API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 19th, 2019
215
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 13.78 KB | None | 0 0
raw download clone embed print report
  1. // Generated by Rec Studio 4 - build Sep 23 2015
  2.  
  3. _init()
  4. {// addr = 0x00401000
  5. __rax = __imp____gmon_start__;
  6. if(__rax != 0) {
  7. *__rax();
  8. return;
  9. }
  10. }
  11.  
  12. int putchar(int ch)
  13. {// addr = 0x00401030
  14. goto __imp__putchar;
  15. }
  16.  
  17. char* strcpy(char* __dest, char* __src)
  18. {// addr = 0x00401040
  19. goto __imp__strcpy;
  20. }
  21.  
  22. int puts(char* str)
  23. {// addr = 0x00401050
  24. goto __imp__puts;
  25. }
  26.  
  27. int fclose(struct _IO_FILE* fp)
  28. {// addr = 0x00401060
  29. goto __imp__fclose;
  30. }
  31.  
  32. getpwuid()
  33. {// addr = 0x00401070
  34. goto __imp__getpwuid;
  35. }
  36.  
  37. short getuid()
  38. {// addr = 0x00401080
  39. goto __imp__getuid;
  40. }
  41.  
  42. int printf(char* format)
  43. {// addr = 0x00401090
  44. goto __imp__printf;
  45. }
  46.  
  47. void rewind(struct _IO_FILE* fp)
  48. {// addr = 0x004010A0
  49. goto __imp__rewind;
  50. }
  51.  
  52. int fgetc(struct _IO_FILE* fp)
  53. {// addr = 0x004010B0
  54. goto __imp__fgetc;
  55. }
  56.  
  57. int read(int __fd, void* __buf, int __nbytes)
  58. {// addr = 0x004010C0
  59. goto __imp__read;
  60. }
  61.  
  62. char* fgets(char* dst, int sz, struct _IO_FILE* fp)
  63. {// addr = 0x004010D0
  64. goto __imp__fgets;
  65. }
  66.  
  67. int strcmp(char* __s1, char* __s2)
  68. {// addr = 0x004010E0
  69. goto __imp__strcmp;
  70. }
  71.  
  72. int getchar()
  73. {// addr = 0x004010F0
  74. goto __imp__getchar;
  75. }
  76.  
  77. char* gets(char* dst)
  78. {// addr = 0x00401100
  79. goto __imp__gets;
  80. }
  81.  
  82. syslog()
  83. {// addr = 0x00401110
  84. goto __imp__syslog;
  85. }
  86.  
  87. int access(char* __name, int __type)
  88. {// addr = 0x00401120
  89. goto __imp__access;
  90. }
  91.  
  92. struct _IO_FILE* fopen(char* name, char* mode)
  93. {// addr = 0x00401130
  94. goto __imp__fopen;
  95. }
  96.  
  97. __isoc99_scanf()
  98. {// addr = 0x00401140
  99. goto __imp____isoc99_scanf;
  100. }
  101.  
  102. char* strcat(char* __dest, char* __src)
  103. {// addr = 0x00401150
  104. goto __imp__strcat;
  105. }
  106.  
  107. void exit(int __status)
  108. {// addr = 0x00401160
  109. goto __imp__exit;
  110. }
  111.  
  112. _start(
  113. _unknown_ __rax, // r53
  114. _unknown_ __rdx // r56
  115. )
  116. {// addr = 0x00401170
  117. __rax = __rax;
  118. _pop(__rsi);
  119. __r9 = __r9 & -16;
  120. _push(__rax);
  121. _push(__r9);
  122. __imp____libc_start_main();
  123. asm("hlt");
  124. }
  125.  
  126. _dl_relocate_static_pie(
  127. _unknown_ __rax // r53
  128. )
  129. {// addr = 0x004011A0
  130. __rax = __rax;
  131. }
  132.  
  133. deregister_tm_clones(
  134. _unknown_ __rax // r53
  135. )
  136. {// addr = 0x004011B0
  137. if( &__imp__stdin == &__imp__stdin || 0 == 0) {
  138. return;
  139. } else {
  140. goto __rax;
  141. }
  142. }
  143.  
  144. register_tm_clones(
  145. _unknown_ __rsi // r58
  146. )
  147. {// addr = 0x004011E0
  148. if(( &__imp__stdin - &__imp__stdin >> 3) + ( &__imp__stdin - &__imp__stdin >> 3 >> 63) == 0 || 0 == 0) {
  149. return;
  150. } else {
  151. goto __rax;
  152. }
  153. }
  154.  
  155. __do_global_dtors_aux(
  156. _unknown_ __rax // r53
  157. )
  158. {// addr = 0x00401220
  159. _unknown_ _t1; // _t1
  160.  
  161. __rax = __rax;
  162. if(completed.7325 != 0) {
  163. return;
  164. } else {
  165. _push(_t1);
  166. deregister_tm_clones(__rax);
  167. completed.7325 = 1;
  168. _pop(__r8);
  169. return;
  170. }
  171. }
  172.  
  173. frame_dummy(
  174. _unknown_ __rsi // r58
  175. )
  176. {// addr = 0x00401250
  177. if(( &__imp__stdin - &__imp__stdin >> 3) + ( &__imp__stdin - &__imp__stdin >> 3 >> 63) != 0 && 0 != 0) {
  178. goto __rax;
  179. }
  180. }
  181.  
  182. func1(
  183. _unknown_ __rax // r53
  184. )
  185. {// addr = 0x00401252
  186. intOrPtr _v12; // _cfa_fffffff4
  187.  
  188. __rax = __rax;
  189. _v12 = 5;
  190. }
  191.  
  192. func2(
  193. _unknown_ __rax // r53
  194. )
  195. {// addr = 0x00401260
  196. __rax = __rax;
  197. asm("movss xmm0, [rip+0xfb8]");
  198. asm("movss [rbp-0x4], xmm0");
  199. }
  200.  
  201. func3(
  202. _unknown_ __rax // r53
  203. )
  204. {// addr = 0x00401274
  205. long long _v16; // _cfa_fffffff0
  206.  
  207. __rax = __rax;
  208. _v16 = 15;
  209. }
  210.  
  211. func4(
  212. _unknown_ __rax // r53
  213. )
  214. {// addr = 0x00401283
  215. intOrPtr _v12; // _cfa_fffffff4
  216.  
  217. __rax = __rax;
  218. _v12 = 10293;
  219. }
  220.  
  221. func5(
  222. _unknown_ __rax // r53
  223. )
  224. {// addr = 0x00401291
  225. intOrPtr _v12; // _cfa_fffffff4
  226.  
  227. __rax = __rax;
  228. _v12 = 4532;
  229. }
  230.  
  231. func6(
  232. _unknown_ __rax // r53
  233. )
  234. {// addr = 0x0040129F
  235. intOrPtr _v12; // _cfa_fffffff4
  236.  
  237. __rax = __rax;
  238. _v12 = 1012;
  239. }
  240.  
  241. func7(
  242. _unknown_ __rax // r53
  243. )
  244. {// addr = 0x004012AD
  245. intOrPtr _v12; // _cfa_fffffff4
  246.  
  247. __rax = __rax;
  248. _v12 = 936;
  249. }
  250.  
  251. func8(
  252. _unknown_ __rax, // r53
  253. _unknown_ __rdx // r56
  254. )
  255. {// addr = 0x004012BB
  256. signed int _v12; // _cfa_fffffff4
  257.  
  258. __rax = __rax;
  259. func7(__rax);
  260. _v12 = 0 << 2 << 3;
  261. }
  262.  
  263. func9(
  264. long long __rax, // r53
  265. _unknown_ __rcx, // r55
  266. _unknown_ __rdx // r56
  267. )
  268. {// addr = 0x004012E1
  269. long long _v16; // _cfa_fffffff0
  270.  
  271. __rdx = __rdx;
  272. __rax = __rax;
  273. func7(__rax);
  274. _v16 = __rax;
  275. }
  276.  
  277. launch(
  278. _unknown_ __rax // r53
  279. )
  280. {// addr = 0x00401316
  281. __rdi = "Row Row Row Your Boat...";
  282. puts(__rdi);
  283. }
  284.  
  285. cancel(
  286. _unknown_ __rax // r53
  287. )
  288. {// addr = 0x00401329
  289. __rdi = "The tankers have stopped capsizing";
  290. puts(__rdi);
  291. }
  292.  
  293. checkbalance(
  294. _unknown_ __rax, // r53
  295. _unknown_ __rsi // r58
  296. )
  297. {// addr = 0x0040133C
  298. __rax = __rax;
  299. __rdi = "Balance is $%d\n";
  300. printf(__rdi);
  301. }
  302.  
  303. print_hex(
  304. long long __rdi // r57
  305. )
  306. {// addr = 0x0040135C
  307. long long _v16; // _cfa_fffffff0
  308.  
  309. _v16 = __rdi;
  310. printf("%llx");
  311. }
  312.  
  313. print_decimal(
  314. long long __rdi // r57
  315. )
  316. {// addr = 0x00401387
  317. long long _v16; // _cfa_fffffff0
  318.  
  319. _v16 = __rdi;
  320. printf("%lld");
  321. }
  322.  
  323. unused_func(
  324. _unknown_ __rax, // r53
  325. int __rsi // r58
  326. )
  327. {// addr = 0x004013B2
  328. char _v9; // _cfa_fffffff7
  329. signed int _v16; // _cfa_fffffff0
  330. signed int _v20; // _cfa_ffffffec
  331. signed int _v24; // _cfa_ffffffe8
  332. struct _IO_FILE* _v32; // _cfa_ffffffe0
  333. char _v136; // _cfa_ffffff78
  334.  
  335. _v9 = getchar();
  336. fgets( &_v136, __rsi, __imp__stdin);
  337. _v16 = 1000;
  338. _v20 = 320;
  339. _v24 = _v16 ^ _v20;
  340. read(1, &_v136, 100);
  341. access( &_v136, &_v136);
  342. fopen("/var/secret/accessfile.txt", 4202597);
  343. _v32 = &_v136;
  344. rewind(_v32);
  345. _v9 = fgetc(_v32);
  346. fclose(_v32);
  347. }
  348.  
  349. check_user(
  350. _unknown_ __rax, // r53
  351. _unknown_ __rdx, // r56
  352. _unknown_ __rdi // r57
  353. )
  354. {// addr = 0x00401459
  355. short _v12; // _cfa_fffffff4
  356. int _t24; // _t24
  357.  
  358. __rdx = __rdx;
  359. __rax = __rax;
  360. _v12 = getuid();
  361. if(_v12 == 1002 || _v12 == 0 || _v12 == 1000) {
  362. syslog();
  363. return;
  364. }
  365. syslog();
  366. _t24 = "User is not authorized to access this application. This attempt has been logged.";
  367. puts(_t24);
  368. exit(_t24);
  369. }
  370.  
  371. set_username(
  372. _unknown_ __rax, // r53
  373. _unknown_ __rdi // r57
  374. )
  375. {// addr = 0x004014D4
  376. _unknown_ _v16; // _cfa_fffffff0
  377. long long _v28; // _cfa_ffffffe4
  378. long long _t6; // _t6
  379.  
  380. __rdi = __rdi;
  381. _v28 = _t6;
  382. getpwuid();
  383. _v16 = _v28;
  384. username = "error";
  385. if(_v16 != 0) {
  386. username = *_v16;
  387. return;
  388. }
  389. }
  390.  
  391. auth(
  392. _unknown_ __rax, // r53
  393. _unknown_ __rdi // r57
  394. )
  395. {// addr = 0x00401513
  396. intOrPtr _v24; // _cfa_ffffffe8
  397. char _v136; // _cfa_ffffff78
  398. char _v248; // _cfa_ffffff08
  399. intOrPtr _v252; // _cfa_ffffff04
  400. intOrPtr _t29; // _t29
  401.  
  402. _v252 = _t29;
  403. _v24 = _v252;
  404. strcpy( &(((char*)( &_v136))[0x64]), username);
  405. printf("Enter access password: ");
  406. gets( &_v136);
  407. putchar( &_v136);
  408. if(strcmp( &_v136, "N3veRF3r1iSh3r3!") != 0) {
  409. puts("access denied.");
  410. return;
  411. }
  412. _v248 = 7431066324620764001;
  413. ((char*)( &_v248))[8] = 7358992178031255922;
  414. ((char*)( &_v248))[0x10] = 4211540148105540207;
  415. ((char*)( &_v248))[0x18] = 32;
  416. strcat( &_v248, &(((char*)( &_v136))[0x64]));
  417. syslog();
  418. puts("access granted.");
  419. }
  420.  
  421. main(
  422. _unknown_ __rax, // r53
  423. _unknown_ __rdx, // r56
  424. int __rdi, // r57
  425. _unknown_ __r13 // r64
  426. )
  427. {// addr = 0x00401619
  428. intOrPtr _v12; // _cfa_fffffff4
  429. char _v16; // _cfa_fffffff0
  430. _unknown_ __rbx; // r54
  431. _unknown_ __r14; // r65
  432. _unknown_ __r15; // r66
  433. _unknown_ __rbp; // r67
  434. _unknown_ __rsp; // r68
  435. char _t21; // _t21
  436. _unknown_ _t38; // _t38
  437. signed long long _t39; // _t39
  438. int _t51; // _t51
  439. int _t52; // _t52
  440. _unknown_ _t53; // _t53
  441. _unknown_ _t56; // _t56
  442. _unknown_ _t57; // _t57
  443. signed long long _t60; // _t60
  444. _unknown_ _t63; // _t63
  445. _unknown_ _t65; // _t65
  446. _unknown_ _t67; // _t67
  447.  
  448. _push(_t56);
  449. _t57 = __r9;
  450. __r9 = __r9 - 16;
  451. check_user(__rax, __rdx, __rdi);
  452. _v12 = 0;
  453. set_username(__rax, __rdi);
  454. auth(__rax, __rdi);
  455. if(_v12 != 0) {
  456. puts("[+] W0rM || Control Application");
  457. puts("[+] ---------------------------");
  458. puts("Select Option");
  459. puts("1: Check Balance");
  460. puts("2: Launch");
  461. puts("3: Cancel");
  462. puts("4: Exit");
  463. while(1) {
  464. printf("> ");
  465. _t51 = "%d%*c";
  466. __isoc99_scanf();
  467. _t21 = _v16;
  468. if(_t21 == 2) {
  469. goto L10;
  470. }
  471. if(_t21 > 2) {
  472. if(_t21 == 3) {
  473. cancel( &_v16);
  474. L14:
  475. continue;
  476. }
  477. if(_t21 == 4) {
  478. exit(_t51);
  479. }
  480. L13:
  481. _t52 = "Unknown option";
  482. puts(_t52);
  483. exit(_t52);
  484. goto L14;
  485. }
  486. if(_t21 == 1) {
  487. checkbalance( &_v16, &_v16);
  488. goto L14;
  489. }
  490. goto L13;
  491. L10:
  492. launch( &_v16);
  493. goto L14;
  494. }
  495. }
  496. exit(__rdi);
  497. asm("o16 nop [rax+rax]");
  498. _push(_t67);
  499. _push(_t65);
  500. _push(__r15);
  501. _push(_t63);
  502. _push(_t57);
  503. _push(_t38);
  504. __r9 = __r9 - 8;
  505. _init();
  506. _t60 = &__do_global_dtors_aux_fini_array_entry - &__frame_dummy_init_array_entry >> 3;
  507. if( &__do_global_dtors_aux_fini_array_entry != 0) {
  508. _t39 = 0;
  509. do {
  510. *((intOrPtr*)( &__frame_dummy_init_array_entry + _t39 * 8))();
  511. _t39 = _t39 + 1;
  512. } while(_t60 != _t39);
  513. }
  514. __r9 = __r9 + 8;
  515. _pop(__rbx);
  516. _pop(__r8);
  517. _pop(__r14);
  518. _pop(__r15);
  519. _pop(__rbp);
  520. _pop(__rsp);
  521. }
  522.  
  523. __libc_csu_init(
  524. _unknown_ __rdx, // r56
  525. _unknown_ __rdi, // r57
  526. _unknown_ __rsi, // r58
  527. _unknown_ __r13 // r64
  528. )
  529. {// addr = 0x00401740
  530. _unknown_ __rbx; // r54
  531. _unknown_ __r14; // r65
  532. _unknown_ __r15; // r66
  533. _unknown_ _t3; // _t3
  534. _unknown_ _t8; // _t8
  535. signed long long _t9; // _t9
  536. _unknown_ _t14; // _t14
  537. signed long long _t17; // _t17
  538. _unknown_ _t20; // _t20
  539.  
  540. __rdi = __rdi;
  541. _push(_t20);
  542. _push(_t14);
  543. _push(_t8);
  544. __r9 = __r9 - 8;
  545. _init();
  546. _t17 = &__do_global_dtors_aux_fini_array_entry - &__frame_dummy_init_array_entry >> 3;
  547. if( &__do_global_dtors_aux_fini_array_entry != 0) {
  548. _t9 = 0;
  549. do {
  550. *((intOrPtr*)( &__frame_dummy_init_array_entry + _t9 * 8))();
  551. _t9 = _t9 + 1;
  552. } while(_t17 != _t9);
  553. }
  554. __r9 = __r9 + 8;
  555. _pop(__rbx);
  556. _pop(__r8);
  557. _pop(__r14);
  558. }
  559.  
  560. __libc_csu_fini(
  561. _unknown_ __rax // r53
  562. )
  563. {// addr = 0x004017A0
  564. __rax = __rax;
  565. }
  566.  
  567. _fini(
  568. _unknown_ __rax // r53
  569. )
  570. {// addr = 0x004017A4
  571. __rax = __rax;
  572. }
  573.  
  574. _fini(
  575. _unknown_ __rax // r53
  576. )
  577. {// addr = 0x004017A4
  578. __rax = __rax;
  579. }
  580.  
  581. // Statistics:
  582. // 94 Register nodes
  583. // 41 Temporaries nodes
  584. // 7 Casts
  585. // 149 Statements
  586. // 6 Labels
  587. // 5 Gotos
  588. // 49 Blocks
  589. // 782 Nodes
  590. // 4 Assembly nodes
  591. // 60 Unknown Types
  592.  
  593.  
  594. Total time: 0 seconds.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!