Τετάρτη 24 Ιανουαρίου 2024

Vlang Binary Debugging

Why vlang? V is a featured, productive, safe and confortable language highly compatible with c, that generates neat binaries with c-speed, the decompilation also seems quite clear as c code.
https://vlang.io/

After open the binary with radare in debug mode "-d" we proceed to do the binary recursive analysis with "aaaa" the more a's the more deep analys.



The function names are modified when the binary is crafted, if we have a function named hello in a module named main we will have the symbol main__hello, but we can locate them quicly thanks to radare's grep done with "~" token in this case applied to the "afl" command which lists all the symbols.


Being in debug mode we can use "d*" commands, for example "db" for breakpointing the function and then "dc" to start or continue execution.


Let's dissasemble the function with "pD" command, it also displays the function variables and arguments as well, note also the xref "call xref from main"


Let's take a look to the function arguments, radare detect's this three 64bits registers used on the function.


Actually the function parameter is rsi that contains a testing html to test the href extraction algorithm.


The string structure is quite simple and it's plenty of implemented methods.




With F8 we can step over the code as we were in ollydbg on linux.


Note the rip marker sliding into the code.


We can recognize the aray creations, and the s.index_after() function used to find substrings since a specific position.


If we take a look de dissasembly we sill see quite a few calls to tos3() functions.
Those functions are involved in string initialization, and implements safety checks.

  • tos(string, len)
  • tos2(byteptr)
  • tos3(charptr)

In this case I have a crash in my V code and I want to know what is crashing, just continue the execution with "dc" and see what poits the rip register.



In visual mode "V" we can see previous instructions to figure out the arguments and state.


We've located the crash on the substring operation which is something like "s2 := s1[a..b]" probably one of the arguments of the substring is out of bounds but luckily the V language has safety checks and is a controlled termination:



Switching the basic block view "space" we can see the execution flow, in this case we know the loops and branches because we have the code but this view also we can see the tos3 parameter "href=" which is useful to locate the position on the code.



When it reach the substr, we can see the parameters with "tab" command.



Looking the implementation the radare parameter calculation is quite exact.


Let's check the param values:


so the indexes are from 0x0e to 0x24 which are inside the buffer, lets continue to next iteration,
if we set a breakpoint and check every iteration, on latest iteration before the crash we have the values 0x2c to 0x70 with overflows the buffer and produces a controlled termination of the v compiled process.





Read more


  1. Hacking Tools 2020
  2. Hacker Tools Apk
  3. Computer Hacker
  4. Hackrf Tools
  5. Hack Tools Online
  6. Pentest Tools Website Vulnerability
  7. Hacker Tools Free
  8. Hacker
  9. Pentest Reporting Tools
  10. Hack Rom Tools
  11. Hacker Tools Free
  12. Pentest Tools Find Subdomains
  13. Black Hat Hacker Tools
  14. Hacking Apps
  15. Hacking Tools Windows
  16. Pentest Tools Github
  17. New Hack Tools
  18. Hacker Tools Hardware
  19. Growth Hacker Tools
  20. Hacks And Tools
  21. Nsa Hack Tools Download
  22. Hacking Tools For Games
  23. Hacker Hardware Tools
  24. Ethical Hacker Tools
  25. Pentest Tools Port Scanner
  26. Pentest Tools Subdomain
  27. Hacker Tools Apk Download
  28. Hack Tool Apk
  29. Hacking Tools Name
  30. Pentest Tools
  31. Pentest Tools
  32. Hacking Tools For Games
  33. Pentest Tools List
  34. Github Hacking Tools
  35. Hackrf Tools
  36. Pentest Tools List
  37. Pentest Tools Free
  38. Hack Apps
  39. Hacking Tools For Windows Free Download
  40. Hacker Tools Github
  41. Pentest Automation Tools
  42. Hacker Tools Software
  43. Hacking Tools Hardware
  44. Pentest Tools Download
  45. Hack Tools For Games
  46. Pentest Tools Alternative
  47. Game Hacking
  48. Hacking Tools Windows
  49. Hacker Tools For Ios
  50. Hack Tools For Ubuntu
  51. Hacker Tools Github
  52. Hack And Tools
  53. Hack Tools
  54. Hacking Tools And Software
  55. Top Pentest Tools
  56. Nsa Hack Tools
  57. Pentest Tools Free
  58. Usb Pentest Tools
  59. Pentest Automation Tools
  60. Hack Tool Apk
  61. Hack Tools Download
  62. Hacker Search Tools
  63. Beginner Hacker Tools
  64. Physical Pentest Tools
  65. Hacking Tools Software
  66. Hacking Tools Hardware
  67. Hacker Tools Linux
  68. Hack Tools For Ubuntu
  69. Hacker Hardware Tools
  70. Pentest Tools Review
  71. Tools For Hacker
  72. Hacking Tools
  73. Hack Rom Tools
  74. Pentest Tools For Mac
  75. Pentest Tools Free
  76. Pentest Box Tools Download
  77. Ethical Hacker Tools
  78. Hacker Tools For Mac
  79. Hacking Tools For Games
  80. Hack Apps
  81. Nsa Hack Tools
  82. Pentest Tools Review
  83. Pentest Tools Online
  84. Best Hacking Tools 2020
  85. Pentest Tools Tcp Port Scanner
  86. How To Make Hacking Tools
  87. Pentest Tools Kali Linux
  88. Hacking Tools 2019
  89. Hacking Tools Github
  90. Growth Hacker Tools
  91. Hack Tools For Mac
  92. Pentest Tools For Android
  93. Pentest Tools Url Fuzzer
  94. Pentest Tools List
  95. Nsa Hacker Tools
  96. Tools For Hacker
  97. Pentest Tools For Android
  98. Hacking Tools For Mac
  99. Hacker Tools Linux
  100. Hacker Search Tools
  101. Hacking Tools For Windows
  102. Hack Tools Github
  103. Hacking App
  104. Hak5 Tools
  105. Hackers Toolbox
  106. Hack Tools For Pc
  107. Pentest Tools
  108. Bluetooth Hacking Tools Kali
  109. Pentest Tools Kali Linux
  110. Hacking Tools Online
  111. Computer Hacker
  112. Pentest Tools Apk
  113. Computer Hacker
Αναρτήθηκε από στις

Δεν υπάρχουν σχόλια:

Δημοσίευση σχολίου

Εγγραφή σε: Σχόλια ανάρτησης (Atom)