Friday 26 January 2024

Exploiting Golang Unsafe Pointers


There are situations when c interacts with golang for example in a library, and its possible to exploit a golang function writing raw memory using an unsafe.Pointer() parameter.

When golang receive a null terminated string on a *C.Char parameter, can be converted to golang s tring with  s2 := C.GoString(s1) we can do string operations with s2 safelly if the null byte is there.

When golang receives a pointer to a buffer on an unsafe.Pointer() and the length of the buffer on a C.int, if the length is not cheated can be converted to a []byte safelly with b := C.GoBytes(buf,sz)

Buuut what happens if golang receives a pointer to a buffer on an unsafe.Pointer() and is an OUT variable? the golang routine has to write on this pointer unsafelly for example we can create a golangs memcpy in the following way:



We convert to uintptr for indexing the pointer and then convert again to pointer casted to a byte pointer dereferenced and every byte is writed in this way.

If b is controlled, the memory can be written and the return pointer of main.main or whatever function can be modified.

https://play.golang.org/p/HppcVpLfuMf


The return addres can be pinpointed, for example 0x41 buffer 0x42 address:



We can reproduce it simulating the buffer from golang in this way:


we can dump the address of a function and redirect the execution to it:


https://play.golang.org/p/7htJHJp8gUJ

In this way it's possible to build a rop chain using golang runtime to unprotect a shellcode.

More information


  1. Black Hat Hacker Tools
  2. Hacker Tools For Mac
  3. Hacker Tools Windows
  4. Hacking Apps
  5. Hacker Tools Apk Download
  6. Hack Website Online Tool
  7. Hacker Tools For Windows
  8. What Is Hacking Tools
  9. Hacking Tools 2019
  10. Tools 4 Hack
  11. Hack Tools Download
  12. Hacker Tools Windows
  13. Blackhat Hacker Tools
  14. Tools 4 Hack
  15. Hacking Tools Windows 10
  16. Hacking Tools Name
  17. Hacker Hardware Tools
  18. Hacker Tool Kit
  19. Hacker Tools For Mac
  20. Hack Tools
  21. Hacking Tools Software
  22. Pentest Tools For Windows
  23. Hack Tools For Windows
  24. Pentest Tools Alternative
  25. Pentest Tools Port Scanner
  26. Computer Hacker
  27. Hacker Tools For Ios
  28. Hacking Tools For Mac
  29. Nsa Hack Tools
  30. Pentest Tools Download
  31. Hacking Tools For Games
  32. Pentest Tools Framework
  33. Hackrf Tools
  34. Hacker Tools Linux
  35. Hack Tools
  36. Hacker
  37. Nsa Hacker Tools
  38. Free Pentest Tools For Windows
  39. Hack Tool Apk No Root
  40. Hacking Tools
  41. Wifi Hacker Tools For Windows
  42. Hack Tools 2019
  43. Pentest Tools
  44. Blackhat Hacker Tools
  45. Blackhat Hacker Tools
  46. Hacker Tools
  47. Hack Tools Mac
  48. Pentest Tools For Windows
  49. Pentest Tools Nmap
  50. Hack Tools For Mac
  51. Hack Tools
  52. Bluetooth Hacking Tools Kali
  53. Hacker Tools Github
  54. Hacking Tools For Pc
  55. Pentest Tools Free
  56. Hacker Tools For Pc
  57. Pentest Box Tools Download
  58. Hacking Tools For Pc
  59. Ethical Hacker Tools
  60. Pentest Tools Download
  61. Hacker Tools For Pc
  62. Physical Pentest Tools
  63. Hacker
  64. Hacker Tools Mac
  65. Hacker Tools For Mac
  66. World No 1 Hacker Software
  67. Hacking Tools Pc
  68. Hacker Tools Windows
  69. Pentest Tools Open Source
  70. Hacking Tools Kit
  71. Nsa Hack Tools Download
  72. Hacker Tools Apk
  73. Hack Tools Mac
  74. Pentest Tools Apk
  75. Hacker Tools Apk Download
  76. Hacker Tools Free
  77. Hacking Tools 2019
  78. Blackhat Hacker Tools
  79. Best Pentesting Tools 2018
  80. Hacking Tools And Software
  81. Hacking Tools Windows 10
  82. Pentest Tools Subdomain
  83. Pentest Tools Website Vulnerability
  84. Termux Hacking Tools 2019
  85. How To Install Pentest Tools In Ubuntu
  86. Hacker Tools Free
  87. Tools 4 Hack
  88. Pentest Tools Kali Linux
  89. Hack And Tools
  90. Hacker Hardware Tools
  91. Hacking Tools For Beginners
  92. Hacker Security Tools
  93. Hacks And Tools
  94. Pentest Tools For Windows
  95. Pentest Tools Subdomain
  96. Pentest Tools Tcp Port Scanner
  97. Hacking Tools Windows 10
  98. Pentest Box Tools Download
  99. Hack Tools 2019
  100. Hacker Search Tools
  101. Hack Tools 2019
  102. Game Hacking
  103. Pentest Tools Linux
  104. Hacker Tools 2019
  105. Hack Website Online Tool
  106. Hackrf Tools
  107. Best Pentesting Tools 2018
  108. Tools Used For Hacking
  109. Hack Tools
  110. Hack Tools Download
  111. Hack Tools Pc
  112. Free Pentest Tools For Windows
  113. Hackrf Tools
  114. Hack Tool Apk
  115. Hackers Toolbox
  116. Hack Tools For Mac
  117. Hack Tools For Windows
  118. Wifi Hacker Tools For Windows
  119. Pentest Tools Find Subdomains
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)