SELAMAT DATANG DI TEMPATKU.

Semoga anda puas dan betah di tempatku. Walau pun semua serba sederhana serta ke kurangan. Maklum aja, aku baru belajar...! Karena itu aku sangat mengharapkan sekali Petunjuk serta Bimbingan dari anda yang datang ke tempat ini. Demi kemajuah dan perbaikan Blog yang masih sembraut tak karuan. dan serba asal - asalan.

Wasalamm...!

Vlang Binary Debugging

Why vlang? V is a featured, productive, safe and confortable language highly compatible with c, that generates neat binaries with c-speed, the decompilation also seems quite clear as c code.
https://vlang.io/

After open the binary with radare in debug mode "-d" we proceed to do the binary recursive analysis with "aaaa" the more a's the more deep analys.



The function names are modified when the binary is crafted, if we have a function named hello in a module named main we will have the symbol main__hello, but we can locate them quicly thanks to radare's grep done with "~" token in this case applied to the "afl" command which lists all the symbols.


Being in debug mode we can use "d*" commands, for example "db" for breakpointing the function and then "dc" to start or continue execution.


Let's dissasemble the function with "pD" command, it also displays the function variables and arguments as well, note also the xref "call xref from main"


Let's take a look to the function arguments, radare detect's this three 64bits registers used on the function.


Actually the function parameter is rsi that contains a testing html to test the href extraction algorithm.


The string structure is quite simple and it's plenty of implemented methods.




With F8 we can step over the code as we were in ollydbg on linux.


Note the rip marker sliding into the code.


We can recognize the aray creations, and the s.index_after() function used to find substrings since a specific position.


If we take a look de dissasembly we sill see quite a few calls to tos3() functions.
Those functions are involved in string initialization, and implements safety checks.

  • tos(string, len)
  • tos2(byteptr)
  • tos3(charptr)

In this case I have a crash in my V code and I want to know what is crashing, just continue the execution with "dc" and see what poits the rip register.



In visual mode "V" we can see previous instructions to figure out the arguments and state.


We've located the crash on the substring operation which is something like "s2 := s1[a..b]" probably one of the arguments of the substring is out of bounds but luckily the V language has safety checks and is a controlled termination:



Switching the basic block view "space" we can see the execution flow, in this case we know the loops and branches because we have the code but this view also we can see the tos3 parameter "href=" which is useful to locate the position on the code.



When it reach the substr, we can see the parameters with "tab" command.



Looking the implementation the radare parameter calculation is quite exact.


Let's check the param values:


so the indexes are from 0x0e to 0x24 which are inside the buffer, lets continue to next iteration,
if we set a breakpoint and check every iteration, on latest iteration before the crash we have the values 0x2c to 0x70 with overflows the buffer and produces a controlled termination of the v compiled process.





Continue reading
  1. Pentest Tools List
  2. Hak5 Tools
  3. Hacker Tools For Windows
  4. Pentest Tools Kali Linux
  5. Pentest Tools Website Vulnerability
  6. Pentest Tools For Android
  7. Pentest Tools For Ubuntu
  8. Pentest Box Tools Download
  9. Hacker Tools Apk Download
  10. Pentest Tools Kali Linux
  11. Pentest Tools Alternative
  12. Hacker Tools Free Download
  13. Hacking Tools Online
  14. Pentest Tools Review
  15. Hacking Tools For Pc
  16. Hacker Tools For Mac
  17. Hacker Tools Software
  18. Hack Tools 2019
  19. Hacking Apps
  20. Kik Hack Tools
  21. Hacker Tools
  22. Hacker Tools For Ios
  23. Github Hacking Tools
  24. How To Make Hacking Tools
  25. Hack Tools For Games
  26. How To Make Hacking Tools
  27. Wifi Hacker Tools For Windows
  28. Pentest Tools For Ubuntu
  29. Hak5 Tools
  30. Black Hat Hacker Tools
  31. Hacker Tools Github
  32. Underground Hacker Sites
  33. Pentest Tools Free
  34. Hacking Tools Free Download
  35. Easy Hack Tools
  36. Hacking Tools For Games
  37. Hack Tools For Pc
  38. Hacker Tools 2019
  39. Free Pentest Tools For Windows
  40. Usb Pentest Tools
  41. Growth Hacker Tools
  42. Hack Tools Mac
  43. What Is Hacking Tools
  44. Hacker Tools Apk
  45. Hacking Tools Name
  46. Hack And Tools
  47. Hacking Tools Windows 10
  48. Hacking Tools For Kali Linux
  49. Nsa Hack Tools
  50. Hacking Tools Name
  51. Pentest Tools Tcp Port Scanner
  52. What Is Hacking Tools
  53. Hack Tools Online
  54. Hacking Tools Name
  55. Computer Hacker
  56. Pentest Tools Find Subdomains
  57. Hacking Tools Hardware
  58. Growth Hacker Tools
  59. Hacking Tools For Kali Linux
  60. Blackhat Hacker Tools
  61. Pentest Tools Kali Linux
  62. Pentest Tools
  63. Hack Tools For Pc
  64. Hacker Tools For Mac
  65. Pentest Tools For Windows
  66. Pentest Tools Find Subdomains
  67. Pentest Tools Kali Linux
  68. Hack Tools Github
  69. Pentest Tools Review
  70. Install Pentest Tools Ubuntu
  71. World No 1 Hacker Software
  72. Pentest Tools Linux
  73. Best Hacking Tools 2019
  74. Hacking Tools For Beginners
  75. Pentest Tools Website
  76. Hacking App
  77. What Is Hacking Tools
  78. Hacker Techniques Tools And Incident Handling
  79. Best Pentesting Tools 2018
  80. Hacker Tools Windows
  81. Hack Apps
  82. Github Hacking Tools
  83. Hacker Tools Github
  84. Hacking Tools For Mac
  85. Hacker Tools Mac
  86. Hacker Tools 2020
  87. Hacking Tools For Kali Linux
  88. Hacking Tools Hardware
  89. Hack Tools Download
  90. Ethical Hacker Tools
  91. Top Pentest Tools
  92. Hacking Tools And Software
  93. World No 1 Hacker Software
  94. Pentest Tools Url Fuzzer
  95. Hacking Tools For Games
  96. Black Hat Hacker Tools
  97. Pentest Tools Kali Linux
  98. Hack Tools Github
  99. Beginner Hacker Tools
  100. Wifi Hacker Tools For Windows
  101. Hack Tools For Games
  102. Hack Tools Online
  103. Pentest Tools List
  104. Android Hack Tools Github
  105. Pentest Tools Apk
  106. Hacker Tools For Pc
  107. Tools Used For Hacking
  108. Hacker Security Tools
  109. Hacker Tools 2020
  110. Hack Tools Online
  111. Easy Hack Tools
  112. Pentest Tools Website Vulnerability
  113. Hacking Tools For Windows
  114. New Hack Tools
  115. Nsa Hack Tools Download
  116. Hacking Tools For Mac
  117. Pentest Tools Apk
  118. Hackrf Tools
  119. Nsa Hack Tools Download
  120. Hack Tools Pc
  121. Game Hacking
  122. Nsa Hack Tools
  123. Pentest Tools For Android
  124. Install Pentest Tools Ubuntu
Diposting oleh di

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)