Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ;-- str.rootme_0.5_DarkArmy_Edition_Ready:
- ;-- hit3_2:
- ; DATA XREF from 0x000019f5 (sym.shell_spooler)
- 0x00001bd0 .string "rootme_0.5_DarkArmy_Edition_Ready" ; len=33
- 0x00001bf1 ~ 000e add byte [rsi], cl
- ;-- rdi:
- ; JMP XREF from 0x00001bef (str.rootme_0.5_DarkArmy_Edition_Ready + 31)
- ; DATA XREF from 0x00001ace (sym.darkarmy)
- 0x00001bf2 0e invalid
- 0x00001bf3 ~ 140d adc al, 0xd
- ;-- str.8_______e:
- 0x00001bf4 .string "\r8;\v\f'\e" ; len=8
- 0x00001bfc ~ 004861 add byte [rax + 0x61], cl
- ;-- str.HackTheBox:
- ;-- rsi:
- ; DATA XREF from 0x00001ad5 (sym.darkarmy)
- 0x00001bfd .string "HackTheBox" ; len=10
- | 0x00001c07 ~ 006d6f add byte [rbp + 0x6f], ch
- | ;-- str.mod_rootme.c:
- | ; JMP XREF from 0x00001c06 (str.HackTheBox + 9)
- `-> 0x00001c08 .string "mod_rootme.c" ; len=13
- ;-- hit3_3:
- 0x00001c0c 726f jb 0x1c7d
- 0x00001c0e 6f outsd dx, dword [rsi]
- 0x00001c0f 746d je 0x1c7e
- 0x00001c11 65 invalid
- 0x00001c12 2e invalid
- 0x00001c13 63 invalid
- ; JMP XREF from 0x00001baa (str.bash + 2)
- 0x00001c14 0000 add byte [rax], al
- 0x00001c16 0000 add byte [rax], al
- ;-- str.var_www_html_uploads_whiterose.txt:
- ; DATA XREF from 0x00001b50 (sym.rootme_post_read_request)
- 0x00001c18 .string "var_www_html_uploads_whiterose.txt" ; len=35
- 0x00001c3b 0000 add byte [rax], al
- 0x00001c3d 0000 add byte [rax], al
- 0x00001c3f ~ 0001 add byte [rcx], al
- ;-- section_end..rodata:
- ;-- section..eh_frame_hdr:
- ;-- section.GNU_EH_FRAME:
- ;-- __GNU_EH_FRAME_HDR:
- 0x00001c40 011b add dword [rbx], ebx ; section 38 va=0x00001c40 pa=0x00001c40 sz=92 vsz=92 rwx=m-r-- GNU_EH_FRAME
- ; JMP XREF from 0x00001bd3 (str.rootme_0.5_DarkArmy_Edition_Ready + 3)
- 0x00001c42 033b add edi, dword [rbx]
- 0x00001c44 5c pop rsp
- 0x00001c45 0000 add byte [rax], al
- 0x00001c47 000a add byte [rdx], cl
- 0x00001c49 0000 add byte [rax], al
- 0x00001c4b 0020 add byte [rax], ah
- 0x00001c4d f2 invalid
- 0x00001c4e ff invalid
- ; JMP XREF from 0x00001bdf (str.rootme_0.5_DarkArmy_Edition_Ready + 15)
- 0x00001c4f ff invalid
- ; JMP XREF from 0x00001c1f (str.var_www_html_uploads_whiterose.txt + 7)
- ,=< 0x00001c50 7800 js 0x1c52
- | ; JMP XREF from 0x00001c50 (section_end..rodata + 16)
- `-> 0x00001c52 0000 add byte [rax], al
- 0x00001c54 30f2 xor dl, dh
- 0x00001c56 ff invalid
- 0x00001c57 ffa000000030 jmp qword [rax + 0x30000000]
- ; JMP XREF from 0x00001c2b (str.var_www_html_uploads_whiterose.txt + 19)
- 0x00001c5d f4 hlt
- 0x00001c5e ff invalid
- 0x00001c5f ff invalid
- 0x00001c60 b800000080 mov eax, 0x80000000
- 0x00001c65 f6ff idiv bh
- 0x00001c67 fff0 push rax
- 0x00001c69 0000 add byte [rax], al
- 0x00001c6b 00f0 add al, dh
- 0x00001c6d f6ff idiv bh
- 0x00001c6f ff18 lcall [rax]
- 0x00001c71 0100 add dword [rax], eax
- 0x00001c73 00a0faffff68 add byte [rax + 0x68fffffa], ah
- 0x00001c79 0100 add dword [rax], eax
- 0x00001c7b 0040fe add byte [rax - 2], al
- ; JMP XREF from 0x00001c0f (hit3_3 + 3)
- 0x00001c7e ff invalid
- 0x00001c7f ff invalid
- 0x00001c80 b801000070 mov eax, 0x70000001
- 0x00001c85 fe invalid ; 0x70000001
- 0x00001c86 ff invalid ; 0x70000001
- 0x00001c87 ffd0 call rax
- 0x00001c89 0100 add dword [rax], eax
- 0x00001c8b 0080feffffe8 add byte [rax - 0x17000002], al
- 0x00001c91 0100 add dword [rax], eax
- 0x00001c93 00c0 add al, al
- 0x00001c95 fe invalid
- ; JMP XREF from 0x00001c1d (str.var_www_html_uploads_whiterose.txt + 5)
- 0x00001c96 ff invalid
- 0x00001c97 ff00 inc dword [rax]
- 0x00001c99 0200 add al, byte [rax]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement