[*] Binary protection state of zip
Full RELRO Canary found NX disabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function system tear down of zip
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/zip @ 0xeaec */
| #include <stdint.h>
|
; (fcn) fcn.0000eaec () | void fcn_0000eaec () {
0x0000eaec lui gp, 4 |
0x0000eaf0 addiu gp, gp, 0x31a4 |
0x0000eaf4 addu gp, gp, t9 | gp += t9;
0x0000eaf8 addiu sp, sp, -0x40 |
0x0000eafc lw t9, -0x7ae0(gp) | t9 = sym.imp.strlen;
0x0000eb00 sw s3, 0x24(sp) | *(var_24h_2) = s3;
0x0000eb04 lw s3, -0x7f7c(gp) | s3 = *((gp - 8159));
0x0000eb08 sw gp, 0x10(sp) | *(var_10h_2) = gp;
0x0000eb0c sw s6, 0x30(sp) | *(var_30h_2) = s6;
0x0000eb10 sw s4, 0x28(sp) | *(var_28h) = s4;
0x0000eb14 sw s1, 0x1c(sp) | *(var_1ch) = s1;
0x0000eb18 sw ra, 0x3c(sp) | *(var_3ch_2) = ra;
0x0000eb1c sw fp, 0x38(sp) | *(var_38h_2) = fp;
0x0000eb20 sw s7, 0x34(sp) | *(var_34h_2) = s7;
0x0000eb24 sw s5, 0x2c(sp) | *(var_2ch_2) = s5;
0x0000eb28 sw s2, 0x20(sp) | *(var_20h_2) = s2;
0x0000eb2c sw s0, 0x18(sp) | *(var_18h_2) = s0;
0x0000eb30 lw s1, -0x5ce0(s3) | s1 = *((s3 - 5944));
0x0000eb34 move s6, a0 | s6 = a0;
0x0000eb38 jalr t9 | t9 ();
0x0000eb3c move s4, v0 | s4 = v0;
0x0000eb40 lw gp, 0x10(sp) | gp = *(var_10h_2);
| if (s1 == 0) {
0x0000eb44 beqz s1, 0xed9c | goto label_2;
| }
0x0000eb48 lw a1, -0x7f90(gp) | a1 = *(gp);
0x0000eb4c lw t9, -0x7a18(gp) | t9 = sym.imp.strstr;
| /* esilref: '{}' */
0x0000eb50 addiu a1, a1, -0x1b48 | a1 += -0x1b48;
0x0000eb54 move a0, s1 | a0 = s1;
0x0000eb58 jalr t9 | t9 ();
0x0000eb5c lw gp, 0x10(sp) | gp = *(var_10h_2);
0x0000eb60 move a0, s1 | a0 = s1;
0x0000eb64 lw t9, -0x7ae0(gp) | t9 = sym.imp.strlen;
0x0000eb68 move s5, v0 | s5 = v0;
0x0000eb6c jalr t9 | t9 ();
0x0000eb70 lw gp, 0x10(sp) | gp = *(var_10h_2);
0x0000eb74 addiu a0, s4, 3 | a0 = s4 + 3;
0x0000eb78 addu a0, a0, v0 | a0 += v0;
0x0000eb7c lw t9, -0x7ab4(gp) | t9 = sym.imp.malloc;
0x0000eb80 move s2, v0 | s2 = v0;
0x0000eb84 jalr t9 | t9 ();
0x0000eb88 move s0, v0 | s0 = v0;
0x0000eb8c lw gp, 0x10(sp) | gp = *(var_10h_2);
| if (v0 == 0) {
0x0000eb90 beqz v0, 0xee98 | goto label_3;
| }
0x0000eb94 lw t9, -0x7a40(gp) | t9 = sym.imp.memcpy;
| if (s5 == 0) {
0x0000eb98 beqz s5, 0xecd8 | goto label_4;
| }
0x0000eb9c addiu a2, s2, 1 | a2 = s2 + 1;
0x0000eba0 move a1, s1 | a1 = s1;
0x0000eba4 move a0, v0 | a0 = v0;
0x0000eba8 jalr t9 | t9 ();
0x0000ebac lw gp, 0x10(sp) | gp = *(var_10h_2);
0x0000ebb0 subu v0, s5, s1 | __asm ("subu v0, s5, s1");
0x0000ebb4 addu v0, s0, v0 | v0 = s0 + v0;
0x0000ebb8 lw t9, -0x7ae0(gp) | t9 = sym.imp.strlen;
0x0000ebbc move a0, s0 | a0 = s0;
0x0000ebc0 sb zero, (v0) | *(v0) = 0;
0x0000ebc4 jalr t9 | t9 ();
0x0000ebc8 lw gp, 0x10(sp) | gp = *(var_10h_2);
0x0000ebcc addu v0, s0, v0 | v0 = s0 + v0;
0x0000ebd0 addiu a0, v0, 1 | a0 = v0 + 1;
0x0000ebd4 lw t9, -0x7a40(gp) | t9 = sym.imp.memcpy;
0x0000ebd8 addiu s7, zero, 0x20 | s7 = 0x20;
0x0000ebdc addiu fp, zero, 0x27 | fp = 0x27;
0x0000ebe0 subu s2, a0, s0 | __asm ("subu s2, a0, s0");
0x0000ebe4 move a2, s4 | a2 = s4;
0x0000ebe8 move a1, s6 | a1 = s6;
0x0000ebec addiu zero, zero, 2 | 0 = 2;
0x0000ebf0 sb s7, (v0) | *(v0) = s7;
0x0000ebf4 sb fp, 1(v0) | *((v0 + 1)) = fp;
0x0000ebf8 jalr t9 | t9 ();
0x0000ebfc lw gp, 0x10(sp) | gp = *(var_10h_2);
0x0000ec00 addu s2, s2, s4 | s2 += s4;
0x0000ec04 addu v1, s0, s2 | v1 = s0 + s2;
0x0000ec08 addiu s2, s2, 3 | s2 += 3;
0x0000ec0c lw t9, -0x7a9c(gp) | t9 = sym.imp.strcpy;
0x0000ec10 sb fp, 1(v1) | *((v1 + 1)) = fp;
0x0000ec14 addiu a1, s5, 2 | a1 = s5 + 2;
0x0000ec18 sb s7, 2(v1) | *((v1 + 2)) = s7;
0x0000ec1c addu a0, s0, s2 | a0 = s0 + s2;
0x0000ec20 jalr t9 | t9 ();
0x0000ec24 lw gp, 0x10(sp) | gp = *(var_10h_2);
| do {
0x0000ec28 lw t9, -0x7a3c(gp) | t9 = sym.imp.free;
0x0000ec2c move a0, s1 | a0 = s1;
0x0000ec30 jalr t9 | t9 ();
0x0000ec34 lw gp, 0x10(sp) | gp = *(var_10h_2);
0x0000ec38 sw zero, -0x5ce0(s3) | *((s3 - 5944)) = 0;
| label_1:
0x0000ec3c lw t9, -0x7abc(gp) | t9 = sym.imp.system
0x0000ec40 move a0, s0 | a0 = s0;
0x0000ec44 jalr t9 | t9 ();
0x0000ec48 lw gp, 0x10(sp) | gp = *(var_10h_2);
0x0000ec4c move s1, v0 | s1 = v0;
0x0000ec50 lw t9, -0x7a3c(gp) | t9 = sym.imp.free;
0x0000ec54 move a0, s0 | a0 = s0;
0x0000ec58 jalr t9 | t9 ();
0x0000ec5c lw gp, 0x10(sp) | gp = *(var_10h_2);
| if (s1 != 0) {
0x0000ec60 bnez s1, 0xee5c | goto label_5;
| }
0x0000ec64 lw v0, -0x7fb0(gp) | v0 = *(gp);
0x0000ec68 lw v0, (v0) | v0 = *(v0);
0x0000ec6c lw s0, -0x7fbc(gp) | s0 = *(gp);
| if (v0 != 0) {
0x0000ec70 bnez v0, 0xed64 | goto label_6;
| }
| label_0:
0x0000ec74 lw s0, -0x7fc4(gp) | s0 = *(gp);
0x0000ec78 lw a0, (s0) | a0 = *(s0);
0x0000ec7c lw v0, -0x7f64(gp) | v0 = *(gp);
| if (a0 == 0) {
0x0000ec80 beqz a0, 0xed34 | goto label_7;
| }
0x0000ec84 lw a2, -0x7f90(gp) | a2 = *(gp);
0x0000ec88 lw t9, -0x7b5c(gp) | t9 = sym.imp.__fprintf_chk;
0x0000ec8c lw a3, (v0) | a3 = *(v0);
| /* str.test_of__s_OK_n */
0x0000ec90 addiu a2, a2, -0x1ad4 | a2 += -0x1ad4;
0x0000ec94 addiu a1, zero, 1 | a1 = 1;
0x0000ec98 jalr t9 | t9 ();
0x0000ec9c lw gp, 0x10(sp) | gp = *(var_10h_2);
0x0000eca0 lw a0, (s0) | a0 = *(s0);
0x0000eca4 lw ra, 0x3c(sp) | ra = *(var_3ch_2);
0x0000eca8 lw fp, 0x38(sp) | fp = *(var_38h_2);
0x0000ecac lw s7, 0x34(sp) | s7 = *(var_34h_2);
0x0000ecb0 lw s6, 0x30(sp) | s6 = *(var_30h_2);
0x0000ecb4 lw s5, 0x2c(sp) | s5 = *(var_2ch_2);
0x0000ecb8 lw s4, 0x28(sp) | s4 = *(var_28h);
0x0000ecbc lw s3, 0x24(sp) | s3 = *(var_24h_2);
0x0000ecc0 lw s2, 0x20(sp) | s2 = *(var_20h_2);
0x0000ecc4 lw s1, 0x1c(sp) | s1 = *(var_1ch);
0x0000ecc8 lw s0, 0x18(sp) | s0 = *(var_18h_2);
0x0000eccc lw t9, -0x7a30(gp) | t9 = sym.imp.fflush;
0x0000ecd0 addiu sp, sp, 0x40 |
0x0000ecd4 jr t9 | t9 ();
| label_4:
0x0000ecd8 move a2, s2 | a2 = s2;
0x0000ecdc move a1, s1 | a1 = s1;
0x0000ece0 move a0, v0 | a0 = v0;
0x0000ece4 jalr t9 | t9 ();
0x0000ece8 lw gp, 0x10(sp) | gp = *(var_10h_2);
0x0000ecec addu v1, s0, s2 | v1 = s0 + s2;
0x0000ecf0 addiu a0, s2, 2 | a0 = s2 + 2;
0x0000ecf4 addu s2, s2, s4 | s2 += s4;
0x0000ecf8 addiu s2, s2, 2 | s2 += 2;
0x0000ecfc addiu s5, zero, 0x27 | s5 = 0x27;
0x0000ed00 lw t9, -0x7a40(gp) | t9 = sym.imp.memcpy;
0x0000ed04 addiu a1, zero, 0x20 | a1 = 0x20;
0x0000ed08 addu s2, s0, s2 | s2 = s0 + s2;
0x0000ed0c sb a1, (v1) | *(v1) = a1;
0x0000ed10 move a2, s4 | a2 = s4;
0x0000ed14 sb s5, 1(v1) | *((v1 + 1)) = s5;
0x0000ed18 move a1, s6 | a1 = s6;
0x0000ed1c addu a0, s0, a0 | a0 = s0 + a0;
0x0000ed20 jalr t9 | t9 ();
0x0000ed24 lw gp, 0x10(sp) | gp = *(var_10h_2);
0x0000ed28 sb s5, (s2) | *(s2) = s5;
0x0000ed2c sb zero, 1(s2) | *((s2 + 1)) = 0;
0x0000ed30 b 0xec28 |
| } while (1);
| label_7:
0x0000ed34 lw ra, 0x3c(sp) | ra = *(var_3ch_2);
0x0000ed38 lw fp, 0x38(sp) | fp = *(var_38h_2);
0x0000ed3c lw s7, 0x34(sp) | s7 = *(var_34h_2);
0x0000ed40 lw s6, 0x30(sp) | s6 = *(var_30h_2);
0x0000ed44 lw s5, 0x2c(sp) | s5 = *(var_2ch_2);
0x0000ed48 lw s4, 0x28(sp) | s4 = *(var_28h);
0x0000ed4c lw s3, 0x24(sp) | s3 = *(var_24h_2);
0x0000ed50 lw s2, 0x20(sp) | s2 = *(var_20h_2);
0x0000ed54 lw s1, 0x1c(sp) | s1 = *(var_1ch);
0x0000ed58 lw s0, 0x18(sp) | s0 = *(var_18h_2);
0x0000ed5c addiu sp, sp, 0x40 |
0x0000ed60 jr ra | return v0;
| label_6:
0x0000ed64 lw v0, -0x7f64(gp) | v0 = *(gp);
0x0000ed68 lw a2, -0x7f90(gp) | a2 = *(gp);
0x0000ed6c lw t9, -0x7b5c(gp) | t9 = sym.imp.__fprintf_chk;
0x0000ed70 lw a0, (s0) | a0 = *(s0);
0x0000ed74 lw a3, (v0) | a3 = *(v0);
| /* str.test_of__s_OK_n */
0x0000ed78 addiu a2, a2, -0x1ad4 | a2 += -0x1ad4;
0x0000ed7c addiu a1, zero, 1 | a1 = 1;
0x0000ed80 jalr t9 | t9 ();
0x0000ed84 lw gp, 0x10(sp) | gp = *(var_10h_2);
0x0000ed88 lw t9, -0x7a30(gp) | t9 = sym.imp.fflush;
0x0000ed8c lw a0, (s0) | a0 = *(s0);
0x0000ed90 jalr t9 | t9 ();
0x0000ed94 lw gp, 0x10(sp) | gp = *(var_10h_2);
0x0000ed98 b 0xec74 | goto label_0;
| label_2:
0x0000ed9c lw t9, -0x7ab4(gp) | t9 = sym.imp.malloc;
0x0000eda0 addiu a0, v0, 0x14 | a0 = v0 + 0x14;
0x0000eda4 jalr t9 | t9 ();
0x0000eda8 move s0, v0 | s0 = v0;
0x0000edac lw gp, 0x10(sp) | gp = *(var_10h_2);
| if (v0 == 0) {
0x0000edb0 beqz v0, 0xee98 | goto label_3;
| }
0x0000edb4 lw v1, -0x7f90(gp) | v1 = *(gp);
| /* str.unzip__t_ */
0x0000edb8 addiu v0, v1, -0x1b18 | v0 = v1 + -0x1b18;
0x0000edbc lw a1, -0x1b18(v1) | a1 = *((v1 - 1734));
0x0000edc0 lw a0, 4(v0) | a0 = *((v0 + 1));
0x0000edc4 lhu v1, 8(v0) | v1 = *((v0 + 4));
0x0000edc8 lw v0, -0x7ecc(gp) | v0 = *(gp);
0x0000edcc sw a1, (s0) | *(s0) = a1;
0x0000edd0 sw a0, 4(s0) | *((s0 + 1)) = a0;
0x0000edd4 lw v0, (v0) | v0 = *(v0);
0x0000edd8 sh v1, 8(s0) | *((s0 + 4)) = v1;
0x0000eddc beqz v0, 0xee38 |
| while (1) {
0x0000ede0 lw t9, -0x7f44(gp) | t9 = *(gp);
0x0000ede4 addiu t9, t9, -0x1734 | t9 += -0x1734;
0x0000ede8 bal 0xe8cc | fcn_0000e8cc ();
0x0000edec nop |
0x0000edf0 lw gp, 0x10(sp) | gp = *(var_10h_2);
| if (v0 == 0) {
0x0000edf4 beqz v0, 0xeeac | goto label_8;
| }
0x0000edf8 lw t9, -0x7ae0(gp) | t9 = sym.imp.strlen;
0x0000edfc move a0, s0 | a0 = s0;
0x0000ee00 jalr t9 | t9 ();
0x0000ee04 lw gp, 0x10(sp) | gp = *(var_10h_2);
0x0000ee08 addu v0, s0, v0 | v0 = s0 + v0;
0x0000ee0c addiu s1, zero, 0x27 | s1 = 0x27;
0x0000ee10 lw t9, -0x7a60(gp) | t9 = sym.imp.stpcpy;
0x0000ee14 sb s1, (v0) | *(v0) = s1;
0x0000ee18 sb zero, 1(v0) | *((v0 + 1)) = 0;
0x0000ee1c move a1, s6 | a1 = s6;
0x0000ee20 addiu a0, v0, 1 | a0 = v0 + 1;
0x0000ee24 jalr t9 | t9 ();
0x0000ee28 lw gp, 0x10(sp) | gp = *(var_10h_2);
0x0000ee2c sb s1, (v0) | *(v0) = s1;
0x0000ee30 sb zero, 1(v0) | *((v0 + 1)) = 0;
0x0000ee34 b 0xec3c | goto label_1;
0x0000ee38 lw v1, -0x7f90(gp) | v1 = *(gp);
0x0000ee3c addiu v0, s0, 9 | v0 = s0 + 9;
| /* str._qq_ */
0x0000ee40 addiu a0, v1, -0x1b0c | a0 = v1 + -0x1b0c;
0x0000ee44 lw v1, -0x1b0c(v1) | v1 = *((v1 - 1731));
0x0000ee48 lbu a0, 4(a0) | a0 = *((a0 + 4));
0x0000ee4c swl v1, 0xc(s0) | __asm ("swl v1, 0xc(s0)");
0x0000ee50 swr v1, (v0) | __asm ("swr v1, (v0)");
0x0000ee54 sb a0, 4(v0) | *((v0 + 4)) = a0;
0x0000ee58 b 0xede0 |
| }
| label_5:
0x0000ee5c lw v0, -0x7fbc(gp) | v0 = *(gp);
0x0000ee60 lw a2, -0x7f90(gp) | a2 = *(gp);
0x0000ee64 lw t9, -0x7b5c(gp) | t9 = sym.imp.__fprintf_chk;
0x0000ee68 lw a0, (v0) | a0 = *(v0);
0x0000ee6c lw v0, -0x7f64(gp) | v0 = *(gp);
0x0000ee70 addiu a1, zero, 1 | a1 = 1;
| /* str.test_of__s_FAILED_n */
0x0000ee74 addiu a2, a2, -0x1b04 | a2 += -0x1b04;
0x0000ee78 lw a3, (v0) | a3 = *(v0);
0x0000ee7c jalr t9 | t9 ();
0x0000ee80 lw gp, 0x10(sp) | gp = *(var_10h_2);
0x0000ee84 addiu a0, zero, 8 | a0 = 8;
0x0000ee88 lw a1, -0x7f90(gp) | a1 = *(gp);
0x0000ee8c lw t9, -0x7f28(gp) | t9 = sym.ziperr;
| /* str.original_files_unmodified */
0x0000ee90 addiu a1, a1, -0x1af0 | a1 += -0x1af0;
0x0000ee94 bal 0xd694 | sym_ziperr ();
| label_3:
0x0000ee98 lw a1, -0x7f90(gp) | a1 = *(gp);
0x0000ee9c lw t9, -0x7f28(gp) | t9 = sym.ziperr;
| /* str.building_command_string_for_testing_archive */
0x0000eea0 addiu a1, a1, -0x1b44 | a1 += -0x1b44;
0x0000eea4 addiu a0, zero, 4 | a0 = 4;
0x0000eea8 bal 0xd694 | sym_ziperr ();
| label_8:
0x0000eeac lw v0, -0x7f64(gp) | v0 = *(gp);
0x0000eeb0 lw t9, -0x7f28(gp) | t9 = sym.ziperr;
0x0000eeb4 addiu a0, zero, 8 | a0 = 8;
0x0000eeb8 lw a1, (v0) | a1 = *(v0);
0x0000eebc bal 0xd694 | sym_ziperr ();
0x0000eec0 lui gp, 4 |
0x0000eec4 addiu gp, gp, 0x2dd0 |
0x0000eec8 addu gp, gp, t9 | gp += t9;
0x0000eecc addiu sp, sp, -0x20 |
0x0000eed0 addiu v0, zero, 1 | v0 = 1;
0x0000eed4 sw gp, 0x10(sp) | *(var_10h_3) = gp;
0x0000eed8 sw ra, 0x1c(sp) | *(var_1ch_2) = ra;
0x0000eedc lw a0, -0x7f90(gp) | a0 = *(gp);
| if (a0 == v0) {
0x0000eee0 beq a0, v0, 0xef10 | goto label_9;
| }
0x0000eee4 lw a0, -0x7f90(gp) | a0 = *(gp);
| /* str.Enter_password:_ */
0x0000eee8 addiu a0, a0, -0x1ab0 | a0 += -0x1ab0;
| do {
0x0000eeec lw t9, -0x7ec8(gp) | t9 = sym.getp;
0x0000eef0 bal 0x27598 | sym_getp ();
0x0000eef4 nop |
0x0000eef8 lw gp, 0x10(sp) | gp = *(var_10h_3);
| if (v0 == 0) {
0x0000eefc beqz v0, 0xef18 | goto label_10;
| }
0x0000ef00 lw ra, 0x1c(sp) | ra = *(var_1ch_2);
0x0000ef04 move v0, zero | v0 = 0;
0x0000ef08 addiu sp, sp, 0x20 |
0x0000ef0c jr ra | return v0;
| /* str.Verify_password:_ */
| label_9:
0x0000ef10 addiu a0, a0, -0x1ac4 | a0 += -0x1ac4;
0x0000ef14 b 0xeeec |
| } while (1);
| label_10:
0x0000ef18 lw t9, -0x7f44(gp) | t9 = *(gp);
0x0000ef1c addiu t9, t9, -0x1e50 | t9 += -0x1e50;
0x0000ef20 bal 0xe1b0 | fcn_0000e1b0 ();
0x0000ef24 nop |
| }
[*] Function system used 2 times zip
