[*] Binary protection state of kmod
Full RELRO Canary found NX enabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function sprintf tear down of kmod
mov r0, r4
blx 0x1924
cmp r0, 0
beq 0x478e
mov r1, fp
mov r0, r4
blx 0x1924
cmp r0, 0
beq 0x478e
mov r0, r4
blx 0x1bb0
add.w sl, r0, r7
mov r5, r0
add.w r3, sl, 2
cmp.w r3, 0x1000
bhs 0x4852
ldr r0, [sp, 0x10]
movs r3, 0
add r2, sp, 0x20
mov r1, r4
blx sym.imp.__asprintf_chk
cmp r0, 0
blt.w 0x48ee
--
mov r2, sb
movs r0, 3
add r1, pc
bl 0x85e4
b 0x478e
ldr r1, [sp, 0x18]
mov r2, sb
movs r0, 3
bl 0x85e4
b 0x478e
adds r2, r5, 1
mov r1, r4
add.w r0, sb, r7
blx sym.imp.mmap64
addw r3, sl, 0x101
cmp.w r3, 0x1000
bhs 0x492e
ldr r0, [sp, 0x10]
movs r2, 0
mov r1, r4
blx sym.imp.__sprintf_chk
subs r5, r0, 0
blt 0x48fe
--
lsrs r0, r0, 5
b 0x51e2
movs r0, 0
b 0x51e2
blx sym.imp.stat64
lsrs r0, r2, 0x11
movs r2, r0
lsls r4, r7, 6
movs r0, r0
lsrs r2, r6, 0x10
movs r2, r0
push {r3, r4, r5, r6, r7, lr}
mov r5, r1
movs r1, 0
mov r7, r0
blx sym.imp.fstatat64
subs r4, r0, 0
blt 0x527c
movs r2, 0
mov r1, r5
blx sym.imp.__sprintf_chk
subs r6, r0, 0
blt 0x526a
--
str r3, [sp, 0x10]
bl 0x925c
cmp r0, 0
blt 0x5bca
ldr.w r3, [sl]
adds r2, r6, 1
ldr r0, [sp]
mov r1, r4
str r3, [sp, 0xc]
adds r0, r3, r0
blx sym.imp.mmap64
ldrb.w r3, [fp, 0x12]
cmp r3, 8
beq 0x5bba
cmp r3, 4
beq 0x5b22
ldr r0, [sp, 4]
movs r3, 0
add r2, sp, 0x18
mov r1, r4
blx sym.imp.__asprintf_chk
cmp r0, 0
blt 0x5bf8
ldr r3, [sp, 0x28]
and r3, r3, 0xf000
cmp.w r3, 0x8000
beq 0x5bba
cmp.w r3, 0x4000
bne 0x5bda
ldr r0, [sp, 4]
movs r2, 0
mov r1, r4
blx sym.imp.__sprintf_chk
subs r6, r0, 0
blt 0x5be8
--
str r2, [sp, 0x44]
cmp r3, 0
beq.w 0x62d2
ldr r2, [sp, 0x1c]
ldr.w r3, [0x000068b8]
ldr r3, [r2, r3]
ldr r2, [sp, 0x3c]
ldr r3, [r3]
cmp r3, r2
beq.w 0x62d8
mov r0, r6
blx sym.imp.fnmatch
mov r7, r0
cmp r0, 0
beq.w 0x700c
blx sym.imp.renameat
ldr.w r1, [0x000068e0]
movs r3, 0
ldr r2, [sp, 0x18]
add r1, pc
blx sym.imp.__asprintf_chk
mov r8, r0
cmp r0, 0
--
and r2, r2, 0xf000
cmp.w r2, 0x4000
bne 0x6770
mov r0, r5
blx sym.imp.fnmatch
mov r8, r0
cmp r0, 0
beq.w 0x7516
blx 0x1cf4
cmp r0, 0
beq 0x683a
str.w sl, [sp, 0x1c]
mov sl, r0
ldr.w fp, [sp, 0x18]
b 0x6802
mov r0, r8
blx sym.imp.renameat
mov r3, sl
mov r2, fp
mov r1, r4
blx sym.imp.__asprintf_chk
ldr r3, [sp, 0x20]
mov r2, r5
--
blx 0x1b8c
ldr r3, [sp, 0x20]
strd r4, r0, [sp, 4]
mov r0, r6
subw r3, r3, 0xa18
ldr r2, [r3]
str r2, [sp, 0x10]
movs r2, 1
ldr r3, [r3, 4]
str r3, [sp, 0xc]
ldr.w r3, [0x000076a4]
add r3, pc
str r3, [sp]
movs r3, 0xff
mov r1, r3
blx 0x1dd4
mov.w r3, 0x1a4
movs r2, 0xc1
mov r1, r6
mov r0, sl
blx sym.imp.__sprintf_chk
subs r4, r0, 0
blt.w 0x7128
--
mov sl, r0
cmp r2, 0x2e
beq 0xabe2
cmp r0, 5
bls 0xabe2
subs r0, 5
mov r1, sb
add r0, r4
blx 0x1924
cbz r0, 0xabba
sub.w r0, sl, 6
ldr r1, [sp, 0x1c]
add r0, r4
blx 0x1924
cbnz r0, 0xabe2
mov r0, r6
blx sym.imp.renameat
movs r3, 0
mov r2, r7
mov r1, r4
blx sym.imp.__asprintf_chk
ldr r3, [fp, -0x60]
and r3, r3, 0xf000
--
cmp.w r8, 0
ble 0xc624
ldr.w fp, [0x0000c660]
movw r3, 0xcccc
movs r4, 0
movt r3, 0xccc
subs r6, 1
add.w sl, r8, -1
add fp, pc
mov r5, r4
str r3, [sp, 8]
b 0xc5d2
cmp r8, r4
beq 0xc624
ldrb r1, [r6, 1]!
adds r0, r7, r5
mov.w r2, -1
mov r3, fp
str r1, [sp]
movs r1, 1
blx sym.imp.__vasprintf_chk
mov r1, r4
adds r2, r5, 2
--
beq 0xdd40
ldr r2, [0x0000ddd8]
mov.w r3, 0x1000
ldr r1, [r0, 8]
subs r4, r5, 4
mov r7, r0
mov r0, r4
add r2, pc
strd r2, r1, [sp]
mov r1, r3
movs r2, 1
blx 0x1dd4
mov.w r1, 0x80000
mov r0, r4
blx sym.imp.fstatat64
subs.w r8, r0, 0
blt 0xdd82
ldr r1, [0x0000dddc]
mov.w r2, 0x80000
add r1, pc
blx sym.imp.__sprintf_chk
subs r6, r0, 0
bge 0xdd66
[*] Function sprintf used 11 times kmod
