[*] Binary protection state of kmod
Full RELRO Canary found NX enabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function mmap tear down of kmod
blx sym.imp.mmap64
cmp r5, sl
mov.w r3, 0
strb r3, [r6, r4]
beq 0x27e8
ldr r7, [r8, 4]!
mov fp, r6
mov r0, r7
blx 0x1bb0
mov sb, r0
mov r0, r6
add.w r1, r4, sb
adds r1, 2
blx sym.imp.regexec
mov r6, r0
cmp r0, 0
beq 0x2738
cmp r4, 0
bne 0x279e
mov r4, sb
b 0x27aa
--
blx sym.imp.mmap64
mov r2, sl
mov r1, r4
add.w r0, sb, fp
mov sl, r6
blx sym.imp.mmap64
mov r0, r5
strb.w r8, [sb, r6]
mov r5, sb
blx 0x19a0
mov r1, r7
mov r0, r5
blx sym.imp.strstr
mov r4, r0
cmp r0, 0
bne 0x3862
ldr r7, [0x00003a58]
mov r2, r5
ldr r0, [0x00003a5c]
add r7, pc
add r0, pc
mov r1, r7
bl 0x3320
ldr r3, [0x00003a60]
add r3, pc
ldr r3, [r3]
--
blx sym.imp.mmap64
ldrb.w r3, [fp, r8, lsl 2]
cmp r3, 0
beq.w 0x40f6
movs r0, 0
mov r5, r6
mov.w r8, 1
mov.w sb, 4
cmp r0, 0
beq.w 0x3d06
ldrb r2, [r0]
cmp r2, r3
beq.w 0x3d26
mov r2, r5
adds r5, 1
ldrb r3, [r2, 1]
cmp r3, 0
bne 0x3b86
cmp r5, r6
bls 0x3bae
str.w r6, [fp, r8, lsl 2]
--
blx sym.imp.mmap64
movs r3, 0
str.w r3, [fp, r8, lsl 2]
ldr.w sl, [0x00004524]
movs r4, 0
ldr.w sb, [0x00004528]
add r5, sp, 0x50
mov r8, r5
mov r6, r4
add sl, pc
add r3, sp, 0x1e0
add sb, pc
add r2, sp, 0x60
str r3, [sp, 0x38]
str r4, [sp, 0x3c]
str r4, [sp, 0x18]
strd r4, r4, [sp, 0x30]
strd r4, r4, [sp, 0x28]
str r4, [sp, 0x24]
str r4, [sp, 0x1c]
str r2, [sp, 0x40]
--
blx sym.imp.mmap64
ldr r3, [sp, 0x24]
add.w sl, sl, 1
cmp r3, sl
beq.w 0x4430
mov r8, r5
b 0x4076
mov.w sb, 4
mov.w r8, 1
b 0x3bae
mov r2, r4
b 0x3b42
mov fp, r3
b 0x3bca
movs r3, 1
str r3, [sp, 0x18]
b 0x3bf6
ldr r3, [sp, 0x38]
ldr.w ip, [0x000045b0]
ldr.w lr, [0x000045b4]
sub.w r4, r3, 0x18c
--
blx sym.imp.mmap64
mov r1, sb
add.w sb, r6, 1
mov r2, r7
add.w r0, r5, sb
add r7, sb
strb.w r8, [r5, r6]
blx sym.imp.mmap64
adds r4, r7, 1
mov.w r3, 0
strb.w r8, [r5, r7]
strb r3, [r5, r4]
b 0x40e6
mov sb, r0
mov r6, r0
b 0x40b8
ldr r1, [0x000045c4]
movs r0, 3
add r1, pc
bl 0x85e4
movs r3, 1
str r3, [sp, 0x18]
b 0x3dac
ldr r3, [sp, 0x38]
mov r2, r5
ldr.w r4, [fp, r8, lsl 2]
mov r0, sl
sub.w r5, r3, 0x194
--
blx sym.imp.mmap64
ldr r3, [sp, 0x70]
ldr r2, [sp, 0x1c]
cmp r3, r2
bgt 0x490e
movs r3, 1
mov r0, r6
str r3, [sp, 0x14]
blx 0x1cf4
cmp r0, 0
bne 0x4798
ldr r2, [0x00004968]
ldr r3, [0x00004958]
add r2, pc
ldr r3, [r2, r3]
ldr r2, [r3]
ldr r3, [sp, 0x8c]
eors r2, r3
mov.w r3, 0
bne.w 0x4950
ldr r0, [sp, 0x14]
--
blx sym.imp.mmap64
addw r3, sl, 0x101
cmp.w r3, 0x1000
bhs 0x492e
ldr r0, [sp, 0x10]
movs r2, 0
mov r1, r4
blx sym.imp.__sprintf_chk
subs r5, r0, 0
blt 0x48fe
blx 0x1d00
mov r4, r0
cmp r0, 0
beq 0x493c
movs r3, 0x2f
add.w r2, sl, 1
strb.w r3, [sb, sl]
movs r3, 0
strb.w r3, [sb, r2]
mov r3, sb
ldr r1, [sp, 0x1c]
--
blx sym.imp.mmap64
mov r0, r6
str r5, [r7]
pop.w {r4, r5, r6, r7, r8, sb, sl, pc}
mov r6, r4
b 0x4a52
push.w {r4, r5, r6, r7, r8, sb, sl, fp, lr}
mov r8, r0
sub sp, 0x14
mov r0, r1
mov r7, r1
ldr.w fp, [r8]
bl 0xcfb4
mov r5, r0
blx 0x1bb0
mov sl, r0
movs r0, 1
add.w r1, sl, 0x45
add sl, r0
blx sym.imp.calloc
cmp r0, 0
--
blx sym.imp.mmap64
movs r1, 4
add.w r0, r4, 0x18
str.w sl, [r4, 0x2c]
bl 0x8b68
mov r0, r7
bl 0xcfbc
blx sym.imp.__stack_chk_fail
movs r1, 0x2f
str r0, [r4, 4]
mov r6, r0
blx 0x1cd0
add.w r3, fp, 0x1000
mov r5, r0
ldr r2, [r3, 4]
subs r3, r0, r6
add.w r1, fp, 4
mov r0, r6
str r3, [r4, 0x28]
str r2, [sp, 0xc]
blx 0x1da4
--
blx sym.imp.mmap64
ldr r0, [r6, 0x20]
mov r2, r4
mov r1, r5
bl 0x8cc0
cmp r0, 0
blt 0x53a8
cbz r7, 0x53a2
ldr r0, [r7, 4]
ldr r1, [0x000053b8]
mov r3, r5
strd r7, r0, [sp, 0x20]
mov r2, r4
movs r0, 7
pop.w {r4, r5, r6, r7, r8, sl, fp, lr}
add r1, pc
b.w 0x85e4
ldr r0, [0x000053bc]
add r0, pc
b 0x538c
mov r0, r4
--
blx sym.imp.mmap64
mov r1, r4
movs r4, 0x2f
mov r2, r7
mov r0, r5
strb r4, [r6, 0xc]
blx sym.imp.mmap64
ldr r3, [sp, 0x10]
movs r2, 0
ldr r1, [sp, 8]
ldr r0, [sp, 0x14]
add r3, sb
strb r2, [r3, 0xd]
str r0, [r1]
add sp, 0x1c
pop.w {r4, r5, r6, r7, r8, sb, sl, fp, pc}
subs r2, r5, r7
add.w r0, sl, 4
lsls r2, r2, 2
add r0, fp
blx 0x1990
b 0x54f2
mov r0, r8
subs r6, 1
blx 0x1948
mov r4, r0
blx 0x1bb0
--
blx sym.imp.mmap64
ldr r1, [0x0000561c]
mov r3, r5
movs r0, 7
mov r2, r7
add r1, pc
bl 0x85e4
add.w r0, r8, 0x1000
ldr r3, [r0, 0x10]
str r4, [r0, 0x10]
str r3, [r4]
pop.w {r4, r5, r6, r7, r8, pc}
movs r5, 1
movs r0, 0xc
blx sym.imp.strerror
mov r4, r0
cbz r0, 0x5602
movs r3, 0
strd r5, r3, [r4, 4]
b 0x55d2
ldr r1, [0x00005620]
--
blx sym.imp.mmap64
ldrb.w r3, [fp, 0x12]
cmp r3, 8
beq 0x5bba
cmp r3, 4
beq 0x5b22
ldr r0, [sp, 4]
movs r3, 0
add r2, sp, 0x18
mov r1, r4
blx sym.imp.__asprintf_chk
cmp r0, 0
blt 0x5bf8
ldr r3, [sp, 0x28]
and r3, r3, 0xf000
cmp.w r3, 0x8000
beq 0x5bba
cmp.w r3, 0x4000
bne 0x5bda
ldr r0, [sp, 4]
movs r2, 0
--
blx sym.imp.mmap64
adds r2, r7, 1
mov r3, r0
movs r1, 0x2f
mov r0, r8
strb r1, [r3, r7]
mov r1, r6
strb.w sb, [r3, r2]
mov r3, r4
bl 0x5a5c
mov r5, r0
mov r0, r6
blx 0x1dc8
mov r0, r4
bl 0x92a0
ldr r2, [0x00005d0c]
ldr r3, [0x00005d08]
add r2, pc
ldr r3, [r2, r3]
ldr r2, [r3]
ldr r3, [sp, 0x10c]
--
blx sym.imp.mmap64
ldr r2, [sp, 0x60]
movs r0, 0x2f
ldr r1, [sp, 0x48]
adds r3, r2, 1
add r2, r5
strb r0, [r2, 8]
add.w r0, sl, r3
ldr r2, [sp, 0x5c]
str r3, [sp, 0x48]
blx sym.imp.mmap64
ldr r3, [sp, 0x48]
ldr r2, [sp, 0x5c]
ldr r0, [sp, 0x50]
add r2, r3
mov r3, r2
mov r2, sl
adds r1, r5, r3
strb r0, [r1, 8]
movs r0, 7
ldr.w r1, [0x00007650]
str r3, [r5, 4]
add r1, pc
bl 0x85e4
ldr r2, [sp, 0x20]
ldr.w r3, [r2, 0x7e4]
str.w r5, [r2, 0x7e4]
str r3, [r5]
b 0x6538
mov r2, r8
mov r1, sb
--
blx sym.imp.mmap64
ldr.w r1, [0x00007654]
mov r2, r0
str.w sl, [r5, 4]
movs r0, 7
add r1, pc
bl 0x85e4
ldr r2, [sp, 0x20]
ldr.w r3, [r2, 0x7ec]
str.w r5, [r2, 0x7ec]
str r3, [r5]
b 0x6538
ldr.w r1, [0x00007658]
movs r0, 6
str r3, [sp]
ldr r3, [r7]
ldr r2, [sp, 0x2c]
add r1, pc
bl 0x85e4
b 0x6538
ldr.w r1, [0x0000765c]
--
blx sym.imp.mmap64
ldr r3, [sp, 0x44]
ldr r2, [sp, 0x54]
ldr r0, [r3]
add r2, r5
ldrb r5, [r3, 4]
adds r1, r6, r2
str r0, [r6, r2]
strb r5, [r1, 4]
adds r5, r2, 4
ldr r0, [sp, 0x1c]
ldr r1, [r4, 4]
bl 0xa454
str r0, [sp, 0x1c]
adds r0, r7, 1
bne 0x7488
mov r4, r8
mov r8, fp
ldr.w r1, [r8, 4]
adds r0, r6, r5
ldr r5, [sp, 0x28]
--
blx sym.imp.mmap64
adds r0, r6, 1
add r0, fp
blx sym.imp.__stack_chk_fail
ldr r6, [sp, 0xc]
mov.w r2, 0x20c
movs r1, 0
str r0, [r6]
mov r0, sl
blx sym.imp.strtoull
add.w r2, sl, r4, lsl 2
mov.w r3, 0
strb.w r3, [r8]
str.w fp, [sl]
strb.w r4, [sl, 8]
strb.w r4, [sl, 9]
str r6, [r2, 0xc]
ldrb r3, [r7]
cbz r3, 0x7894
add.w r4, sl, r3, lsl 2
ldr r2, [r4, 0xc]
--
blx sym.imp.mmap64
ldr r2, [r4]
mov r1, sb
mov r0, r7
ldrh r3, [r2, 0x38]
adds r2, 0x44
bl 0x7788
cmp r0, 0
beq 0x7da8
ldr r3, [sp, 4]
ldr r3, [r3]
add.w r3, r3, 0x1000
ldrb r3, [r3, 0xb]
cmp r3, 0
beq 0x7da8
ldr r3, [r4]
mov r2, sb
ldr r1, [sp, 8]
movs r0, 4
adds r3, 0x44
bl 0x85e4
--
blx sym.imp.mmap64
movs r3, 0x3a
strb r3, [r5, r4]
movs r3, 0
ldr r0, [sp, 0x14]
strb.w r3, [r5, sb]
add.w r1, r8, 0x44
ldrh.w r3, [r8, 0x38]
mov r2, r5
bl 0x7788
cbz r0, 0x827c
ldr r3, [sp, 8]
ldr r3, [r3]
add.w r3, r3, 0x1000
ldrb r3, [r3, 0xb]
cmp r3, 0
bne 0x8356
mov r0, r5
blx 0x19a0
ldr r0, [sp, 0xc]
blx 0x19a0
--
blx sym.imp.mmap64
movs r3, 0x3a
strb r3, [r5, r7]
ldr r3, [r4], 4
strb.w sl, [r5, sb]
add.w sb, sb, 1
ldr.w fp, [r3, 8]
cmp.w fp, 0
bne 0x832e
ldr.w fp, [r3, 4]
mov r0, fp
blx 0x1bb0
mov r1, fp
mov r7, r0
mov r2, r0
add.w r0, r5, sb
blx sym.imp.mmap64
cmp r6, r4
add sb, r7
bne 0x8314
b 0x8256
ldr r1, [sp, 0x18]
mov r2, sb
movs r0, 3
bl 0x85e4
b 0x8288
ldr r1, [sp, 0x20]
mov r2, r5
movs r0, 4
bl 0x85e4
b 0x827c
blx sym.imp.stat64
ldr r0, [sp, 0xc]
blx 0x19a0
ldr r1, [sp, 0x24]
movs r0, 3
bl 0x85e4
--
blx sym.imp.mmap64
movs r0, 0
movs r3, 1
strd r6, r5, [r4]
strb r3, [r4, 8]
pop {r3, r4, r5, r6, r7, pc}
ldr r0, [r0]
blx sym.imp.regexec
mov r6, r0
cmp r0, 0
bne 0x9282
mvn r0, 0xb
pop {r3, r4, r5, r6, r7, pc}
ldrb r3, [r0, 8]
cbnz r3, 0x92a6
bx lr
ldr r0, [r0]
b.w 0x199c
push {r3, r4, r5, lr}
mov r5, r0
mov r0, r1
--
blx sym.imp.mmap64
mov r0, r4
blx 0x19a0
mov r0, r5
pop.w {r4, r5, r6, r7, r8, pc}
movs r4, 0
blx sym.imp.__stack_chk_fail
mov r5, r0
mov r0, r4
blx 0x19a0
mov r0, r5
pop.w {r4, r5, r6, r7, r8, pc}
nop
push.w {r4, r5, r6, r7, r8, sb, sl, lr}
sub sp, 0x70
ldr r6, [0x000097a4]
add r7, sp, 0
mov r5, r1
ldr r3, [0x000097a8]
mov r4, r0
add r6, pc
--
blx sym.imp.mmap64
add r5, r0
mov sl, r0
mov r4, r5
mov r1, r6
mov r0, sl
blx sym.imp.realloc
cmp r0, 0
bge 0x9720
blx sym.imp.__isoc99_sscanf
ldr r3, [r0]
rsbs r3, r3, 0
cmp r3, 0
bgt 0x9734
beq 0x9794
cmp r4, sl
beq 0x979a
strb.w r8, [r4]
bls 0x96c4
add.w ip, r4, -1
b 0x96f0
--
blx sym.imp.mmap64
cmp r8, r5
bhs 0xa56a
mov r3, r6
subs r1, r5, 1
movs r0, 0x20
ldrb r2, [r3, 1]!
cbnz r2, 0xa5ae
strb r0, [r3]
cmp r3, r1
bne 0xa5a6
subs r5, r5, r7
subs r5, 5
add r8, r5
cmp r4, 0
beq 0xa56c
ldr r3, [0x0000a60c]
add.w r5, r8, 6
adds r2, r4, 1
add r4, r5
add r3, pc
--
blx sym.imp.mmap64
cmp r4, r5
bls 0xa604
add.w r3, r8, 5
subs r1, r4, 1
movs r0, 0x20
ldrb r2, [r3, 1]!
cbnz r2, 0xa5f4
strb r0, [r3]
cmp r1, r3
bne 0xa5ec
sub.w r4, r4, r8
subs r4, 6
add.w r8, r5, r4
b 0xa56c
mov r8, r5
b 0xa56c
adr r4, 0
movs r0, r0
adr r3, 0x318
movs r0, r0
--
blx sym.imp.mmap64
str.w r8, [sl]
strb.w sb, [sl, 4]
mov r1, sl
mov r0, r6
bl 0xa350
mov r3, r0
cmp r0, 0
beq 0xa6f6
movs r0, 0
str r3, [r7]
add sp, 8
pop.w {r4, r5, r6, r7, r8, sb, sl, pc}
mvn r0, 0x10
cmp r3, 0
beq 0xa656
mov r0, r5
blx 0x1bb0
mov r2, r0
adds r0, 9
str r2, [sp, 4]
--
blx sym.imp.mmap64
str.w r8, [sl]
strb.w sb, [sl, 4]
cmp r4, 0
beq 0xa67e
cmp r6, r4
mov r1, sl
mov r0, r4
beq 0xa6ec
bl 0xa378
mov r3, r0
cbz r3, 0xa6f6
ldr r2, [r7]
cmp r4, r2
it ne
movne r0, 0
beq 0xa68c
add sp, 8
pop.w {r4, r5, r6, r7, r8, sb, sl, pc}
bl 0xa3c8
mov r3, r0
--
blx sym.imp.mmap64
mov r1, r6
mov r2, r7
mov r0, r4
blx sym.imp.mmap64
ldr.w r0, [r8]
mov r1, r5
bl 0xa350
cbz r0, 0xa756
movs r5, 0
str.w r0, [r8]
mov r0, r5
pop.w {r4, r5, r6, r7, r8, sb, sl, lr}
b.w 0x199c
push.w {r4, r5, r6, r7, r8, sb, sl, lr}
mov r6, r2
mov r8, r0
mov r0, r1
mov sb, r1
blx 0x1bb0
add.w sl, r0, 1
mov r4, r0
mov r0, r6
blx 0x1bb0
adds r7, r0, 1
--
blx sym.imp.mmap64
mov r2, r7
mov r1, r6
mov r0, r4
blx sym.imp.mmap64
movs r1, 9
ldr r0, [r5]
movs r2, 0x20
bl 0x92c8
ldr.w r0, [r8, 0xc]
mov r1, r5
bl 0xa350
cbz r0, 0xa7c2
movs r5, 0
str.w r0, [r8, 0xc]
mov r0, r5
pop.w {r4, r5, r6, r7, r8, sb, sl, lr}
b.w 0x199c
ldr r0, [r0, 8]
adds r0, 4
bx lr
nop
ldr r0, [r0, 8]
adds r0, 4
bx lr
--
blx sym.imp.mmap64
ldr r0, [sp, 0x18]
mov r1, r4
bl 0xa350
cmp r0, 0
beq.w 0xaf92
ldr r5, [sb, 4]!
str r0, [sp, 0x18]
cmp r5, 0
bne 0xa928
ldr r7, [sp, 0x18]
movs r1, 0x20
movs r0, 1
blx sym.imp.calloc
ldr r2, [sp, 0x30]
str r0, [sp, 0x24]
str r0, [r2]
ldr r2, [fp, -0xdc]
str r2, [sp, 0x10]
cmp r0, 0
beq.w 0xaf9a
--
blx sym.imp.mmap64
mov r1, r6
ldr r2, [sp, 0x28]
mov r0, r8
blx sym.imp.mmap64
ldr r3, [sp, 0x2c]
ldr r6, [sp, 0x24]
mov r1, r3
str r3, [sp, 0x28]
ldr r0, [r6, 4]
bl 0xa350
ldr r3, [sp, 0x28]
cbz r0, 0xab5e
mov r3, r5
str r0, [r6, 4]
mov r0, r3
blx 0x19a0
b 0xaaa0
mov r0, r5
blx sym.imp.fnmatch
mov r6, r0
cmp r0, 0
beq.w 0xa920
blx 0x1cf4
cbz r0, 0xabf2
--
blx sym.imp.mmap64
ldr r3, [r6]
mov r2, r8
mov.w r8, 0
str.w r8, [sp, 0x2c]
add r2, r3
strd r8, r8, [sp, 0x40]
str r2, [sp, 0x34]
mov r2, r5
ldrb r6, [r5], 1
cbz r6, 0xb120
str r2, [sp, 0x28]
blx 0x1b80
ldr r3, [r0]
ldrh.w r3, [r3, r6, lsl 1]
ands r3, r3, 0x2000
beq.w 0xb224
ldr r2, [sp, 0x28]
cmp.w r8, 0
bne.w 0xb228
cmp r2, r7
--
blx sym.imp.mmap64
ldr r2, [sp, 0x28]
ldr r3, [sp, 0x48]
strb r3, [r6, r2]
adds r2, 1
adds r3, r6, r2
str r3, [sp, 0x34]
ldrb r6, [r5, -0x1]
b 0xb146
str r3, [sp, 0x48]
mov r1, r7
ldr r3, [sp, 0x30]
ldr r6, [sp, 0x34]
ldr r0, [r3, 8]
ldr r3, [sp, 0x44]
str.w r6, [r0, r3, lsl 2]
adds r3, 1
str r3, [sp, 0x44]
b 0xb258
rsbs r0, r6, 0
blx sym.imp.system
--
blx sym.imp.mmap64
cmp r7, 0
ble 0xb5ce
add.w r8, r4, r8, lsl 2
ldr r3, [r5], 4
adds r4, 0xc
rev r3, r3
mov r0, r5
str r3, [r4, -0xc]
blx 0x1bb0
cmp r8, r4
add.w r3, r0, 1
str r5, [r4, -0x4]
add r5, r3
str r0, [r4, -0x8]
bne 0xb5aa
ldr r2, [0x0000b654]
ldr r3, [0x0000b64c]
add r2, pc
ldr r3, [r2, r3]
ldr r2, [r3]
--
blx sym.imp.mmap64
b 0xb5ce
movs r6, 0
b 0xb5ce
mov r5, r7
b 0xb55c
blx sym.imp.stat64
add r1, sp, 0x90
movs r1, r0
lsls r4, r7, 6
movs r0, r0
str r4, [sp, 0x3d8]
movs r0, r0
add r0, sp, 0x118
movs r1, r0
push.w {r3, r4, r5, r6, r7, r8, sb, lr}
mov r5, r0
ldr r4, [r0]
mov sb, r1
mov r8, r2
mov r6, r3
--
blx sym.imp.mmap64
add r8, r7
movs r3, 0
strb.w r3, [r8, 0xc]
str r7, [r5]
pop.w {r3, r4, r5, r6, r7, r8, sb, pc}
nop
push {r3, r4, r5, r6, r7, lr}
mov r6, r0
mov r4, r1
movs r7, 0
blx sym.imp.__isoc99_sscanf
mov r5, r0
b 0xb6c0
uxtb r1, r3
mov r0, r6
cbz r3, 0xb6e4
bl 0x109f4
cbz r0, 0xb6e4
ldrd r3, r2, [r4, 4]
str r7, [r5]
--
blx sym.imp.mmap64
mov r0, r4
mov r1, r8
ldr r3, [r0], 4
mov.w r8, 0
mov r2, r5
add r5, r4
strb.w r8, [r3, r6]
blx sym.imp.mmap64
strb.w r8, [r5, 4]
mov r1, r4
ldr r0, [r7]
bl 0xa350
mov r5, r0
cbz r0, 0xc52c
str r0, [r7]
mov r0, r5
pop.w {r3, r4, r5, r6, r7, r8, sb, pc}
mov r0, r4
blx 0x19a0
mov r0, r5
pop.w {r3, r4, r5, r6, r7, r8, sb, pc}
mov r5, r0
b 0xc526
push {r4, r5, r6, lr}
mov r5, r0
ldr r0, [r0]
bl 0xa34c
ldr r6, [r0, 8]
--
blx sym.imp.mmap64
strb r6, [r0, r5]
adds r5, 1
ldr r0, [r4, 8]
mov r1, sb
mov r2, r8
add r5, r0
add r0, r8
str r5, [r4, 0x20]
str r0, [r4, 4]
blx sym.imp.mmap64
ldr r5, [r4, 4]
movs r3, 1
mov r0, r7
str r3, [r4, 0x2c]
mov r2, r5
mov r1, r4
bl 0x9c6c
ldr r3, [sp, 0x24]
movs r0, 0
str r4, [r3]
pop.w {r3, r4, r5, r6, r7, r8, sb, pc}
bl 0xc7e4
ldr r2, [sp, 0x24]
mov r3, r0
movs r0, 0
str r3, [r2]
pop.w {r3, r4, r5, r6, r7, r8, sb, pc}
add.w r0, r5, 0x3d
adds r6, r5, 1
blx sym.imp.strerror
--
blx sym.imp.mmap64
str r5, [r4, 4]
str.w r8, [r4, 0x20]
b 0xc85c
mvn r0, 0xb
pop.w {r3, r4, r5, r6, r7, r8, sb, pc}
nop
push.w {r4, r5, r6, r7, r8, sb, sl, lr}
cmp r2, 0
it ne
cmpne r1, 0
mov r4, r1
ldr r1, [0x0000c9f8]
mov r7, r2
sub.w sp, sp, 0x1080
ldr r2, [0x0000c9fc]
it eq
moveq r3, 1
add r1, pc
it ne
movne r3, 0
--
blx sym.imp.mmap64
mov r2, r4
movs r4, 0x5c
strd r6, sb, [sp]
mov r3, r5
mov r1, sl
mov r0, r8
strb r4, [r7, -0x4]
bl 0xc7f0
and.w r0, r0, r0, asr 31
ldr r2, [0x0000cab8]
add.w r1, sp, 0x1000
ldr r3, [0x0000cab4]
adds r1, 0xc
add r2, pc
ldr r3, [r2, r3]
ldr r2, [r3]
ldr r3, [r1]
eors r2, r3
mov.w r3, 0
bne 0xcaac
--
blx sym.imp.mmap64
ldr r6, [sp, 4]
mov r1, r6
sub.w r2, r7, 8
mov r0, sb
bl 0xc8c4
subs r4, r0, 0
blt 0xccea
ldr r1, [r7, -0x8]
mov r0, r5
bl 0xa3c8
mov r2, sl
mov r5, r0
mov r1, fp
movs r0, 0
blx sym.imp.opendir
add.w r8, r8, 1
mov r6, r0
cmp r0, 0
beq 0xccf4
movs r3, 0
--
blx sym.imp.mmap64
mov r0, r4
blx sym.imp.__stack_chk_fail
str r0, [r6, 0xc]
cmp r0, 0
bne.w 0xcc10
b 0xcce6
mov r5, r0
mov r8, r0
b 0xccf6
blx sym.imp.stat64
ldr r3, [0x0000cd50]
movs r2, 0x95
ldr r1, [0x0000cd54]
ldr r0, [0x0000cd58]
add r3, pc
add r1, pc
add r0, pc
blx 0x1de0
nop
str r2, [sp, 0x270]
--
blx sym.imp.mmap64
mov.w r3, 0
strb.w r3, [fp, r6]
ldr r4, [r4]
ldr.w r3, [r8, 0xc]
cmp r4, r3
bne 0xd1f6
ldrb.w r3, [r5, 0x30]
mov r0, sb
str.w sb, [r5, 0x14]
orr r3, r3, 2
strb.w r3, [r5, 0x30]
pop.w {r3, r4, r5, r6, r7, r8, sb, sl, fp, pc}
mov r6, sl
b 0xd240
mov sb, r0
b 0xd1e4
mov r0, sb
mov sb, fp
blx 0x19a0
b 0xd1e4
--
blx sym.imp.mmap64
movs r3, 0x20
add.w r0, sb, 1
adds r4, r0, r6
strb.w r3, [sl, sb]
cmp.w r8, 0
bne.w 0xd992
mov.w r3, 0
strb.w r3, [sl, r4]
cmp r7, 0
beq 0xd926
ldrb.w r3, [fp, 0x38]
lsls r1, r3, 0x1e
bmi 0xd926
ldr r3, [sp, 0x18]
cbz r3, 0xd8a8
cmp.w sl, 0
beq.w 0xdb92
mov r2, sl
ldr r3, [sp, 0x18]
movs r1, 1
--
blx sym.imp.mmap64
b 0xd87e
mov r0, fp
bl 0xd74c
cmp r0, 1
bhi.w 0xd832
ldr r3, [sp, 0xc]
cmp r3, fp
beq 0xd968
b 0xd8c2
cmp r4, 0
beq 0xd974
mov r0, r4
blx 0x1bb0
ldr r3, [sp, 0x1c]
mov sb, r0
cmp r3, 0
beq.w 0xd848
ldr r0, [sp, 0x1c]
blx 0x1bb0
orrs.w r3, sb, r0
--
blx sym.imp.mmap64
ldr r1, [sp, 0x14]
mov r2, sl
adds r0, r4, r6
blx sym.imp.mmap64
add.w r0, sl, r6
mov r2, r8
mov r1, r5
add r0, r4
blx sym.imp.mmap64
mov r0, sb
mov.w r3, 0
mov sb, r4
strb r3, [r4, r7]
blx 0x19a0
mov r1, fp
mov r0, sb
blx sym.imp.strstr
cmp r0, 0
bne 0xda7a
ldr r3, [sp, 0x28]
ldrd fp, sl, [sp, 0x30]
cmp r3, 0
beq 0xdb5a
ldr r2, [sp, 0x2c]
mov r1, sb
mov r0, fp
blx r3
ldr r3, [sp, 0x38]
cmn.w r0, 0x11
--
blx sym.imp.mmap64
ldr r0, [r7]
mov r1, r5
bl 0xa350
mov r4, r0
cmp r0, 0
bne 0xe28e
mov r0, r5
mvn r8, 0xb
blx 0x19a0
ldr r0, [r7]
bl 0xe214
str r4, [r7]
b 0xe26c
blx sym.imp.__isoc99_sscanf
ldr r3, [r0]
rsb.w r8, r3, 0
b 0xe272
blx sym.imp.__isoc99_sscanf
ldr r3, [r0]
ldr r0, [r7]
--
blx sym.imp.mmap64
ldr r0, [r7]
mov r1, r5
bl 0xa350
mov r4, r0
cmp r0, 0
bne 0xe3d6
mov r0, r5
mvn r8, 0xb
blx 0x19a0
ldr r0, [r7]
bl 0xe35c
str r4, [r7]
b 0xe3b4
blx sym.imp.__isoc99_sscanf
ldr r3, [r0]
rsb.w r8, r3, 0
b 0xe3ba
blx sym.imp.__isoc99_sscanf
ldr r3, [r0]
ldr r0, [r7]
--
blx sym.imp.mmap64
ldr r0, [r7]
mov r1, r4
bl 0xa350
mov r5, r0
cmp r0, 0
bne 0xe532
mov r0, r4
mvn r8, 0xb
blx 0x19a0
ldr r0, [r7]
bl 0xe4b0
str r5, [r7]
b 0xe50c
blx sym.imp.__isoc99_sscanf
ldr r3, [r0]
rsb.w r8, r3, 0
b 0xe512
blx sym.imp.__isoc99_sscanf
ldr r3, [r0]
ldr r0, [r7]
--
blx sym.imp.mmap64
cmp r7, 1
mov.w r2, 0
it hi
movhi ip, 1
strb.w r2, [r8, r4]
it hi
subhi r0, ip, r6
str r2, [r8, -0x4]
it hi
movhi lr, r2
str.w r8, [sb]
bhi 0xf1d0
b 0xf20a
cmp ip, r7
add.w r2, r2, 1
bhs 0xf20a
cmp r2, r4
sbcs.w r3, lr, r5
bhs 0xf20a
ldrb.w r3, [r8, r2]
--
blx sym.imp.mmap64
ldr r3, [sp, 0x10]
add.w sb, sb, 0x40
add.w r2, fp, 1
cmp fp, r3
beq 0xf3c2
mov fp, r2
b 0xf33a
ldr r3, [sp, 0x14]
ldr r1, [0x0000f458]
ldr r2, [0x0000f450]
add r1, pc
ldr r2, [r1, r2]
ldr r1, [r2]
ldr r2, [sp, 0x2c]
eors r1, r2
mov.w r2, 0
bne 0xf43e
mov r0, r3
add sp, 0x34
pop.w {r4, r5, r6, r7, r8, sb, sl, fp, pc}
--
blx sym.imp.mmap64
ldr r3, [sp, 0xc]
add.w r2, sb, r7
str.w sb, [r4]
b 0xf5e6
mov r0, fp
str r3, [sp, 0xc]
blx sym.imp.strerror
ldr r3, [sp, 0xc]
mov sb, r0
str r0, [r4, 4]
cbz r0, 0xf658
ldr r1, [sp, 0x10]
mov r2, fp
str r3, [sp, 0xc]
blx sym.imp.mmap64
ldr r3, [sp, 0xc]
add.w r1, sb, r7
str.w sb, [r4]
b 0xf572
bl 0xe9c0
bl 0xe9e0
blx sym.imp.stat64
bl 0xea00
blx sym.imp.__isoc99_sscanf
ldr r3, [r0]
rsbs r3, r3, 0
b 0xf588
nop
ldr r2, [r3, 0x18]
movs r1, r0
lsls r4, r7, 6
movs r0, r0
ldr r4, [r1, 8]
movs r1, r0
push.w {r4, r5, r6, r7, r8, sb, sl, fp, lr}
--
blx sym.imp.mmap64
str r4, [r7]
ldr r3, [sp, 4]
ldr r4, [r7, 4]
b 0xf734
mov r3, r8
mov r2, sb
b 0xf6f8
mov r0, sl
blx 0x1bb0
adds.w r3, r0, r8
adc r2, sb, 0
b 0xf74e
blx sym.imp.stat64
blx sym.imp.__isoc99_sscanf
ldr r3, [r0]
rsbs r3, r3, 0
b 0xf6c8
nop
str r0, [r3, 0x78]
movs r1, r0
--
blx sym.imp.mmap64
ldr r2, [sp, 0x10]
mov r3, r0
mov r1, sb
mov ip, r8
strb r5, [r0, r2]
adds r2, 1
add r3, r2
ldrd r0, r2, [sp, 8]
cmp r8, r2
it eq
cmpeq sb, r0
beq 0xfb08
ldrb.w r5, [r6, sl]
adds.w sb, sl, 1
adc r8, r7, 0
mov r2, sl
mov r0, r7
mov sl, sb
mov r7, r8
cmp r5, 0
--
blx sym.imp.mmap64
movs r2, 0
strb r2, [r0, r4]
b 0xf9c4
adds r3, 1
b 0xfa6c
ldr r3, [sp, 0x1c]
cmp r3, 0
beq.w 0xf974
lsls r4, r3, 4
adds r0, r4, r6
blx sym.imp.strerror
ldr r2, [sp, 0x3c]
str r0, [sp, 0x48]
str r0, [r2]
cmp r0, 0
beq.w 0xff1a
ldr r3, [sp, 0x48]
movs r1, 0
mov sb, sl
str r1, [sp, 0x34]
--
blx sym.imp.mmap64
movs r3, 0
strb r3, [r5, r4]
adds r4, 1
adds r3, r5, r4
str r3, [sp, 0x50]
ldr r3, [sp, 0x10]
ldr r2, [sp, 0x28]
ldr r1, [sp, 0x30]
adds r7, r3, r7
adc r2, r2, 0
str r2, [sp, 0x28]
ldr r2, [sp, 0x1c]
adds r2, r2, r3
adc r1, r1, 0
adds.w r3, sl, r3
mov sl, r3
str r1, [sp, 0x30]
ldr r3, [sp, 0x2c]
ldr r1, [sp, 8]
str r2, [sp, 0x1c]
--
blx sym.imp.mmap64
ldr r2, [sp]
movs r3, 0
strb.w r3, [r2, sl]
add.w sl, sl, 1
add.w r3, r2, sl
str r3, [sp]
ldr r3, [sp, 0x14]
adds r6, 1
add.w r8, r8, 8
adds r4, r4, r3
adc sb, sb, 0
adds r5, r3, r5
ldr r3, [sp, 0x18]
adc r7, r7, 0
cmp r3, r6
bne.w 0x103b6
ldr r4, [sp]
ldr.w sl, [sp, 0xc]
ldr r0, [sp, 0x88]
blx 0x19a0
--
blx sym.imp.mmap64
mov.w r3, 0
strb r3, [r4, r6]
adds r6, 1
add r4, r6
ldr r3, [sp, 0x3c]
add r8, r3
ldr r3, [sp, 0x14]
cmp sb, r3
bne 0x10504
ldr.w sl, [sp]
ldr r0, [sp, 0x64]
blx 0x19a0
ldr r2, [0x0001085c]
ldr r3, [0x00010840]
add r2, pc
ldr r3, [r2, r3]
ldr r2, [r3]
ldr r3, [sp, 0xd4]
eors r2, r3
mov.w r3, 0
--
blx sym.imp.mmap64
ldr r3, [r4, 8]
mov r0, r5
add r3, r5
str r3, [r4, 8]
pop {r3, r4, r5, r6, r7, pc}
movs r5, 0
mov r0, r5
pop {r3, r4, r5, r6, r7, pc}
ldr r3, [0x00010ac0]
movs r2, 0x63
ldr r1, [0x00010ac4]
ldr r0, [0x00010ac8]
add r3, pc
add r1, pc
add r0, pc
blx 0x1de0
ldr r3, [0x00010acc]
movs r2, 0x62
ldr r1, [0x00010ad0]
ldr r0, [0x00010ad4]
[*] Function mmap used 74 times kmod
