There are situations when c interacts with golang for example in a library, and its possible to exploit a golang function writing raw memory using an unsafe.Pointer() parameter.
When golang receive a null terminated string on a *C.Char parameter, can be converted to golang s tring with s2 := C.GoString(s1) we can do string operations with s2 safelly if the null byte is there.
When golang receives a pointer to a buffer on an unsafe.Pointer() and the length of the buffer on a C.int, if the length is not cheated can be converted to a []byte safelly with b := C.GoBytes(buf,sz)
Buuut what happens if golang receives a pointer to a buffer on an unsafe.Pointer() and is an OUT variable? the golang routine has to write on this pointer unsafelly for example we can create a golangs memcpy in the following way:
We convert to uintptr for indexing the pointer and then convert again to pointer casted to a byte pointer dereferenced and every byte is writed in this way.
If b is controlled, the memory can be written and the return pointer of main.main or whatever function can be modified.
https://play.golang.org/p/HppcVpLfuMf
The return addres can be pinpointed, for example 0x41 buffer 0x42 address:
We can reproduce it simulating the buffer from golang in this way:
we can dump the address of a function and redirect the execution to it:
https://play.golang.org/p/7htJHJp8gUJ
In this way it's possible to build a rop chain using golang runtime to unprotect a shellcode.
Related posts
- Hacking Tools
- Usb Pentest Tools
- Hacker Security Tools
- World No 1 Hacker Software
- Nsa Hack Tools Download
- How To Make Hacking Tools
- Hacker Hardware Tools
- Hack Tools Online
- Hacker Tools Linux
- Pentest Tools Android
- Hacker Search Tools
- Hacking Tools Online
- Ethical Hacker Tools
- Pentest Tools Alternative
- Tools For Hacker
- Pentest Tools Alternative
- Hack Tool Apk No Root
- Best Hacking Tools 2019
- Hacking Tools For Windows 7
- Pentest Tools Website Vulnerability
- Kik Hack Tools
- Hacker Tools 2019
- Hacking Tools Name
- Hack Tools For Pc
- Growth Hacker Tools
- Hacking Apps
- Hack Tool Apk
- Hacking Tools 2019
- Hacker Tools Apk
- Hacker Tool Kit
- Hacks And Tools
- Hacking Tools For Windows
- Pentest Box Tools Download
- Ethical Hacker Tools
- Github Hacking Tools
- Hacker Tools List
- Nsa Hack Tools
- Hacker Security Tools
- Hack Tools For Mac
- What Are Hacking Tools
- Tools 4 Hack
- Pentest Tools Linux
- Tools 4 Hack
- New Hacker Tools
- Github Hacking Tools
- Hack Tools Download
- Hack Tools 2019
- Hack Tools For Mac
- Growth Hacker Tools
- Hacker Tools Free Download
- Hack App
- Hacking Tools Software
- Hacker Tools Software
- Pentest Tools List
- Hacker
- Pentest Tools Framework
- Hacking Tools For Windows
- Hacker Search Tools
- Free Pentest Tools For Windows
- Hacker Tools List
- Hacker Tool Kit
- Hacking Tools For Kali Linux
- What Are Hacking Tools
- World No 1 Hacker Software
- Hacking Tools 2019
- Hack Tools For Ubuntu
- Easy Hack Tools
- Pentest Tools For Mac
- Hacker Tools Software
- Hacker Tools 2019
- Tools 4 Hack
- Easy Hack Tools
- Pentest Tools Download
- New Hacker Tools
- Hack Website Online Tool
- Hack App
- Hacker Security Tools
- Pentest Tools
- Hak5 Tools
- Best Hacking Tools 2020
- Easy Hack Tools
- Hacking Tools 2019
- Hacking Tools Github
- Pentest Tools Download
- Hacker Tools Apk
- Hacker Tools Online
- Underground Hacker Sites
- Beginner Hacker Tools
- Hacker Tools List
- Termux Hacking Tools 2019
- Hack Tools For Mac
- Hacking Tools For Windows
- Hack Tools Online
- Hack Rom Tools
- Pentest Recon Tools
- Hacker Tools Github
- Pentest Tools Framework
- Hack App
- Hack Website Online Tool
- Easy Hack Tools
- Growth Hacker Tools
- Github Hacking Tools
- Hack Tools For Windows
- Easy Hack Tools
- Best Pentesting Tools 2018
- Hacker Tools Windows
- Hacker Techniques Tools And Incident Handling
- Install Pentest Tools Ubuntu
- Hack Tools For Games
- Hacking Tools Online
- Pentest Tools Bluekeep
- Hack Apps
- Hacking Tools Mac
- Hack Tools For Pc
- Easy Hack Tools
- Hack Tools Download
- Hacking Tools Mac
- Hacker Tools Linux
- Hack Tools Download
- Easy Hack Tools
- Hacking Tools Software
- Hacking Tools Pc
- Hacking Tools Online
- What Is Hacking Tools
- Best Hacking Tools 2019
- Blackhat Hacker Tools
- Pentest Tools Port Scanner
- Github Hacking Tools
- Hack Tools Github
- Hack Tools Github
- Hack Tools 2019
- Hacker Tools Online
- Hacking Tools 2020
- Hacking Tools Hardware
- Hacking Tools 2020
- Hacking Tools Software
- Hacking Tools For Mac
- Hacking Tools 2020
- Pentest Tools For Ubuntu
- Pentest Tools Github
- Hacking Tools
- Pentest Tools Apk
- Hacker Tools For Windows
- World No 1 Hacker Software
- Pentest Tools Kali Linux
- Tools Used For Hacking
- Hacking Tools For Mac
- Pentest Tools Framework
Nenhum comentário:
Postar um comentário