minat sekali: Introduction To Reversing Golang Binaries

Selasa, 25 Agustus 2020

Introduction To Reversing Golang Binaries


Golang binaries are a bit hard to analyze but there are some tricks to locate the things and view what is doing the code.






Is possible to list all the go files compiled in the binary even in an striped binaries, in this case we have only one file gohello.go this is a good clue to guess what is doing the program.


On stripped binaries the runtime functions are not resolved so is more difficult to locate the user algorithms:


If we start from the entry point, we will found this mess:

The golang string initialization are encoded and is not displayed on the strings window.


How to locate main?  if its not stripped just bp on [package name].main for example bp main.main, (you can locate the package-name searching strings with ".main")


And here is our main.main:


The code is:

So in a stripped binary we cant find the string "hello world" neither the initialization 0x1337 nor the comparator 0x1337, all this is obfuscated.

The initialization sequence is:


The procedure for locating main.main in stripped binaries is:
1. Click on the entry point and locate the runtime.mainPC pointer:



2. click on runtime.main function (LAB_0042B030):


3. locate the main.main call after the zero ifs:



4. click on it and here is the main:




The runtime is not obvious for example the fmt.Scanf() call perform several internal calls until reach the syscall, and in a stripped binary there are no function names.



In order to identify the functions one option is compile another binary with symbols and make function fingerprinting.

In Ghidra we have the script golang_renamer.py which is very useful:


After applying this plugin the main looks like more clear:




This script is an example of function fingerprinting, in this case all the opcodes are included on the crc hashing:
# This script fingerprints the functions
#@author: sha0coder
#@category fingerprinting

print "Fingerprinting..."

import zlib


# loop through program functions
function = getFirstFunction()
while function is not None:
name = str(function.getName())
entry = function.getEntryPoint()
body = function.getBody()
addresses = body.getAddresses(True)

if not addresses.hasNext():
# empty function
continue

ins = getInstructionAt(body.getMinAddress())
opcodes = ''
while ins and ins.getMinAddress() <= body.getMaxAddress():
for b in ins.bytes:
opcodes += chr(b & 0xff)
ins = getInstructionAfter(ins)
crchash = zlib.crc32(opcodes) & 0xffffffff

print name, hex(crchash)


function = getFunctionAfter(function)





Read more
  1. Hacking Tools Github
  2. Pentest Tools Download
  3. Tools Used For Hacking
  4. Pentest Tools Open Source
  5. How To Install Pentest Tools In Ubuntu
  6. Hacker Tools Github
  7. World No 1 Hacker Software
  8. Hacker Tools 2019
  9. Pentest Tools Github
  10. Hacking Apps
  11. Pentest Tools Kali Linux
  12. Black Hat Hacker Tools
  13. Underground Hacker Sites
  14. Pentest Tools Download
  15. Pentest Box Tools Download
  16. Blackhat Hacker Tools
  17. Pentest Tools For Android
  18. Blackhat Hacker Tools
  19. Hack Tools Online
  20. Pentest Tools Free
  21. Game Hacking
  22. Pentest Tools Port Scanner
  23. Hacking Tools 2019
  24. Github Hacking Tools
  25. Hack App
  26. Hack Tools Download
  27. Hack Tools For Pc
  28. Growth Hacker Tools
  29. New Hacker Tools
  30. Hack And Tools
  31. Hacking Tools
  32. Pentest Tools Tcp Port Scanner
  33. Hacking Tools For Windows 7
  34. Hacker Tools Windows
  35. Termux Hacking Tools 2019
  36. Hacking Tools 2020
  37. Free Pentest Tools For Windows
  38. Hack Rom Tools
  39. Hacking Apps
  40. Nsa Hack Tools Download
  41. Best Pentesting Tools 2018
  42. Hack Tool Apk
  43. Hack Tool Apk No Root
  44. Pentest Tools Open Source
  45. Best Hacking Tools 2019
  46. Top Pentest Tools
  47. Hacking Tools 2020
  48. Nsa Hacker Tools
  49. Hack Tools Mac
  50. Install Pentest Tools Ubuntu
  51. Hack Tools Download
  52. Kik Hack Tools
  53. Hack Tools
  54. Pentest Tools For Ubuntu
  55. Install Pentest Tools Ubuntu
  56. Hack Tools
  57. Hacking Tools Kit
  58. Pentest Tools Windows
  59. Hack Apps
  60. Tools Used For Hacking
  61. Hacking App
  62. Pentest Tools Review
  63. Hacking Tools For Mac
  64. Pentest Tools Find Subdomains
  65. Hacking Tools For Pc
  66. Pentest Tools For Android
  67. Hacker Tools 2020
  68. Hacking Tools Online
  69. Wifi Hacker Tools For Windows
  70. Hacker Tools For Pc
  71. Pentest Tools Url Fuzzer
  72. Usb Pentest Tools
  73. Growth Hacker Tools
  74. Pentest Tools Port Scanner
  75. Hack App
  76. Pentest Tools Apk
  77. Hacker Hardware Tools
  78. Pentest Automation Tools
  79. Pentest Tools Framework
  80. Hacker Tools For Ios
  81. Hak5 Tools
  82. Hacker Tools Software
  83. Hacking Tools And Software
  84. Hacking Tools For Games
  85. Hacking Tools For Pc
  86. Hack Apps
  87. Pentest Tools Subdomain
  88. Hack Tools Mac
  89. Hacking Tools Download
  90. Pentest Tools Download
  91. Hacker Tools For Pc
  92. Hack And Tools
  93. How To Hack
  94. Hacker Tools 2019
  95. Hack And Tools
  96. Hacking Tools Windows 10
  97. Tools Used For Hacking
  98. Hacking Tools And Software
  99. Pentest Tools Website
  100. Hacker Tools Software
  101. Hacking Tools For Kali Linux
  102. Hacker Tools Free Download
  103. What Are Hacking Tools
  104. How To Hack
  105. Hacker
  106. Hacking Tools Software
  107. Hack Tools For Windows
  108. Hacking Tools Kit
  109. Free Pentest Tools For Windows
  110. Hacking Tools For Windows 7
  111. Pentest Tools Linux
  112. Hacker Tools 2020
  113. Hacking Tools For Games
  114. Nsa Hack Tools
  115. Pentest Tools For Windows
  116. Hacker Tools For Mac
  117. Hacker Techniques Tools And Incident Handling
  118. Pentest Tools Free
  119. Hacking Tools 2020
  120. Tools Used For Hacking
  121. Pentest Tools Find Subdomains
  122. Pentest Recon Tools
  123. Best Pentesting Tools 2018
  124. Pentest Tools Alternative
  125. Hacks And Tools
  126. Hacking Tools For Windows
  127. Pentest Tools Tcp Port Scanner
  128. Hacker Tools Apk Download
  129. Hak5 Tools
  130. Hacker Security Tools
  131. Hak5 Tools
  132. Hacker Tools For Mac
  133. Hacking Tools Windows
  134. Growth Hacker Tools
  135. What Is Hacking Tools
  136. Pentest Reporting Tools
  137. Tools For Hacker
  138. Hack Rom Tools
  139. What Are Hacking Tools
  140. Hacker Search Tools
  141. Growth Hacker Tools
  142. Physical Pentest Tools
  143. Nsa Hack Tools
Diposting oleh di

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)