What is Crystal?
Could Crystal be the next go-to language for malware development?
Introduction
Most of the programs I write, whether that be malware or a tool, is usually written in Go. However, I recently came across this blog post from RastaMouse about a Crystal, a language I hadn't heard of before. Crystal has some really cool features that make it a prime candidate for writing malware. C-bindings, LLVM, inline assembly, cross-platform, the list of features this language has goes on and on. So lets explore and learn Crystal for malware development.
Getting Started
The obvious first step when starting with a new language, is to do the classic hello world. Crystal is pretty simple.
First you initialize a new Crystal app with the crystal init app
command:
Next, in the generated src
directory, you can print hello world with the following line of code:
Finally you can run this with:
C-Bindings
One of the coolest features of Crystal is its ability for C-Bindings. By using @[Link("dll")]
we can pass a library name to the linker.
Example:
We can than run the above:
Running Assembly From Crystal
Crystal has the capability to run inline assembly with the asm
keyword. An example from the documentation is:
Running this code outputs the following:
Conclusion
In conclusion, I think Crystal will be a very fun language to try and learn and utilize for malware and maybe some cool tools as well. If you want to read more about Crystal, you can find their documentation here.
References
Last updated