mzfr/go-gtfo/5439ad0a215eaa0e5690dba0418e5429f9ff7256/images/atexe.png -------------------------------------------------------------------------------- /images/bashexe.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mzfr/go-gtfo/5439ad0a215eaa0e5690dba0418e5429f9ff7256/images/bashexe.png -------------------------------------------------------------------------------- /images/err.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mzfr/go-gtfo/5439ad0a215eaa0e5690dba0418e5429f9ff7256/images/err.png -------------------------------------------------------------------------------- /images/gtfo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mzfr/go-gtfo/5439ad0a215eaa0e5690dba0418e5429f9ff7256/images/gtfo.png -------------------------------------------------------------------------------- /images/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mzfr/go-gtfo/5439ad0a215eaa0e5690dba0418e5429f9ff7256/images/logo.png -------------------------------------------------------------------------------- /main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "flag" 5 | "fmt" 6 | "io/ioutil" 7 | "log" 8 | "net/http" 9 | "os" 10 | "strings" 11 | 12 | "github.com/PuerkitoBio/goquery" 13 | "github.com/common-nighthawk/go-figure" 14 | "github.com/fatih/color" 15 | "gopkg.in/yaml.v2" 16 | ) 17 | 18 | //TODO: Lot of code is repeating. Need to figure it out. 19 | var rawBinURL = "https://raw.githubusercontent.com/GTFOBins/GTFOBins.github.io/master/_gtfobins/%s.md" 20 | var rawExeURL = "https://raw.githubusercontent.com/LOLBAS-Project/LOLBAS-Project.github.io/master/_lolbas/%s.md" 21 | 22 | func init() { 23 | flag.Usage = func() { 24 | h := []string{ 25 | "Search gtfobin from terminal", 26 | "", 27 | "Options:", 28 | " -b, --bin Search Linux binaries on gtfobins", 29 | " -e, --exe Search Windows exe on lolbas", 30 | "", 31 | } 32 | 33 | fmt.Fprintf(os.Stderr, strings.Join(h, "\n")) 34 | } 35 | } 36 | 37 | // Function to get the gtfobins yaml file and parse it 38 | // for proper displaying on the screen 39 | func gtfobins(binary string) { 40 | config := make(map[interface{}]interface{}) 41 | 42 | // Format the URL and send the get request. 43 | binaryURL := fmt.Sprintf(rawBinURL, binary) 44 | 45 | req, err := http.Get(binaryURL) 46 | if err != nil { 47 | fmt.Fprintf(os.Stderr, "failed to create request: %s\n", err) 48 | return 49 | } 50 | 51 | defer req.Body.Close() 52 | 53 | // Just incase someone entered some random name 54 | if req.StatusCode == 404 { 55 | color.Red("[!] Binary not found on GTFObins") 56 | return 57 | } 58 | 59 | body, err := ioutil.ReadAll(req.Body) 60 | if err != nil { 61 | return 62 | } 63 | if err = yaml.Unmarshal(body, &config); err != nil { 64 | fmt.Println(err) 65 | } 66 | 67 | yellow := color.New(color.FgYellow) 68 | boldYellow := yellow.Add(color.Bold) 69 | green := color.New(color.FgGreen).SprintFunc() 70 | magenta := color.New(color.FgHiMagenta).SprintFunc() 71 | 72 | // This is a weird for loop to get out the required 73 | // values out of the map[interface{}]interface{} 74 | for _, key := range config { 75 | // Use switch case because some have direct strings 76 | // and some yamls have more information. 77 | switch key.(type) { 78 | case map[interface{}]interface{}: 79 | for k, v := range key.(map[interface{}]interface{}) { 80 | details := v.([]interface{})[0].(map[interface{}]interface{}) 81 | 82 | // This is so that all the code section start from the same point. 83 | code := strings.ReplaceAll(fmt.Sprintf("%v", details["code"]), "\n", "\n\t") 84 | 85 | // Just formatting and printing. 86 | if details["description"] != nil { 87 | boldYellow.Println("\n# ", details["description"]) 88 | } 89 | fmt.Printf("Code:\t%v \n", green(code)) 90 | fmt.Printf("Type:\t%v\n", magenta(k)) 91 | fmt.Println() 92 | } 93 | case string: 94 | boldYellow.Println("\n# ", key) 95 | 96 | } 97 | 98 | } 99 | } 100 | 101 | func lolbas(exe string) { 102 | config := make(map[interface{}]interface{}) 103 | exeMap := make(map[string]string) 104 | 105 | doc, err := goquery.NewDocument("https://lolbas-project.github.io/") 106 | if err != nil { 107 | log.Fatal(err) 108 | } 109 | 110 | doc.Find(".bin-name").Each(func(index int, item *goquery.Selection) { 111 | href, _ := item.Attr("href") 112 | exeMap[item.Text()] = href[8 : len(href)-1] 113 | }) 114 | 115 | // TODO: ignore case 116 | if val, ok := exeMap[exe]; ok { 117 | 118 | exeURL := fmt.Sprintf(rawExeURL, val) 119 | 120 | req, err := http.Get(exeURL) 121 | if err != nil { 122 | fmt.Fprintf(os.Stderr, "failed to create request: %s\n", err) 123 | return 124 | } 125 | 126 | defer req.Body.Close() 127 | 128 | // Just incase someone entered some random name 129 | if req.StatusCode == 404 { 130 | color.Red("[!] Exe not found on Lolbas") 131 | return 132 | } 133 | 134 | body, err := ioutil.ReadAll(req.Body) 135 | if err != nil { 136 | return 137 | } 138 | 139 | if err = yaml.Unmarshal(body, &config); err != nil { 140 | fmt.Println(err) 141 | } 142 | // fmt.Println(reflect.TypeOf(config["Commands"])) 143 | 144 | yellow := color.New(color.FgYellow) 145 | boldYellow := yellow.Add(color.Bold) 146 | green := color.New(color.FgGreen).SprintFunc() 147 | magenta := color.New(color.FgHiMagenta).SprintFunc() 148 | 149 | for _, key := range config["Commands"].([]interface{}) { 150 | details := key.(map[interface{}]interface{}) 151 | boldYellow.Println("\n# ", details["Description"]) 152 | fmt.Printf("CMD:\t\t%v \n", green(details["Command"])) 153 | fmt.Printf("Category:\t%v\n", magenta(details["Category"])) 154 | fmt.Printf("Privileges:\t%v\n", magenta(details["Privileges"])) 155 | fmt.Println() 156 | } 157 | } 158 | } 159 | 160 | func main() { 161 | var bin string 162 | flag.StringVar(&bin, "bin", "", "") 163 | flag.StringVar(&bin, "b", "", "") 164 | 165 | var exe string 166 | flag.StringVar(&exe, "exe", "", "") 167 | flag.StringVar(&exe, "e", "", "") 168 | 169 | flag.Parse() 170 | myFigure := figure.NewColorFigure("# gtfo", "big", "green", true) 171 | myFigure.Print() 172 | 173 | if bin != "" { 174 | gtfobins(bin) 175 | } else if exe != "" { 176 | lolbas(exe) 177 | } 178 | } 179 | -------------------------------------------------------------------------------- /readme.md: -------------------------------------------------------------------------------- 1 | [![License: GPL v3](https://img.shields.io/badge/License-GPLv3-blue.svg)](https://www.gnu.org/licenses/gpl-3.0) 2 | 3 | 4 |

5 |
6 | gtfo 7 |
8 |

9 | 10 | Reimplementation of my tool [gtfo](https://github.com/mzfr/gtfo) in Go. 11 | 12 | I'm mostly doing this as a means of learning Go as it seemed like a nice first project to start with. Also, it's much easier to make binaries from Go scripts. 13 | 14 | 15 | ## Gallery 16 | 17 | * `gtfo -b nmap` 18 | 19 | ![](images/gtfo.png) 20 | 21 | * `gtfo -e At.exe` 22 | 23 | ![](images/atexe.png) 24 | 25 | * `gtfo -e Bash.exe` 26 | 27 | ![](images/bashexe.png) 28 | 29 | * `gtfo -b randomnamehere` 30 | 31 | ![](images/err.png) 32 | 33 | ## Usage 34 | 35 | 36 | ``` 37 | Search gtfobin and lolbas from terminal 38 | 39 | Options: 40 | -b, --bin Search Linux binaries on gtfobins 41 | -e, --exe Search Windows exe on gtfobins 42 | ``` 43 | 44 | ## Installation 45 | 46 | You can download the pre-compiled binary from [here](https://github.com/mzfr/go-gtfo/releases) 47 | 48 | If you want to make changes to the code and then compile the binary you can clone this repo and then run: 49 | 50 | ``` 51 | go build 52 | ``` 53 | 54 | Also, you can run the following command to install it directly: 55 | 56 | ``` 57 | go get github.com/mzfr/go-gtfo 58 | ``` 59 | 60 | If you want to run this locally then do the following: 61 | 62 | 1) Clone this repo: `git clone https://github.com/mzfr/go-gtfo` 63 | 2) run: `go run main.go -b ` 64 | 65 | __Note__: Make sure you have go installed. 66 | 67 | ## Support 68 | 69 | If you'd like you can buy me some coffee: 70 | 71 | Buy Me A Coffee 72 | --------------------------------------------------------------------------------