Vlang Binary Debugging

Why vlang? V is a featured, productive, safe and confortable language highly compatible with c, that generates neat binaries with c-speed, the decompilation also seems quite clear as c code.
https://vlang.io/

After open the binary with radare in debug mode "-d" we proceed to do the binary recursive analysis with "aaaa" the more a's the more deep analys.

The function names are modified when the binary is crafted, if we have a function named hello in a module named main we will have the symbol main__hello, but we can locate them quicly thanks to radare's grep done with "~" token in this case applied to the "afl" command which lists all the symbols.

Being in debug mode we can use "d*" commands, for example "db" for breakpointing the function and then "dc" to start or continue execution.

Let's dissasemble the function with "pD" command, it also displays the function variables and arguments as well, note also the xref "call xref from main"

Let's take a look to the function arguments, radare detect's this three 64bits registers used on the function.

Actually the function parameter is rsi that contains a testing html to test the href extraction algorithm.

The string structure is quite simple and it's plenty of implemented methods.

With F8 we can step over the code as we were in ollydbg on linux.

Note the rip marker sliding into the code.

We can recognize the aray creations, and the s.index_after() function used to find substrings since a specific position.

If we take a look de dissasembly we sill see quite a few calls to tos3() functions.
Those functions are involved in string initialization, and implements safety checks.

• tos(string, len)
• tos2(byteptr)
• tos3(charptr)

In this case I have a crash in my V code and I want to know what is crashing, just continue the execution with "dc" and see what poits the rip register.

In visual mode "V" we can see previous instructions to figure out the arguments and state.

We've located the crash on the substring operation which is something like "s2 := s1[a..b]" probably one of the arguments of the substring is out of bounds but luckily the V language has safety checks and is a controlled termination:

Switching the basic block view "space" we can see the execution flow, in this case we know the loops and branches because we have the code but this view also we can see the tos3 parameter "href=" which is useful to locate the position on the code.

When it reach the substr, we can see the parameters with "tab" command.

Looking the implementation the radare parameter calculation is quite exact.

Let's check the param values:

so the indexes are from 0x0e to 0x24 which are inside the buffer, lets continue to next iteration,
if we set a breakpoint and check every iteration, on latest iteration before the crash we have the values 0x2c to 0x70 with overflows the buffer and produces a controlled termination of the v compiled process.

Related articles

1. Hacker Tools Mac
2. Pentest Tools Apk
3. Hack Tools Pc
4. Hacking Tools Windows
5. Hack Apps
6. Hacker Tools Free
7. Hacking Tools 2020
8. Hacker Tools Hardware
9. What Is Hacking Tools
10. Pentest Box Tools Download
11. Hak5 Tools
12. Hacking Tools Windows
13. Kik Hack Tools
14. Hack Rom Tools
15. Hacking Tools 2019
16. Hacking Tools And Software
17. Pentest Tools Free
18. Hacker Security Tools
19. New Hacker Tools
20. How To Install Pentest Tools In Ubuntu
21. Hackers Toolbox
22. What Is Hacking Tools
23. Pentest Tools Url Fuzzer
24. Hacking Tools Mac
25. Best Pentesting Tools 2018
26. Pentest Tools Website Vulnerability
27. Hacker Tools Online
28. Hacking Tools For Kali Linux
29. Beginner Hacker Tools
30. Blackhat Hacker Tools
31. Hack Tools 2019
32. Hacker Tool Kit
33. Best Hacking Tools 2019
34. Tools Used For Hacking
35. Best Pentesting Tools 2018
36. Termux Hacking Tools 2019
37. Pentest Tools Website Vulnerability
38. Hacker Tools Software
39. Black Hat Hacker Tools
40. Hacking Tools For Windows 7
41. How To Make Hacking Tools
42. Hacking Tools For Pc
43. New Hack Tools
44. Pentest Tools Website
45. Pentest Automation Tools
46. Pentest Box Tools Download
47. Hacking Tools Name
48. Pentest Recon Tools
49. Pentest Tools For Mac
50. Hacker Tools Free Download
51. How To Make Hacking Tools
52. Easy Hack Tools
53. Hacker Tools Online
54. Pentest Recon Tools
55. Pentest Tools Url Fuzzer
56. Underground Hacker Sites
57. Hack Tools
58. Pentest Tools Free
59. Pentest Tools Subdomain
60. Pentest Tools For Windows
61. Hack Tools For Mac
62. Android Hack Tools Github
63. Hack Tools For Mac
64. What Are Hacking Tools
65. Pentest Tools For Ubuntu
66. Nsa Hack Tools Download
67. Black Hat Hacker Tools
68. Tools For Hacker
69. Free Pentest Tools For Windows
70. Hacking Tools For Windows Free Download
71. Hacking Tools For Windows Free Download
72. Hacker Security Tools
73. Hacking Tools Name
74. Pentest Tools Online
75. Pentest Tools Open Source
76. Pentest Tools Bluekeep
77. Hacking Tools Pc
78. Hacking Tools Windows
79. Hacking Tools For Beginners
80. Pentest Tools Find Subdomains
81. Hacker Hardware Tools
82. Hack Tools Github
83. Hacker Tools Apk
84. Install Pentest Tools Ubuntu
85. Hacking Tools Windows 10
86. Hacker Tools
87. Hack Tools For Ubuntu
88. Tools For Hacker
89. Best Pentesting Tools 2018
90. Kik Hack Tools
91. Hack Tools For Windows
92. Hacker Techniques Tools And Incident Handling
93. How To Hack
94. What Is Hacking Tools
95. Pentest Tools Apk
96. Pentest Tools Url Fuzzer
97. Hacking Tools Kit
98. What Are Hacking Tools
99. Hacker Tools 2019
100. Nsa Hack Tools Download
101. Hacking Tools For Windows
102. Hacking Tools Pc
103. Bluetooth Hacking Tools Kali
104. Hack Tools
105. Hack Tool Apk
106. Pentest Tools Github
107. Hacking Tools 2019
108. Pentest Tools Subdomain
109. Hack Apps