Our third language of choice for a compiled application is Golang. With the rise of its popularity, we see an increase of secrets hidden inside the binaries. Can you find the secret in our binary?
3
+
Our third language of choice for a compiled application is Go. With the rise of its popularity, we see an increase of secrets hidden inside the binaries. Can you find the secret in our binary?
4
4
5
-
Let's debunk the "secrets are hard to find in native compiled applications" myth for C++: can you find the secret in https://github.com/commjoen/wrongsecrets/tree/master/src/main/resources/executables/wrongsecrets-golang[wrongsecrets-golang] (or https://github.com/commjoen/wrongsecrets/tree/master/src/main/resources/executables/wrongsecrets-golang-arm[wrongsecrets-golang-arm], https://github.com/commjoen/wrongsecrets/tree/master/src/main/resources/executables/wrongsecrets-golang-linux[wrongsecrets-golang-linux])?
5
+
Let's debunk the "secrets are hard to find in native compiled applications" myth for Go: can you find the secret in https://github.com/commjoen/wrongsecrets/tree/master/src/main/resources/executables/wrongsecrets-golang[wrongsecrets-golang] (or https://github.com/commjoen/wrongsecrets/tree/master/src/main/resources/executables/wrongsecrets-golang-arm[wrongsecrets-golang-arm], https://github.com/commjoen/wrongsecrets/tree/master/src/main/resources/executables/wrongsecrets-golang-linux[wrongsecrets-golang-linux])?
This challenge is specifically looking at a secret in a Golang binary
1
+
This challenge is specifically looking at a secret in a Go binary
2
2
3
-
This one is a little harder, as we used Cobra to create the CLI introducing some more overhead.
3
+
This one is a little harder, as we used Cobra to create the CLI, introducing some more overhead.
4
4
You can solve this challenge using the following steps:
5
5
6
6
1. Find the secrets with https://ghidra-sre.org/[Ghidra].
7
7
- Install https://ghidra-sre.org/[Ghidra].
8
-
- Start it whit `ghidraRun`.
8
+
- Start it with `ghidraRun`.
9
9
- Load the application `wrongsecrets-golang` into ghidra by choosing a new project, then import the file and then doubleclick on it.
10
10
- Allow the Ghidra to analyze the application. Note that this takes much longer as our binary is a lot larger.
11
11
- Go to the data type manager in the bottom left, now filter for `string`, now right-click at `string` as a member of `wrongsecrets-golang` and select `find uses of`.
skipped 3 lines
15
15
- Install https://www.radare.org[radare2] with either `brew install radare2` on Mac or follow these steps: `git clone https://github.com/radareorg/radare2; cd radare2 ; sys/install.sh`
16
16
- Launch r2 analysis with `$ r2 -A wrongsecrets-golang`
17
17
- Start a search for the string with `/w secret`
18
-
- Now take the results and look for possible answers, how about `/w his is the secret in Golgang` ? You should be able to find the secret now.
18
+
- Now take the results and look for possible answers, how about `/w his is the secret in Golang` ? You should be able to find the secret now.