[*] Binary protection state of wifiAutoReconnect
Full RELRO Canary found NX disabled No PIE No RPATH No RUNPATH No Symbols
[*] Function popen tear down of wifiAutoReconnect
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/DUMP/mtdblock8_unblob_extracted/mtdblock8_extract/0-9650176.squashfs_v4_le_extract/sbin/wifiAutoReconnect @ 0x404488 */
| #include <stdint.h>
|
; (fcn) sym.isMtkWifi__ () | void isMtkWifi_ () {
| /* isMtkWifi() */
0x00404488 lui gp, 2 |
0x0040448c addiu gp, gp, 0xba8 |
0x00404490 addu gp, gp, t9 | gp += t9;
0x00404494 addiu sp, sp, -0xb0 |
0x00404498 sw ra, 0xac(sp) | *(var_ach) = ra;
0x0040449c sw fp, 0xa8(sp) | *(var_a8h) = fp;
0x004044a0 move fp, sp | fp = sp;
0x004044a4 sw gp, 0x10(sp) | *(var_10h_2) = gp;
0x004044a8 lw t8, -0x7dd0(gp) | t8 = *((gp - 8052));
0x004044ac lw t8, (t8) | t8 = *(t8);
0x004044b0 sw t8, 0xa4(fp) | *(arg_a4h) = t8;
0x004044b4 lw t8, -0x7fd4(gp) | t8 = *((gp - 8181));
| /* str._proc_bus_usb_devices */
0x004044b8 addiu t8, t8, -0x51c0 | t8 += -0x51c0;
0x004044bc sw t8, 0x1c(fp) | *(arg_1ch) = t8;
0x004044c0 sw zero, 0x18(fp) | *(arg_18h) = 0;
0x004044c4 lw a0, -0x7f9c(gp) | a0 = *(gp);
0x004044c8 lw t8, -0x7fd4(gp) | t8 = *((gp - 8181));
| /* str._s__d__n */
0x004044cc addiu a1, t8, -0x51a8 | a1 = t8 + -0x51a8;
0x004044d0 lw t8, -0x7fd4(gp) | t8 = *((gp - 8181));
| /* str.isMtkWifi */
0x004044d4 addiu a2, t8, -0x4ab4 | a2 = t8 + -0x4ab4;
0x004044d8 addiu a3, zero, 0x234 | a3 = 0x234;
0x004044dc lw t8, -0x7e38(gp) | t8 = *(gp);
0x004044e0 move t9, t8 | t9 = t8;
0x004044e4 jalr t9 | t9 ();
0x004044e8 nop |
0x004044ec lw gp, 0x10(fp) | gp = *(var_10h_2);
0x004044f0 lw a0, 0x1c(fp) | a0 = *(arg_1ch);
0x004044f4 move a1, zero | a1 = 0;
0x004044f8 lw t8, -0x7e48(gp) | t8 = sym.imp.access;
0x004044fc move t9, t8 | t9 = t8;
0x00404500 jalr t9 | t9 ();
0x00404504 nop |
0x00404508 lw gp, 0x10(fp) | gp = *(var_10h_2);
0x0040450c move t8, v0 | t8 = v0;
0x00404510 sltu t8, zero, t8 | t8 = (0 < t8) ? 1 : 0;
0x00404514 andi t8, t8, 0xff | t8 &= 0xff;
| if (t8 == 0) {
0x00404518 beqz t8, 0x404604 | goto label_0;
| }
0x0040451c nop |
0x00404520 lw t8, -0x7fd4(gp) | t8 = *((gp - 8181));
| /* str.lsusb */
0x00404524 addiu a0, t8, -0x51a0 | a0 = t8 + -0x51a0;
0x00404528 lw t8, -0x7fd4(gp) | t8 = *((gp - 8181));
0x0040452c addiu a1, t8, -0x5198 | a1 = t8 + -0x5198;
0x00404530 lw t8, -0x7f0c(gp) | t8 = sym.imp.popen
0x00404534 move t9, t8 | t9 = t8;
0x00404538 jalr t9 | t9 ();
0x0040453c nop |
0x00404540 lw gp, 0x10(fp) | gp = *(var_10h_2);
0x00404544 move t8, v0 | t8 = v0;
0x00404548 sw t8, 0x20(fp) | *(arg_20h) = t8;
0x0040454c lw t8, 0x20(fp) | t8 = *(arg_20h);
| if (t8 == 0) {
0x00404550 bnez t8, 0x404564 |
0x00404554 nop |
0x00404558 lw t8, 0x18(fp) | t8 = *(arg_18h);
0x0040455c b 0x4046f8 | goto label_1;
0x00404560 nop |
| }
0x00404564 b 0x4045ac | goto label_2;
0x00404568 nop |
| do {
0x0040456c addiu t8, fp, 0x24 | t8 = fp + 0x24;
0x00404570 move a0, t8 | a0 = t8;
0x00404574 lw t8, -0x7fd4(gp) | t8 = *((gp - 8181));
| /* str.148f */
0x00404578 addiu a1, t8, -0x5194 | a1 = t8 + -0x5194;
0x0040457c lw t8, -0x7ee0(gp) | t8 = sym.imp.strstr;
0x00404580 move t9, t8 | t9 = t8;
0x00404584 jalr t9 | t9 ();
0x00404588 nop |
0x0040458c lw gp, 0x10(fp) | gp = *(var_10h_2);
0x00404590 move t8, v0 | t8 = v0;
| if (t8 != 0) {
0x00404594 beqz t8, 0x4045ac |
0x00404598 nop |
0x0040459c addiu t8, zero, 1 | t8 = 1;
0x004045a0 sw t8, 0x18(fp) | *(arg_18h) = t8;
0x004045a4 b 0x4045e4 | goto label_3;
0x004045a8 nop |
| }
| label_2:
0x004045ac addiu t8, fp, 0x24 | t8 = fp + 0x24;
0x004045b0 move a0, t8 | a0 = t8;
0x004045b4 addiu a1, zero, 0x80 | a1 = 0x80;
0x004045b8 lw a2, 0x20(fp) | a2 = *(arg_20h);
0x004045bc lw t8, -0x7e90(gp) | t8 = sym.imp.fgets;
0x004045c0 move t9, t8 | t9 = t8;
0x004045c4 jalr t9 | t9 ();
0x004045c8 nop |
0x004045cc lw gp, 0x10(fp) | gp = *(var_10h_2);
0x004045d0 move t8, v0 | t8 = v0;
0x004045d4 sltu t8, zero, t8 | t8 = (0 < t8) ? 1 : 0;
0x004045d8 andi t8, t8, 0xff | t8 &= 0xff;
0x004045dc bnez t8, 0x40456c |
| } while (t8 != 0);
0x004045e0 nop |
| label_3:
0x004045e4 lw a0, 0x20(fp) | a0 = *(arg_20h);
0x004045e8 lw t8, -0x7e54(gp) | t8 = sym.imp.pclose;
0x004045ec move t9, t8 | t9 = t8;
0x004045f0 jalr t9 | t9 ();
0x004045f4 nop |
0x004045f8 lw gp, 0x10(fp) | gp = *(var_10h_2);
0x004045fc b 0x4046d8 | goto label_4;
0x00404600 nop |
| label_0:
0x00404604 lw a0, 0x1c(fp) | a0 = *(arg_1ch);
0x00404608 lw t8, -0x7fd4(gp) | t8 = *((gp - 8181));
| /* esilref: 'r+' */
0x0040460c addiu a1, t8, -0x518c | a1 = t8 + -0x518c;
0x00404610 lw t8, -0x7e08(gp) | t8 = sym.imp.fopen64;
0x00404614 move t9, t8 | t9 = t8;
0x00404618 jalr t9 | t9 ();
0x0040461c nop |
0x00404620 lw gp, 0x10(fp) | gp = *(var_10h_2);
0x00404624 move t8, v0 | t8 = v0;
0x00404628 sw t8, 0x20(fp) | *(arg_20h) = t8;
0x0040462c lw t8, 0x20(fp) | t8 = *(arg_20h);
0x00404630 sltu t8, zero, t8 | t8 = (0 < t8) ? 1 : 0;
0x00404634 andi t8, t8, 0xff | t8 &= 0xff;
| if (t8 == 0) {
0x00404638 beqz t8, 0x4046d8 | goto label_4;
| }
0x0040463c nop |
0x00404640 b 0x404688 | goto label_5;
0x00404644 nop |
| do {
0x00404648 addiu t8, fp, 0x24 | t8 = fp + 0x24;
0x0040464c move a0, t8 | a0 = t8;
0x00404650 lw t8, -0x7fd4(gp) | t8 = *((gp - 8181));
| /* str.Vendor148f */
0x00404654 addiu a1, t8, -0x5188 | a1 = t8 + -0x5188;
0x00404658 lw t8, -0x7ee0(gp) | t8 = sym.imp.strstr;
0x0040465c move t9, t8 | t9 = t8;
0x00404660 jalr t9 | t9 ();
0x00404664 nop |
0x00404668 lw gp, 0x10(fp) | gp = *(var_10h_2);
0x0040466c move t8, v0 | t8 = v0;
| if (t8 != 0) {
0x00404670 beqz t8, 0x404688 |
0x00404674 nop |
0x00404678 addiu t8, zero, 1 | t8 = 1;
0x0040467c sw t8, 0x18(fp) | *(arg_18h) = t8;
0x00404680 b 0x4046c0 | goto label_6;
0x00404684 nop |
| }
| label_5:
0x00404688 addiu t8, fp, 0x24 | t8 = fp + 0x24;
0x0040468c move a0, t8 | a0 = t8;
0x00404690 addiu a1, zero, 0x80 | a1 = 0x80;
0x00404694 lw a2, 0x20(fp) | a2 = *(arg_20h);
0x00404698 lw t8, -0x7e90(gp) | t8 = sym.imp.fgets;
0x0040469c move t9, t8 | t9 = t8;
0x004046a0 jalr t9 | t9 ();
0x004046a4 nop |
0x004046a8 lw gp, 0x10(fp) | gp = *(var_10h_2);
0x004046ac move t8, v0 | t8 = v0;
0x004046b0 sltu t8, zero, t8 | t8 = (0 < t8) ? 1 : 0;
0x004046b4 andi t8, t8, 0xff | t8 &= 0xff;
0x004046b8 bnez t8, 0x404648 |
| } while (t8 != 0);
0x004046bc nop |
| label_6:
0x004046c0 lw a0, 0x20(fp) | a0 = *(arg_20h);
0x004046c4 lw t8, -0x7e58(gp) | t8 = sym.imp.fclose;
0x004046c8 move t9, t8 | t9 = t8;
0x004046cc jalr t9 | t9 ();
0x004046d0 nop |
0x004046d4 lw gp, 0x10(fp) | gp = *(var_10h_2);
| label_4:
0x004046d8 lw v0, 0x18(fp) | v0 = *(arg_18h);
0x004046dc addiu t8, zero, 1 | t8 = 1;
| if (v0 == t8) {
0x004046e0 bne v0, t8, 0x4046f4 |
0x004046e4 nop |
0x004046e8 addiu t8, zero, 1 | t8 = 1;
0x004046ec b 0x4046f8 | goto label_1;
0x004046f0 nop |
| }
0x004046f4 move t8, zero | t8 = 0;
| label_1:
0x004046f8 move v0, t8 | v0 = t8;
0x004046fc lw t8, -0x7dd0(gp) | t8 = *((gp - 8052));
0x00404700 lw v1, 0xa4(fp) | v1 = *(arg_a4h);
0x00404704 lw t8, (t8) | t8 = *(t8);
| if (v1 != t8) {
0x00404708 beq v1, t8, 0x404720 |
0x0040470c nop |
0x00404710 lw t8, -0x7e60(gp) | t8 = sym.imp.__stack_chk_fail;
0x00404714 move t9, t8 | t9 = t8;
0x00404718 jalr t9 | t9 ();
0x0040471c nop |
| }
0x00404720 move sp, fp |
0x00404724 lw ra, 0xac(sp) | ra = *(var_ach);
0x00404728 lw fp, 0xa8(sp) | fp = *(var_a8h);
0x0040472c addiu sp, sp, 0xb0 |
0x00404730 jr ra | return v1;
0x00404734 nop |
| }
[*] Function popen used 2 times wifiAutoReconnect
