SHARE
TWEET

Untitled

a guest Sep 23rd, 2019 71 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #include <stdio.h>
  2.  
  3. void __stack_chk_fail (void) {
  4.         //called from main:  __s2 = (char *)FUN_00101179(&local_1a8,0x20,3)
  5.     // arg1: pointer to string, arg2 and arg3: int
  6.         // returns pointer arg1
  7.  
  8.         // set register variables
  9.     register long rdi asm ("rdi");
  10.     register long rsi asm ("rsi");
  11.     register long rdx asm ("rdx");
  12.  
  13.     // save arguments by reading from registers
  14.     char *key = (char *)rdi;            // though not null-terminated, treat as string
  15.     int i = rsi;
  16.     unsigned char j = rdx;
  17.  
  18.     // print registers contents and local variables holding args
  19.     printf("RDX: %lx\tRSI: 0x%lx\tRDX: 0x%lx\n", rdi, rsi, rdx); // everything gets clobbered here
  20.     printf("key address = %p\ti = 0x%x\tj = 0x%x\n", key, i, j);
  21.     printf("key: %s\n", key);
  22.  
  23.     //insert debugging instrumentation into original logic
  24.     //decompiled code produced by ghidra
  25.     /*
  26.      local_c = 0;
  27.      while (local_c < iParm2) {
  28.                 *(byte *)(lParm1 + (long)local_c) = *(byte *)(lParm1 + (long)local_c) ^ bParm3;
  29.                 local_c = local_c + 1;
  30.         }
  31.         return lParm1;
  32.     */
  33.     int c = 0;
  34.     while (c < i) {
  35.         printf("[+] %c XORed with %d = ", key[c], j);   // log to STDOUT
  36.         key[c] = key[c] ^ j;
  37.         printf("%c\n", key[c]);             // ""
  38.         c += 1;
  39.     }
  40.     printf("encoded key: %s\n", key);           // ""
  41.  
  42.     //set return value by writing string directly to RAX. No return.
  43.     register long rax asm ("rax");
  44.     rax = key;
  45. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top