[*] Binary protection state of ipv6_network_helper
Full RELRO Canary found NX disabled No PIE No RPATH No RUNPATH No Symbols
[*] Function system tear down of ipv6_network_helper
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/DUMP/mtdblock8_unblob_extracted/mtdblock8_extract/0-9650176.squashfs_v4_le_extract/sbin/ipv6_network_helper @ 0x402b54 */
| #include <stdint.h>
|
; (fcn) main () | int32_t main () {
0x00402b54 lui gp, 2 |
0x00402b58 addiu gp, gp, -0x6b34 |
0x00402b5c addu gp, gp, t9 | gp += t9;
0x00402b60 addiu sp, sp, -0x38 |
0x00402b64 sw ra, 0x34(sp) | *(var_34h) = ra;
0x00402b68 sw fp, 0x30(sp) | *(var_30h) = fp;
0x00402b6c move fp, sp | fp = sp;
0x00402b70 sw gp, 0x10(sp) | *(var_10h) = gp;
0x00402b74 sw a0, 0x1c(fp) | *(arg_1ch) = a0;
0x00402b78 sw a1, 0x18(fp) | *(envp) = a1;
0x00402b7c lw t8, -0x7f18(gp) | t8 = *((gp - 8134));
0x00402b80 lw t8, (t8) | t8 = *(t8);
0x00402b84 sw t8, 0x2c(fp) | *(arg_2ch) = t8;
0x00402b88 addiu t8, zero, -1 | t8 = -1;
0x00402b8c sw t8, 0x24(fp) | *(arg_24h) = t8;
0x00402b90 addiu t8, zero, 1 | t8 = 1;
0x00402b94 sw t8, 0x28(fp) | *(arg_28h) = t8;
0x00402b98 addiu t8, fp, 0x24 | t8 = fp + 0x24;
0x00402b9c move a0, t8 | a0 = t8;
0x00402ba0 move a1, zero | a1 = 0;
0x00402ba4 lw a2, -0x7fb8(gp) | a2 = sym.dibbler_prev_check_void_;
0x00402ba8 move a3, zero | a3 = 0;
0x00402bac lw t8, -0x7f68(gp) | t8 = sym.imp.pthread_create;
0x00402bb0 move t9, t8 | t9 = t8;
0x00402bb4 jalr t9 | t9 ();
0x00402bb8 nop |
0x00402bbc lw gp, 0x10(fp) | gp = *(argv);
| do {
0x00402bc0 lw t8, 0x28(fp) | t8 = *(arg_28h);
0x00402bc4 slti t8, t8, 4 | t8 = (t8 < 4) ? 1 : 0;
| if (t8 == 0) {
0x00402bc8 bnez t8, 0x402bd8 |
0x00402bcc nop |
0x00402bd0 b 0x402c34 | goto label_0;
0x00402bd4 nop |
| }
0x00402bd8 lw t8, -0x7fb4(gp) | t8 = sym.send_ipv6_router_solicitation__;
0x00402bdc move t9, t8 | t9 = t8;
0x00402be0 jalr t9 | t9 ();
0x00402be4 nop |
0x00402be8 lw gp, 0x10(fp) | gp = *(argv);
0x00402bec lw t8, -0x7fcc(gp) | t8 = *((gp - 8179));
0x00402bf0 lw v0, 0x4140(t8) | v0 = *((t8 + 4176));
0x00402bf4 addiu t8, zero, 1 | t8 = 1;
| if (v0 == t8) {
0x00402bf8 bne v0, t8, 0x402c08 |
0x00402bfc nop |
0x00402c00 b 0x402c34 | goto label_0;
0x00402c04 nop |
| }
0x00402c08 lw t8, 0x28(fp) | t8 = *(arg_28h);
0x00402c0c addiu t8, t8, 1 | t8++;
0x00402c10 sw t8, 0x28(fp) | *(arg_28h) = t8;
0x00402c14 addiu a0, zero, 4 | a0 = 4;
0x00402c18 lw t8, -0x7f2c(gp) | t8 = sym.imp.sleep;
0x00402c1c move t9, t8 | t9 = t8;
0x00402c20 jalr t9 | t9 ();
0x00402c24 nop |
0x00402c28 lw gp, 0x10(fp) | gp = *(argv);
0x00402c2c b 0x402bc0 |
| } while (1);
0x00402c30 nop |
| label_0:
0x00402c34 lw t8, -0x7fcc(gp) | t8 = *((gp - 8179));
0x00402c38 lw t8, 0x4140(t8) | t8 = *((t8 + 4176));
| if (t8 == 0) {
0x00402c3c bnez t8, 0x402ca0 |
0x00402c40 nop |
0x00402c44 lw t8, 0x28(fp) | t8 = *(arg_28h);
0x00402c48 slti t8, t8, 3 | t8 = (t8 < 3) ? 1 : 0;
| if (t8 != 0) {
0x00402c4c bnez t8, 0x402ca0 | goto label_1;
| }
0x00402c50 nop |
0x00402c54 addiu a0, zero, 1 | a0 = 1;
0x00402c58 lw t8, -0x7f2c(gp) | t8 = sym.imp.sleep;
0x00402c5c move t9, t8 | t9 = t8;
0x00402c60 jalr t9 | t9 ();
0x00402c64 nop |
0x00402c68 lw gp, 0x10(fp) | gp = *(argv);
0x00402c6c move a0, zero | a0 = 0;
0x00402c70 lw t8, -0x7fbc(gp) | t8 = sym.update_configuration_file_int_;
0x00402c74 move t9, t8 | t9 = t8;
0x00402c78 jalr t9 | t9 ();
0x00402c7c nop |
0x00402c80 lw gp, 0x10(fp) | gp = *(argv);
0x00402c84 lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* str._etc_rc.d_init.d_rdnssd.sh_stop */
0x00402c88 addiu a0, t8, 0x3308 | a0 = t8 + 0x3308;
0x00402c8c lw t8, -0x7f20(gp) | t8 = sym.imp.system
0x00402c90 move t9, t8 | t9 = t8;
0x00402c94 jalr t9 | t9 ();
0x00402c98 nop |
0x00402c9c lw gp, 0x10(fp) | gp = *(argv);
| }
| label_1:
0x00402ca0 lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* str._etc_rc.d_init.d_dibbler.sh_restart */
0x00402ca4 addiu a0, t8, 0x3328 | a0 = t8 + 0x3328;
0x00402ca8 lw t8, -0x7f20(gp) | t8 = sym.imp.system
0x00402cac move t9, t8 | t9 = t8;
0x00402cb0 jalr t9 | t9 ();
0x00402cb4 nop |
0x00402cb8 lw gp, 0x10(fp) | gp = *(argv);
0x00402cbc move t8, zero | t8 = 0;
0x00402cc0 move v0, t8 | v0 = t8;
0x00402cc4 lw t8, -0x7f18(gp) | t8 = *((gp - 8134));
0x00402cc8 lw v1, 0x2c(fp) | v1 = *(arg_2ch);
0x00402ccc lw t8, (t8) | t8 = *(t8);
| if (v1 != t8) {
0x00402cd0 beq v1, t8, 0x402ce8 |
0x00402cd4 nop |
0x00402cd8 lw t8, -0x7f60(gp) | t8 = sym.imp.__stack_chk_fail;
0x00402cdc move t9, t8 | t9 = t8;
0x00402ce0 jalr t9 | t9 ();
0x00402ce4 nop |
| }
0x00402ce8 move sp, fp |
0x00402cec lw ra, 0x34(sp) | ra = *(var_34h);
0x00402cf0 lw fp, 0x30(sp) | fp = *(var_30h);
0x00402cf4 addiu sp, sp, 0x38 |
0x00402cf8 jr ra | return v1;
0x00402cfc nop |
| }
[*] Function system used 3 times ipv6_network_helper
