Coder Social home page Coder Social logo

strazzere / golang_loader_assist Goto Github PK

View Code? Open in Web Editor NEW
615.0 27.0 121.0 16.09 MB

Making GO reversing easier in IDA Pro

License: GNU General Public License v3.0

Python 98.74% Makefile 0.84% Go 0.42%
ida reverse-engineering golang python

golang_loader_assist's Introduction

golang_loader_assist.py

This is the golang_loader_assist.py code to accompany the blog I wrote, Reversing GO binaries like a pro (in IDA Pro). There is also the hello-go directory which contains the simple hello world code I used as an example.

Important notes

If you're using IDA Pro 7.3 or below, you likely will need to take a look at the older release tagged IDA-7.3-and-Below. This is due to changes in the IDA Python libraries which where introduced in 7.4 which do not look to be backwards compatible.

TODO

  • Support IDA Pro 7.5 w/ Python3 (tested with a go1.13.6 and go1.14.4 binary on IDA 7.5.200519 Linux x86_64)
  • Support IDA Pro 7.4
  • Retain IDA Pro 7.3 support via old release taggin
  • Convert all code to Python3 syntax
  • Get all code style into the same format
  • Clean up imports due to IDA Python changes

golang_loader_assist's People

Contributors

caledoniaproject avatar demonduck avatar j-mie avatar kkhaike avatar strazzere avatar tbarabosch avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

chubbymaggie followboy1999 tun4 spamandhex 4144 nihilus 453483289 demonduck xiaomour ogdocument fjh658 nobletrout houcy barrydeng vngkv123 rexdf spigwitmer heruix mikalv traxes repo-backup snyiu100 scanfsec peterg75 met-pub akpotter afccanxi xtrm0 gixxyboy morristech wgwjifeng chefren haidragon voraka johnhubcr anhkggfork zsdlove g0h3aler l9sk hohjgdhsj gitmesam brightryeex chashtag yingluoqwq 14isnot40 inv0k3r rookiedragon kbdman 0x6b7966 w1ida erictsu1947 fengjixuchui gitqqqhs hailongeric triplekill crackercat mewbak cryzlasm rmanluo freemanzyq l1b0 modulexcite kuyoka mcspx jasonhoe tata19884 ohyeah521 tbarabosch reversetools hanbinglengyue j-mie yywz1999 wqsemc hjnccbsz 3kyo0 gkforfun wbaby rivd-44 dxmon pombredanne m-ouse holytruth ls306056885 ith4cker andrewpedia gavz llhl001 ateleshev wudifengz systemk1t drizzlerisk ynzheng gtict112 clayne supercuglong beyondcy picasso-r mrclintons dunkelheitx av-gantimurov

golang_loader_assist's Issues

Python error: object of type 'NoneType' has no len()

Describe the bug

I got this error with IDA Pro 7.6, Python 3.7.8, Python 3.8.10, Python 3.9.2, Python 3.11

golang_loader_assist.py: object of type 'NoneType' has no len()
Traceback (most recent call last):
  File "C:\Users\admin\Downloads\IDA Pro 7.6.210427 (x86,x64,ARM,ARM64,PPC,PPC64,MIPS)\x64_idapronw_hexarm64w_hexarmw_hexmipsw_hexppc64w_hexppcw_hexx64w_hexx86w_210427\python\3\ida_idaapi.py", line 616, in IDAPython_ExecScript
    exec(code, g)
  File "E:/www/golang_loader_assist.py", line 452, in <module>
    main()
  File "E:/www/golang_loader_assist.py", line 440, in main
    renamed = renamer_init()
  File "E:/www/golang_loader_assist.py", line 386, in renamer_init
    ida_bytes.create_strlit(func_name_addr, len(func_name), STRTYPE_C)
TypeError: object of type 'NoneType' has no len()

Expected behavior
A clear and concise description of what you expected to happen.

Screenshots
If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information):

  • OS: Windows 11
  • IDA version 7.6

Binary or Golang code to reproduce against
If you're able to write a snippet of golang code and/or provide an actual targeted binary, this would help immensely to reproduce the problems.

Additional context
Add any other context about the problem here.

problems on IDA Pro Version 6.95.160808 (64-bit)

golang_loader_assist.py: 'NoneType' object has no attribute 'startEA'
Traceback (most recent call last):
File "C:\Program Files (x86)\IDA 6.95\python\ida_idaapi.py", line 509, in IDAPython_ExecScript
execfile(script, g)
File "C:/Program Files (x86)/IDA 6.95/plugins/golang_loader_assist.py", line 330, in
main()
File "C:/Program Files (x86)/IDA 6.95/plugins/golang_loader_assist.py", line 315, in main
func_added = runtime_init()
File "C:/Program Files (x86)/IDA 6.95/plugins/golang_loader_assist.py", line 248, in runtime_init
runtime_ms = create_runtime_ms()
File "C:/Program Files (x86)/IDA 6.95/plugins/golang_loader_assist.py", line 186, in create_runtime_ms
if idc.MakeNameEx(runtime_ms.startEA, "runtime_morestack", SN_PUBLIC):
AttributeError: 'NoneType' object has no attribute 'startEA'

Support non-x86 arch binaries.

Is your feature request related to a problem? Please describe.
Per this;
https://reverseengineering.stackexchange.com/questions/24999/extracting-strings-from-go-binaries

I guess I didn't try this on non-x86 binaries? I thought I had, but I guess not?

Describe the solution you'd like
Gather and test arm binaries agains tthis.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.

Additional context
Add any other context or screenshots about the feature request here.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.