https://github.com/liamg/memit
:no_entry_sign::floppy_disk: Run binaries straight from memory in Linux
https://github.com/liamg/memit
fileless fileless-attack memfd shenanigans
Last synced: about 1 year ago
JSON representation
:no_entry_sign::floppy_disk: Run binaries straight from memory in Linux
- Host: GitHub
- URL: https://github.com/liamg/memit
- Owner: liamg
- License: unlicense
- Created: 2021-11-16T12:25:38.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2023-04-17T19:13:06.000Z (about 3 years ago)
- Last Synced: 2025-03-31T10:09:00.010Z (about 1 year ago)
- Topics: fileless, fileless-attack, memfd, shenanigans
- Language: Go
- Homepage:
- Size: 149 KB
- Stars: 315
- Watchers: 9
- Forks: 33
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Memit
Execute a binary from memory, without touching the disk. Linux only.
Available as both a Go module and a binary.
## Using the Go module
The `Command()` method takes an `io.Reader`, so you can use it with things like an HTTP response body, a `bytes.Buffer`, etc.
It provides an `*exec.Cmd` (via `memit.Command(...)`) so you can wire up stdin/out and configure other parameters just like you would with a regular command.
```go
package main
import "github.com/liamg/memit"
func main() {
resp, _ := http.Get("https://.../mybinary")
cmd, _, _ := memit.Command(resp.Body, "--args", "--go", "--here")
cmd.Stderr = os.Stderr
cmd.Stdin = os.Stdin
cmd.Stdout = os.Stdout
_ = cmd.Run()
}
```
## Using the binary
Grab the [latest release](https://github.com/liamg/memit/releases/latest) and run it like this:
```bash
memit https://.../mybinary -- # args for the actual binary can be put after the --
```