Introduction To Reversing Golang Binaries

Golang binaries are a bit hard to analyze but there are some tricks to locate the things and view what is doing the code.

Is possible to list all the go files compiled in the binary even in an striped binaries, in this case we have only one file gohello.go this is a good clue to guess what is doing the program.

On stripped binaries the runtime functions are not resolved so is more difficult to locate the user algorithms:

If we start from the entry point, we will found this mess:

The golang string initialization are encoded and is not displayed on the strings window.

How to locate main?  if its not stripped just bp on [package name].main for example bp main.main, (you can locate the package-name searching strings with ".main")

And here is our main.main:

The code is:

So in a stripped binary we cant find the string "hello world" neither the initialization 0x1337 nor the comparator 0x1337, all this is obfuscated.

The initialization sequence is:

The procedure for locating main.main in stripped binaries is:

1. Click on the entry point and locate the runtime.mainPC pointer:

2. click on runtime.main function (LAB_0042B030):

3. locate the main.main call after the zero ifs:

4. click on it and here is the main:

The runtime is not obvious for example the fmt.Scanf() call perform several internal calls until reach the syscall, and in a stripped binary there are no function names.

In order to identify the functions one option is compile another binary with symbols and make function fingerprinting.

In Ghidra we have the script golang_renamer.py which is very useful:

After applying this plugin the main looks like more clear:

This script is an example of function fingerprinting, in this case all the opcodes are included on the crc hashing:

# This script fingerprints the functions

#@author: sha0coder

#@category fingerprinting

print "Fingerprinting..."

import zlib

# loop through program functions

function = getFirstFunction()

while function is not None:

name = str(function.getName())

entry = function.getEntryPoint()

body = function.getBody()

addresses = body.getAddresses(True)

if not addresses.hasNext():

# empty function

continue

ins = getInstructionAt(body.getMinAddress())

opcodes = ''

while ins and ins.getMinAddress() <= body.getMaxAddress():

for b in ins.bytes:

opcodes += chr(b & 0xff)

ins = getInstructionAfter(ins)

crchash = zlib.crc32(opcodes) & 0xffffffff

print name, hex(crchash)

function = getFunctionAfter(function)

Continue reading

1. Free Pentest Tools For Windows
2. Hacker Tools Hardware
3. Hack Rom Tools
4. Hack Tools For Games
5. Pentest Tools Framework
6. Hack Rom Tools
7. Game Hacking
8. Hak5 Tools
9. Hack Tools For Games
10. Hacking Tools Online
11. Pentest Tools Port Scanner
12. Hacker Tools Software
13. Hacker Tools Software
14. Hacker Tools Github
15. Best Hacking Tools 2020
16. Hacker Tools For Pc
17. Hacker Tools 2019
18. Hackers Toolbox
19. Pentest Tools Alternative
20. Hacker Tools
21. Pentest Tools
22. Beginner Hacker Tools
23. Nsa Hacker Tools
24. Pentest Box Tools Download
25. Free Pentest Tools For Windows
26. Install Pentest Tools Ubuntu
27. Pentest Tools For Windows
28. Hacker Tools
29. Underground Hacker Sites
30. Pentest Tools For Android
31. Hackrf Tools
32. New Hacker Tools
33. Pentest Tools Website
34. Hacking Tools For Windows Free Download
35. Tools For Hacker
36. Hacking Tools For Games
37. Easy Hack Tools
38. Hacking Tools Pc
39. Hak5 Tools
40. Underground Hacker Sites
41. Hacker Tools Software
42. World No 1 Hacker Software
43. Pentest Tools Subdomain
44. Hacker Hardware Tools
45. Hacking Tools Windows
46. Pentest Tools Apk
47. New Hack Tools
48. Hacking Tools For Games
49. Pentest Tools Free
50. Install Pentest Tools Ubuntu
51. Hacking Tools Github
52. Pentest Tools For Windows
53. Tools Used For Hacking
54. Physical Pentest Tools
55. Hacker Tools Apk Download
56. Hacker Tools Free Download
57. Hack Tools For Games
58. Hacker Tools Free Download
59. Hacker Tools 2019
60. Hak5 Tools
61. Free Pentest Tools For Windows
62. Hacker Tool Kit
63. Tools Used For Hacking
64. Hacking Tools Hardware
65. Tools Used For Hacking
66. How To Install Pentest Tools In Ubuntu
67. Hacker Tools Online
68. Pentest Tools Free
69. Hack Website Online Tool
70. Physical Pentest Tools
71. How To Install Pentest Tools In Ubuntu
72. Pentest Tools Url Fuzzer
73. World No 1 Hacker Software
74. Pentest Tools Kali Linux
75. Hack Tools For Pc
76. Tools For Hacker
77. Hack Apps
78. Hack Tools Pc
79. Nsa Hack Tools Download
80. Hacker Tools Windows
81. Pentest Tools Framework
82. Pentest Tools For Mac
83. Pentest Tools Tcp Port Scanner
84. Hacker Tools Apk
85. Pentest Tools For Mac
86. Pentest Tools Tcp Port Scanner
87. Hack Tools
88. Hack Rom Tools
89. Hacking Tools Hardware
90. How To Make Hacking Tools
91. Pentest Tools List
92. Hacking Apps
93. How To Hack
94. Hacking Tools Usb
95. Hack Tools Pc
96. Ethical Hacker Tools
97. Pentest Box Tools Download
98. Pentest Tools Linux
99. Pentest Tools Free
100. Hacker Tools 2020
101. Hacker Tools
102. Hacking Tools Hardware
103. Hacker Tools List
104. Kik Hack Tools
105. What Is Hacking Tools
106. Hacking Tools 2019
107. Hacking Tools Pc
108. Black Hat Hacker Tools
109. Pentest Tools
110. Hacking Tools For Kali Linux
111. Pentest Tools
112. Hack Tools
113. Hacker Tools For Ios
114. Hack Website Online Tool
115. Hacker Tools Apk
116. Hacker Tools For Ios
117. Pentest Tools Website
118. Pentest Tools Review
119. Hacking Tools For Mac
120. Hackers Toolbox
121. Hacking Tools Github
122. Hacking Tools And Software
123. Hacking Tools Download
124. Hacker Techniques Tools And Incident Handling
125. Pentest Tools Subdomain