[*] Binary protection state of libxt_SET.so
Partial RELRO No Canary found NX disabled DSO No RPATH No RUNPATH No Symbols
[*] Function printf tear down of libxt_SET.so
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/lib/xtables/libxt_SET.so @ 0x11f4 */
| #include <stdint.h>
|
; (fcn) fcn.000011f4 () | void fcn_000011f4 (int32_t arg1, int32_t arg2) {
| int32_t var_0h;
| int32_t var_20h;
| r0 = arg1;
| r1 = arg2;
0x000011f4 ldrh r3, [r1] | r3 = *(r1);
0x000011f8 ldr r2, [pc, 0xa0] | r2 = *(0x129c);
0x000011fc cmp r3, r2 |
| if (r3 != r2) {
0x00001200 bxeq lr | return;
| }
0x00001204 push {r4, r5, r6, r7, r8, lr} |
0x00001208 ldr r7, [pc, 0x94] | r7 = *(0x12a0);
0x0000120c sub sp, sp, 0x20 |
0x00001210 mov r4, sp | r4 = sp;
0x00001214 mov r6, r0 | r6 = r0;
0x00001218 mov r5, r1 | r5 = r1;
0x0000121c mov r0, r4 | r0 = r4;
0x00001220 mov r1, r3 | r1 = r3;
0x00001224 bl 0xd18 | fcn_00000d18 (r0, r1);
0x00001228 ldr r0, [pc, 0x78] | r0 = *(0x12a4);
0x0000122c mov r2, r4 | r2 = r4;
0x00001230 mov r1, r6 | r1 = r6;
0x00001234 add r0, pc, r0 | r0 = pc + r0;
0x00001238 bl 0x7ec | printf (r0, r1, r2)
0x0000123c ldr r6, [pc, 0x68] | r6 = *(0x12a8);
0x00001240 ldr r8, [pc, 0x68] | r8 = *(0x12ac);
0x00001244 mov r4, 1 | r4 = 1;
0x00001248 add r6, pc, r6 | r6 = pc + r6;
0x0000124c add r7, pc, r7 | r7 = pc + r7;
0x00001250 add r8, pc, r8 | r8 = pc + r8;
| do {
0x00001254 ldrb r3, [r5, 2] | r3 = *((r5 + 2));
0x00001258 cmp r4, r3 |
| if (r4 > r3) {
0x0000125c ble 0x1268 |
0x00001260 add sp, sp, 0x20 |
0x00001264 pop {r4, r5, r6, r7, r8, pc} |
| }
0x00001268 ldrb r3, [r5, 3] | r3 = *((r5 + 3));
0x0000126c cmp r4, 1 |
0x00001270 asr r3, r3, r4 | r3 >>= r4;
| if (r4 != 1) {
0x00001274 moveq r1, r6 | r1 = r6;
| }
| if (r4 == 1) {
0x00001278 movne r1, r7 | r1 = r7;
| }
0x0000127c tst r3, 1 |
| if ((r3 & 1) == 0) {
0x00001280 movne r2, r8 | r2 = r8;
| }
| if ((r3 & 1) != 0) {
0x00001284 ldreq r2, [pc, 0x28] | r2 = *((pc + 0x28));
| }
| if ((r3 & 1) != 0) {
0x00001288 addeq r2, pc, r2 | r2 = pc + r2;
| }
0x0000128c ldr r0, [pc, 0x24] | r0 = *(0x12b4);
0x00001290 add r4, r4, 1 | r4++;
0x00001294 add r0, pc, r0 | r0 = pc + r0;
0x00001298 bl 0x7ec | printf (r0, r1, r2, r3, r4)
0x0000129c b 0x1254 |
| } while (1);
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/lib/xtables/libxt_SET.so @ 0x15a4 */
| #include <stdint.h>
|
; (fcn) fcn.000015a4 () | void fcn_000015a4 (int32_t arg1, uint32_t arg2) {
| int32_t var_0h;
| int32_t var_20h;
| r0 = arg1;
| r1 = arg2;
0x000015a4 push {r4, r5, r6, r7, r8, lr} |
0x000015a8 ldr r3, [pc, 0x9c] | r3 = *(0x1648);
0x000015ac mov r4, r1 | r4 = r1;
0x000015b0 ldrh r1, [r1] | r1 = *(r1);
0x000015b4 sub sp, sp, 0x20 |
0x000015b8 cmp r1, r3 |
| if (r1 == r3) {
0x000015bc beq 0x1644 | goto label_0;
| }
0x000015c0 mov r5, sp | r5 = sp;
0x000015c4 mov r6, r0 | r6 = r0;
0x000015c8 mov r0, r5 | r0 = r5;
0x000015cc bl 0xd18 | fcn_00000d18 (r0, r1);
0x000015d0 ldr r0, [pc, 0x78] | r0 = *(0x164c);
0x000015d4 mov r2, r5 | r2 = r5;
0x000015d8 mov r1, r6 | r1 = r6;
0x000015dc add r0, pc, r0 | r0 = pc + r0;
0x000015e0 bl 0x7ec | printf (r0, r1, r2)
0x000015e4 ldr r6, [pc, 0x68] | r6 = *(0x1650);
0x000015e8 ldr r7, [pc, 0x68] | r7 = *(0x1654);
0x000015ec ldr r8, [pc, 0x68] | r8 = *(0x1658);
0x000015f0 add r4, r4, 4 | r4 += 4;
0x000015f4 mov r5, 0 | r5 = 0;
0x000015f8 add r6, pc, r6 | r6 = pc + r6;
0x000015fc add r7, pc, r7 | r7 = pc + r7;
0x00001600 add r8, pc, r8 | r8 = pc + r8;
| do {
0x00001604 ldr r3, [r4], 4 | r3 = *(r4);
| r4 += 4;
0x00001608 cmp r3, 0 |
| if (r3 == 0) {
0x0000160c beq 0x1644 | goto label_0;
| }
0x00001610 cmp r5, 0 |
| if (r5 != 0) {
0x00001614 moveq r1, r6 | r1 = r6;
| }
| if (r5 == 0) {
0x00001618 movne r1, r7 | r1 = r7;
| }
0x0000161c tst r3, 1 |
| if ((r3 & 1) == 0) {
0x00001620 movne r2, r8 | r2 = r8;
| }
| if ((r3 & 1) != 0) {
0x00001624 ldreq r2, [pc, 0x34] | r2 = *((pc + 0x34));
| }
| if ((r3 & 1) != 0) {
0x00001628 addeq r2, pc, r2 | r2 = pc + r2;
| }
0x0000162c ldr r0, [pc, 0x30] | r0 = *(0x1660);
0x00001630 add r5, r5, 1 | r5++;
0x00001634 add r0, pc, r0 | r0 = pc + r0;
0x00001638 bl 0x7ec | printf (r0, r1, r2, r3, r4, r5)
0x0000163c cmp r5, 6 |
0x00001640 bne 0x1604 |
| } while (r5 != 6);
| label_0:
0x00001644 add sp, sp, 0x20 |
0x00001648 pop {r4, r5, r6, r7, r8, pc} |
| }
[*] Function printf used 5 times libxt_SET.so
