API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 20th, 2018
98
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.35 KB | None | 0 0
raw download clone embed print report
  1. [florian@florian-desktop ReleaseRTTIO0]$ r2 VTablesTest.exe
  2. -- Your problems are solved in an abandoned branch somewhere
  3. [0x004015b1]> aaa
  4. [x] Analyze all flags starting with sym. and entry0 (aa)
  5. [x] Analyze len bytes of instructions for references (aar)
  6. [x] Analyze function calls (aac)
  7. [x] Use -AA or aaaa to perform additional experimental analysis.
  8. [x] Constructing a function name for fcn.* and sym.func.* functions (aan)
  9. [0x004015b1]> s 0x00401180
  10. [0x00401180]> pdf
  11. / (fcn) sub.MSVCR120.dll___2_YAPAXI_Z_180 360
  12. | sub.MSVCR120.dll___2_YAPAXI_Z_180 ();
  13. | ; var int local_40h @ ebp-0x40
  14. | ; var int local_3ch @ ebp-0x3c
  15. | ; var int local_38h @ ebp-0x38
  16. | ; var int local_34h @ ebp-0x34
  17. | ; var int local_30h @ ebp-0x30
  18. | ; var int local_2ch @ ebp-0x2c
  19. | ; var int local_28h @ ebp-0x28
  20. | ; var int local_24h @ ebp-0x24
  21. | ; var int local_20h @ ebp-0x20
  22. | ; var int local_1ch @ ebp-0x1c
  23. | ; var int local_18h @ ebp-0x18
  24. | ; var int local_14h @ ebp-0x14
  25. | ; var int local_10h @ ebp-0x10
  26. | ; var int local_ch @ ebp-0xc
  27. | ; var int local_4h @ ebp-0x4
  28. | ; var int local_0h @ ebp-0x0
  29. | ; CALL XREF from 0x00401544 (sub.MSVCR120.dll___3_YAXPAX_Z_2f8 + 588)
  30. | 0x00401180 55 push ebp
  31. | 0x00401181 8bec mov ebp, esp
  32. | 0x00401183 6aff push 0xffffffffffffffff
  33. | 0x00401185 68681c4000 push 0x401c68
  34. | 0x0040118a 64a100000000 mov eax, dword fs:[0]
  35. | 0x00401190 50 push eax
  36. | 0x00401191 83ec34 sub esp, 0x34 ; '4'
  37. | 0x00401194 a100304000 mov eax, dword [0x403000] ; section..data ; [0x403000:4]=0xbb40e64e ; "N\xe6@\xbb\xb1\x19\xbfD\x01"
  38. | 0x00401199 33c5 xor eax, ebp
  39. | 0x0040119b 50 push eax
  40. | 0x0040119c 8d45f4 lea eax, [local_ch]
  41. | 0x0040119f 64a300000000 mov dword fs:[0], eax
  42. | 0x004011a5 6a08 push 8 ; 8
  43. | 0x004011a7 ff1590204000 call dword [sym.imp.MSVCR120.dll___2_YAPAXI_Z] ; 0x402090
  44. | 0x004011ad 83c404 add esp, 4
  45. | 0x004011b0 8945e4 mov dword [local_1ch], eax
  46. | 0x004011b3 c745fc000000. mov dword [local_4h], 0
  47. | 0x004011ba 837de400 cmp dword [local_1ch], 0
  48. | ,=< 0x004011be 740d je 0x4011cd
  49. | | 0x004011c0 8b4de4 mov ecx, dword [local_1ch]
  50. | | 0x004011c3 e838feffff call sub.This_is_the_constructor_of_ClassA._0
  51. | | 0x004011c8 8945e0 mov dword [local_20h], eax
  52. | ,==< 0x004011cb eb07 jmp 0x4011d4
  53. | || ; JMP XREF from 0x004011be (sub.MSVCR120.dll___2_YAPAXI_Z_180)
  54. | |`-> 0x004011cd c745e0000000. mov dword [local_20h], 0
  55. | | ; JMP XREF from 0x004011cb (sub.MSVCR120.dll___2_YAPAXI_Z_180)
  56. | `--> 0x004011d4 8b45e0 mov eax, dword [local_20h]
  57. | 0x004011d7 8945d4 mov dword [local_2ch], eax
  58. | 0x004011da c745fcffffff. mov dword [local_4h], 0xffffffff ; -1 ; -4
  59. | 0x004011e1 8b4dd4 mov ecx, dword [local_2ch]
  60. | 0x004011e4 894df0 mov dword [local_10h], ecx
  61. | 0x004011e7 8b4df0 mov ecx, dword [local_10h]
  62. | 0x004011ea e8a1feffff call sub.My_value_is__d_90
  63. | 0x004011ef 8b55f0 mov edx, dword [local_10h]
  64. | 0x004011f2 8b02 mov eax, dword [edx]
  65. | 0x004011f4 8b4df0 mov ecx, dword [local_10h]
  66. | 0x004011f7 8b5004 mov edx, dword [eax + 4] ; [0x4:4]=-1 ; 4
  67. | 0x004011fa ffd2 call edx
  68. | 0x004011fc 50 push eax
  69. | 0x004011fd 68bc214000 push 0x4021bc ; "result of virtual method: %d\n"
  70. | 0x00401202 ff159c204000 call dword [sym.imp.MSVCR120.dll_printf] ; 0x40209c
  71. | 0x00401208 83c408 add esp, 8
  72. | 0x0040120b 8b45f0 mov eax, dword [local_10h]
  73. | 0x0040120e 8945d0 mov dword [local_30h], eax
  74. | 0x00401211 8b4dd0 mov ecx, dword [local_30h]
  75. | 0x00401214 894dec mov dword [local_14h], ecx
  76. | 0x00401217 837dec00 cmp dword [local_14h], 0
  77. | ,=< 0x0040121b 7413 je 0x401230
  78. | | 0x0040121d 6a01 push 1 ; 1
  79. | | 0x0040121f 8b55ec mov edx, dword [local_14h]
  80. | | 0x00401222 8b02 mov eax, dword [edx]
  81. | | 0x00401224 8b4dec mov ecx, dword [local_14h]
  82. | | 0x00401227 8b10 mov edx, dword [eax]
  83. | | 0x00401229 ffd2 call edx
  84. | | 0x0040122b 8945cc mov dword [local_34h], eax
  85. | ,==< 0x0040122e eb07 jmp 0x401237
  86. | || ; JMP XREF from 0x0040121b (sub.MSVCR120.dll___2_YAPAXI_Z_180)
  87. | |`-> 0x00401230 c745cc000000. mov dword [local_34h], 0
  88. | | ; JMP XREF from 0x0040122e (sub.MSVCR120.dll___2_YAPAXI_Z_180)
  89. | `--> 0x00401237 68dc214000 push str. ; 0x4021dc ; "---------------\n"
  90. | 0x0040123c ff159c204000 call dword [sym.imp.MSVCR120.dll_printf] ; 0x40209c
  91. | 0x00401242 83c404 add esp, 4
  92. | 0x00401245 6a08 push 8 ; 8
  93. | 0x00401247 ff1590204000 call dword [sym.imp.MSVCR120.dll___2_YAPAXI_Z] ; 0x402090
  94. | 0x0040124d 83c404 add esp, 4
  95. | 0x00401250 8945dc mov dword [local_24h], eax
  96. | 0x00401253 c745fc010000. mov dword [local_4h], 1
  97. | 0x0040125a 837ddc00 cmp dword [local_24h], 0
  98. | ,=< 0x0040125e 740d je 0x40126d
  99. | | 0x00401260 8b4ddc mov ecx, dword [local_24h]
  100. | | 0x00401263 e868feffff call sub.This_is_the_constructor_of_ClassB._d0
  101. | | 0x00401268 8945d8 mov dword [local_28h], eax
  102. | ,==< 0x0040126b eb07 jmp 0x401274
  103. | || ; JMP XREF from 0x0040125e (sub.MSVCR120.dll___2_YAPAXI_Z_180)
  104. | |`-> 0x0040126d c745d8000000. mov dword [local_28h], 0
  105. | | ; JMP XREF from 0x0040126b (sub.MSVCR120.dll___2_YAPAXI_Z_180)
  106. | `--> 0x00401274 8b45d8 mov eax, dword [local_28h]
  107. | 0x00401277 8945c8 mov dword [local_38h], eax
  108. | 0x0040127a c745fcffffff. mov dword [local_4h], 0xffffffff ; -1 ; -4
  109. | 0x00401281 8b4dc8 mov ecx, dword [local_38h]
  110. | 0x00401284 894df0 mov dword [local_10h], ecx
  111. | 0x00401287 8b4df0 mov ecx, dword [local_10h]
  112. | 0x0040128a e801feffff call sub.My_value_is__d_90
  113. | 0x0040128f 8b55f0 mov edx, dword [local_10h]
  114. | 0x00401292 8b02 mov eax, dword [edx]
  115. | 0x00401294 8b4df0 mov ecx, dword [local_10h]
  116. | 0x00401297 8b5004 mov edx, dword [eax + 4] ; [0x4:4]=-1 ; 4
  117. | 0x0040129a ffd2 call edx
  118. | 0x0040129c 50 push eax
  119. | 0x0040129d 68f0214000 push str.result_of_virtual_method:__d ; 0x4021f0 ; "result of virtual method: %d\n"
  120. | 0x004012a2 ff159c204000 call dword [sym.imp.MSVCR120.dll_printf] ; 0x40209c
  121. | 0x004012a8 83c408 add esp, 8
  122. | 0x004012ab 8b45f0 mov eax, dword [local_10h]
  123. | 0x004012ae 8945c4 mov dword [local_3ch], eax
  124. | 0x004012b1 8b4dc4 mov ecx, dword [local_3ch]
  125. | 0x004012b4 894de8 mov dword [local_18h], ecx
  126. | 0x004012b7 837de800 cmp dword [local_18h], 0
  127. | ,=< 0x004012bb 7413 je 0x4012d0
  128. | | 0x004012bd 6a01 push 1 ; 1
  129. | | 0x004012bf 8b55e8 mov edx, dword [local_18h]
  130. | | 0x004012c2 8b02 mov eax, dword [edx]
  131. | | 0x004012c4 8b4de8 mov ecx, dword [local_18h]
  132. | | 0x004012c7 8b10 mov edx, dword [eax]
  133. | | 0x004012c9 ffd2 call edx
  134. | | 0x004012cb 8945c0 mov dword [local_40h], eax
  135. | ,==< 0x004012ce eb07 jmp 0x4012d7
  136. | || ; JMP XREF from 0x004012bb (sub.MSVCR120.dll___2_YAPAXI_Z_180)
  137. | |`-> 0x004012d0 c745c0000000. mov dword [local_40h], 0
  138. | | ; JMP XREF from 0x004012ce (sub.MSVCR120.dll___2_YAPAXI_Z_180)
  139. | `--> 0x004012d7 33c0 xor eax, eax
  140. | 0x004012d9 8b4df4 mov ecx, dword [local_ch]
  141. | 0x004012dc 64890d000000. mov dword fs:[0], ecx
  142. | 0x004012e3 59 pop ecx
  143. | 0x004012e4 8be5 mov esp, ebp
  144. | 0x004012e6 5d pop ebp
  145. \ 0x004012e7 c3 ret
  146. [0x00401180]>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!