# Note Hackbuburit 2018 #1 Reverse Engineering

a guest
May 30th, 2018
203
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
1. r2 -d ./ez
2.
3. -d = debug
4.
5. aaa
6.
7. pdf = print disassemble function
8.
9. pdf @ main
10.
11. mov dword [local_70h], 0x43 == copy 0x43 ke variable local_70h
12.
13. dst
14.
15. db 0x7ff241e008ec
16. dc
17. dr
18.
19. panjang input harus 26 karakter.
20.
21. ada perulangan sebanyak 26 kali, 0 hingga 25
22.
23. counter and 1 = 0 dia lompat ke 0x....953
24. counter and 1 = 1 dia lanjut proses dibawahnya
25.
26. ambil karakter dengan posisi sesuai counter
27.
28. ambil karakter sesuai variable yang sudah ditentukan
29.
30. A12345678901234567890123456
31.
32. local_4h = counter (dia ada di perulangan yang ke berapa?)
33.
34. karakter pertama harus C
35.
36. Referensi
38.
39. mov = copy
40.
41. mov dword [local_4h], 0
42.
43. 0 copy ke local_4h
44.
45. cmp dword [local_4h], 0x19 = bandingkan 0 dengan 25
46.
47. JLE = Jump Less Equal, dia akan lompat ketika nilainya kurang dari 25
48.
49. cmp dword [local_4h], 0x19
50.
51. mov eax, dword [local_4h] ->>> copy 0 ke eax
52. and eax, 1 ----> 0 and 1
53. test eax, eax ---> test
54. je 0x7fd196000953 --->
55.
56.
57.
58. |`---> 0x7fd196000953 8b45fc mov eax, dword [local_4h] ---> eax = 0
59. | | :| 0x7fd196000958 0fb6840520ff. movzx eax, byte [rbp + rax - 0xe0]
60. | | :| 0x7fd196000960 0fbed0 movsx edx, al --> edx = karakter ke sekian (inputan)
61. | | :| 0x7fd196000963 8b45fc mov eax, dword [local_4h]
62. | | :| 0x7fd196000968 8b448590 mov eax, dword [rbp + rax*4 - 0x70] --> ambil dari isi program
63. | | :| 0x7fd19600096c 2b45fc sub eax, dword [local_4h] --> sub 43, 0 ---> 43 - 0 = eax = 43 sub = substract = pengurangan
64. | | :| 0x7fd19600096f 39c2 cmp edx, eax --> cmp 41,43
65. | |,===< 0x7fd196000971 7416 je 0x7fd196000989
66.
67. rax
68. eax = 32 bit
69. ax = 16 bit
70. ah = 8 bit
71. al = 8 bit
72.
73.
74. db 0x7f7a67200963
75.
76.
77. panjang input harus 26 karakter.
78.
79. ada perulangan sebanyak 26 kali, 0 hingga 25
80.
81. \$b = [0x43,0x60,0x6e,0x69,0x69,0x6e,0x7a,0x5a,0x83,0x49,0x6f,0x6b,0x51,0x6d,0x53,0x5f,0x77,0x58,0x80,0x52,0x79,0x5d,0x7f,0x57,0x7f,0x64];
82.
83. for(\$a = 0; \$a <= 25; \$a++){
84. if(\$a & 1){
85. //jika true
86. echo chr(\$b[\$a] + \$a);
87. }else{
88. //jika false
89. //ambil inputan ke sekian (counter)
90. //ambil dari isi program
91. //hasil dari isi program - counter
92. //jika sama, lanjut ke perulangan berikutnya
93. //jika tidak sama, tampilkan nope & exit
94. //perulangan pertama harus C
95. echo chr(\$b[\$a] - \$a);
96. }
97. }
98.
99. counter and 1 = 0 dia lompat ke 0x....953
100. counter and 1 = 1 dia lanjut proses dibawahnya
RAW Paste Data