Vlang Binary Debugging

Why vlang? V is a featured, productive, safe and confortable language highly compatible with c, that generates neat binaries with c-speed, the decompilation also seems quite clear as c code.
https://vlang.io/

After open the binary with radare in debug mode "-d" we proceed to do the binary recursive analysis with "aaaa" the more a's the more deep analys.

The function names are modified when the binary is crafted, if we have a function named hello in a module named main we will have the symbol main__hello, but we can locate them quicly thanks to radare's grep done with "~" token in this case applied to the "afl" command which lists all the symbols.

Being in debug mode we can use "d*" commands, for example "db" for breakpointing the function and then "dc" to start or continue execution.

Let's dissasemble the function with "pD" command, it also displays the function variables and arguments as well, note also the xref "call xref from main"

Let's take a look to the function arguments, radare detect's this three 64bits registers used on the function.

Actually the function parameter is rsi that contains a testing html to test the href extraction algorithm.

The string structure is quite simple and it's plenty of implemented methods.

With F8 we can step over the code as we were in ollydbg on linux.

Note the rip marker sliding into the code.

We can recognize the aray creations, and the s.index_after() function used to find substrings since a specific position.

If we take a look de dissasembly we sill see quite a few calls to tos3() functions.
Those functions are involved in string initialization, and implements safety checks.

• tos(string, len)
• tos2(byteptr)
• tos3(charptr)

In this case I have a crash in my V code and I want to know what is crashing, just continue the execution with "dc" and see what poits the rip register.

In visual mode "V" we can see previous instructions to figure out the arguments and state.

We've located the crash on the substring operation which is something like "s2 := s1[a..b]" probably one of the arguments of the substring is out of bounds but luckily the V language has safety checks and is a controlled termination:

Switching the basic block view "space" we can see the execution flow, in this case we know the loops and branches because we have the code but this view also we can see the tos3 parameter "href=" which is useful to locate the position on the code.

When it reach the substr, we can see the parameters with "tab" command.

Looking the implementation the radare parameter calculation is quite exact.

Let's check the param values:

so the indexes are from 0x0e to 0x24 which are inside the buffer, lets continue to next iteration,
if we set a breakpoint and check every iteration, on latest iteration before the crash we have the values 0x2c to 0x70 with overflows the buffer and produces a controlled termination of the v compiled process.

More articles

1. Hacking Tools Name
2. Hacker Tools Software
3. New Hack Tools
4. Hacker Tools Free
5. Hacker Tools
6. Hacking Tools Windows 10
7. Hacker Tools Mac
8. Hacking Tools For Windows Free Download
9. Hack Tools
10. Hacker
11. Termux Hacking Tools 2019
12. Hak5 Tools
13. Nsa Hack Tools
14. Hacking Tools For Pc
15. Pentest Tools Nmap
16. Hacker Tools Online
17. Hacking Tools And Software
18. Hack Tools For Pc
19. Pentest Tools Apk
20. Hack Tools For Pc
21. Underground Hacker Sites
22. Hacker Tools Hardware
23. Nsa Hacker Tools
24. Ethical Hacker Tools
25. Pentest Tools Framework
26. Growth Hacker Tools
27. Hacker Tools For Ios
28. Hack Tools For Windows
29. How To Make Hacking Tools
30. Top Pentest Tools
31. Underground Hacker Sites
32. Hack Tools For Ubuntu
33. Hacking Tools For Pc
34. Tools Used For Hacking
35. Hack Tools For Windows
36. Growth Hacker Tools
37. How To Make Hacking Tools
38. Hacking Tools Download
39. Hacking Tools For Kali Linux
40. Hack Tools Download
41. Hacking Tools For Games
42. Tools For Hacker
43. Hacking Tools And Software
44. How To Hack
45. New Hacker Tools
46. Pentest Reporting Tools
47. Hacking Tools Pc
48. Hacker Techniques Tools And Incident Handling
49. Hacker Tools Windows
50. Hacking Tools Pc
51. Hack Tools
52. Pentest Tools Bluekeep
53. Pentest Tools Apk
54. Hacking Tools For Kali Linux
55. Hack And Tools
56. Pentest Tools List
57. Hack App
58. Hack Tools Download
59. Hackers Toolbox
60. Top Pentest Tools
61. Pentest Tools Github
62. Hacker Tools Software
63. Hacker Techniques Tools And Incident Handling
64. Nsa Hack Tools Download
65. Wifi Hacker Tools For Windows
66. Beginner Hacker Tools
67. Hacking Tools Windows 10
68. Hacking Tools Download
69. Hacker Tools Software
70. Hak5 Tools
71. How To Install Pentest Tools In Ubuntu
72. Hacker Tools Github
73. Usb Pentest Tools
74. Install Pentest Tools Ubuntu
75. Hack Tools Download
76. Easy Hack Tools
77. Free Pentest Tools For Windows
78. Pentest Tools Website Vulnerability
79. Hacking Tools
80. Best Hacking Tools 2020
81. Hacking Tools And Software
82. Hacking Tools Hardware
83. Pentest Tools For Ubuntu
84. Hacker Search Tools
85. Pentest Tools Apk
86. Pentest Tools List
87. Hacking Tools 2019
88. Pentest Tools Find Subdomains
89. Pentest Tools Apk
90. Hack Tools Pc
91. Hacker Tools Mac
92. Hacker Techniques Tools And Incident Handling
93. Hacker Techniques Tools And Incident Handling
94. Pentest Tools Framework
95. Hack Tool Apk
96. Underground Hacker Sites
97. Hacking Tools Download
98. Tools Used For Hacking
99. Hacking Tools Online
100. Hacker Tools 2019
101. Pentest Tools Website
102. What Is Hacking Tools
103. Pentest Tools Find Subdomains
104. Computer Hacker
105. Growth Hacker Tools