GET PAID

banner

$1,000,000 CHALLENGE

banner

BUY OR SELL LIBERTY RESERVE

Naira4Dollar

Thursday, January 18, 2024

Exploiting Golang Unsafe Pointers


There are situations when c interacts with golang for example in a library, and its possible to exploit a golang function writing raw memory using an unsafe.Pointer() parameter.

When golang receive a null terminated string on a *C.Char parameter, can be converted to golang s tring with  s2 := C.GoString(s1) we can do string operations with s2 safelly if the null byte is there.

When golang receives a pointer to a buffer on an unsafe.Pointer() and the length of the buffer on a C.int, if the length is not cheated can be converted to a []byte safelly with b := C.GoBytes(buf,sz)

Buuut what happens if golang receives a pointer to a buffer on an unsafe.Pointer() and is an OUT variable? the golang routine has to write on this pointer unsafelly for example we can create a golangs memcpy in the following way:



We convert to uintptr for indexing the pointer and then convert again to pointer casted to a byte pointer dereferenced and every byte is writed in this way.

If b is controlled, the memory can be written and the return pointer of main.main or whatever function can be modified.

https://play.golang.org/p/HppcVpLfuMf


The return addres can be pinpointed, for example 0x41 buffer 0x42 address:



We can reproduce it simulating the buffer from golang in this way:


we can dump the address of a function and redirect the execution to it:


https://play.golang.org/p/7htJHJp8gUJ

In this way it's possible to build a rop chain using golang runtime to unprotect a shellcode.

Continue reading
  1. Hack Tools Github
  2. Hacker Tool Kit
  3. Hacker Tools For Mac
  4. Hack Rom Tools
  5. Pentest Tools Apk
  6. Hacker Tools 2020
  7. Hacking App
  8. Hacker Tools Software
  9. Hacking Tools Hardware
  10. Pentest Tools For Android
  11. Pentest Tools For Mac
  12. Hack App
  13. Hacker Tools
  14. Hack Tool Apk No Root
  15. Hacking Tools For Windows Free Download
  16. Hacking Tools For Mac
  17. Hacker Tools Free Download
  18. Hacker Tools
  19. Hacker Tools Hardware
  20. Blackhat Hacker Tools
  21. Pentest Tools Bluekeep
  22. Hacking Apps
  23. Nsa Hack Tools
  24. Hack Tools Pc
  25. World No 1 Hacker Software
  26. Game Hacking
  27. Hacking Tools Pc
  28. Hacker Tools 2020
  29. Pentest Tools Android
  30. Hack Tools For Games
  31. Easy Hack Tools
  32. Hack Tools For Ubuntu
  33. Beginner Hacker Tools
  34. Hack And Tools
  35. Best Pentesting Tools 2018
  36. Blackhat Hacker Tools
  37. Hacker Tools For Pc
  38. Pentest Tools Website
  39. Pentest Tools Apk
  40. Hak5 Tools
  41. Hacker Tools Github
  42. Pentest Tools Url Fuzzer
  43. Usb Pentest Tools
  44. Hacking Tools Kit
  45. Usb Pentest Tools
  46. Hacking Tools Online
  47. Tools 4 Hack
  48. Hackrf Tools
  49. Best Pentesting Tools 2018
  50. Hacker Tools Github
  51. Hacking Tools Download
  52. Hackrf Tools
  53. Hacking Tools For Windows 7
  54. New Hacker Tools
  55. Best Hacking Tools 2019
  56. Hacker Tools Apk Download
  57. Pentest Tools Tcp Port Scanner
  58. Tools Used For Hacking
  59. Hack Tools 2019
  60. Black Hat Hacker Tools
  61. Pentest Tools Find Subdomains
  62. Hacker Tools Free
  63. Blackhat Hacker Tools
  64. Hacking App
  65. Hack Tools For Ubuntu
  66. Hack And Tools
  67. Pentest Tools Framework
  68. What Are Hacking Tools
  69. Hack Apps
  70. Hacker Tools Software
  71. Nsa Hack Tools
  72. Hack Tools Download
  73. Pentest Tools Linux
  74. Hacker
  75. Pentest Automation Tools
  76. Hacking Tools For Windows
  77. What Is Hacking Tools
  78. Pentest Tools For Windows
  79. Hack And Tools
  80. Hacker Tools For Pc
  81. New Hack Tools
  82. Hack Rom Tools
  83. World No 1 Hacker Software
  84. Kik Hack Tools
  85. How To Make Hacking Tools
  86. Hack Tools Pc
  87. Hacking Tools Hardware
  88. Pentest Tools Free
  89. Hacker Tools Free Download
  90. Pentest Tools For Ubuntu
  91. How To Hack
  92. Hacking Tools
  93. How To Make Hacking Tools
  94. Computer Hacker
  95. Underground Hacker Sites
  96. Hacking Tools Name
  97. What Is Hacking Tools
  98. Hack Tool Apk
  99. Tools For Hacker
  100. Hacker Tools Apk
  101. Pentest Tools Free
  102. Top Pentest Tools
  103. Hacking Tools 2019
  104. Pentest Tools List
  105. Hacking App
  106. Hacking App
  107. Pentest Box Tools Download
  108. Hacking Tools For Windows 7
  109. Hack Tools Download
  110. Hacker Tools For Windows
  111. Hacker Tools Windows
  112. Bluetooth Hacking Tools Kali
  113. Hack Tools
  114. Pentest Tools Github
  115. Hacking Tools 2020
  116. Termux Hacking Tools 2019
  117. Pentest Recon Tools
  118. Hack Tools
  119. Hacking Tools Hardware
  120. Hack Tools Github
  121. Pentest Reporting Tools
  122. Free Pentest Tools For Windows
  123. Free Pentest Tools For Windows
  124. Beginner Hacker Tools
  125. Pentest Tools Open Source
  126. Hacker Tools Linux
  127. Hacks And Tools
  128. Nsa Hack Tools Download
  129. Hacker Tools For Pc
  130. Hacking Tools Software
  131. Hacker Security Tools
  132. New Hack Tools
  133. Pentest Tools Url Fuzzer
  134. Hacking Tools Online
  135. Hack Tools For Pc
  136. Github Hacking Tools
  137. Hacking Tools For Pc
  138. Pentest Tools
  139. Pentest Tools Bluekeep
  140. Hacker Tools For Ios
  141. Hacker Tools 2019
  142. Hack Tools For Pc
  143. Pentest Tools Subdomain
  144. Hack And Tools
  145. Android Hack Tools Github
  146. Hacking Tools Hardware
  147. Pentest Tools For Mac
  148. Hacker Tools Windows
  149. Best Hacking Tools 2019
  150. Hacking Tools Online
  151. Hack Tools Github
  152. Pentest Tools Apk
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

WE BUY YOUR LIBERTY RESERVE AND DEPOSIT DIRECTLY INTO YOUR BANK ACCOUNT(NO STORIES)

Naira4Dollar