[*] Binary protection state of wlan
Full RELRO Canary found NX disabled No PIE No RPATH No RUNPATH No Symbols
[*] Function printf tear down of wlan
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/DUMP/mtdblock8_unblob_extracted/mtdblock8_extract/0-9650176.squashfs_v4_le_extract/sbin/wlan @ 0x401370 */
| #include <stdint.h>
|
; (fcn) main () | int32_t main () {
0x00401370 lui gp, 2 |
0x00401374 addiu gp, gp, -0x1350 |
0x00401378 addu gp, gp, t9 | gp += t9;
0x0040137c addiu sp, sp, -0xb8 |
0x00401380 sw ra, 0xb4(sp) | *(var_b4h) = ra;
0x00401384 sw fp, 0xb0(sp) | *(var_b0h) = fp;
0x00401388 sw s7, 0xac(sp) | *(var_ach) = s7;
0x0040138c sw s6, 0xa8(sp) | *(var_a8h) = s6;
0x00401390 sw s5, 0xa4(sp) | *(var_a4h) = s5;
0x00401394 sw s4, 0xa0(sp) | *(var_a0h) = s4;
0x00401398 sw s3, 0x9c(sp) | *(var_9ch) = s3;
0x0040139c sw s2, 0x98(sp) | *(var_98h) = s2;
0x004013a0 sw s1, 0x94(sp) | *(var_94h) = s1;
0x004013a4 sw s0, 0x90(sp) | *(var_90h) = s0;
0x004013a8 move fp, sp | fp = sp;
0x004013ac sw gp, 0x28(sp) | *(var_28h) = gp;
0x004013b0 sw a0, 0x3c(fp) | *(arg_3ch) = a0;
0x004013b4 sw a1, 0x38(fp) | *(arg_38h) = a1;
0x004013b8 lw t8, -0x7f14(gp) | t8 = *((gp - 8133));
0x004013bc lw t8, (t8) | t8 = *(t8);
0x004013c0 sw t8, 0x8c(fp) | *(arg_8ch) = t8;
0x004013c4 lw v0, 0x3c(fp) | v0 = *(arg_3ch);
0x004013c8 addiu t8, zero, 2 | t8 = 2;
| if (v0 == t8) {
0x004013cc bne v0, t8, 0x4016a8 |
0x004013d0 nop |
0x004013d4 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x004013d8 addiu t8, t8, 4 | t8 += 4;
0x004013dc lw t8, (t8) | t8 = *(t8);
0x004013e0 move a0, t8 | a0 = t8;
0x004013e4 lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* section..rodata */
0x004013e8 addiu a1, t8, 0x6550 | a1 = t8 + 0x6550;
0x004013ec addiu a2, zero, 3 | a2 = 3;
0x004013f0 lw t8, -0x7f28(gp) | t8 = sym.imp.strncmp;
0x004013f4 move t9, t8 | t9 = t8;
0x004013f8 jalr t9 | t9 ();
0x004013fc nop |
0x00401400 lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401404 move t8, v0 | t8 = v0;
| if (t8 == 0) {
0x00401408 bnez t8, 0x401430 |
0x0040140c nop |
0x00401410 lw t8, -0x7f10(gp) | t8 = sym.imp.run_ap_mode_base_db__;
0x00401414 move t9, t8 | t9 = t8;
0x00401418 jalr t9 | t9 ();
0x0040141c nop |
0x00401420 lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401424 move s0, v0 | s0 = v0;
0x00401428 b 0x401b48 | goto label_0;
0x0040142c nop |
| }
0x00401430 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x00401434 addiu t8, t8, 4 | t8 += 4;
0x00401438 lw t8, (t8) | t8 = *(t8);
0x0040143c move a0, t8 | a0 = t8;
0x00401440 lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* str.infra */
0x00401444 addiu a1, t8, 0x6554 | a1 = t8 + 0x6554;
0x00401448 addiu a2, zero, 6 | a2 = 6;
0x0040144c lw t8, -0x7f28(gp) | t8 = sym.imp.strncmp;
0x00401450 move t9, t8 | t9 = t8;
0x00401454 jalr t9 | t9 ();
0x00401458 nop |
0x0040145c lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401460 move t8, v0 | t8 = v0;
| if (t8 == 0) {
0x00401464 bnez t8, 0x40148c |
0x00401468 nop |
0x0040146c lw t8, -0x7f18(gp) | t8 = sym.imp.run_infra_mode_base_db__;
0x00401470 move t9, t8 | t9 = t8;
0x00401474 jalr t9 | t9 ();
0x00401478 nop |
0x0040147c lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401480 move s0, v0 | s0 = v0;
0x00401484 b 0x401b48 | goto label_0;
0x00401488 nop |
| }
0x0040148c lw t8, 0x38(fp) | t8 = *(arg_38h);
0x00401490 addiu t8, t8, 4 | t8 += 4;
0x00401494 lw t8, (t8) | t8 = *(t8);
0x00401498 move a0, t8 | a0 = t8;
0x0040149c lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* str.repeater */
0x004014a0 addiu a1, t8, 0x655c | a1 = t8 + 0x655c;
0x004014a4 addiu a2, zero, 9 | a2 = 9;
0x004014a8 lw t8, -0x7f28(gp) | t8 = sym.imp.strncmp;
0x004014ac move t9, t8 | t9 = t8;
0x004014b0 jalr t9 | t9 ();
0x004014b4 nop |
0x004014b8 lw gp, 0x28(fp) | gp = *(arg_28h);
0x004014bc move t8, v0 | t8 = v0;
| if (t8 == 0) {
0x004014c0 bnez t8, 0x4014e8 |
0x004014c4 nop |
0x004014c8 lw t8, -0x7f64(gp) | t8 = sym.imp.run_repeater_mode_base_db__;
0x004014cc move t9, t8 | t9 = t8;
0x004014d0 jalr t9 | t9 ();
0x004014d4 nop |
0x004014d8 lw gp, 0x28(fp) | gp = *(arg_28h);
0x004014dc move s0, v0 | s0 = v0;
0x004014e0 b 0x401b48 | goto label_0;
0x004014e4 nop |
| }
0x004014e8 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x004014ec addiu t8, t8, 4 | t8 += 4;
0x004014f0 lw t8, (t8) | t8 = *(t8);
0x004014f4 move a0, t8 | a0 = t8;
0x004014f8 lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* str.stop_ap */
0x004014fc addiu a1, t8, 0x6568 | a1 = t8 + 0x6568;
0x00401500 addiu a2, zero, 8 | a2 = 8;
0x00401504 lw t8, -0x7f28(gp) | t8 = sym.imp.strncmp;
0x00401508 move t9, t8 | t9 = t8;
0x0040150c jalr t9 | t9 ();
0x00401510 nop |
0x00401514 lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401518 move t8, v0 | t8 = v0;
| if (t8 == 0) {
0x0040151c bnez t8, 0x401544 |
0x00401520 nop |
0x00401524 lw t8, -0x7f44(gp) | t8 = sym.imp.run_stop_ap_mode__;
0x00401528 move t9, t8 | t9 = t8;
0x0040152c jalr t9 | t9 ();
0x00401530 nop |
0x00401534 lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401538 move s0, v0 | s0 = v0;
0x0040153c b 0x401b48 | goto label_0;
0x00401540 nop |
| }
0x00401544 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x00401548 addiu t8, t8, 4 | t8 += 4;
0x0040154c lw t8, (t8) | t8 = *(t8);
0x00401550 move a0, t8 | a0 = t8;
0x00401554 lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* str.info */
0x00401558 addiu a1, t8, 0x6570 | a1 = t8 + 0x6570;
0x0040155c addiu a2, zero, 5 | a2 = 5;
0x00401560 lw t8, -0x7f28(gp) | t8 = sym.imp.strncmp;
0x00401564 move t9, t8 | t9 = t8;
0x00401568 jalr t9 | t9 ();
0x0040156c nop |
0x00401570 lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401574 move t8, v0 | t8 = v0;
| if (t8 == 0) {
0x00401578 bnez t8, 0x401610 |
0x0040157c nop |
0x00401580 addiu t8, fp, 0x4c | t8 = fp + 0x4c;
0x00401584 move a0, t8 | a0 = t8;
0x00401588 lw t8, -0x7f0c(gp) | t8 = sym.imp.run_get_wifi_info_WIFI_INFO_;
0x0040158c move t9, t8 | t9 = t8;
0x00401590 jalr t9 | t9 ();
0x00401594 nop |
0x00401598 lw gp, 0x28(fp) | gp = *(arg_28h);
0x0040159c addiu t8, fp, 0x4c | t8 = fp + 0x4c;
0x004015a0 lw v0, -0x7fdc(gp) | v0 = *(gp);
| /* str.Wi_Fi_SSID____s__n */
0x004015a4 addiu a0, v0, 0x6578 | a0 = v0 + 0x6578;
0x004015a8 move a1, t8 | a1 = t8;
0x004015ac lw t8, -0x7f74(gp) | t8 = sym.imp.printf
0x004015b0 move t9, t8 | t9 = t8;
0x004015b4 jalr t9 | t9 ();
0x004015b8 nop |
0x004015bc lw gp, 0x28(fp) | gp = *(arg_28h);
0x004015c0 lw t8, 0x88(fp) | t8 = *(arg_88h);
0x004015c4 lw v0, -0x7fdc(gp) | v0 = *(gp);
| /* str.Wi_Fi_link_level___d_dbm_n */
0x004015c8 addiu a0, v0, 0x658c | a0 = v0 + 0x658c;
0x004015cc move a1, t8 | a1 = t8;
0x004015d0 lw t8, -0x7f74(gp) | t8 = sym.imp.printf
0x004015d4 move t9, t8 | t9 = t8;
0x004015d8 jalr t9 | t9 ();
0x004015dc nop |
0x004015e0 lw gp, 0x28(fp) | gp = *(arg_28h);
0x004015e4 lw t8, 0x80(fp) | t8 = *(arg_80h);
0x004015e8 lw v0, -0x7fdc(gp) | v0 = *(gp);
| /* str.Wi_Fi_signal_strength___d_dbm_n */
0x004015ec addiu a0, v0, 0x65a8 | a0 = v0 + 0x65a8;
0x004015f0 move a1, t8 | a1 = t8;
0x004015f4 lw t8, -0x7f74(gp) | t8 = sym.imp.printf
0x004015f8 move t9, t8 | t9 = t8;
0x004015fc jalr t9 | t9 ();
0x00401600 nop |
0x00401604 lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401608 b 0x401b44 | goto label_1;
0x0040160c nop |
| }
0x00401610 lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* str.Usage:_wlan__command_ */
0x00401614 addiu a0, t8, 0x65c8 | a0 = t8 + 0x65c8;
0x00401618 lw t8, -0x7f78(gp) | t8 = sym.imp.puts;
0x0040161c move t9, t8 | t9 = t8;
0x00401620 jalr t9 | t9 ();
0x00401624 nop |
0x00401628 lw gp, 0x28(fp) | gp = *(arg_28h);
0x0040162c lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* str._tap_t_tSetup_wireless_interface_as_wireless_router */
0x00401630 addiu a0, t8, 0x65e0 | a0 = t8 + 0x65e0;
0x00401634 lw t8, -0x7f78(gp) | t8 = sym.imp.puts;
0x00401638 move t9, t8 | t9 = t8;
0x0040163c jalr t9 | t9 ();
0x00401640 nop |
0x00401644 lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401648 lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* str._tinfra_t_tSetup_wireless_interface_as_wireless_client */
0x0040164c addiu a0, t8, 0x6614 | a0 = t8 + 0x6614;
0x00401650 lw t8, -0x7f78(gp) | t8 = sym.imp.puts;
0x00401654 move t9, t8 | t9 = t8;
0x00401658 jalr t9 | t9 ();
0x0040165c nop |
0x00401660 lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401664 lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* str._trepeater_tSetup_wireless_interface_as_wireless_repeater */
0x00401668 addiu a0, t8, 0x6648 | a0 = t8 + 0x6648;
0x0040166c lw t8, -0x7f78(gp) | t8 = sym.imp.puts;
0x00401670 move t9, t8 | t9 = t8;
0x00401674 jalr t9 | t9 ();
0x00401678 nop |
0x0040167c lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401680 lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* str._tstop_ap_tDisable_wireless_router */
0x00401684 addiu a0, t8, 0x6680 | a0 = t8 + 0x6680;
0x00401688 lw t8, -0x7f78(gp) | t8 = sym.imp.puts;
0x0040168c move t9, t8 | t9 = t8;
0x00401690 jalr t9 | t9 ();
0x00401694 nop |
0x00401698 lw gp, 0x28(fp) | gp = *(arg_28h);
0x0040169c addiu s0, zero, -1 | s0 = -1;
0x004016a0 b 0x401b48 | goto label_0;
0x004016a4 nop |
| }
0x004016a8 lw v0, 0x3c(fp) | v0 = *(arg_3ch);
0x004016ac addiu t8, zero, 5 | t8 = 5;
| if (v0 == t8) {
0x004016b0 bne v0, t8, 0x401758 |
0x004016b4 nop |
0x004016b8 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x004016bc addiu t8, t8, 4 | t8 += 4;
0x004016c0 lw s1, (t8) | s1 = *(t8);
0x004016c4 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x004016c8 addiu t8, t8, 8 | t8 += 8;
0x004016cc lw t8, (t8) | t8 = *(t8);
0x004016d0 move a0, t8 | a0 = t8;
0x004016d4 lw t8, -0x7f68(gp) | t8 = sym.imp.atoi;
0x004016d8 move t9, t8 | t9 = t8;
0x004016dc jalr t9 | t9 ();
0x004016e0 nop |
0x004016e4 lw gp, 0x28(fp) | gp = *(arg_28h);
0x004016e8 move t8, v0 | t8 = v0;
0x004016ec move s0, t8 | s0 = t8;
0x004016f0 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x004016f4 addiu t8, t8, 0xc | t8 += 0xc;
0x004016f8 lw t8, (t8) | t8 = *(t8);
0x004016fc move a0, t8 | a0 = t8;
0x00401700 lw t8, -0x7f68(gp) | t8 = sym.imp.atoi;
0x00401704 move t9, t8 | t9 = t8;
0x00401708 jalr t9 | t9 ();
0x0040170c nop |
0x00401710 lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401714 move t8, v0 | t8 = v0;
0x00401718 move v0, t8 | v0 = t8;
0x0040171c lw t8, 0x38(fp) | t8 = *(arg_38h);
0x00401720 addiu t8, t8, 0x10 | t8 += 0x10;
0x00401724 lw t8, (t8) | t8 = *(t8);
0x00401728 move a0, s1 | a0 = s1;
0x0040172c move a1, s0 | a1 = s0;
0x00401730 move a2, v0 | a2 = v0;
0x00401734 move a3, t8 | a3 = t8;
0x00401738 lw t8, -0x7f5c(gp) | t8 = sym.imp.run_ap_mode_char__auth_from_cam__enc_from_cam__char_;
0x0040173c move t9, t8 | t9 = t8;
0x00401740 jalr t9 | t9 ();
0x00401744 nop |
0x00401748 lw gp, 0x28(fp) | gp = *(arg_28h);
0x0040174c move s0, v0 | s0 = v0;
0x00401750 b 0x401b48 | goto label_0;
0x00401754 nop |
| }
0x00401758 lw v0, 0x3c(fp) | v0 = *(arg_3ch);
0x0040175c addiu t8, zero, 6 | t8 = 6;
| if (v0 == t8) {
0x00401760 bne v0, t8, 0x401854 |
0x00401764 nop |
0x00401768 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x0040176c addiu t8, t8, 4 | t8 += 4;
0x00401770 lw t8, (t8) | t8 = *(t8);
0x00401774 move a0, t8 | a0 = t8;
0x00401778 lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* esilref: 'bbp' */
0x0040177c addiu a1, t8, 0x66a4 | a1 = t8 + 0x66a4;
0x00401780 addiu a2, zero, 4 | a2 = 4;
0x00401784 lw t8, -0x7f28(gp) | t8 = sym.imp.strncmp;
0x00401788 move t9, t8 | t9 = t8;
0x0040178c jalr t9 | t9 ();
0x00401790 nop |
0x00401794 lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401798 move t8, v0 | t8 = v0;
| if (t8 != 0) {
0x0040179c bnez t8, 0x401b44 | goto label_1;
| }
0x004017a0 nop |
0x004017a4 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x004017a8 addiu t8, t8, 8 | t8 += 8;
0x004017ac lw s2, (t8) | s2 = *(t8);
0x004017b0 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x004017b4 addiu t8, t8, 0xc | t8 += 0xc;
0x004017b8 lw s1, (t8) | s1 = *(t8);
0x004017bc lw t8, 0x38(fp) | t8 = *(arg_38h);
0x004017c0 addiu t8, t8, 0x10 | t8 += 0x10;
0x004017c4 lw v0, (t8) | v0 = *(t8);
0x004017c8 addiu t8, fp, 0x40 | t8 = fp + 0x40;
0x004017cc move a0, v0 | a0 = v0;
0x004017d0 move a1, t8 | a1 = t8;
0x004017d4 addiu a2, zero, 0x10 | a2 = 0x10;
0x004017d8 lw t8, -0x7f3c(gp) | t8 = sym.imp.strtol;
0x004017dc move t9, t8 | t9 = t8;
0x004017e0 jalr t9 | t9 ();
0x004017e4 nop |
0x004017e8 lw gp, 0x28(fp) | gp = *(arg_28h);
0x004017ec move s0, v0 | s0 = v0;
0x004017f0 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x004017f4 addiu t8, t8, 0x14 | t8 += 0x14;
0x004017f8 lw v0, (t8) | v0 = *(t8);
0x004017fc addiu t8, fp, 0x40 | t8 = fp + 0x40;
0x00401800 move a0, v0 | a0 = v0;
0x00401804 move a1, t8 | a1 = t8;
0x00401808 addiu a2, zero, 0x10 | a2 = 0x10;
0x0040180c lw t8, -0x7f3c(gp) | t8 = sym.imp.strtol;
0x00401810 move t9, t8 | t9 = t8;
0x00401814 jalr t9 | t9 ();
0x00401818 nop |
0x0040181c lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401820 move t8, v0 | t8 = v0;
0x00401824 move a0, s2 | a0 = s2;
0x00401828 move a1, s1 | a1 = s1;
0x0040182c move a2, s0 | a2 = s0;
0x00401830 move a3, t8 | a3 = t8;
0x00401834 lw t8, -0x7f6c(gp) | t8 = sym.imp.run_set_bbp_char__char__int__int_;
0x00401838 move t9, t8 | t9 = t8;
0x0040183c jalr t9 | t9 ();
0x00401840 nop |
0x00401844 lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401848 move s0, v0 | s0 = v0;
0x0040184c b 0x401b48 | goto label_0;
0x00401850 nop |
| }
0x00401854 lw v0, 0x3c(fp) | v0 = *(arg_3ch);
0x00401858 addiu t8, zero, 8 | t8 = 8;
| if (v0 == t8) {
0x0040185c bne v0, t8, 0x401970 |
0x00401860 nop |
0x00401864 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x00401868 addiu t8, t8, 4 | t8 += 4;
0x0040186c lw s3, (t8) | s3 = *(t8);
0x00401870 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x00401874 addiu t8, t8, 8 | t8 += 8;
0x00401878 lw s2, (t8) | s2 = *(t8);
0x0040187c lw t8, 0x38(fp) | t8 = *(arg_38h);
0x00401880 addiu t8, t8, 0xc | t8 += 0xc;
0x00401884 lw t8, (t8) | t8 = *(t8);
0x00401888 move a0, t8 | a0 = t8;
0x0040188c lw t8, -0x7f68(gp) | t8 = sym.imp.atoi;
0x00401890 move t9, t8 | t9 = t8;
0x00401894 jalr t9 | t9 ();
0x00401898 nop |
0x0040189c lw gp, 0x28(fp) | gp = *(arg_28h);
0x004018a0 move t8, v0 | t8 = v0;
0x004018a4 move s1, t8 | s1 = t8;
0x004018a8 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x004018ac addiu t8, t8, 0x10 | t8 += 0x10;
0x004018b0 lw t8, (t8) | t8 = *(t8);
0x004018b4 move a0, t8 | a0 = t8;
0x004018b8 lw t8, -0x7f68(gp) | t8 = sym.imp.atoi;
0x004018bc move t9, t8 | t9 = t8;
0x004018c0 jalr t9 | t9 ();
0x004018c4 nop |
0x004018c8 lw gp, 0x28(fp) | gp = *(arg_28h);
0x004018cc move t8, v0 | t8 = v0;
0x004018d0 move s0, t8 | s0 = t8;
0x004018d4 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x004018d8 addiu t8, t8, 0x14 | t8 += 0x14;
0x004018dc lw s5, (t8) | s5 = *(t8);
0x004018e0 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x004018e4 addiu t8, t8, 0x18 | t8 += 0x18;
0x004018e8 lw t8, (t8) | t8 = *(t8);
0x004018ec move a0, t8 | a0 = t8;
0x004018f0 lw t8, -0x7f68(gp) | t8 = sym.imp.atoi;
0x004018f4 move t9, t8 | t9 = t8;
0x004018f8 jalr t9 | t9 ();
0x004018fc nop |
0x00401900 lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401904 move s4, v0 | s4 = v0;
0x00401908 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x0040190c addiu t8, t8, 0x1c | t8 += 0x1c;
0x00401910 lw t8, (t8) | t8 = *(t8);
0x00401914 move a0, t8 | a0 = t8;
0x00401918 lw t8, -0x7f68(gp) | t8 = sym.imp.atoi;
0x0040191c move t9, t8 | t9 = t8;
0x00401920 jalr t9 | t9 ();
0x00401924 nop |
0x00401928 lw gp, 0x28(fp) | gp = *(arg_28h);
0x0040192c move t8, v0 | t8 = v0;
0x00401930 andi t8, t8, 0xff | t8 &= 0xff;
0x00401934 sw s5, 0x10(sp) | *(var_10h) = s5;
0x00401938 sw s4, 0x14(sp) | *(var_14h) = s4;
0x0040193c sw t8, 0x18(sp) | *(var_18h) = t8;
0x00401940 move a0, s3 | a0 = s3;
0x00401944 move a1, s2 | a1 = s2;
0x00401948 move a2, s1 | a2 = s1;
0x0040194c move a3, s0 | a3 = s0;
0x00401950 lw t8, -0x7f2c(gp) | t8 = sym.imp.run_infra_mode_char__char__auth_from_cam__enc_from_cam__char__int__unsigned_char_;
0x00401954 move t9, t8 | t9 = t8;
0x00401958 jalr t9 | t9 ();
0x0040195c nop |
0x00401960 lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401964 move s0, v0 | s0 = v0;
0x00401968 b 0x401b48 | goto label_0;
0x0040196c nop |
| }
0x00401970 lw v0, 0x3c(fp) | v0 = *(arg_3ch);
0x00401974 addiu t8, zero, 0xb | t8 = 0xb;
| if (v0 == t8) {
0x00401978 bne v0, t8, 0x401ae4 |
0x0040197c nop |
0x00401980 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x00401984 addiu t8, t8, 4 | t8 += 4;
0x00401988 lw s3, (t8) | s3 = *(t8);
0x0040198c lw t8, 0x38(fp) | t8 = *(arg_38h);
0x00401990 addiu t8, t8, 8 | t8 += 8;
0x00401994 lw t8, (t8) | t8 = *(t8);
0x00401998 move a0, t8 | a0 = t8;
0x0040199c lw t8, -0x7f68(gp) | t8 = sym.imp.atoi;
0x004019a0 move t9, t8 | t9 = t8;
0x004019a4 jalr t9 | t9 ();
0x004019a8 nop |
0x004019ac lw gp, 0x28(fp) | gp = *(arg_28h);
0x004019b0 move t8, v0 | t8 = v0;
0x004019b4 move s2, t8 | s2 = t8;
0x004019b8 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x004019bc addiu t8, t8, 0xc | t8 += 0xc;
0x004019c0 lw t8, (t8) | t8 = *(t8);
0x004019c4 move a0, t8 | a0 = t8;
0x004019c8 lw t8, -0x7f68(gp) | t8 = sym.imp.atoi;
0x004019cc move t9, t8 | t9 = t8;
0x004019d0 jalr t9 | t9 ();
0x004019d4 nop |
0x004019d8 lw gp, 0x28(fp) | gp = *(arg_28h);
0x004019dc move t8, v0 | t8 = v0;
0x004019e0 move s1, t8 | s1 = t8;
0x004019e4 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x004019e8 addiu t8, t8, 0x10 | t8 += 0x10;
0x004019ec lw s0, (t8) | s0 = *(t8);
0x004019f0 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x004019f4 addiu t8, t8, 0x14 | t8 += 0x14;
0x004019f8 lw t8, (t8) | t8 = *(t8);
0x004019fc sw t8, 0x34(fp) | *(arg_34h) = t8;
0x00401a00 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x00401a04 addiu t8, t8, 0x18 | t8 += 0x18;
0x00401a08 lw s7, (t8) | s7 = *(t8);
0x00401a0c lw t8, 0x38(fp) | t8 = *(arg_38h);
0x00401a10 addiu t8, t8, 0x1c | t8 += 0x1c;
0x00401a14 lw t8, (t8) | t8 = *(t8);
0x00401a18 move a0, t8 | a0 = t8;
0x00401a1c lw t8, -0x7f68(gp) | t8 = sym.imp.atoi;
0x00401a20 move t9, t8 | t9 = t8;
0x00401a24 jalr t9 | t9 ();
0x00401a28 nop |
0x00401a2c lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401a30 move t8, v0 | t8 = v0;
0x00401a34 move s6, t8 | s6 = t8;
0x00401a38 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x00401a3c addiu t8, t8, 0x20 | t8 += 0x20;
0x00401a40 lw t8, (t8) | t8 = *(t8);
0x00401a44 move a0, t8 | a0 = t8;
0x00401a48 lw t8, -0x7f68(gp) | t8 = sym.imp.atoi;
0x00401a4c move t9, t8 | t9 = t8;
0x00401a50 jalr t9 | t9 ();
0x00401a54 nop |
0x00401a58 lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401a5c move t8, v0 | t8 = v0;
0x00401a60 move s5, t8 | s5 = t8;
0x00401a64 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x00401a68 addiu t8, t8, 0x24 | t8 += 0x24;
0x00401a6c lw s4, (t8) | s4 = *(t8);
0x00401a70 lw t8, 0x38(fp) | t8 = *(arg_38h);
0x00401a74 addiu t8, t8, 0x28 | t8 += 0x28;
0x00401a78 lw t8, (t8) | t8 = *(t8);
0x00401a7c move a0, t8 | a0 = t8;
0x00401a80 lw t8, -0x7f68(gp) | t8 = sym.imp.atoi;
0x00401a84 move t9, t8 | t9 = t8;
0x00401a88 jalr t9 | t9 ();
0x00401a8c nop |
0x00401a90 lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401a94 move t8, v0 | t8 = v0;
0x00401a98 lw v0, 0x34(fp) | v0 = *(arg_34h);
0x00401a9c sw v0, 0x10(sp) | *(var_10h) = v0;
0x00401aa0 sw s7, 0x14(sp) | *(var_14h) = s7;
0x00401aa4 sw s6, 0x18(sp) | *(var_18h) = s6;
0x00401aa8 sw s5, 0x1c(sp) | *(var_1ch) = s5;
0x00401aac sw s4, 0x20(sp) | *(var_20h) = s4;
0x00401ab0 sw t8, 0x24(sp) | *(var_24h) = t8;
0x00401ab4 move a0, s3 | a0 = s3;
0x00401ab8 move a1, s2 | a1 = s2;
0x00401abc move a2, s1 | a2 = s1;
0x00401ac0 move a3, s0 | a3 = s0;
0x00401ac4 lw t8, -0x7f20(gp) | t8 = sym.imp.run_repeater_mode_char__auth_from_cam__enc_from_cam__char__char__char__auth_from_cam__enc_from_cam__char__int_;
0x00401ac8 move t9, t8 | t9 = t8;
0x00401acc jalr t9 | t9 ();
0x00401ad0 nop |
0x00401ad4 lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401ad8 move s0, v0 | s0 = v0;
0x00401adc b 0x401b48 | goto label_0;
0x00401ae0 nop |
| }
0x00401ae4 addiu t8, fp, 0x40 | t8 = fp + 0x40;
0x00401ae8 move a0, t8 | a0 = t8;
0x00401aec lw t8, -0x7fd8(gp) | t8 = *(gp);
0x00401af0 move t9, t8 | t9 = t8;
0x00401af4 jalr t9 | t9 ();
0x00401af8 nop |
0x00401afc lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401b00 addiu t8, fp, 0x40 | t8 = fp + 0x40;
0x00401b04 move a0, t8 | a0 = t8;
0x00401b08 lw t8, -0x7f54(gp) | t8 = sym.imp.run_site_survey_std::vector_sites__std::allocator_sites____;
0x00401b0c move t9, t8 | t9 = t8;
0x00401b10 jalr t9 | t9 ();
0x00401b14 nop |
0x00401b18 lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401b1c move s0, v0 | s0 = v0;
0x00401b20 addiu t8, fp, 0x40 | t8 = fp + 0x40;
0x00401b24 move a0, t8 | a0 = t8;
0x00401b28 lw t8, -0x7fd4(gp) | t8 = *(gp);
0x00401b2c move t9, t8 | t9 = t8;
0x00401b30 jalr t9 | t9 ();
0x00401b34 nop |
0x00401b38 lw gp, 0x28(fp) | gp = *(arg_28h);
0x00401b3c b 0x401b48 | goto label_0;
0x00401b40 nop |
| label_1:
0x00401b44 move s0, zero | s0 = 0;
| label_0:
0x00401b48 move t8, s0 | t8 = s0;
0x00401b4c move v0, t8 | v0 = t8;
0x00401b50 lw t8, -0x7f14(gp) | t8 = *((gp - 8133));
0x00401b54 lw v1, 0x8c(fp) | v1 = *(arg_8ch);
0x00401b58 lw t8, (t8) | t8 = *(t8);
| if (v1 != t8) {
0x00401b5c beq v1, t8, 0x401bb8 |
0x00401b60 nop |
0x00401b64 b 0x401ba8 | goto label_2;
0x00401b68 nop |
| label_2:
0x00401ba8 lw t8, -0x7f50(gp) | t8 = sym.imp.__stack_chk_fail;
0x00401bac move t9, t8 | t9 = t8;
0x00401bb0 jalr t9 | t9 ();
0x00401bb4 nop |
| }
0x00401bb8 move sp, fp |
0x00401bbc lw ra, 0xb4(sp) | ra = *(var_b4h);
0x00401bc0 lw fp, 0xb0(sp) | fp = *(var_b0h);
0x00401bc4 lw s7, 0xac(sp) | s7 = *(var_ach);
0x00401bc8 lw s6, 0xa8(sp) | s6 = *(var_a8h);
0x00401bcc lw s5, 0xa4(sp) | s5 = *(var_a4h);
0x00401bd0 lw s4, 0xa0(sp) | s4 = *(var_a0h);
0x00401bd4 lw s3, 0x9c(sp) | s3 = *(var_9ch);
0x00401bd8 lw s2, 0x98(sp) | s2 = *(var_98h);
0x00401bdc lw s1, 0x94(sp) | s1 = *(var_94h);
0x00401be0 lw s0, 0x90(sp) | s0 = *(var_90h);
0x00401be4 addiu sp, sp, 0xb8 |
0x00401be8 jr ra | return v1;
0x00401bec nop |
| }
[*] Function printf used 4 times wlan
