Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ┌ (fcn) func.homemade.decode_buffer 286
- │ func.homemade.decode_buffer ();
- │ ; var int local_60h @ rbp-0x60
- │ ; var int local_53h @ rbp-0x53
- │ ; var int local_51h @ rbp-0x51
- │ ; var int local_50h @ rbp-0x50
- │ ; var int local_30h @ rbp-0x30
- │ ; XREFS: CALL 0x1000010a3 CALL 0x10000110e CALL 0x10000189c CALL 0x100001192 CALL 0x1000011d5
- │ ; XREFS: CALL 0x10000120c CALL 0x10000126b CALL 0x100001bc4 CALL 0x100001bf6 CALL 0x100001c45
- │ ; XREFS: CALL 0x100001daf CALL 0x100001e4f CALL 0x100001e98 CALL 0x100001332 CALL 0x1000015c3
- │ ; XREFS: CALL 0x10000160d CALL 0x100001644 CALL 0x100001699 CALL 0x10000170f CALL 0x100001796
- │ ; XREFS: CALL 0x1000017c2 CALL 0x100001a4f CALL 0x100001ad3 CALL 0x1000020aa CALL 0x1000022b0
- │ ; XREFS: CALL 0x1000027d6
- │ 0x100001f30 55 push rbp
- │ 0x100001f31 4889e5 mov rbp, rsp
- │ 0x100001f34 4157 push r15
- │ 0x100001f36 4156 push r14
- │ 0x100001f38 4155 push r13
- │ 0x100001f3a 4154 push r12
- │ 0x100001f3c 53 push rbx
- │ 0x100001f3d 4883ec38 sub rsp, 0x38 ; '8'
- │ 0x100001f41 4989fd mov r13, rdi
- │ 0x100001f44 488b05b51000. mov rax, qword [reloc.__stack_chk_guard_0] ; [0x100003000:8]=0
- │ 0x100001f4b 488b00 mov rax, qword [rax]
- │ 0x100001f4e 488945d0 mov qword [local_30h], rax
- │ 0x100001f52 4c8d75a0 lea r14, [local_60h]
- │ 0x100001f56 4c89f7 mov rdi, r14 ; time_t *timer
- │ 0x100001f59 e8a6090000 call sym.imp.time ; time_t time(time_t *timer)
- │ 0x100001f5e 4c89f7 mov rdi, r14 ; const time_t *timer
- │ 0x100001f61 e83e090000 call sym.imp.localtime ; tm*localtime(const time_t *timer)
- │ 0x100001f66 66c745ad256d mov word [local_53h], 0x6d25
- │ 0x100001f6c c645af00 mov byte [local_51h], 0
- │ 0x100001f70 4c8d75b0 lea r14, [local_50h]
- │ 0x100001f74 488d55ad lea rdx, [local_53h] ; const char * format
- │ 0x100001f78 be1e000000 mov esi, 0x1e ; size_t maxsize
- │ 0x100001f7d 4c89f7 mov rdi, r14 ; char *s
- │ 0x100001f80 4889c1 mov rcx, rax ; const tm *timeptr
- │ 0x100001f83 e864090000 call sym.imp.strftime ; size_t strftime(char *s, size_t maxsize, const char *format, const tm *timeptr)
- │ 0x100001f88 4c89f7 mov rdi, r14 ; const char * str
- │ 0x100001f8b e8ae080000 call sym.imp.atoi ; int atoi(const char *str)
- │ 0x100001f90 4189c4 mov r12d, eax
- │ 0x100001f93 4c89ef mov rdi, r13 ; const char * s
- │ 0x100001f96 e857090000 call sym.imp.strlen ; size_t strlen(const char *s)
- │ 0x100001f9b 488d7801 lea rdi, [rax + 1] ; size_t nmeb
- │ 0x100001f9f be01000000 mov esi, 1 ; size_t size
- │ 0x100001fa4 e89b080000 call sym.imp.calloc ; void *calloc(size_t nmeb, size_t size)
- │ 0x100001fa9 4989c6 mov r14, rax
- │ 0x100001fac 4c89ef mov rdi, r13 ; const char * s
- │ 0x100001faf e83e090000 call sym.imp.strlen ; size_t strlen(const char *s)
- │ 0x100001fb4 4c89f7 mov rdi, r14 ; void *s1
- │ 0x100001fb7 4c89ee mov rsi, r13 ; const void *s2
- │ 0x100001fba 4889c2 mov rdx, rax ; size_t n
- │ 0x100001fbd e8e8080000 call sym.imp.memcpy ; void *memcpy(void *s1, const void *s2, size_t n)
- │ 0x100001fc2 bf01000000 mov edi, 1 ; size_t nmeb
- │ 0x100001fc7 be04000000 mov esi, 4 ; size_t size
- │ 0x100001fcc e873080000 call sym.imp.calloc ; void *calloc(size_t nmeb, size_t size)
- │ 0x100001fd1 4989c7 mov r15, rax
- │ 0x100001fd4 4181c4994561. add r12d, 0xfc614599
- │ 0x100001fdb 458927 mov dword [r15], r12d
- │ 0x100001fde 4c89ef mov rdi, r13 ; const char * s
- │ 0x100001fe1 e80c090000 call sym.imp.strlen ; size_t strlen(const char *s)
- │ 0x100001fe6 4883f804 cmp rax, 4
- │ ┌─< 0x100001fea 723b jb 0x100002027
- │ │ 0x100001fec 31db xor ebx, ebx
- │ │ 0x100001fee 41bc04000000 mov r12d, 4
- │ │ 0x100001ff4 6666662e0f1f. nop word cs:[rax + rax] ; "for(unsigned int i = 0, i < strlen(r13), i += 4)"
- │ ┌──> 0x100002000 418b441d00 mov eax, dword [r13 + rbx]
- │ |│ 0x100002005 b959b699f7 mov ecx, 0xf799b659
- │ |│ 0x10000200a 31c8 xor eax, ecx
- │ |│ 0x10000200c 418907 mov dword [r15], eax
- │ |│ 0x10000200f 4189041e mov dword [r14 + rbx], eax ; r14[i] ^= 0xf799b659
- │ |│ 0x100002013 4963dc movsxd rbx, r12d
- │ |│ 0x100002016 4c8d6304 lea r12, [rbx + 4] ; i += 4
- │ |│ 0x10000201a 4c89ef mov rdi, r13 ; const char * s
- │ |│ 0x10000201d e8d0080000 call sym.imp.strlen ; size_t strlen(const char *s)
- │ |│ 0x100002022 4939c4 cmp r12, rax
- │ └──< 0x100002025 76d9 jbe 0x100002000
- │ └─> 0x100002027 488b05d20f00. mov rax, qword [reloc.__stack_chk_guard_0] ; [0x100003000:8]=0
- │ 0x10000202e 488b00 mov rax, qword [rax]
- │ 0x100002031 483b45d0 cmp rax, qword [local_30h]
- │ ┌─< 0x100002035 7512 jne 0x100002049
- │ │ 0x100002037 4c89f0 mov rax, r14
- │ │ 0x10000203a 4883c438 add rsp, 0x38 ; '8'
- │ │ 0x10000203e 5b pop rbx
- │ │ 0x10000203f 415c pop r12
- │ │ 0x100002041 415d pop r13
- │ │ 0x100002043 415e pop r14
- │ │ 0x100002045 415f pop r15
- │ │ 0x100002047 5d pop rbp
- │ │ 0x100002048 c3 ret
- └ └─> 0x100002049 e8de070000 call sym.imp.__stack_chk_fail ; void __stack_chk_fail(void)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement