[*] Binary protection state of libnetsnmp.so.40.2.0
Full RELRO Canary found NX enabled DSO No RPATH No RUNPATH No Symbols
[*] Function sprintf tear down of libnetsnmp.so.40.2.0
str r0, [r5, 0x1c]
movs r2, r0
invalid
str r4, [r5, 0x1c]
movs r2, r0
lsls r2, r7, 0x11
movs r3, r0
push {r4, lr}
mov r0, r1
ldr r4, [0x00012ef8]
sub sp, 8
mov r2, sp
ldr r3, [0x00012efc]
add r4, pc
ldr r1, [0x00012f00]
ldr r3, [r4, r3]
add r1, pc
ldr r3, [r3]
str r3, [sp, 4]
mov.w r3, 0
blx sym.imp.__sprintf_chk
cbz r0, 0x12eda
ldr r1, [0x00012f04]
--
movs r3, 0
movs r1, 1
mov.w r0, 0x100
str r3, [sp, 0x28]
blx 0x10e7c
mov r8, r0
str r0, [sp, 0x1c]
cmp r0, 0
beq.w 0x1a980
mov.w r3, 0x100
mov r0, sb
str r3, [sp, 0x20]
blx 0x11914
str r0, [sp, 8]
cmp r0, 0
beq.w 0x1a994
ldr r1, [0x0001a9bc]
add.w r8, sp, 0x14
mov r2, r8
add r1, pc
blx sym.imp.__sprintf_chk
cmp r0, 0
beq.w 0x1a8fc
--
strle r2, [sp, 0x28]
ldr r2, [sp, 0x20]
cmp r2, r4
bgt 0x1a814
mov r1, fp
add r0, sp, 0x1c
blx 0x10b54
cmp r0, 0
beq.w 0x1a950
ldr r0, [sp, 0x30]
ldr r3, [sp, 0x1c]
and r0, r0, 7
movs r1, 0x80
mov r2, r8
asrs r1, r0
ldrb r0, [r3, r4]
orrs r1, r0
movs r0, 0
strb r1, [r3, r4]
mov r1, sl
blx sym.imp.__sprintf_chk
mov r4, r0
cmp r0, 0
--
str r3, [sp, 0x6c]
mov.w r3, 0
blx 0x11914
str.w sb, [sp, 0xc]
mov fp, r0
cmp r0, 0
beq 0x20e12
mov r0, r4
blx sym.imp.EVP_aes_192_cfb128
adds r0, 2
blx 0x110b8
mov r5, r0
cmp r0, 0
beq 0x20e12
ldr r7, [0x00020e28]
add.w r8, sp, 0xc
mov r2, r8
mov r0, fp
add r7, pc
mov r1, r7
blx sym.imp.__sprintf_chk
strb.w sb, [r5]
mov r4, r0
cbz r0, 0x20dc0
ldr r3, [0x00020e2c]
subs r6, 0
it ne
movne r6, 1
mov.w sb, 0x2f
add r3, pc
str r3, [sp, 4]
mov r0, r5
blx sym.imp.EVP_aes_192_cfb128
adds r3, r0, 1
mov r1, r4
strb.w sb, [r5, r0]
adds r0, r5, r3
blx 0x10540
mov r2, r8
mov r1, r7
movs r0, 0
blx sym.imp.__sprintf_chk
cmp r0, 0
ite ne
--
ldr r4, [r4]
str.w r4, [sp, 0x40c]
mov.w r4, 0
ldr r2, [r3, r2]
ldr r5, [r2]
cmp r0, 0
beq 0x23b2a
ldr r4, [0x00023b60]
add r7, sp, 0xc
mov.w r2, 0x400
mov r8, r0
mov sb, r1
add.w sl, sp, 8
mov r1, r0
add r4, pc
mov r0, r7
blx 0xfe1c
mov r2, sl
mov r1, r4
mov r0, r7
blx sym.imp.__sprintf_chk
mov r6, r0
cmp r0, 0
--
mov.w r3, 0
bne 0x23b4c
addw sp, sp, 0x414
pop.w {r4, r5, r6, r7, r8, sb, sl, fp, pc}
blx sym.imp.EVP_aes_192_cfb128
adds r3, r6, 1
subs r0, 1
str r3, [sp, 4]
ldrb r3, [r6, r0]
cmp r3, 0x5d
bne 0x23b1e
mov.w fp, 0
strb.w fp, [r6, r0]
ldr r0, [sp, 4]
blx 0xf5a8
mov r5, r0
cbz r0, 0x23b40
mov r1, r4
mov r2, sl
mov r0, fp
blx sym.imp.__sprintf_chk
mov r6, r0
mov r0, r5
--
str r2, [sp, 0x64]
mov.w r2, 0
str r3, [sp, 4]
blx 0x10940
cmp r0, 0
it ne
cmpne r4, 0
beq 0x2433c
mov sb, r0
mov r0, r4
blx 0x11914
mov fp, r0
cmp r0, 0
beq 0x2433c
ldr r6, [0x00024350]
add r7, sp, 4
mov r2, r7
mov.w r5, -1
add r6, pc
mov r1, r6
blx sym.imp.__sprintf_chk
mov r4, r0
cbz r0, 0x2431a
add.w r8, sp, 8
b 0x242ec
mov r0, r4
blx 0xfd78
mov r2, r7
mov r1, r6
movs r0, 0
blx sym.imp.__sprintf_chk
mov r4, r0
cbz r0, 0x2431a
mov r1, r8
mov r0, r4
blx 0x1047c
cmp r0, 0
bne 0x242d8
mov r2, sl
mov r1, sb
mov r0, r4
blx 0x11888
mov r2, r7
cmp r0, 0
mov r1, r6
mov.w r0, 0
it eq
moveq r5, 0
blx sym.imp.__sprintf_chk
mov r4, r0
cmp r0, 0
--
add.w r3, r3, r1, lsl 2
ldr.w r0, [r3, 0x498]
bx lr
movs r0, 0
bx lr
nop
stm r2!, {r1, r2, r5, r6}
movs r1, r0
push {r4, lr}
sub sp, 0x10
ldr r4, [0x0002a58c]
add r2, sp, 8
ldr r3, [0x0002a590]
add r4, pc
ldr r1, [0x0002a594]
ldr r3, [r4, r3]
add r1, pc
ldr r3, [r3]
str r3, [sp, 0xc]
mov.w r3, 0
blx sym.imp.__sprintf_chk
ldr r1, [0x0002a598]
mov r4, r0
--
ldr r2, [0x0002a758]
add.w r4, sp, 0x1000
ldr r3, [0x0002a748]
adds r4, 0xc
add r2, pc
ldr r3, [r2, r3]
ldr r2, [r3]
ldr r3, [r4]
eors r2, r3
mov.w r3, 0
bne 0x2a73a
mov r2, r6
add.w sp, sp, 0x1000
add sp, 0x10
pop.w {r4, r5, r6, lr}
b.w 0xf5cc
ldr r1, [0x0002a75c]
add r2, sp, 8
mov r0, r6
add r1, pc
blx sym.imp.__sprintf_chk
movs r2, 0xa
add r1, sp, 4
--
adds r7, 1
cmp r3, 0
beq.w 0x2e082
mov r2, r5
cmp r3, 0x2c
ldrb r3, [r7, 1]!
it eq
addeq r2, 1
cmp r3, 0
bne 0x2dd40
adds r0, r2, 2
ldr r5, [0x0002e0f4]
movs r1, 4
blx 0x10e7c
mov sl, r0
mov r2, sb
add r5, pc
mov r7, sl
mov r0, fp
mov r1, r5
blx sym.imp.__sprintf_chk
str.w r0, [sl]
mov r2, sb
mov r1, r5
movs r0, 0
blx sym.imp.__sprintf_chk
str r0, [r7, 4]!
cmp r0, 0
--
movs r0, r0
ldr r1, [0x0003629c]
movs r3, 0
ldr r2, [0x000362a0]
push {r4, r5, r6, r7, lr}
sub sp, 0xc
add r1, pc
ldr r2, [r1, r2]
ldr r2, [r2]
str r2, [sp, 4]
mov.w r2, 0
str r3, [sp]
cbz r0, 0x36292
blx 0x11914
mov r7, r0
cbz r0, 0x36292
ldr r1, [0x000362a4]
mov r5, sp
mov r2, r5
add r1, pc
blx sym.imp.__sprintf_chk
cbz r0, 0x3628e
ldr r6, [0x000362a8]
add r6, pc
b 0x36264
mov r2, r5
mov r1, r6
blx sym.imp.__sprintf_chk
cbz r0, 0x3628e
blx 0xf600
--
push.w {r4, r5, r6, r7, r8, sb, sl, lr}
sub sp, 0x18
add r1, pc
ldr.w r8, [0x000363f0]
ldr r2, [r1, r2]
add r8, pc
ldr r2, [r2]
str r2, [sp, 0x14]
mov.w r2, 0
str r3, [sp, 4]
cmp r0, 0
beq 0x363de
blx 0x11914
mov r7, r0
cmp r0, 0
beq 0x363de
ldr r1, [0x000363f4]
add r4, sp, 4
mov r2, r4
add r1, pc
blx sym.imp.__sprintf_chk
mov r3, r0
cmp r0, 0
beq 0x363d8
ldr r5, sym.imp.EVP_aes_192_cfb128
add.w sb, sp, 8
ldr r6, [0x000363fc]
add r5, pc
add r6, pc
b 0x36376
mov r2, r4
mov r1, r6
movs r0, 0
blx sym.imp.__sprintf_chk
mov r3, r0
cmp r0, 0
[*] Function sprintf used 18 times libnetsnmp.so.40.2.0
