[*] Binary protection state of KT-1
Partial RELRO No Canary found NX disabled No PIE No RPATH No RUNPATH No Symbols
[*] Function strcat tear down of KT-1
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/windows/KT-1 @ 0x67594 */
| #include <stdint.h>
|
; (fcn) fcn.00067594 () | void fcn_00067594 () {
| char * s2;
| int32_t var_4h;
| int32_t var_1ch;
| int32_t var_20h;
| char * string;
| int32_t var_58h;
0x00067594 push {r4, r5, r6, lr} |
0x00067598 sub sp, sp, 0x58 |
0x0006759c mov r5, sp | r5 = sp;
0x000675a0 mov r0, r5 | r0 = r5;
0x000675a4 bl 0x1bae8 | fcn_0001bae8 (r0);
0x000675a8 add r4, sp, 0x38 | r4 += string;
0x000675ac mov r3, 0x20 | r3 = 0x20;
0x000675b0 mov r2, 0 | r2 = 0;
0x000675b4 mov r1, r3 | r1 = r3;
0x000675b8 mov r0, r4 | r0 = r4;
0x000675bc bl 0xb9f54 | fcn_000b9f54 (r0, r1);
0x000675c0 ldr r1, [pc, 0xc0] | r1 = *(0x67684);
0x000675c4 mov r0, r4 | r0 = r4;
0x000675c8 add r1, pc, r1 | r1 = pc + r1;
0x000675cc bl 0x17e4c | strcpy (r0, r1);
0x000675d0 mov r0, r4 | r0 = r4;
0x000675d4 bl 0x18680 | system (r0);
0x000675d8 mov r3, 0x20 | r3 = 0x20;
0x000675dc mov r2, 0 | r2 = 0;
0x000675e0 mov r1, r3 | r1 = r3;
0x000675e4 mov r0, r4 | r0 = r4;
0x000675e8 bl 0xb9f54 | fcn_000b9f54 (r0, r1);
0x000675ec add r6, sp, 0x1c | r6 += var_1ch;
0x000675f0 mov r0, r6 | r0 = r6;
0x000675f4 bl 0x67478 | fcn_00067478 (r0);
0x000675f8 add r1, sp, 0x20 | r1 += var_20h;
0x000675fc add r0, sp, 4 | r0 += var_4h;
0x00067600 bl 0x1d84c | method (r0, r1);
0x00067604 mov r0, r6 | r0 = r6;
0x00067608 bl 0x1bcc4 | fcn_0001bcc4 (r0);
0x0006760c ldr r1, [pc, 0x78] | r1 = *(0x67688);
0x00067610 mov r0, r4 | r0 = r4;
0x00067614 add r1, pc, r1 | r1 = pc + r1;
0x00067618 bl 0x17e4c | strcpy (r0, r1);
0x0006761c ldr r1, [pc, 0x6c] | r1 = *(0x6768c);
0x00067620 mov r0, r4 | r0 = r4;
0x00067624 add r1, pc, r1 | r1 = pc + r1;
0x00067628 bl 0x1868c | strcat (r0, r1)
0x0006762c mov r0, r5 | r0 = r5;
0x00067630 bl 0x1bb20 | r0 = fcn_0001bb20 (r0);
0x00067634 mov r1, r0 | r1 = r0;
0x00067638 mov r0, r4 | r0 = r4;
0x0006763c bl 0x1868c | strcat (r0, r1)
0x00067640 mov r0, r4 | r0 = r4;
0x00067644 bl 0x18680 | r0 = system (r0);
0x00067648 cmp r0, 0 |
| if (r0 == 0) {
0x0006764c beq 0x67664 | goto label_0;
| }
0x00067650 bl 0xc4668 | fcn_000c4668 ();
| do {
0x00067654 mov r0, r5 | r0 = r5;
0x00067658 bl 0x1bcc4 | fcn_0001bcc4 (r0);
0x0006765c add sp, sp, 0x58 |
0x00067660 pop {r4, r5, r6, pc} |
| label_0:
0x00067664 mov r0, r5 | r0 = r5;
0x00067668 bl 0x1bb20 | fcn_0001bb20 (r0);
0x0006766c b 0x67654 |
| } while (1);
| }
[*] Function strcat used 3 times KT-1
