Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ;-- fcn.004c1f80:
- (fcn) main.encrypt 294
- main.encrypt (int32_t arg5, int32_t arg1, int32_t arg_60h, int32_t arg_68h, int32_t arg_70h, int32_t arg_78h);
- ; var int32_t var_8h @ rsp+0x8
- ; var int32_t var_10h @ rsp+0x10
- ; var int32_t var_18h @ rsp+0x18
- ; var int32_t var_20h @ rsp+0x20
- ; var int32_t var_28h @ rsp+0x28
- ; var int32_t var_30h @ rsp+0x30
- ; var int32_t var_38h @ rsp+0x38
- ; var int32_t var_40h @ rsp+0x40
- ; var int32_t var_48h @ rsp+0x48
- ; var int32_t var_50h @ rsp+0x50
- ; arg int32_t arg_60h @ rsp+0x60
- ; arg int32_t arg_68h @ rsp+0x68
- ; arg int32_t arg_70h @ rsp+0x70
- ; arg int32_t arg_78h @ rsp+0x78
- ; arg int32_t arg5 @ r8
- ; arg int32_t arg1 @ rdi
- 0x004c1f80 mov rcx, qword gs:[0x28]
- 0x004c1f89 mov rcx, qword [rcx]
- 0x004c1f90 cmp rsp, qword [rcx + 0x10]
- 0x004c1f94 jbe 0x4c209c ; If the stack is not big enough
- 0x004c1f9a sub rsp, 0x58
- 0x004c1f9e mov qword [var_50h], rbp
- 0x004c1fa3 lea rbp, [var_50h]
- 0x004c1fa8 mov rcx, qword [arg_68h]
- 0x004c1fad mov rdx, qword [arg_60h]
- 0x004c1fb2 xor eax, eax
- 0x004c1fb4 xor ebx, ebx
- 0x004c1fb6 xor esi, esi
- 0x004c1fb8 jmp 0x4c2041
- 0x004c1fbd mov qword [var_38h], r8 ; arg5
- 0x004c1fc2 mov qword [var_48h], rbx
- 0x004c1fc7 mov qword [var_40h], rsi
- 0x004c1fcc lea rax, [0x00501863]
- 0x004c1fd3 movzx ecx, byte [r10 + rax]
- 0x004c1fd8 xor edi, ecx ; arg1
- 0x004c1fda movzx ecx, dil
- 0x004c1fde mov qword [var_8h], rcx
- 0x004c1fe3 mov qword [rsp], 0
- 0x004c1feb call runtime.intstring ; Converts an int to a string somehow?
- 0x004c1ff0 mov rax, qword [var_10h]
- 0x004c1ff5 mov rcx, qword [var_18h]
- 0x004c1ffa mov qword [var_18h], rax
- 0x004c1fff mov qword [var_20h], rcx
- 0x004c2004 mov qword [rsp], 0
- 0x004c200c mov rax, qword [var_48h]
- 0x004c2011 mov qword [var_8h], rax
- 0x004c2016 mov rax, qword [var_40h]
- 0x004c201b mov qword [var_10h], rax
- 0x004c2020 call runtime.concatstring2 ; I assume this concatinates two strings
- 0x004c2025 mov rax, qword [var_38h]
- 0x004c202a inc rax
- 0x004c202d mov rbx, qword [var_28h]
- 0x004c2032 mov rsi, qword [var_30h]
- 0x004c2037 mov rcx, qword [arg_68h]
- 0x004c203c mov rdx, qword [arg_60h]
- 0x004c2041 cmp rax, rcx
- 0x004c2044 jge 0x4c2081 ; I think this is where we want to be
- 0x004c2046 movzx edi, byte [rdx + rax]
- 0x004c204a mov r8, rax
- 0x004c204d movabs rax, 0x4924924924924925
- 0x004c2057 imul r8
- 0x004c205a mov r10, r8
- 0x004c205d sar r8, 0x3f
- 0x004c2061 sar rdx, 1
- 0x004c2064 sub rdx, r8
- 0x004c2067 lea r8, [rdx + rdx*2]
- 0x004c206b lea rdx, [rdx + r8*2]
- 0x004c206f mov r8, r10
- 0x004c2072 sub r10, rdx
- 0x004c2075 cmp r10, 7 ; 7
- 0x004c2079 jb 0x4c1fbd
- 0x004c207f jmp 0x4c2095
- 0x004c2081 mov qword [arg_70h], rbx
- 0x004c2086 mov qword [arg_78h], rsi
- 0x004c208b mov rbp, qword [var_50h]
- 0x004c2090 add rsp, 0x58
- 0x004c2094 ret
- 0x004c2095 call runtime.panicindex
- 0x004c209a ud2
- 0x004c209c call runtime.morestack_noctxt ; This just increases the stack size I think.
- 0x004c20a1 jmp main.encrypt
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement