清除Go编译时自带的信息

Related tags

Compiler go-strip
Overview

go-strip

Go编译会自带一堆信息,通过这些信息基本可以还原Go的源码架构,甚至可以用作溯源。本工具可以直接从go编译好的二进制中消除这些信息。

  • 支持Go编译的 Windows、Mac、Linux程序
  • 支持AMD64,386架构
  • Go1.13和Go1.16用于解析的数据结构不太一样,但这款工具都支持

支持消除/混淆

  • 函数名称
  • 函数路径
  • Go Struct
  • Type
  • Go Compiler Version
  • Go BuildID
  • Go Root Path

Useage

go编译出二进制,

go build -ldflags "-s -w" .

之后即可使用工具进行混淆消除

                       _        _
                      | |      (_)
  __ _  ___ ______ ___| |_ _ __ _ _ __
 / _  |/ _ \______/ __| __| '__| | '_ \
| (_| | (_) |     \__ \ |_| |  | | |_) |
\__, |\___/      |___/\__|_|  |_| .__/
__/ |                          | |
|___/                           |_|

Usage of go-strip:
  -a    是否消除Go的编译信息
  -f string
        源文件名
  -output string
        另保存的文件名

执行

go-strip -f binary.exe

将会打印出读取的信息

执行

go-strip -f binary.exe -a -output new.exe

new.exe即是混淆后的二进制文件

Paper

代码

代码已开源,https://t.zsxq.com/6IurbMR

Issues
  • windows下可以正常编译动态库和混淆,linux可以正常编译动态库但无法混淆

    windows下可以正常编译动态库和混淆,linux可以正常编译动态库但无法混淆

    go版本1.16.1 我的代码 main.go package main import "C" import "fmt" //export Hello func Hello(){  fmt.Println(":hello") } func main(){} 编译命令 go build -buildmode=c-shared -x -v -o test.so -ldflags "-s -w" main.go 混淆命令 ./go-strip -f test.so -a -output test.strip.so 混淆开始 _ _ | | () __ _ ___ ______ | | _ __ _ _ __ / _ |/ _ ___/ | | '| | ' | (| | () | _ \ || | | | |) | , |/ |/|| || ./ / | | | |/ ||

    2021/11/18 01:39:00 开始混淆 2021/11/18 01:39:00 文件结构:ELF 2021/11/18 01:39:00 混淆 BuildId Error when extracting compiler information: no goversion found panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x50 pc=0x50c13b]

    goroutine 1 [running]: github.com/goretk/gore/gosym.(*Table).GetGo12(...) /home/runner/work/go-strip-source/go-strip-source/gosym/symtab.go:485 github.com/goretk/gore.(*GoFile).GetGoRoot(0xc000060ea0, 0xc00000e018, 0xc000093f28) /home/runner/work/go-strip-source/go-strip-source/file.go:195 +0x3b main.main() /home/runner/work/go-strip-source/go-strip-source/testM/main.go:48 +0x2c5 我需要你的帮助

    opened by FlyFishTeam 4
  • 报错

    报错

    报错信息:

    ❯ go-strip.exe -f .\hack-browser-data-v0.3.6-windows-32bit.exe -a -output hbd.exe

                       _        _
                      | |      (_)
    

    __ _ ___ ______ | | _ __ _ _ __ / _ |/ _ _/ | | '| | '
    | (
    | | (
    ) | __ \ || | | | |) | __, |_
    / |/_|| || ./ / | | | |/ ||

    2021/11/22 17:01:03 开始混淆 2021/11/22 17:01:03 文件结构:PE 2021/11/22 17:01:03 混淆 BuildId 2021/11/22 17:01:03 Compiler version: go1.16.2 (2021-03-11T17:08:05Z) panic: runtime error: invalid memory address or nil pointer dereference [signal 0xc0000005 code=0x0 addr=0x50 pc=0xc6d77e]

    goroutine 1 [running]: github.com/goretk/gore/gosym.(*Table).GetGo12(...) /home/runner/work/go-strip-source/go-strip-source/gosym/symtab.go:485 github.com/goretk/gore.(*GoFile).GetGoRoot(0xc00009c000, 0x1a, 0xc000071f48) /home/runner/work/go-strip-source/go-strip-source/file.go:195 +0x3e main.main() /home/runner/work/go-strip-source/go-strip-source/testM/main.go:48 +0x2d0

    混淆linux版本的时候正常,windows版本报错

    opened by M09Ic 3
  • 运行报错,

    运行报错,

    2022/05/13 15:50:24 Error when extracting compiler information: no goversion found 2022/05/13 15:50:24 GoRoot获取失败,err: no goroot found 2022/05/13 15:50:24 BuildID: WJboE-czC9YnOF9Glstn/72HVxYogF7S_hsKX2pMA/ixkFI3hByuzCtw7NNThu/NooR4kbHyOUI5lqiLn3Q

    image 师傅你好,工具使用就报错,提示找不到goroot,但是本机是有go环境,goroot也有。
    opened by getin63 0
Owner
boyhack
Hacking tools just for fun~
boyhack