golang生成一个dll供rundll32.exe调用

背景:

项目用例需要覆盖场景:window rundll32.exe 调用dll并写一段内容到磁盘, 开始使用msf生成,会被安全软件拦截,索性用go 写一个
代码如下:

package main

import "C"

import (
	"fmt"
	"os/exec"
	"unsafe"
)

//export MyDllEntryPoint
func MyDllEntryPoint(hwnd int, hinst int, cmdLine *uint16, cmdShow int) int {
	cmdline := C.GoString((*C.char)(unsafe.Pointer(cmdLine)))
	command := fmt.Sprintf("cmd.exe /c echo rundll32>%s", cmdline)
	cmd := exec.Command("cmd.exe", "/c", command)
	err := cmd.Run()
	if err != nil {
		return 0
	}

	// Return a value to the caller
	return 0
}

func main() {
	// The main function is required, but it can be empty
}

然后编译为dll

go build -ldflags "-s -w" -buildmode=c-shared -o payload.dll

命令行调用时直接传入要写入的路径如d:\4.txt

C:\Users\yeping01>rundll32.exe D:\code\go_project\src\dll\payload.dll,MyDllEntryPoint d:\\4.txt

执行完后会在d:\4.txt内写入了"rundll32"