Tuesday, August 25, 2020

Vlang Binary Debugging

Why vlang? V is a featured, productive, safe and confortable language highly compatible with c, that generates neat binaries with c-speed, the decompilation also seems quite clear as c code.
https://vlang.io/

After open the binary with radare in debug mode "-d" we proceed to do the binary recursive analysis with "aaaa" the more a's the more deep analys.



The function names are modified when the binary is crafted, if we have a function named hello in a module named main we will have the symbol main__hello, but we can locate them quicly thanks to radare's grep done with "~" token in this case applied to the "afl" command which lists all the symbols.


Being in debug mode we can use "d*" commands, for example "db" for breakpointing the function and then "dc" to start or continue execution.


Let's dissasemble the function with "pD" command, it also displays the function variables and arguments as well, note also the xref "call xref from main"


Let's take a look to the function arguments, radare detect's this three 64bits registers used on the function.


Actually the function parameter is rsi that contains a testing html to test the href extraction algorithm.


The string structure is quite simple and it's plenty of implemented methods.




With F8 we can step over the code as we were in ollydbg on linux.


Note the rip marker sliding into the code.


We can recognize the aray creations, and the s.index_after() function used to find substrings since a specific position.


If we take a look de dissasembly we sill see quite a few calls to tos3() functions.
Those functions are involved in string initialization, and implements safety checks.

  • tos(string, len)
  • tos2(byteptr)
  • tos3(charptr)

In this case I have a crash in my V code and I want to know what is crashing, just continue the execution with "dc" and see what poits the rip register.



In visual mode "V" we can see previous instructions to figure out the arguments and state.


We've located the crash on the substring operation which is something like "s2 := s1[a..b]" probably one of the arguments of the substring is out of bounds but luckily the V language has safety checks and is a controlled termination:



Switching the basic block view "space" we can see the execution flow, in this case we know the loops and branches because we have the code but this view also we can see the tos3 parameter "href=" which is useful to locate the position on the code.



When it reach the substr, we can see the parameters with "tab" command.



Looking the implementation the radare parameter calculation is quite exact.


Let's check the param values:


so the indexes are from 0x0e to 0x24 which are inside the buffer, lets continue to next iteration,
if we set a breakpoint and check every iteration, on latest iteration before the crash we have the values 0x2c to 0x70 with overflows the buffer and produces a controlled termination of the v compiled process.





Read more
  1. Wifi Hacker Tools For Windows
  2. Github Hacking Tools
  3. Hacking Tools Github
  4. Hacker Tools For Pc
  5. Hack Tools For Mac
  6. What Are Hacking Tools
  7. Hackers Toolbox
  8. Hacker Tools For Ios
  9. Pentest Tools Alternative
  10. Pentest Tools Windows
  11. Pentest Reporting Tools
  12. Install Pentest Tools Ubuntu
  13. Hacking Tools
  14. Hacker Tools Software
  15. Hacking Tools For Windows
  16. Pentest Tools Download
  17. Hacking Tools Github
  18. Pentest Tools Github
  19. Nsa Hack Tools
  20. Growth Hacker Tools
  21. Hack Website Online Tool
  22. Pentest Tools Download
  23. Pentest Tools Find Subdomains
  24. Pentest Automation Tools
  25. Termux Hacking Tools 2019
  26. Physical Pentest Tools
  27. Hacking Tools Pc
  28. Best Hacking Tools 2020
  29. Pentest Tools For Mac
  30. Hacking Tools For Windows Free Download
  31. Pentest Tools Download
  32. Hack Tools
  33. Hacker Tools 2019
  34. Hack Tools 2019
  35. Hacker Security Tools
  36. Hacking Tools 2019
  37. Black Hat Hacker Tools
  38. Bluetooth Hacking Tools Kali
  39. Pentest Tools For Windows
  40. Hacking Tools Online
  41. How To Hack
  42. Hack Tools For Games
  43. Hacker Tools Hardware
  44. Pentest Tools Review
  45. Hacking Tools For Windows 7
  46. Pentest Tools Url Fuzzer
  47. Hacking Tools Windows
  48. Hacking Tools For Windows Free Download
  49. Pentest Tools Open Source
  50. Hacker Tools Software
  51. Hack Tools For Ubuntu
  52. Hacker Tools Apk Download
  53. How To Install Pentest Tools In Ubuntu
  54. Hack Tools 2019
  55. What Are Hacking Tools
  56. Pentest Tools Review
  57. Hacking Tools For Windows 7
  58. Hacking Tools For Beginners
  59. Nsa Hacker Tools
  60. Pentest Tools For Android
  61. Hack Tool Apk No Root
  62. Github Hacking Tools
  63. Hack Tools For Mac
  64. Hack Tools For Mac
  65. Usb Pentest Tools
  66. Hack Tools Pc
  67. Hack And Tools
  68. Hacker Security Tools
  69. Pentest Tools Tcp Port Scanner
  70. Tools 4 Hack
  71. Pentest Tools Android
  72. New Hack Tools
  73. Pentest Tools Port Scanner
  74. Tools Used For Hacking
  75. Hacking Tools Kit
  76. Hacker Tools Windows
  77. World No 1 Hacker Software
  78. Hack Tools For Windows
  79. Blackhat Hacker Tools
  80. Hack Tools For Pc
  81. Hacker Tools Windows
  82. Nsa Hacker Tools
  83. Pentest Tools Kali Linux
  84. Hacking Tools For Games
  85. Underground Hacker Sites
  86. Hacking Tools 2020
  87. Pentest Tools Review
  88. Pentest Tools For Mac
  89. Nsa Hack Tools
  90. Hack And Tools
  91. Pentest Tools For Mac
  92. Hack Rom Tools
  93. How To Make Hacking Tools
  94. Hacking Tools Software
  95. Hacks And Tools
  96. Hack Tools
  97. Hak5 Tools
  98. Pentest Tools Online
  99. Hacker Tools List
  100. Pentest Automation Tools
  101. Hacking App
  102. Hacking Tools Usb
  103. Hacking Tools Online
  104. Hack Tools For Windows
  105. Hack Tools Pc
  106. Pentest Recon Tools
  107. Hacking Tools For Kali Linux
  108. Hacking Tools Mac
  109. Hacker Tools Apk
  110. Hacking Tools Pc
  111. Hacker Tools Github
  112. Hacker Tools Online
  113. Pentest Tools Free
  114. Hak5 Tools

No comments:

Post a Comment