I have built a simple executable program with Go
.
I've compiled the code into a static binary program.
I want to decompile the output binary file and get the Go source code.
Is this possible or not?
There is no known tool which currently decompiles to Go sources. Go is a native language compiler, unlike Java and similar languages, which rely on a Class Loader, uses a linker in order to produce its executables. Therefore just reconstructing the call tree is, as in C and similar languages, a lot harder.
You can't recover original source code - the process of compilation is inherently lossy and some detail will inevitably be lost. How much is lost will depend on the source language, target language and choices made by developers.
It is also not possible to decompile all programs. Furthermore, it is not easy to separate data and code because both are represented similarly in most current computer systems. A type of reverse engineering, a decompiler performs the opposite operations of a compiler.
A major advantage of Ghidra is that it will decompile the object code back to source code. This means you don't have to do the hard work of trying to read the assembly language. As an example, in Figure 1-1, you can see a section of object code that was translated into assembly language on the lefthand side.
There is no tool to do that and as Go programs are compiled into machine code, they do not contain enough information to translate them back into Go code. Standard disassembly techniques are still possible though.
There is no known tool which currently decompiles to Go sources.
Go is a native language compiler, unlike Java and similar languages, which rely on a Class Loader, uses a linker in order to produce its executables. Therefore just reconstructing the call tree is, as in C and similar languages, a lot harder.
Debug information such as symbols are normally stripped off the Go executable.
There exists very little even in terms of Symbolic debugging of Golang code.
GDB for instance is AFAIK in its current state not aligned with Go architecture and is practically not functional in terms of Golang symbolic debugging. Go GDB has been dropped off IntelliJ ide for this very reason.
There are experimental efforts trying to regain GDB functionality by some users, but these require Go sources to have been compiled with special nonstandard provisions in order to support debugging. e.g.: http://blog.securitymouse.com/2014/10/golang-debugging-turning-pennies-into-gs.html Other symbolic debuggers for Go also need insertion of non-standard code in order to support the debugger, e.g. Hopwatch
Therefore, if you need to reverse engineer a Go program, you are better off with traditional, lower level reverse engineering tools such as IDA PRO. This is definitely possible, but at most you will get something resembling pseudo-code C, or ASM, never Go sources.
Some feature of the language are non existing in other languages, e.g. channels, and these require some study and a non trivial approach. E.g.: http://jolmos.blogspot.nl/2014/09/inbincible-writeup-golang-binary.html
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With