[*] Binary protection state of wifiAutoReconnect
Full RELRO Canary found NX disabled No PIE No RPATH No RUNPATH No Symbols
[*] Function printf tear down of wifiAutoReconnect
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/DUMP/mtdblock8_unblob_extracted/mtdblock8_extract/0-9650176.squashfs_v4_le_extract/sbin/wifiAutoReconnect @ 0x403a44 */
| #include <stdint.h>
|
; (fcn) sym.GetIfHwAddr_char_const__unsigned_char_ () | void GetIfHwAddr_char_const_unsigned_char_ () {
| /* GetIfHwAddr(char const*, unsigned char*) */
0x00403a44 lui gp, 2 |
0x00403a48 addiu gp, gp, 0x15ec |
0x00403a4c addu gp, gp, t9 | gp += t9;
0x00403a50 addiu sp, sp, -0x50 |
0x00403a54 sw ra, 0x4c(sp) | *(var_4ch) = ra;
0x00403a58 sw fp, 0x48(sp) | *(var_48h) = fp;
0x00403a5c move fp, sp | fp = sp;
0x00403a60 sw gp, 0x10(sp) | *(var_10h) = gp;
0x00403a64 sw a0, 0x1c(fp) | *(arg_1ch) = a0;
0x00403a68 sw a1, 0x18(fp) | *(arg_18h) = a1;
0x00403a6c lw t8, -0x7dd0(gp) | t8 = *((gp - 8052));
0x00403a70 lw t8, (t8) | t8 = *(t8);
0x00403a74 sw t8, 0x44(fp) | *(arg_44h) = t8;
0x00403a78 addiu a0, zero, 2 | a0 = 2;
0x00403a7c addiu a1, zero, 1 | a1 = 1;
0x00403a80 move a2, zero | a2 = 0;
0x00403a84 lw t8, -0x7ed0(gp) | t8 = sym.imp.socket;
0x00403a88 move t9, t8 | t9 = t8;
0x00403a8c jalr t9 | t9 ();
0x00403a90 nop |
0x00403a94 lw gp, 0x10(fp) | gp = *(arg_10h);
0x00403a98 sw v0, 0x20(fp) | *(arg_20h) = v0;
0x00403a9c lw t8, 0x20(fp) | t8 = *(arg_20h);
0x00403aa0 srl t8, t8, 0x1f | t8 >>= 0x1f;
0x00403aa4 andi t8, t8, 0xff | t8 &= 0xff;
| if (t8 != 0) {
0x00403aa8 beqz t8, 0x403abc |
0x00403aac nop |
0x00403ab0 addiu t8, zero, -1 | t8 = -1;
0x00403ab4 b 0x403bd4 | goto label_0;
0x00403ab8 nop |
| }
0x00403abc addiu t8, fp, 0x24 | t8 = fp + 0x24;
0x00403ac0 move a0, t8 | a0 = t8;
0x00403ac4 lw a1, 0x1c(fp) | a1 = *(arg_1ch);
0x00403ac8 lw t8, -0x7f20(gp) | t8 = sym.imp.strcpy;
0x00403acc move t9, t8 | t9 = t8;
0x00403ad0 jalr t9 | t9 ();
0x00403ad4 nop |
0x00403ad8 lw gp, 0x10(fp) | gp = *(arg_10h);
0x00403adc addiu t8, fp, 0x24 | t8 = fp + 0x24;
0x00403ae0 lw a0, 0x20(fp) | a0 = *(arg_20h);
0x00403ae4 ori a1, zero, 0x8927 | a1 = 0x8927;
0x00403ae8 move a2, t8 | a2 = t8;
0x00403aec lw t8, -0x7e0c(gp) | t8 = sym.imp.ioctl;
0x00403af0 move t9, t8 | t9 = t8;
0x00403af4 jalr t9 | t9 ();
0x00403af8 nop |
0x00403afc lw gp, 0x10(fp) | gp = *(arg_10h);
0x00403b00 move t8, v0 | t8 = v0;
0x00403b04 srl t8, t8, 0x1f | t8 >>= 0x1f;
0x00403b08 andi t8, t8, 0xff | t8 &= 0xff;
| if (t8 != 0) {
0x00403b0c beqz t8, 0x403b90 |
0x00403b10 nop |
0x00403b14 lw t8, -0x7dcc(gp) | t8 = sym.imp.__errno_location;
0x00403b18 move t9, t8 | t9 = t8;
0x00403b1c jalr t9 | t9 ();
0x00403b20 nop |
0x00403b24 lw gp, 0x10(fp) | gp = *(arg_10h);
0x00403b28 move t8, v0 | t8 = v0;
0x00403b2c lw t8, (t8) | t8 = *(t8);
0x00403b30 move a0, t8 | a0 = t8;
0x00403b34 lw t8, -0x7f00(gp) | t8 = sym.imp.strerror;
0x00403b38 move t9, t8 | t9 = t8;
0x00403b3c jalr t9 | t9 ();
0x00403b40 nop |
0x00403b44 lw gp, 0x10(fp) | gp = *(arg_10h);
0x00403b48 move t8, v0 | t8 = v0;
0x00403b4c lw v0, -0x7fd4(gp) | v0 = *((gp - 8181));
| /* str.SIOCGIFHWADDR_fail:_s_n */
0x00403b50 addiu a0, v0, -0x5334 | a0 = v0 + -0x5334;
0x00403b54 move a1, t8 | a1 = t8;
0x00403b58 lw t8, -0x7f08(gp) | t8 = sym.imp.printf
0x00403b5c move t9, t8 | t9 = t8;
0x00403b60 jalr t9 | t9 ();
0x00403b64 nop |
0x00403b68 lw gp, 0x10(fp) | gp = *(arg_10h);
0x00403b6c lw a0, 0x20(fp) | a0 = *(arg_20h);
0x00403b70 lw t8, -0x7e88(gp) | t8 = sym.imp.close;
0x00403b74 move t9, t8 | t9 = t8;
0x00403b78 jalr t9 | t9 ();
0x00403b7c nop |
0x00403b80 lw gp, 0x10(fp) | gp = *(arg_10h);
0x00403b84 addiu t8, zero, -1 | t8 = -1;
0x00403b88 b 0x403bd4 | goto label_0;
0x00403b8c nop |
| }
0x00403b90 addiu t8, fp, 0x24 | t8 = fp + 0x24;
0x00403b94 addiu t8, t8, 0x12 | t8 += 0x12;
0x00403b98 lw a0, 0x18(fp) | a0 = *(arg_18h);
0x00403b9c move a1, t8 | a1 = t8;
0x00403ba0 addiu a2, zero, 6 | a2 = 6;
0x00403ba4 lw t8, -0x7de0(gp) | t8 = sym.imp.memcpy;
0x00403ba8 move t9, t8 | t9 = t8;
0x00403bac jalr t9 | t9 ();
0x00403bb0 nop |
0x00403bb4 lw gp, 0x10(fp) | gp = *(arg_10h);
0x00403bb8 lw a0, 0x20(fp) | a0 = *(arg_20h);
0x00403bbc lw t8, -0x7e88(gp) | t8 = sym.imp.close;
0x00403bc0 move t9, t8 | t9 = t8;
0x00403bc4 jalr t9 | t9 ();
0x00403bc8 nop |
0x00403bcc lw gp, 0x10(fp) | gp = *(arg_10h);
0x00403bd0 move t8, zero | t8 = 0;
| label_0:
0x00403bd4 move v0, t8 | v0 = t8;
0x00403bd8 lw t8, -0x7dd0(gp) | t8 = *((gp - 8052));
0x00403bdc lw v1, 0x44(fp) | v1 = *(arg_44h);
0x00403be0 lw t8, (t8) | t8 = *(t8);
| if (v1 != t8) {
0x00403be4 beq v1, t8, 0x403bfc |
0x00403be8 nop |
0x00403bec lw t8, -0x7e60(gp) | t8 = sym.imp.__stack_chk_fail;
0x00403bf0 move t9, t8 | t9 = t8;
0x00403bf4 jalr t9 | t9 ();
0x00403bf8 nop |
| }
0x00403bfc move sp, fp |
0x00403c00 lw ra, 0x4c(sp) | ra = *(var_4ch);
0x00403c04 lw fp, 0x48(sp) | fp = *(var_48h);
0x00403c08 addiu sp, sp, 0x50 |
0x00403c0c jr ra | return v1;
0x00403c10 nop |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/DUMP/mtdblock8_unblob_extracted/mtdblock8_extract/0-9650176.squashfs_v4_le_extract/sbin/wifiAutoReconnect @ 0x402ed0 */
| #include <stdint.h>
|
; (fcn) sym.sendCmd_char_const__unsigned_int__unsigned_int__unsigned_int_ () | void sendCmd_char_const_unsigned_int_unsigned_int_unsigned_int_ () {
| /* sendCmd(char const*, unsigned int, unsigned int, unsigned int) */
0x00402ed0 lui gp, 2 |
0x00402ed4 addiu gp, gp, 0x2160 |
0x00402ed8 addu gp, gp, t9 | gp += t9;
0x00402edc addiu sp, sp, -0xf0 |
0x00402ee0 sw ra, 0xec(sp) | *(var_ech) = ra;
0x00402ee4 sw fp, 0xe8(sp) | *(var_e8h) = fp;
0x00402ee8 sw s0, 0xe4(sp) | *(var_e4h) = s0;
0x00402eec move fp, sp | fp = sp;
0x00402ef0 sw gp, 0x18(sp) | *(var_18h) = gp;
0x00402ef4 sw a0, 0x2c(fp) | *(arg_2ch) = a0;
0x00402ef8 sw a1, 0x28(fp) | *(arg_28h) = a1;
0x00402efc sw a2, 0x24(fp) | *(arg_24h) = a2;
0x00402f00 sw a3, 0x20(fp) | *(arg_20h) = a3;
0x00402f04 lw t8, -0x7dd0(gp) | t8 = *((gp - 8052));
0x00402f08 lw t8, (t8) | t8 = *(t8);
0x00402f0c sw t8, 0xdc(fp) | *(arg_dch) = t8;
0x00402f10 addiu t8, fp, 0x38 | t8 = fp + 0x38;
0x00402f14 move a0, t8 | a0 = t8;
0x00402f18 lw t8, -0x7f98(gp) | t8 = *(gp);
0x00402f1c move t9, t8 | t9 = t8;
0x00402f20 jalr t9 | t9 ();
0x00402f24 nop |
0x00402f28 lw gp, 0x18(fp) | gp = *(arg_18h);
0x00402f2c lw t8, 0x28(fp) | t8 = *(arg_28h);
0x00402f30 sw t8, 0x44(fp) | *(arg_44h) = t8;
0x00402f34 lw t8, 0x24(fp) | t8 = *(arg_24h);
0x00402f38 sw t8, 0x48(fp) | *(arg_48h) = t8;
0x00402f3c lw t8, 0x20(fp) | t8 = *(arg_20h);
0x00402f40 sw t8, 0x4c(fp) | *(arg_4ch) = t8;
0x00402f44 addiu v0, fp, 0x38 | v0 = fp + 0x38;
0x00402f48 addiu t8, fp, 0x44 | t8 = fp + 0x44;
0x00402f4c addiu v1, fp, 0x50 | v1 = fp + 0x50;
0x00402f50 sw v1, 0x10(sp) | *(var_10h) = v1;
0x00402f54 addiu v1, zero, 0x8c | v1 = 0x8c;
0x00402f58 sw v1, 0x14(sp) | *(var_14h) = v1;
0x00402f5c move a0, v0 | a0 = v0;
0x00402f60 lw a1, 0x2c(fp) | a1 = *(arg_2ch);
0x00402f64 move a2, t8 | a2 = t8;
0x00402f68 addiu a3, zero, 0xc | a3 = 0xc;
0x00402f6c lw t8, -0x7e3c(gp) | t8 = *(gp);
0x00402f70 move t9, t8 | t9 = t8;
0x00402f74 jalr t9 | t9 ();
0x00402f78 nop |
0x00402f7c lw gp, 0x18(fp) | gp = *(arg_18h);
0x00402f80 move t8, v0 | t8 = v0;
0x00402f84 sw t8, 0x34(fp) | *(arg_34h) = t8;
0x00402f88 lw t8, 0x34(fp) | t8 = *(arg_34h);
| if (t8 < 0) {
0x00402f8c bgez t8, 0x402fcc |
0x00402f90 nop |
0x00402f94 lw t8, -0x7e6c(gp) | t8 = *((gp - 8091));
0x00402f98 lw t8, (t8) | t8 = *(t8);
0x00402f9c move a0, t8 | a0 = t8;
0x00402fa0 lw t8, -0x7fd4(gp) | t8 = *((gp - 8181));
| /* str.OOPS___sendCmd_return__d_n */
0x00402fa4 addiu a1, t8, -0x5528 | a1 = t8 + -0x5528;
0x00402fa8 lw a2, 0x34(fp) | a2 = *(arg_34h);
0x00402fac lw t8, -0x7eb8(gp) | t8 = sym.imp.fprintf
0x00402fb0 move t9, t8 | t9 = t8;
0x00402fb4 jalr t9 | t9 ();
0x00402fb8 nop |
0x00402fbc lw gp, 0x18(fp) | gp = *(arg_18h);
0x00402fc0 lw s0, 0x34(fp) | s0 = *(arg_34h);
0x00402fc4 b 0x40303c | goto label_0;
0x00402fc8 nop |
| }
0x00402fcc lw t8, 0x50(fp) | t8 = *(arg_50h);
| if (t8 != 0) {
0x00402fd0 beqz t8, 0x403014 |
0x00402fd4 nop |
0x00402fd8 lw t8, -0x7e6c(gp) | t8 = *((gp - 8091));
0x00402fdc lw v0, (t8) | v0 = *(t8);
0x00402fe0 lw t8, 0x50(fp) | t8 = *(arg_50h);
0x00402fe4 move a0, v0 | a0 = v0;
0x00402fe8 lw v0, -0x7fd4(gp) | v0 = *((gp - 8181));
| /* str.OOPS___sendCmd_result__d_n */
0x00402fec addiu a1, v0, -0x550c | a1 = v0 + -0x550c;
0x00402ff0 move a2, t8 | a2 = t8;
0x00402ff4 lw t8, -0x7eb8(gp) | t8 = sym.imp.fprintf
0x00402ff8 move t9, t8 | t9 = t8;
0x00402ffc jalr t9 | t9 ();
0x00403000 nop |
0x00403004 lw gp, 0x18(fp) | gp = *(arg_18h);
0x00403008 addiu s0, zero, -1 | s0 = -1;
0x0040300c b 0x40303c | goto label_0;
0x00403010 nop |
| }
0x00403014 lw t8, 0x54(fp) | t8 = *(arg_54h);
0x00403018 lw v0, -0x7fd4(gp) | v0 = *((gp - 8181));
| /* str.sendCmd_:__d_n */
0x0040301c addiu a0, v0, -0x54f0 | a0 = v0 + -0x54f0;
0x00403020 move a1, t8 | a1 = t8;
0x00403024 lw t8, -0x7f08(gp) | t8 = sym.imp.printf
0x00403028 move t9, t8 | t9 = t8;
0x0040302c jalr t9 | t9 ();
0x00403030 nop |
0x00403034 lw gp, 0x18(fp) | gp = *(arg_18h);
0x00403038 lw s0, 0x34(fp) | s0 = *(arg_34h);
| label_0:
0x0040303c addiu t8, fp, 0x38 | t8 = fp + 0x38;
0x00403040 move a0, t8 | a0 = t8;
0x00403044 lw t8, -0x7f94(gp) | t8 = *(gp);
0x00403048 move t9, t8 | t9 = t8;
0x0040304c jalr t9 | t9 ();
0x00403050 nop |
0x00403054 lw gp, 0x18(fp) | gp = *(arg_18h);
0x00403058 move t8, s0 | t8 = s0;
0x0040305c move v0, t8 | v0 = t8;
0x00403060 lw t8, -0x7dd0(gp) | t8 = *((gp - 8052));
0x00403064 lw v1, 0xdc(fp) | v1 = *(arg_dch);
0x00403068 lw t8, (t8) | t8 = *(t8);
| if (v1 != t8) {
0x0040306c beq v1, t8, 0x4030c8 |
0x00403070 nop |
0x00403074 b 0x4030b8 | goto label_1;
0x00403078 nop |
| label_1:
0x004030b8 lw t8, -0x7e60(gp) | t8 = sym.imp.__stack_chk_fail;
0x004030bc move t9, t8 | t9 = t8;
0x004030c0 jalr t9 | t9 ();
0x004030c4 nop |
| }
0x004030c8 move sp, fp |
0x004030cc lw ra, 0xec(sp) | ra = *(var_ech);
0x004030d0 lw fp, 0xe8(sp) | fp = *(var_e8h);
0x004030d4 lw s0, 0xe4(sp) | s0 = *(var_e4h);
0x004030d8 addiu sp, sp, 0xf0 |
0x004030dc jr ra | return v1;
0x004030e0 nop |
| }
[*] Function printf used 5 times wifiAutoReconnect
