Sunday, January 21, 2024

Introduction To Reversing Golang Binaries


Golang binaries are a bit hard to analyze but there are some tricks to locate the things and view what is doing the code.






Is possible to list all the go files compiled in the binary even in an striped binaries, in this case we have only one file gohello.go this is a good clue to guess what is doing the program.


On stripped binaries the runtime functions are not resolved so is more difficult to locate the user algorithms:


If we start from the entry point, we will found this mess:

The golang string initialization are encoded and is not displayed on the strings window.


How to locate main?  if its not stripped just bp on [package name].main for example bp main.main, (you can locate the package-name searching strings with ".main")


And here is our main.main:


The code is:

So in a stripped binary we cant find the string "hello world" neither the initialization 0x1337 nor the comparator 0x1337, all this is obfuscated.

The initialization sequence is:


The procedure for locating main.main in stripped binaries is:
1. Click on the entry point and locate the runtime.mainPC pointer:



2. click on runtime.main function (LAB_0042B030):


3. locate the main.main call after the zero ifs:



4. click on it and here is the main:




The runtime is not obvious for example the fmt.Scanf() call perform several internal calls until reach the syscall, and in a stripped binary there are no function names.



In order to identify the functions one option is compile another binary with symbols and make function fingerprinting.

In Ghidra we have the script golang_renamer.py which is very useful:


After applying this plugin the main looks like more clear:




This script is an example of function fingerprinting, in this case all the opcodes are included on the crc hashing:
# This script fingerprints the functions
#@author: sha0coder
#@category fingerprinting

print "Fingerprinting..."

import zlib


# loop through program functions
function = getFirstFunction()
while function is not None:
name = str(function.getName())
entry = function.getEntryPoint()
body = function.getBody()
addresses = body.getAddresses(True)

if not addresses.hasNext():
# empty function
continue

ins = getInstructionAt(body.getMinAddress())
opcodes = ''
while ins and ins.getMinAddress() <= body.getMaxAddress():
for b in ins.bytes:
opcodes += chr(b & 0xff)
ins = getInstructionAfter(ins)
crchash = zlib.crc32(opcodes) & 0xffffffff

print name, hex(crchash)


function = getFunctionAfter(function)





More info


  1. Hack Tools For Pc
  2. Hack Tools Mac
  3. Hacker Tools
  4. Hacker Tools For Ios
  5. Android Hack Tools Github
  6. Hacking Tools Download
  7. Hacker Tools Apk
  8. Hack Website Online Tool
  9. Hack Tools 2019
  10. World No 1 Hacker Software
  11. Hack Tools Download
  12. Hacker Tools List
  13. Hack Tools Download
  14. Computer Hacker
  15. Termux Hacking Tools 2019
  16. Hack Rom Tools
  17. New Hacker Tools
  18. Hacking Tools And Software
  19. Hack Rom Tools
  20. Hacker Tools
  21. Hack App
  22. Pentest Tools Nmap
  23. Hacker
  24. Hacker Tools List
  25. Pentest Tools Download
  26. Hacking Tools For Windows
  27. Tools For Hacker
  28. Easy Hack Tools
  29. Pentest Tools Website Vulnerability
  30. Hacker Techniques Tools And Incident Handling
  31. Hack Tools
  32. Hacking Tools For Mac
  33. Pentest Tools For Ubuntu
  34. Hacking Tools For Games
  35. Hacker Tools Software
  36. Pentest Tools Tcp Port Scanner
  37. Pentest Tools Framework
  38. Pentest Tools Linux
  39. Pentest Tools Review
  40. Hack Tools 2019
  41. Pentest Tools Apk
  42. Hacking Tools And Software
  43. Tools 4 Hack
  44. Tools For Hacker
  45. Hacking Tools For Windows 7
  46. Hacker Tools For Mac
  47. Tools Used For Hacking
  48. Hacker Tools Apk Download
  49. Hack Tools 2019
  50. Hacker Tools Apk Download
  51. Pentest Tools Url Fuzzer
  52. Pentest Tools Url Fuzzer
  53. Hack Tools Mac
  54. Pentest Recon Tools
  55. Hacking Tools For Windows Free Download
  56. Hack Tools 2019
  57. Hacking Tools For Kali Linux
  58. Hacking Tools Software
  59. Hack Tools Github
  60. Hacker Tools Windows
  61. Hack Tools Pc
  62. Blackhat Hacker Tools
  63. Hacker Tools Linux
  64. Hacking Tools For Games
  65. Hack Tools For Ubuntu
  66. Hacker Tools Github
  67. Pentest Tools Website Vulnerability
  68. Hacking Tools For Windows Free Download
  69. Hacking Apps
  70. Pentest Recon Tools
  71. Easy Hack Tools
  72. Hacking Tools Software
  73. New Hacker Tools
  74. Pentest Tools Apk
  75. Hacker Tools 2020
  76. Ethical Hacker Tools
  77. Hacker Security Tools
  78. Hack Apps
  79. Hacking Tools Name
  80. Hack Tools Online
  81. Hack Tools 2019
  82. World No 1 Hacker Software
  83. Game Hacking
  84. Hack Tool Apk No Root
  85. Hacker Tools For Ios
  86. Best Hacking Tools 2019
  87. Hacker Hardware Tools
  88. Hacking Tools For Kali Linux
  89. Hacker Tools Apk Download
  90. Best Pentesting Tools 2018
  91. Pentest Tools Android
  92. Hacker Hardware Tools
  93. Hack Tools Download
  94. Nsa Hack Tools
  95. Hacking Tools For Pc
  96. Kik Hack Tools
  97. Hak5 Tools
  98. Hacker Tools For Mac
  99. New Hack Tools
  100. Best Pentesting Tools 2018
  101. Bluetooth Hacking Tools Kali
  102. Pentest Tools Github
  103. Growth Hacker Tools
  104. Hack Tools For Mac
  105. Hacker Tools
  106. Install Pentest Tools Ubuntu
  107. Hacker Tools For Mac
  108. Physical Pentest Tools
  109. Best Hacking Tools 2020
  110. Pentest Tools Apk
  111. Pentest Tools Android
  112. Hack Tools
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)