Humour In Verse

From The warped mind of Emac

Thursday, May 25, 2023

Exploiting Golang Unsafe Pointers


There are situations when c interacts with golang for example in a library, and its possible to exploit a golang function writing raw memory using an unsafe.Pointer() parameter.

When golang receive a null terminated string on a *C.Char parameter, can be converted to golang s tring with  s2 := C.GoString(s1) we can do string operations with s2 safelly if the null byte is there.

When golang receives a pointer to a buffer on an unsafe.Pointer() and the length of the buffer on a C.int, if the length is not cheated can be converted to a []byte safelly with b := C.GoBytes(buf,sz)

Buuut what happens if golang receives a pointer to a buffer on an unsafe.Pointer() and is an OUT variable? the golang routine has to write on this pointer unsafelly for example we can create a golangs memcpy in the following way:



We convert to uintptr for indexing the pointer and then convert again to pointer casted to a byte pointer dereferenced and every byte is writed in this way.

If b is controlled, the memory can be written and the return pointer of main.main or whatever function can be modified.

https://play.golang.org/p/HppcVpLfuMf


The return addres can be pinpointed, for example 0x41 buffer 0x42 address:



We can reproduce it simulating the buffer from golang in this way:


we can dump the address of a function and redirect the execution to it:


https://play.golang.org/p/7htJHJp8gUJ

In this way it's possible to build a rop chain using golang runtime to unprotect a shellcode.

Related news


  1. Hacking Tools For Windows
  2. How To Install Pentest Tools In Ubuntu
  3. Hacker Tool Kit
  4. Hacker Tools List
  5. Hack Tools Github
  6. Hacker Tools For Pc
  7. Hacker Tools 2020
  8. Hacking Tools For Windows Free Download
  9. Pentest Tools Tcp Port Scanner
  10. Pentest Tools For Mac
  11. Hacker Techniques Tools And Incident Handling
  12. Tools Used For Hacking
  13. Tools Used For Hacking
  14. Hacker Tools Apk Download
  15. Pentest Tools Bluekeep
  16. Hacker Tools For Ios
  17. Pentest Tools Bluekeep
  18. Hacker Tools Linux
  19. Pentest Tools Nmap
  20. Hacking Tools For Mac
  21. Pentest Tools Github
  22. Hacker Tools For Pc
  23. Hack Tools For Pc
  24. Hack Tools Download
  25. Hack Tools For Windows
  26. Hacker Tools For Ios
  27. Hacking Tools Github
  28. Hacking Tools And Software
  29. Hacker Tools 2019
  30. Termux Hacking Tools 2019
  31. What Are Hacking Tools
  32. Hack Tools 2019
  33. Hack Tools Mac
  34. New Hacker Tools
  35. Hack App
  36. Pentest Tools Website
  37. Usb Pentest Tools
  38. Hacker Tools 2019
  39. Game Hacking
  40. Pentest Tools Bluekeep
  41. Hacker Tools 2020
  42. Hack Tools Mac
  43. Pentest Tools List
  44. Best Pentesting Tools 2018
  45. Pentest Tools Bluekeep
  46. Pentest Tools Website
  47. How To Hack
  48. Hacking Tools Usb
  49. Pentest Tools Review
  50. Game Hacking
  51. Hack Tools
  52. Hacking Tools 2019
  53. World No 1 Hacker Software
  54. Hacking Tools For Games
  55. Hak5 Tools
  56. Pentest Automation Tools
  57. Hacking Tools For Kali Linux
  58. Hacking Tools Kit
  59. Top Pentest Tools
  60. Hacking Tools Software
  61. Hacking Tools Windows
  62. Blackhat Hacker Tools
  63. Hacking Tools And Software
  64. Hacking Tools For Games
  65. Hacking Tools 2020
  66. Android Hack Tools Github
  67. Pentest Tools Find Subdomains
  68. Pentest Tools Free
  69. Usb Pentest Tools
  70. Hacker Tools 2019
  71. Hackers Toolbox
  72. Top Pentest Tools
  73. Hacker Tools Online
  74. Pentest Tools Nmap
  75. Pentest Tools Review
  76. Hacker Tools For Windows
  77. Pentest Tools Github
  78. Pentest Tools Bluekeep
  79. Hack Tools
  80. Hack Tools
  81. Hacking Tools And Software
  82. Pentest Tools For Ubuntu
  83. Physical Pentest Tools
  84. Pentest Tools Find Subdomains
  85. Pentest Tools Nmap
  86. Hack Apps
  87. Hack App
  88. Hack Tool Apk
  89. Pentest Tools Framework
  90. Hacking Tools Free Download
  91. Hacker Tools Software
  92. Hacker Tools Windows
  93. Hacking Tools For Mac
  94. Pentest Tools Review
  95. Hack Tools For Windows
  96. Hacker Tool Kit
  97. Hack Tools Online
  98. Hack Tools Download
  99. Hacker Tools Github
  100. Hacking Tools Hardware
  101. Physical Pentest Tools
  102. Hackers Toolbox
  103. Hack Tools 2019
  104. Blackhat Hacker Tools
  105. Pentest Automation Tools
  106. Pentest Tools Tcp Port Scanner
  107. New Hack Tools
  108. Hack App
  109. Usb Pentest Tools
  110. Android Hack Tools Github
  111. Hacking Tools Github
  112. Hacking Tools Usb
  113. Hacker Tools Apk
  114. Hack Tools
  115. Pentest Tools Open Source
  116. Hacker Tools List
  117. Hack App
  118. Hacker Security Tools
  119. Free Pentest Tools For Windows
  120. Pentest Tools Website
  121. Hack Tools
  122. Top Pentest Tools
  123. Hacks And Tools
  124. Hacks And Tools
  125. Hacking Tools Windows
  126. Hacking Tools
  127. Hacker Tool Kit
  128. Pentest Recon Tools
  129. Pentest Tools Review
  130. Pentest Tools For Mac
  131. Hacker Security Tools
  132. Hack Rom Tools
  133. Best Hacking Tools 2019
  134. Hacking Tools 2019
  135. Hacker Tools For Ios
  136. Hacker Tools Free
  137. How To Make Hacking Tools
  138. Hacking Tools Mac
  139. Hacker Tools Apk Download
  140. Hacker Security Tools
  141. Pentest Automation Tools
  142. Hacker Tools Free Download

posted by Emac | 11:37 AM

0 Comments:

Post a Comment

<< Home