Saturday, June 3, 2023

Introduction To Reversing Golang Binaries


Golang binaries are a bit hard to analyze but there are some tricks to locate the things and view what is doing the code.






Is possible to list all the go files compiled in the binary even in an striped binaries, in this case we have only one file gohello.go this is a good clue to guess what is doing the program.


On stripped binaries the runtime functions are not resolved so is more difficult to locate the user algorithms:


If we start from the entry point, we will found this mess:

The golang string initialization are encoded and is not displayed on the strings window.


How to locate main?  if its not stripped just bp on [package name].main for example bp main.main, (you can locate the package-name searching strings with ".main")


And here is our main.main:


The code is:

So in a stripped binary we cant find the string "hello world" neither the initialization 0x1337 nor the comparator 0x1337, all this is obfuscated.

The initialization sequence is:


The procedure for locating main.main in stripped binaries is:
1. Click on the entry point and locate the runtime.mainPC pointer:



2. click on runtime.main function (LAB_0042B030):


3. locate the main.main call after the zero ifs:



4. click on it and here is the main:




The runtime is not obvious for example the fmt.Scanf() call perform several internal calls until reach the syscall, and in a stripped binary there are no function names.



In order to identify the functions one option is compile another binary with symbols and make function fingerprinting.

In Ghidra we have the script golang_renamer.py which is very useful:


After applying this plugin the main looks like more clear:




This script is an example of function fingerprinting, in this case all the opcodes are included on the crc hashing:
# This script fingerprints the functions
#@author: sha0coder
#@category fingerprinting

print "Fingerprinting..."

import zlib


# loop through program functions
function = getFirstFunction()
while function is not None:
name = str(function.getName())
entry = function.getEntryPoint()
body = function.getBody()
addresses = body.getAddresses(True)

if not addresses.hasNext():
# empty function
continue

ins = getInstructionAt(body.getMinAddress())
opcodes = ''
while ins and ins.getMinAddress() <= body.getMaxAddress():
for b in ins.bytes:
opcodes += chr(b & 0xff)
ins = getInstructionAfter(ins)
crchash = zlib.crc32(opcodes) & 0xffffffff

print name, hex(crchash)


function = getFunctionAfter(function)





Continue reading
  1. Pentest Tools Android
  2. Hacking Tools For Windows 7
  3. Pentest Tools For Windows
  4. Growth Hacker Tools
  5. Hacker Tools Linux
  6. Hacking Tools Free Download
  7. Pentest Tools Subdomain
  8. Pentest Tools Website
  9. Hacking Tools For Windows
  10. Hacker Tools List
  11. Hacking Tools For Beginners
  12. Pentest Tools Download
  13. Best Hacking Tools 2020
  14. Hacker Security Tools
  15. Hacking Tools Software
  16. Pentest Tools Tcp Port Scanner
  17. Hacking Tools Online
  18. Hacker Tools Software
  19. Hacker Tools Free
  20. Hackrf Tools
  21. Pentest Tools Online
  22. Hacking Tools Windows
  23. Hack Tools Mac
  24. Hacker Tools For Windows
  25. Hak5 Tools
  26. Pentest Tools Github
  27. Hacker Tools For Ios
  28. Pentest Tools For Ubuntu
  29. Pentest Tools Kali Linux
  30. New Hacker Tools
  31. Hack Apps
  32. Hacker Tools Github
  33. Underground Hacker Sites
  34. Hacker Tools 2020
  35. Hacker Tools Software
  36. Hack Tools Mac
  37. Physical Pentest Tools
  38. Hack Website Online Tool
  39. Pentest Tools Linux
  40. Hacking Tools
  41. Hacker Tools Github
  42. Hacking Tools For Windows Free Download
  43. Easy Hack Tools
  44. Hacking Tools And Software
  45. Hacker Tools Free Download
  46. New Hack Tools
  47. Pentest Tools Open Source
  48. Pentest Tools Find Subdomains
  49. Hacker Techniques Tools And Incident Handling
  50. Blackhat Hacker Tools
  51. Install Pentest Tools Ubuntu
  52. How To Hack
  53. Hacking Tools Free Download
  54. Hacker Search Tools
  55. Github Hacking Tools
  56. Pentest Tools Tcp Port Scanner
  57. Hack Apps
  58. How To Install Pentest Tools In Ubuntu
  59. Hacking Tools For Games
  60. Top Pentest Tools
  61. Hacking Tools Software
  62. Pentest Tools Free
  63. Hacker Tools Linux
  64. Pentest Tools Free
  65. Pentest Tools Subdomain
  66. Hacking Tools Windows
  67. Growth Hacker Tools
  68. Pentest Tools Free
  69. Hack Tools Github
  70. Android Hack Tools Github
  71. Hacker Tools For Mac
  72. Pentest Tools Website
  73. Hacking Tools Hardware
  74. Hackrf Tools
  75. Pentest Tools Framework
  76. Hack Tools For Pc
  77. Hacker Tools Mac
  78. Tools For Hacker
  79. Termux Hacking Tools 2019
  80. Hacking Tools Download
  81. Hacking Tools Pc
  82. Hacker Tools Linux
  83. Hack Tools For Games
  84. Pentest Tools List
  85. World No 1 Hacker Software
  86. Hacker Security Tools
  87. New Hack Tools
  88. Github Hacking Tools
  89. Hacker Tools Online
  90. Hacker Tools Apk
  91. Pentest Reporting Tools
  92. Hack Tools For Games
  93. Hack Website Online Tool
  94. Hacker Security Tools
  95. Hacking Tools Name
  96. Hack App
  97. Pentest Tools Online
  98. Hacking Tools Mac
  99. What Is Hacking Tools
  100. Pentest Tools Free
  101. Growth Hacker Tools
  102. New Hack Tools
  103. Pentest Tools Windows
  104. Hacking Tools Windows
  105. Hacking App
  106. Hack Tools 2019
  107. Pentest Tools Android
  108. Hack Tools For Ubuntu
  109. Pentest Tools Website Vulnerability
  110. Hacking Tools 2019
  111. Pentest Tools Apk
  112. Blackhat Hacker Tools
  113. Hack Tool Apk No Root
  114. Physical Pentest Tools
  115. Hacker Search Tools
  116. Hacking Tools And Software
  117. Hack Tools
  118. Physical Pentest Tools
  119. Pentest Tools Android
  120. Pentest Tools
  121. Hacker Tools Free
  122. Best Pentesting Tools 2018
  123. Free Pentest Tools For Windows
  124. How To Install Pentest Tools In Ubuntu
  125. Hacker Tools Apk
  126. Pentest Automation Tools
  127. Hacker Tools Hardware
  128. Hacking Tools For Beginners
  129. Tools For Hacker
  130. Pentest Tools For Ubuntu
  131. Pentest Tools Framework
  132. Hacker Tools Software
  133. Tools Used For Hacking
  134. Hacker Tools Linux
  135. Hacking Tools For Mac
  136. Hackers Toolbox
  137. Pentest Tools Url Fuzzer
  138. Hacker Search Tools
  139. Computer Hacker
  140. Hack And Tools
  141. Hacking Tools Software
  142. Pentest Tools Linux
  143. Pentest Tools Website Vulnerability
  144. Pentest Tools Bluekeep
  145. Pentest Tools
  146. Hacking Tools Online
  147. How To Make Hacking Tools
  148. Hacking Tools Windows
  149. Tools Used For Hacking
  150. Termux Hacking Tools 2019
  151. Pentest Tools Website
  152. Hacker Tools Free Download
  153. Pentest Tools Review
  154. Pentest Tools List
  155. Pentest Tools Open Source
  156. Hack Apps
  157. Pentest Tools
  158. Pentest Tools Open Source
  159. Hacker Tools List
  160. Hacking Tools For Games
  161. Usb Pentest Tools
  162. Pentest Tools Framework
  163. Hack Tools
  164. Hack Tools
  165. Hacker Techniques Tools And Incident Handling
  166. Ethical Hacker Tools
  167. Computer Hacker
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)