gomium

command

v0.0.0-...-6b6e1e4 Latest Latest Go to latest Published: Feb 8, 2023 License: Apache-2.0 Imports: 21 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/StalkR/misc

Documentation ¶

Overview ¶

golang code execution without imports using only data races

It works on current tip (Go 1.18), regardless of PIE:

$ go version
go version devel go1.18-6178d25fc0 Wed Dec 29 20:20:32 2021 +0000 linux/amd64
$ go run exploit.go
uid=1000(user) gid=1000(user) groups=1000(user)
$ go run -buildmode=pie exploit.go
uid=1000(user) gid=1000(user) groups=1000(user)

As well as old versions:

$ for v in 1.{17..8} 1.7.6 1.6.4 1.5.4; do
    go install golang.org/dl/go${v}@latest >/dev/null 2>&1 || continue
    go$v download >/dev/null 2>&1
    go$v version
    go$v run exploit.go
  done
go version go1.17 linux/amd64
uid=1000(user) gid=1000(user) groups=1000(user)
go version go1.16 linux/amd64
uid=1000(user) gid=1000(user) groups=1000(user)
go version go1.15 linux/amd64
uid=1000(user) gid=1000(user) groups=1000(user)
go version go1.14 linux/amd64
uid=1000(user) gid=1000(user) groups=1000(user)
go version go1.13 linux/amd64
uid=1000(user) gid=1000(user) groups=1000(user)
go version go1.12 linux/amd64
uid=1000(user) gid=1000(user) groups=1000(user)
go version go1.11 linux/amd64
uid=1000(user) gid=1000(user) groups=1000(user)
go version go1.10 linux/amd64
uid=1000(user) gid=1000(user) groups=1000(user)
go version go1.9 linux/amd64
uid=1000(user) gid=1000(user) groups=1000(user)
go version go1.8 linux/amd64
uid=1000(user) gid=1000(user) groups=1000(user)
go version go1.7.6 linux/amd64
uid=1000(user) gid=1000(user) groups=1000(user)
go version go1.6.4 linux/amd64
uid=1000(user) gid=1000(user) groups=1000(user)
go version go1.5.4 linux/amd64
uid=1000(user) gid=1000(user) groups=1000(user)

To test further back we have to compile from source, and also set GOMAXPROCS=2 as the default was 1 before go1.5:

$ ( git clone -b release-branch.go1.4 --depth 1 https://go.googlesource.com/go go1.4
    cd go1.4/src
    ./make.bash )
$ go1.4/bin/go version
go version go1.4-bootstrap-20170531 linux/amd64
$ GOMAXPROCS=2 go1.4/bin/go run exploit.go
uid=1000(user) gid=1000(user) groups=1000(user)

From there, building from a modern system requires small tweaks:

$ ( git clone -b release-branch.go1.3 --depth 1 https://go.googlesource.com/go go1.3
    cd go1.3/src
    CGO_ENABLED=0 CFLAGS='-Wno-implicit-fallthrough -Wno-shift-negative-value' ./make.bash )
$ go1.3/bin/go version
go version go1.3.3 linux/amd64
$ GOMAXPROCS=2 go1.3/bin/go run exploit.go
uid=1000(user) gid=1000(user) groups=1000(user)

$ ( git clone -b release-branch.go1.2 --depth 1 https://go.googlesource.com/go go1.2
    cd go1.2/src
    sed -i 's/-Werror//' make.bash
    sed -i 's/"-Werror",//' cmd/dist/build.c
    CGO_ENABLED=0 ./make.bash )
$ go1.2/bin/go version
go version go1.2.2 linux/amd64
$ GOMAXPROCS=2 go1.2/bin/go run exploit.go
uid=1000(user) gid=1000(user) groups=1000(user)

$ ( git clone -b release-branch.go1.1 --depth 1 https://go.googlesource.com/go go1.1
    cd go1.1/src
    sed -i 's/-Werror//' make.bash
    sed -i 's/"-Werror",//' cmd/dist/build.c
    CGO_ENABLED=0 ./make.bash )
$ go1.1/bin/go version
go version go1.1.2 linux/amd64
$ GOMAXPROCS=2 go1.1/bin/go run exploit.go
uid=1000(user) gid=1000(user) groups=1000(user)

Unfortunately I couldn't get go1 to compile on my system (I'm getting a weird fault), but it probably works as well.

Browser for the Web 3.0.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL