Thursday, January 25, 2024

Vlang Binary Debugging

Why vlang? V is a featured, productive, safe and confortable language highly compatible with c, that generates neat binaries with c-speed, the decompilation also seems quite clear as c code.
https://vlang.io/

After open the binary with radare in debug mode "-d" we proceed to do the binary recursive analysis with "aaaa" the more a's the more deep analys.



The function names are modified when the binary is crafted, if we have a function named hello in a module named main we will have the symbol main__hello, but we can locate them quicly thanks to radare's grep done with "~" token in this case applied to the "afl" command which lists all the symbols.


Being in debug mode we can use "d*" commands, for example "db" for breakpointing the function and then "dc" to start or continue execution.


Let's dissasemble the function with "pD" command, it also displays the function variables and arguments as well, note also the xref "call xref from main"


Let's take a look to the function arguments, radare detect's this three 64bits registers used on the function.


Actually the function parameter is rsi that contains a testing html to test the href extraction algorithm.


The string structure is quite simple and it's plenty of implemented methods.




With F8 we can step over the code as we were in ollydbg on linux.


Note the rip marker sliding into the code.


We can recognize the aray creations, and the s.index_after() function used to find substrings since a specific position.


If we take a look de dissasembly we sill see quite a few calls to tos3() functions.
Those functions are involved in string initialization, and implements safety checks.

  • tos(string, len)
  • tos2(byteptr)
  • tos3(charptr)

In this case I have a crash in my V code and I want to know what is crashing, just continue the execution with "dc" and see what poits the rip register.



In visual mode "V" we can see previous instructions to figure out the arguments and state.


We've located the crash on the substring operation which is something like "s2 := s1[a..b]" probably one of the arguments of the substring is out of bounds but luckily the V language has safety checks and is a controlled termination:



Switching the basic block view "space" we can see the execution flow, in this case we know the loops and branches because we have the code but this view also we can see the tos3 parameter "href=" which is useful to locate the position on the code.



When it reach the substr, we can see the parameters with "tab" command.



Looking the implementation the radare parameter calculation is quite exact.


Let's check the param values:


so the indexes are from 0x0e to 0x24 which are inside the buffer, lets continue to next iteration,
if we set a breakpoint and check every iteration, on latest iteration before the crash we have the values 0x2c to 0x70 with overflows the buffer and produces a controlled termination of the v compiled process.





More articles
  1. How To Make Hacking Tools
  2. Hackers Toolbox
  3. Hacker Search Tools
  4. Hacking Tools For Kali Linux
  5. Pentest Recon Tools
  6. Physical Pentest Tools
  7. Hack Website Online Tool
  8. Hacking Tools Mac
  9. New Hack Tools
  10. Hacker Tool Kit
  11. Underground Hacker Sites
  12. Hack Tools Mac
  13. Pentest Tools Url Fuzzer
  14. Hack Tools Pc
  15. Hacking Tools For Beginners
  16. Pentest Tools Linux
  17. Hack Tools For Pc
  18. Usb Pentest Tools
  19. Pentest Tools Online
  20. Pentest Tools Framework
  21. Hackrf Tools
  22. Hacker Hardware Tools
  23. Easy Hack Tools
  24. Pentest Tools Review
  25. Pentest Tools
  26. Hack Rom Tools
  27. Hacker Hardware Tools
  28. Pentest Tools Github
  29. Hacking Tools Github
  30. Tools Used For Hacking
  31. Nsa Hack Tools
  32. Best Hacking Tools 2019
  33. Hacker Tools For Ios
  34. Hacker Tools Hardware
  35. Tools 4 Hack
  36. Pentest Tools Review
  37. Hacking Tools Hardware
  38. Pentest Automation Tools
  39. Hacker Tools Software
  40. Pentest Tools List
  41. World No 1 Hacker Software
  42. Android Hack Tools Github
  43. Hack Tools For Games
  44. Hacker Tools Windows
  45. Hacking Tools For Kali Linux
  46. Hackers Toolbox
  47. Beginner Hacker Tools
  48. Hacker Tools Apk
  49. Hacking Tools For Games
  50. Hacker Tools Hardware
  51. Hacker Tools Apk
  52. Ethical Hacker Tools
  53. Pentest Tools Open Source
  54. Computer Hacker
  55. Hack Tools For Ubuntu
  56. Hack Tools Github
  57. Hack Tools For Pc
  58. Pentest Tools Tcp Port Scanner
  59. Blackhat Hacker Tools
  60. Hacking Tools 2019
  61. Hack Tools For Ubuntu
  62. Pentest Recon Tools
  63. Pentest Box Tools Download
  64. Pentest Tools Open Source
  65. Hack Tools Mac
  66. Hacking Tools For Beginners
  67. Hacking Tools 2019
  68. How To Hack
  69. Tools Used For Hacking
  70. Github Hacking Tools
  71. Pentest Tools Subdomain
  72. Hacker Tools 2019
  73. Hacker Tools Online
  74. Hacking Tools Windows
  75. Game Hacking
  76. What Are Hacking Tools
  77. World No 1 Hacker Software
  78. Hack Tools For Games
  79. Pentest Tools Online
  80. Hacking Tools Hardware
  81. World No 1 Hacker Software
  82. Hacking Tools For Windows Free Download
  83. Tools For Hacker
  84. Hackrf Tools
  85. Hacker Tools Apk Download
  86. Hackers Toolbox
  87. Hack Apps
  88. Hacker Tools Apk Download
  89. Best Hacking Tools 2019
  90. Hacker Tools List
  91. Hacker Tools For Pc
  92. Hack Tools For Ubuntu
  93. Wifi Hacker Tools For Windows
  94. Hackrf Tools
  95. Pentest Tools Linux
  96. Blackhat Hacker Tools
  97. Hak5 Tools
  98. How To Make Hacking Tools
  99. Hack Tools For Mac
  100. Pentest Automation Tools
  101. Hacking App
  102. Hack Tools For Ubuntu
  103. Hacking Tools For Kali Linux
  104. What Are Hacking Tools
  105. Pentest Tools Kali Linux
  106. Hacking Tools For Windows 7
  107. Hacker Tools Hardware
  108. Hack Tools 2019
  109. Pentest Tools Tcp Port Scanner
  110. Hacking Tools Kit
  111. Pentest Tools Online
  112. Nsa Hacker Tools
  113. Hacker Tools Apk Download
  114. Github Hacking Tools

Posted by Tushar Surekha at 10:34 AM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Bloomberg - UTV

Must Watch...Ad may come initially.. wait for video.Also keep volume on

Disclaimer



This Document is subject to changes without prior notice and is intended only for the person or entity to which it is addressed to and may contain confidential and/or privileged material and is not for any type of circulation. Any review, retransmission, or any other use is prohibited. Kindly note that this document does not constitute an offer or solicitation for the purchase or sale of any financial instrument or as an official confirmation of any transaction.


The information contained herein is from publicly available data or other sources believed to be reliable. While I would endeavour to update the information herein on reasonable basis, I am under no obligation to update or keep the information current. Also, there may be regulatory, compliance, or other reasons that may prevent me from doing so. I do not represent that information contained herein is accurate or complete and it should not be relied upon as such. This document is prepared for assistance only and is not intended to be and must not alone betaken as the basis for an investment decision. The user assumes the entire risk of any use made of this information. Each recipient of this document should make such investigations as it deems necessary to arrive at an independent evaluation of an investment in the securities of companies referred to in this document (including the merits and risks involved), and should consult its own advisors to determine the merits and risks of such an investment. The investment discussed or views expressed may not be suitable for all investors. I do not undertake to advise you as to any change of my views. I may have issued other reports that are inconsistent with and reach different conclusion from the information presented in this report. This report is not directed or intended for distribution to, or use by, any person or entity who is a citizen or resident of or located in any locality, state, country or other jurisdiction, where such distribution, publication, availability or use would be contrary to law, regulation or which would subject me to any registration or licensing requirement within such jurisdiction. The securities described herein may or may not be eligible for sale in all jurisdictions or to certain category of investors. Persons in whose possession this document may come are required to inform themselves of and to observe such restriction. I may have used the information set forth herein before publication and may have positions in, may from time to time purchase or sell or may be materially interested in any of the securities mentioned or related securities. I may from time to time solicit from, or perform investment banking, or other services for, any company mentioned herein. Without limiting any of the foregoing, in no event shall I or any third party involved in, or related to, computing or compiling the information have any liability for any damages of any kind.