Golang binaries are a bit hard to analyze but there are some tricks to locate the things and view what is doing the code.
Is possible to list all the go files compiled in the binary even in an striped binaries, in this case we have only one file gohello.go this is a good clue to guess what is doing the program.
On stripped binaries the runtime functions are not resolved so is more difficult to locate the user algorithms:
If we start from the entry point, we will found this mess:
The golang string initialization are encoded and is not displayed on the strings window.
How to locate main? if its not stripped just bp on [package name].main for example bp main.main, (you can locate the package-name searching strings with ".main")
And here is our main.main:
The code is:
So in a stripped binary we cant find the string "hello world" neither the initialization 0x1337 nor the comparator 0x1337, all this is obfuscated.
The initialization sequence is:
The procedure for locating main.main in stripped binaries is:
1. Click on the entry point and locate the runtime.mainPC pointer:
2. click on runtime.main function (LAB_0042B030):
3. locate the main.main call after the zero ifs:
4. click on it and here is the main:
The runtime is not obvious for example the fmt.Scanf() call perform several internal calls until reach the syscall, and in a stripped binary there are no function names.
In order to identify the functions one option is compile another binary with symbols and make function fingerprinting.
In Ghidra we have the script golang_renamer.py which is very useful:
After applying this plugin the main looks like more clear:
This script is an example of function fingerprinting, in this case all the opcodes are included on the crc hashing:
# This script fingerprints the functions
#@author: sha0coder
#@category fingerprinting
print "Fingerprinting..."
import zlib
# loop through program functions
function = getFirstFunction()
while function is not None:
name = str(function.getName())
entry = function.getEntryPoint()
body = function.getBody()
addresses = body.getAddresses(True)
if not addresses.hasNext():
# empty function
continue
ins = getInstructionAt(body.getMinAddress())
opcodes = ''
while ins and ins.getMinAddress() <= body.getMaxAddress():
for b in ins.bytes:
opcodes += chr(b & 0xff)
ins = getInstructionAfter(ins)
crchash = zlib.crc32(opcodes) & 0xffffffff
print name, hex(crchash)
function = getFunctionAfter(function)
More info
- Pentest Tools Kali Linux
- Hack Tools For Mac
- Hacking Tools For Windows
- Hack Tools
- Pentest Tools Framework
- New Hack Tools
- Pentest Tools Website Vulnerability
- Pentest Tools Port Scanner
- Tools Used For Hacking
- Pentest Reporting Tools
- Hack Tools For Ubuntu
- Hack Rom Tools
- Hacker Tools List
- Pentest Tools Nmap
- Hacking Tools For Pc
- Hack Tools For Mac
- Hacking Tools And Software
- Pentest Tools Url Fuzzer
- What Are Hacking Tools
- Hacker Hardware Tools
- Best Hacking Tools 2020
- Top Pentest Tools
- Kik Hack Tools
- Hacker Tools Software
- Hacks And Tools
- Pentest Tools For Mac
- Pentest Box Tools Download
- Pentest Tools For Android
- Hack Tools For Mac
- Hack Tools Mac
- Hacking Tools Software
- Hacker Tools Software
- Hackrf Tools
- Hacking Tools Usb
- Hacker Search Tools
- Hacker Tools List
- Hacking Tools For Beginners
- Hack Rom Tools
- How To Install Pentest Tools In Ubuntu
- Pentest Tools Review
- Underground Hacker Sites
- Easy Hack Tools
- Hack Tools
- Hack Website Online Tool
- Pentest Tools Open Source
- Hacker Tools List
- Hackers Toolbox
- Beginner Hacker Tools
- Pentest Tools Review
- Hacker Tools Online
- Hacker Tools For Windows
- Hacking Tools Online
- Hacks And Tools
- Usb Pentest Tools
- Hack Apps
- Hack Apps
- Nsa Hack Tools Download
- Hack Tools Download
- Pentest Tools For Mac
- Hacking Tools For Kali Linux
- Pentest Tools List
- Pentest Tools Website Vulnerability
- Hack Rom Tools
- Top Pentest Tools
- Hacker Tools Linux
- Hacker Tools Linux
- Nsa Hacker Tools
- What Is Hacking Tools
- Hacker
- How To Make Hacking Tools
- Hack Tools For Windows
- Hacking Tools Usb
- Hack Rom Tools
- Pentest Box Tools Download
- Pentest Tools Website
- Nsa Hacker Tools
- Hack Website Online Tool
- Black Hat Hacker Tools
- Hacking Tools Windows
- Hack Rom Tools
- Hack Tools Mac
- Tools For Hacker
- Hacking Tools For Games
- Hacker Tools Free
- Hack Tools Download
- Hack Rom Tools
- Hacker
- Hacking Tools For Mac
- How To Hack
- Physical Pentest Tools
- Hack And Tools
- Hacker Tools Free Download
- Growth Hacker Tools
- Install Pentest Tools Ubuntu
- Black Hat Hacker Tools
- Pentest Tools Framework
- Hacking Tools Hardware
- Hacker Tools List
- Pentest Tools List
- Hacker Tools Software
- Hacking Tools Name
- How To Install Pentest Tools In Ubuntu
- Hackrf Tools
- Nsa Hack Tools Download
- Hack Tool Apk
- Beginner Hacker Tools
- Pentest Tools Open Source
- Hacker Tools List
- Pentest Tools Kali Linux
- Hack Tools Pc
- Hackers Toolbox
- Hacking Tools For Kali Linux
- Hacking Tools
- Pentest Automation Tools
- Hacker Tools List
- Hacking Apps
- Pentest Tools Tcp Port Scanner
- Pentest Tools Kali Linux
- Pentest Tools Online
- Hack Tools Github
- Hacking Tools Hardware
- Hacker Tools Software
- Underground Hacker Sites
- Top Pentest Tools
- Hacking Tools Download
- Hacking Apps
- Pentest Tools List
- Pentest Tools Online
- Pentest Tools Review
- Hacking Tools Pc
- Tools 4 Hack
- Hacker Tools Linux
- Hackers Toolbox
- Hacker
- Hacker Tools List
- Tools 4 Hack
- Pentest Tools Tcp Port Scanner
- Hacker Tools Mac
- Hacks And Tools
- Hack Tool Apk No Root
- Best Pentesting Tools 2018
- Hacker Tools Apk
- Growth Hacker Tools
- Hacking Tools Name
- Hacker Tools For Windows
- Computer Hacker
- Pentest Tools Url Fuzzer
- Pentest Tools List
- Ethical Hacker Tools
- Hacking Tools For Windows Free Download
- Hacker Tools For Mac
- Hacker Security Tools
- Hack Tools Online
- Hacking Tools For Windows
- Hack Tools For Pc
- Hack Apps
- Pentest Tools Bluekeep
- Bluetooth Hacking Tools Kali
- Hack Tools For Mac
- Hack Tools For Games
- What Are Hacking Tools
- Hacker Tools Software
- Pentest Tools For Windows
- How To Hack
- Hacking Tools Download
- Hacking Tools 2019
- Bluetooth Hacking Tools Kali
- Hackrf Tools
- Tools 4 Hack
No comments:
Post a Comment