You are here: Home » Exploiting Golang Unsafe Pointers

Exploiting Golang Unsafe Pointers

Posted by iNoticiero on domingo, 30 de agosto de 2020 0


There are situations when c interacts with golang for example in a library, and its possible to exploit a golang function writing raw memory using an unsafe.Pointer() parameter.

When golang receive a null terminated string on a *C.Char parameter, can be converted to golang s tring with  s2 := C.GoString(s1) we can do string operations with s2 safelly if the null byte is there.

When golang receives a pointer to a buffer on an unsafe.Pointer() and the length of the buffer on a C.int, if the length is not cheated can be converted to a []byte safelly with b := C.GoBytes(buf,sz)

Buuut what happens if golang receives a pointer to a buffer on an unsafe.Pointer() and is an OUT variable? the golang routine has to write on this pointer unsafelly for example we can create a golangs memcpy in the following way:



We convert to uintptr for indexing the pointer and then convert again to pointer casted to a byte pointer dereferenced and every byte is writed in this way.

If b is controlled, the memory can be written and the return pointer of main.main or whatever function can be modified.

https://play.golang.org/p/HppcVpLfuMf


The return addres can be pinpointed, for example 0x41 buffer 0x42 address:



We can reproduce it simulating the buffer from golang in this way:


we can dump the address of a function and redirect the execution to it:


https://play.golang.org/p/7htJHJp8gUJ

In this way it's possible to build a rop chain using golang runtime to unprotect a shellcode.

Related word


  1. Hacking Tools Name
  2. Hack Tools
  3. Hacking Tools Software
  4. Hack Website Online Tool
  5. Hacker Tools List
  6. Hack Tools
  7. Hacker Tool Kit
  8. Hacker Security Tools
  9. Nsa Hack Tools
  10. Github Hacking Tools
  11. Hacker Tools Free
  12. Hacking Tools Windows
  13. Hacking Tools Kit
  14. Hacking Tools Online
  15. Pentest Tools Alternative
  16. Hack Tool Apk No Root
  17. Hacking Tools Free Download
  18. Pentest Tools For Android
  19. Pentest Tools For Mac
  20. Ethical Hacker Tools
  21. Pentest Tools Review
  22. Hacking Tools Name
  23. Hacking Tools Pc
  24. Hacker Tools For Windows
  25. Hack Tools For Windows
  26. Hacker Tools Software
  27. Hack Tools For Ubuntu
  28. New Hacker Tools
  29. What Is Hacking Tools
  30. Hacking Tools Free Download
  31. Hacker Tool Kit
  32. Hack Tools Github
  33. Hacking App
  34. Hacking Tools For Windows Free Download
  35. Pentest Tools Find Subdomains
  36. Install Pentest Tools Ubuntu
  37. Hacker Tools Github
  38. How To Make Hacking Tools
  39. Hacker Tools Hardware
  40. Pentest Tools Find Subdomains
  41. What Are Hacking Tools
  42. Hackrf Tools
  43. Pentest Tools
  44. Hacking App
  45. Hack And Tools
  46. Hacking Tools For Windows
  47. Hacking Tools Mac
  48. Pentest Tools Github
  49. Pentest Tools Github
  50. Best Pentesting Tools 2018
  51. Pentest Tools Apk
  52. Pentest Tools Website Vulnerability
  53. Pentest Tools Subdomain
  54. What Are Hacking Tools
  55. Tools 4 Hack
  56. Hackrf Tools
  57. Hack Tools Pc
  58. Pentest Tools Review
  59. Hacker Tools For Pc
  60. Hack Tools
  61. Pentest Tools Open Source
  62. Hack Tool Apk No Root
  63. Blackhat Hacker Tools
  64. Growth Hacker Tools
  65. Pentest Tools Url Fuzzer
  66. Hacking Tools And Software
  67. Hacking Tools For Windows Free Download
  68. Best Pentesting Tools 2018
  69. Pentest Tools For Mac
  70. Nsa Hacker Tools
  71. Hacking Tools 2020
  72. Black Hat Hacker Tools
  73. Pentest Tools Nmap
  74. Pentest Tools Open Source
  75. Hack Tools For Windows
  76. Hacker Tools For Mac
  77. Tools 4 Hack
  78. Hack Tool Apk No Root
  79. Game Hacking
  80. Pentest Tools Tcp Port Scanner
  81. Hacker Hardware Tools
  82. Hack Tools Mac
  83. World No 1 Hacker Software
  84. Hacker Tools Online
  85. What Are Hacking Tools
  86. Hacking Tools For Games
  87. Pentest Tools Android
  88. Hack Tools Online
  89. How To Hack
  90. Bluetooth Hacking Tools Kali
  91. Hacker Tools For Mac
  92. Hack Tools Pc
  93. Hacking Tools For Games
  94. Hacker Tools Mac
  95. Hack Tools
  96. Hacker
  97. Pentest Tools List
  98. Blackhat Hacker Tools
  99. Best Hacking Tools 2019
  100. Pentest Tools Open Source
  101. Black Hat Hacker Tools
  102. Termux Hacking Tools 2019
  103. Hacking Tools Github
  104. Computer Hacker
  105. Tools For Hacker
  106. Pentest Tools Github
  107. Hacking Tools Hardware
  108. World No 1 Hacker Software
  109. Tools For Hacker
  110. Hacking Tools Windows 10
  111. Hacking Tools Software
  112. Nsa Hack Tools Download
  113. Hacker Tools For Ios
  114. Pentest Automation Tools
  115. Pentest Tools Open Source
  116. Hack Tools For Ubuntu

Tagged as:
About the Author

Write admin description here..

Get Updates

Subscribe to our e-mail newsletter to receive updates.

Share This Post

Related posts

0 comentarios:

Publicar un comentario

Suscribirse a: Enviar comentarios (Atom)

What they says

© 2013 ECOLOGÍA. WP Theme-junkie converted by BloggerTheme9
Blogger templates. Proudly Powered by Blogger.
back to top