diff --git a/a.out b/a.out new file mode 100755 index 0000000..9c336ff Binary files /dev/null and b/a.out differ diff --git a/diff.txt b/diff.txt new file mode 100644 index 0000000..e4f2717 --- /dev/null +++ b/diff.txt @@ -0,0 +1,4 @@ +2c2 +< resources/sample64: file format elf64-x86-64 +--- +> woody: file format elf64-x86-64 diff --git a/p_memsz b/p_memsz new file mode 100644 index 0000000..e69de29 diff --git a/p_offset b/p_offset new file mode 100644 index 0000000..e69de29 diff --git a/payload b/payload index 34879f8..fe0bf4e 100644 Binary files a/payload and b/payload differ diff --git a/print b/print index 5f16913..c4d460b 100755 Binary files a/print and b/print differ diff --git a/print.s b/print.s index 3759956..1fb08fe 100644 --- a/print.s +++ b/print.s @@ -2,26 +2,28 @@ bits 64 default rel global _start -; rdi rsi rdx -; v v v -;write(fd, msg, len); - _start: + push rax + push rdi + push rsi + push rdx + push rbx xor eax, eax cdq - mov dl, 10 ;3eme argument (rdx) - inc eax ;eax = 1 (syscall) - mov edi, eax ;1er argument rdi = 1 - lea rsi, [rel msg] ;2eme arg - syscall - mov dl, 42 ;petit registre pour enregistrer 42 sans 0x00 - xor eax, eax + mov dl, 10 inc eax - mul dl ;multiplier 42 * rax (rax = 1), resultat dans rax - mov edi, eax ;bouger la valeur 42 de rax à rdi - xor eax, eax - syscall - + mov edi, eax + lea rsi, [rel msg] + syscall + pop rdx + + pop rbx + pop rdx + pop rsi + pop rdi + pop rax + ret + msg db "..WOODY..",10 diff --git a/sample b/sample new file mode 100644 index 0000000..e8f30c0 --- /dev/null +++ b/sample @@ -0,0 +1,825 @@ + +resources/sample64: file format elf64-x86-64 + + +Disassembly of section .interp: + +0000000000000318 <.interp>: + 318: 2f (bad) + 319: 6c insb (%dx),%es:(%rdi) + 31a: 69 62 36 34 2f 6c 64 imul $0x646c2f34,0x36(%rdx),%esp + 321: 2d 6c 69 6e 75 sub $0x756e696c,%eax + 326: 78 2d js 355 <__abi_tag-0x37> + 328: 78 38 js 362 <__abi_tag-0x2a> + 32a: 36 2d 36 34 2e 73 ss sub $0x732e3436,%eax + 330: 6f outsl %ds:(%rsi),(%dx) + 331: 2e 32 00 cs xor (%rax),%al + +Disassembly of section .note.gnu.property: + +0000000000000338 <.note.gnu.property>: + 338: 04 00 add $0x0,%al + 33a: 00 00 add %al,(%rax) + 33c: 20 00 and %al,(%rax) + 33e: 00 00 add %al,(%rax) + 340: 05 00 00 00 47 add $0x47000000,%eax + 345: 4e 55 rex.WRX push %rbp + 347: 00 02 add %al,(%rdx) + 349: 00 00 add %al,(%rax) + 34b: c0 04 00 00 rolb $0x0,(%rax,%rax,1) + 34f: 00 03 add %al,(%rbx) + 351: 00 00 add %al,(%rax) + 353: 00 00 add %al,(%rax) + 355: 00 00 add %al,(%rax) + 357: 00 02 add %al,(%rdx) + 359: 80 00 c0 addb $0xc0,(%rax) + 35c: 04 00 add $0x0,%al + 35e: 00 00 add %al,(%rax) + 360: 01 00 add %eax,(%rax) + 362: 00 00 add %al,(%rax) + 364: 00 00 add %al,(%rax) + ... + +Disassembly of section .note.gnu.build-id: + +0000000000000368 <.note.gnu.build-id>: + 368: 04 00 add $0x0,%al + 36a: 00 00 add %al,(%rax) + 36c: 14 00 adc $0x0,%al + 36e: 00 00 add %al,(%rax) + 370: 03 00 add (%rax),%eax + 372: 00 00 add %al,(%rax) + 374: 47 rex.RXB + 375: 4e 55 rex.WRX push %rbp + 377: 00 aa 0d f4 0f 29 add %ch,0x290ff40d(%rdx) + 37d: 9d popf + 37e: 21 c9 and %ecx,%ecx + 380: 16 (bad) + 381: 1e (bad) + 382: 8a 34 ce mov (%rsi,%rcx,8),%dh + 385: 99 cltd + 386: 69 cc 15 8d 7d 01 imul $0x17d8d15,%esp,%ecx + +Disassembly of section .note.ABI-tag: + +000000000000038c <__abi_tag>: + 38c: 04 00 add $0x0,%al + 38e: 00 00 add %al,(%rax) + 390: 10 00 adc %al,(%rax) + 392: 00 00 add %al,(%rax) + 394: 01 00 add %eax,(%rax) + 396: 00 00 add %al,(%rax) + 398: 47 rex.RXB + 399: 4e 55 rex.WRX push %rbp + 39b: 00 00 add %al,(%rax) + 39d: 00 00 add %al,(%rax) + 39f: 00 03 add %al,(%rbx) + 3a1: 00 00 add %al,(%rax) + 3a3: 00 02 add %al,(%rdx) + 3a5: 00 00 add %al,(%rax) + 3a7: 00 00 add %al,(%rax) + 3a9: 00 00 add %al,(%rax) + ... + +Disassembly of section .gnu.hash: + +00000000000003b0 <.gnu.hash>: + 3b0: 02 00 add (%rax),%al + 3b2: 00 00 add %al,(%rax) + 3b4: 06 (bad) + 3b5: 00 00 add %al,(%rax) + 3b7: 00 01 add %al,(%rcx) + 3b9: 00 00 add %al,(%rax) + 3bb: 00 06 add %al,(%rsi) + 3bd: 00 00 add %al,(%rax) + 3bf: 00 00 add %al,(%rax) + 3c1: 00 81 00 00 00 00 add %al,0x0(%rcx) + 3c7: 00 06 add %al,(%rsi) + 3c9: 00 00 add %al,(%rax) + 3cb: 00 00 add %al,(%rax) + 3cd: 00 00 add %al,(%rax) + 3cf: 00 d1 add %dl,%cl + 3d1: 65 ce gs (bad) + 3d3: 6d insl (%dx),%es:(%rdi) + +Disassembly of section .dynsym: + +00000000000003d8 <.dynsym>: + ... + 3f0: 10 00 adc %al,(%rax) + 3f2: 00 00 add %al,(%rax) + 3f4: 12 00 adc (%rax),%al + ... + 406: 00 00 add %al,(%rax) + 408: 48 00 00 rex.W add %al,(%rax) + 40b: 00 20 add %ah,(%rax) + ... + 41d: 00 00 add %al,(%rax) + 41f: 00 22 add %ah,(%rdx) + 421: 00 00 add %al,(%rax) + 423: 00 12 add %dl,(%rdx) + ... + 435: 00 00 add %al,(%rax) + 437: 00 64 00 00 add %ah,0x0(%rax,%rax,1) + 43b: 00 20 add %ah,(%rax) + ... + 44d: 00 00 add %al,(%rax) + 44f: 00 73 00 add %dh,0x0(%rbx) + 452: 00 00 add %al,(%rax) + 454: 20 00 and %al,(%rax) + ... + 466: 00 00 add %al,(%rax) + 468: 01 00 add %eax,(%rax) + 46a: 00 00 add %al,(%rax) + 46c: 22 00 and (%rax),%al + ... + +Disassembly of section .dynstr: + +0000000000000480 <.dynstr>: + 480: 00 5f 5f add %bl,0x5f(%rdi) + 483: 63 78 61 movsxd 0x61(%rax),%edi + 486: 5f pop %rdi + 487: 66 69 6e 61 6c 69 imul $0x696c,0x61(%rsi),%bp + 48d: 7a 65 jp 4f4 <__abi_tag+0x168> + 48f: 00 5f 5f add %bl,0x5f(%rdi) + 492: 6c insb (%dx),%es:(%rdi) + 493: 69 62 63 5f 73 74 61 imul $0x6174735f,0x63(%rdx),%esp + 49a: 72 74 jb 510 <__abi_tag+0x184> + 49c: 5f pop %rdi + 49d: 6d insl (%dx),%es:(%rdi) + 49e: 61 (bad) + 49f: 69 6e 00 70 75 74 73 imul $0x73747570,0x0(%rsi),%ebp + 4a6: 00 6c 69 62 add %ch,0x62(%rcx,%rbp,2) + 4aa: 63 2e movsxd (%rsi),%ebp + 4ac: 73 6f jae 51d <__abi_tag+0x191> + 4ae: 2e 36 00 47 4c cs ss add %al,0x4c(%rdi) + 4b3: 49 rex.WB + 4b4: 42 rex.X + 4b5: 43 5f rex.XB pop %r15 + 4b7: 32 2e xor (%rsi),%ch + 4b9: 32 2e xor (%rsi),%ch + 4bb: 35 00 47 4c 49 xor $0x494c4700,%eax + 4c0: 42 rex.X + 4c1: 43 5f rex.XB pop %r15 + 4c3: 32 2e xor (%rsi),%ch + 4c5: 33 34 00 xor (%rax,%rax,1),%esi + 4c8: 5f pop %rdi + 4c9: 49 54 rex.WB push %r12 + 4cb: 4d 5f rex.WRB pop %r15 + 4cd: 64 65 72 65 fs gs jb 536 <__abi_tag+0x1aa> + 4d1: 67 69 73 74 65 72 54 imul $0x4d547265,0x74(%ebx),%esi + 4d8: 4d + 4d9: 43 6c rex.XB insb (%dx),%es:(%rdi) + 4db: 6f outsl %ds:(%rsi),(%dx) + 4dc: 6e outsb %ds:(%rsi),(%dx) + 4dd: 65 54 gs push %rsp + 4df: 61 (bad) + 4e0: 62 (bad) + 4e1: 6c insb (%dx),%es:(%rdi) + 4e2: 65 00 5f 5f add %bl,%gs:0x5f(%rdi) + 4e6: 67 6d insl (%dx),%es:(%edi) + 4e8: 6f outsl %ds:(%rsi),(%dx) + 4e9: 6e outsb %ds:(%rsi),(%dx) + 4ea: 5f pop %rdi + 4eb: 73 74 jae 561 <__abi_tag+0x1d5> + 4ed: 61 (bad) + 4ee: 72 74 jb 564 <__abi_tag+0x1d8> + 4f0: 5f pop %rdi + 4f1: 5f pop %rdi + 4f2: 00 5f 49 add %bl,0x49(%rdi) + 4f5: 54 push %rsp + 4f6: 4d 5f rex.WRB pop %r15 + 4f8: 72 65 jb 55f <__abi_tag+0x1d3> + 4fa: 67 69 73 74 65 72 54 imul $0x4d547265,0x74(%ebx),%esi + 501: 4d + 502: 43 6c rex.XB insb (%dx),%es:(%rdi) + 504: 6f outsl %ds:(%rsi),(%dx) + 505: 6e outsb %ds:(%rsi),(%dx) + 506: 65 54 gs push %rsp + 508: 61 (bad) + 509: 62 .byte 0x62 + 50a: 6c insb (%dx),%es:(%rdi) + 50b: 65 gs + ... + +Disassembly of section .gnu.version: + +000000000000050e <.gnu.version>: + 50e: 00 00 add %al,(%rax) + 510: 02 00 add (%rax),%al + 512: 01 00 add %eax,(%rax) + 514: 03 00 add (%rax),%eax + 516: 01 00 add %eax,(%rax) + 518: 01 00 add %eax,(%rax) + 51a: 03 00 add (%rax),%eax + +Disassembly of section .gnu.version_r: + +0000000000000520 <.gnu.version_r>: + 520: 01 00 add %eax,(%rax) + 522: 02 00 add (%rax),%al + 524: 27 (bad) + 525: 00 00 add %al,(%rax) + 527: 00 10 add %dl,(%rax) + 529: 00 00 add %al,(%rax) + 52b: 00 00 add %al,(%rax) + 52d: 00 00 add %al,(%rax) + 52f: 00 75 1a add %dh,0x1a(%rbp) + 532: 69 09 00 00 03 00 imul $0x30000,(%rcx),%ecx + 538: 31 00 xor %eax,(%rax) + 53a: 00 00 add %al,(%rax) + 53c: 10 00 adc %al,(%rax) + 53e: 00 00 add %al,(%rax) + 540: b4 91 mov $0x91,%ah + 542: 96 xchg %eax,%esi + 543: 06 (bad) + 544: 00 00 add %al,(%rax) + 546: 02 00 add (%rax),%al + 548: 3d 00 00 00 00 cmp $0x0,%eax + 54d: 00 00 add %al,(%rax) + ... + +Disassembly of section .rela.dyn: + +0000000000000550 <.rela.dyn>: + 550: b8 3d 00 00 00 mov $0x3d,%eax + 555: 00 00 add %al,(%rax) + 557: 00 08 add %cl,(%rax) + 559: 00 00 add %al,(%rax) + 55b: 00 00 add %al,(%rax) + 55d: 00 00 add %al,(%rax) + 55f: 00 40 11 add %al,0x11(%rax) + 562: 00 00 add %al,(%rax) + 564: 00 00 add %al,(%rax) + 566: 00 00 add %al,(%rax) + 568: c0 3d 00 00 00 00 00 sarb $0x0,0x0(%rip) # 56f <__abi_tag+0x1e3> + 56f: 00 08 add %cl,(%rax) + ... + 579: 11 00 adc %eax,(%rax) + 57b: 00 00 add %al,(%rax) + 57d: 00 00 add %al,(%rax) + 57f: 00 08 add %cl,(%rax) + 581: 40 00 00 rex add %al,(%rax) + 584: 00 00 add %al,(%rax) + 586: 00 00 add %al,(%rax) + 588: 08 00 or %al,(%rax) + 58a: 00 00 add %al,(%rax) + 58c: 00 00 add %al,(%rax) + 58e: 00 00 add %al,(%rax) + 590: 08 40 00 or %al,0x0(%rax) + 593: 00 00 add %al,(%rax) + 595: 00 00 add %al,(%rax) + 597: 00 d8 add %bl,%al + 599: 3f (bad) + 59a: 00 00 add %al,(%rax) + 59c: 00 00 add %al,(%rax) + 59e: 00 00 add %al,(%rax) + 5a0: 06 (bad) + 5a1: 00 00 add %al,(%rax) + 5a3: 00 01 add %al,(%rcx) + ... + 5ad: 00 00 add %al,(%rax) + 5af: 00 e0 add %ah,%al + 5b1: 3f (bad) + 5b2: 00 00 add %al,(%rax) + 5b4: 00 00 add %al,(%rax) + 5b6: 00 00 add %al,(%rax) + 5b8: 06 (bad) + 5b9: 00 00 add %al,(%rax) + 5bb: 00 02 add %al,(%rdx) + ... + 5c5: 00 00 add %al,(%rax) + 5c7: 00 e8 add %ch,%al + 5c9: 3f (bad) + 5ca: 00 00 add %al,(%rax) + 5cc: 00 00 add %al,(%rax) + 5ce: 00 00 add %al,(%rax) + 5d0: 06 (bad) + 5d1: 00 00 add %al,(%rax) + 5d3: 00 04 00 add %al,(%rax,%rax,1) + ... + 5de: 00 00 add %al,(%rax) + 5e0: f0 3f lock (bad) + 5e2: 00 00 add %al,(%rax) + 5e4: 00 00 add %al,(%rax) + 5e6: 00 00 add %al,(%rax) + 5e8: 06 (bad) + 5e9: 00 00 add %al,(%rax) + 5eb: 00 05 00 00 00 00 add %al,0x0(%rip) # 5f1 <__abi_tag+0x265> + 5f1: 00 00 add %al,(%rax) + 5f3: 00 00 add %al,(%rax) + 5f5: 00 00 add %al,(%rax) + 5f7: 00 f8 add %bh,%al + 5f9: 3f (bad) + 5fa: 00 00 add %al,(%rax) + 5fc: 00 00 add %al,(%rax) + 5fe: 00 00 add %al,(%rax) + 600: 06 (bad) + 601: 00 00 add %al,(%rax) + 603: 00 06 add %al,(%rsi) + ... + +Disassembly of section .rela.plt: + +0000000000000610 <.rela.plt>: + 610: d0 3f sarb (%rdi) + 612: 00 00 add %al,(%rax) + 614: 00 00 add %al,(%rax) + 616: 00 00 add %al,(%rax) + 618: 07 (bad) + 619: 00 00 add %al,(%rax) + 61b: 00 03 add %al,(%rbx) + ... + +Disassembly of section .init: + +0000000000001000 <_init>: + 1000: f3 0f 1e fa endbr64 + 1004: 48 83 ec 08 sub $0x8,%rsp + 1008: 48 8b 05 d9 2f 00 00 mov 0x2fd9(%rip),%rax # 3fe8 <__gmon_start__@Base> + 100f: 48 85 c0 test %rax,%rax + 1012: 74 02 je 1016 <_init+0x16> + 1014: ff d0 call *%rax + 1016: 48 83 c4 08 add $0x8,%rsp + 101a: c3 ret + +Disassembly of section .plt: + +0000000000001020 <.plt>: + 1020: ff 35 9a 2f 00 00 push 0x2f9a(%rip) # 3fc0 <_GLOBAL_OFFSET_TABLE_+0x8> + 1026: f2 ff 25 9b 2f 00 00 bnd jmp *0x2f9b(%rip) # 3fc8 <_GLOBAL_OFFSET_TABLE_+0x10> + 102d: 0f 1f 00 nopl (%rax) + 1030: f3 0f 1e fa endbr64 + 1034: 68 00 00 00 00 push $0x0 + 1039: f2 e9 e1 ff ff ff bnd jmp 1020 <_init+0x20> + 103f: 90 nop + +Disassembly of section .plt.got: + +0000000000001040 <__cxa_finalize@plt>: + 1040: f3 0f 1e fa endbr64 + 1044: f2 ff 25 ad 2f 00 00 bnd jmp *0x2fad(%rip) # 3ff8 <__cxa_finalize@GLIBC_2.2.5> + 104b: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) + +Disassembly of section .plt.sec: + +0000000000001050 : + 1050: f3 0f 1e fa endbr64 + 1054: f2 ff 25 75 2f 00 00 bnd jmp *0x2f75(%rip) # 3fd0 + 105b: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) + +Disassembly of section .text: + +0000000000001060 <_start>: + 1060: f3 0f 1e fa endbr64 + 1064: 31 ed xor %ebp,%ebp + 1066: 49 89 d1 mov %rdx,%r9 + 1069: 5e pop %rsi + 106a: 48 89 e2 mov %rsp,%rdx + 106d: 48 83 e4 f0 and $0xfffffffffffffff0,%rsp + 1071: 50 push %rax + 1072: 54 push %rsp + 1073: 45 31 c0 xor %r8d,%r8d + 1076: 31 c9 xor %ecx,%ecx + 1078: 48 8d 3d ca 00 00 00 lea 0xca(%rip),%rdi # 1149
+ 107f: ff 15 53 2f 00 00 call *0x2f53(%rip) # 3fd8 <__libc_start_main@GLIBC_2.34> + 1085: f4 hlt + 1086: 66 2e 0f 1f 84 00 00 cs nopw 0x0(%rax,%rax,1) + 108d: 00 00 00 + +0000000000001090 : + 1090: 48 8d 3d 79 2f 00 00 lea 0x2f79(%rip),%rdi # 4010 <__TMC_END__> + 1097: 48 8d 05 72 2f 00 00 lea 0x2f72(%rip),%rax # 4010 <__TMC_END__> + 109e: 48 39 f8 cmp %rdi,%rax + 10a1: 74 15 je 10b8 + 10a3: 48 8b 05 36 2f 00 00 mov 0x2f36(%rip),%rax # 3fe0 <_ITM_deregisterTMCloneTable@Base> + 10aa: 48 85 c0 test %rax,%rax + 10ad: 74 09 je 10b8 + 10af: ff e0 jmp *%rax + 10b1: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) + 10b8: c3 ret + 10b9: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) + +00000000000010c0 : + 10c0: 48 8d 3d 49 2f 00 00 lea 0x2f49(%rip),%rdi # 4010 <__TMC_END__> + 10c7: 48 8d 35 42 2f 00 00 lea 0x2f42(%rip),%rsi # 4010 <__TMC_END__> + 10ce: 48 29 fe sub %rdi,%rsi + 10d1: 48 89 f0 mov %rsi,%rax + 10d4: 48 c1 ee 3f shr $0x3f,%rsi + 10d8: 48 c1 f8 03 sar $0x3,%rax + 10dc: 48 01 c6 add %rax,%rsi + 10df: 48 d1 fe sar %rsi + 10e2: 74 14 je 10f8 + 10e4: 48 8b 05 05 2f 00 00 mov 0x2f05(%rip),%rax # 3ff0 <_ITM_registerTMCloneTable@Base> + 10eb: 48 85 c0 test %rax,%rax + 10ee: 74 08 je 10f8 + 10f0: ff e0 jmp *%rax + 10f2: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1) + 10f8: c3 ret + 10f9: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) + +0000000000001100 <__do_global_dtors_aux>: + 1100: f3 0f 1e fa endbr64 + 1104: 80 3d 05 2f 00 00 00 cmpb $0x0,0x2f05(%rip) # 4010 <__TMC_END__> + 110b: 75 2b jne 1138 <__do_global_dtors_aux+0x38> + 110d: 55 push %rbp + 110e: 48 83 3d e2 2e 00 00 cmpq $0x0,0x2ee2(%rip) # 3ff8 <__cxa_finalize@GLIBC_2.2.5> + 1115: 00 + 1116: 48 89 e5 mov %rsp,%rbp + 1119: 74 0c je 1127 <__do_global_dtors_aux+0x27> + 111b: 48 8b 3d e6 2e 00 00 mov 0x2ee6(%rip),%rdi # 4008 <__dso_handle> + 1122: e8 19 ff ff ff call 1040 <__cxa_finalize@plt> + 1127: e8 64 ff ff ff call 1090 + 112c: c6 05 dd 2e 00 00 01 movb $0x1,0x2edd(%rip) # 4010 <__TMC_END__> + 1133: 5d pop %rbp + 1134: c3 ret + 1135: 0f 1f 00 nopl (%rax) + 1138: c3 ret + 1139: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) + +0000000000001140 : + 1140: f3 0f 1e fa endbr64 + 1144: e9 77 ff ff ff jmp 10c0 + +0000000000001149
: + 1149: f3 0f 1e fa endbr64 + 114d: 55 push %rbp + 114e: 48 89 e5 mov %rsp,%rbp + 1151: 48 8d 3d ac 0e 00 00 lea 0xeac(%rip),%rdi # 2004 <_IO_stdin_used+0x4> + 1158: e8 f3 fe ff ff call 1050 + 115d: b8 00 00 00 00 mov $0x0,%eax + 1162: 5d pop %rbp + 1163: c3 ret + +Disassembly of section .fini: + +0000000000001164 <_fini>: + 1164: f3 0f 1e fa endbr64 + 1168: 48 83 ec 08 sub $0x8,%rsp + 116c: 48 83 c4 08 add $0x8,%rsp + 1170: c3 ret + +Disassembly of section .rodata: + +0000000000002000 <_IO_stdin_used>: + 2000: 01 00 add %eax,(%rax) + 2002: 02 00 add (%rax),%al + 2004: 48 rex.W + 2005: 65 6c gs insb (%dx),%es:(%rdi) + 2007: 6c insb (%dx),%es:(%rdi) + 2008: 6f outsl %ds:(%rsi),(%dx) + 2009: 2c 20 sub $0x20,%al + 200b: 57 push %rdi + 200c: 6f outsl %ds:(%rsi),(%dx) + 200d: 72 6c jb 207b <__GNU_EH_FRAME_HDR+0x67> + 200f: 64 21 00 and %eax,%fs:(%rax) + +Disassembly of section .eh_frame_hdr: + +0000000000002014 <__GNU_EH_FRAME_HDR>: + 2014: 01 1b add %ebx,(%rbx) + 2016: 03 3b add (%rbx),%edi + 2018: 30 00 xor %al,(%rax) + 201a: 00 00 add %al,(%rax) + 201c: 05 00 00 00 0c add $0xc000000,%eax + 2021: f0 ff lock (bad) + 2023: ff 64 00 00 jmp *0x0(%rax,%rax,1) + 2027: 00 2c f0 add %ch,(%rax,%rsi,8) + 202a: ff (bad) + 202b: ff 8c 00 00 00 3c f0 decl -0xfc40000(%rax,%rax,1) + 2032: ff (bad) + 2033: ff a4 00 00 00 4c f0 jmp *-0xfb40000(%rax,%rax,1) + 203a: ff (bad) + 203b: ff 4c 00 00 decl 0x0(%rax,%rax,1) + 203f: 00 35 f1 ff ff bc add %dh,-0x4300000f(%rip) # ffffffffbd002036 <_end+0xffffffffbcffe01e> + 2045: 00 00 add %al,(%rax) + ... + +Disassembly of section .eh_frame: + +0000000000002048 <__FRAME_END__-0xa8>: + 2048: 14 00 adc $0x0,%al + 204a: 00 00 add %al,(%rax) + 204c: 00 00 add %al,(%rax) + 204e: 00 00 add %al,(%rax) + 2050: 01 7a 52 add %edi,0x52(%rdx) + 2053: 00 01 add %al,(%rcx) + 2055: 78 10 js 2067 <__GNU_EH_FRAME_HDR+0x53> + 2057: 01 1b add %ebx,(%rbx) + 2059: 0c 07 or $0x7,%al + 205b: 08 90 01 00 00 14 or %dl,0x14000001(%rax) + 2061: 00 00 add %al,(%rax) + 2063: 00 1c 00 add %bl,(%rax,%rax,1) + 2066: 00 00 add %al,(%rax) + 2068: f8 clc + 2069: ef out %eax,(%dx) + 206a: ff (bad) + 206b: ff 26 jmp *(%rsi) + 206d: 00 00 add %al,(%rax) + 206f: 00 00 add %al,(%rax) + 2071: 44 07 rex.R (bad) + 2073: 10 00 adc %al,(%rax) + 2075: 00 00 add %al,(%rax) + 2077: 00 24 00 add %ah,(%rax,%rax,1) + 207a: 00 00 add %al,(%rax) + 207c: 34 00 xor $0x0,%al + 207e: 00 00 add %al,(%rax) + 2080: a0 ef ff ff 20 00 00 movabs 0x20ffffef,%al + 2087: 00 00 + 2089: 0e (bad) + 208a: 10 46 0e adc %al,0xe(%rsi) + 208d: 18 4a 0f sbb %cl,0xf(%rdx) + 2090: 0b 77 08 or 0x8(%rdi),%esi + 2093: 80 00 3f addb $0x3f,(%rax) + 2096: 1a 3a sbb (%rdx),%bh + 2098: 2a 33 sub (%rbx),%dh + 209a: 24 22 and $0x22,%al + 209c: 00 00 add %al,(%rax) + 209e: 00 00 add %al,(%rax) + 20a0: 14 00 adc $0x0,%al + 20a2: 00 00 add %al,(%rax) + 20a4: 5c pop %rsp + 20a5: 00 00 add %al,(%rax) + 20a7: 00 98 ef ff ff 10 add %bl,0x10ffffef(%rax) + ... + 20b5: 00 00 add %al,(%rax) + 20b7: 00 14 00 add %dl,(%rax,%rax,1) + 20ba: 00 00 add %al,(%rax) + 20bc: 74 00 je 20be <__GNU_EH_FRAME_HDR+0xaa> + 20be: 00 00 add %al,(%rax) + 20c0: 90 nop + 20c1: ef out %eax,(%dx) + 20c2: ff (bad) + 20c3: ff 10 call *(%rax) + ... + 20cd: 00 00 add %al,(%rax) + 20cf: 00 1c 00 add %bl,(%rax,%rax,1) + 20d2: 00 00 add %al,(%rax) + 20d4: 8c 00 mov %es,(%rax) + 20d6: 00 00 add %al,(%rax) + 20d8: 71 f0 jno 20ca <__GNU_EH_FRAME_HDR+0xb6> + 20da: ff (bad) + 20db: ff 1b lcall *(%rbx) + 20dd: 00 00 add %al,(%rax) + 20df: 00 00 add %al,(%rax) + 20e1: 45 0e rex.RB (bad) + 20e3: 10 86 02 43 0d 06 adc %al,0x60d4302(%rsi) + 20e9: 52 push %rdx + 20ea: 0c 07 or $0x7,%al + 20ec: 08 00 or %al,(%rax) + ... + +00000000000020f0 <__FRAME_END__>: + 20f0: 00 00 add %al,(%rax) + ... + +Disassembly of section .init_array: + +0000000000003db8 <__frame_dummy_init_array_entry>: + 3db8: 40 11 00 rex adc %eax,(%rax) + 3dbb: 00 00 add %al,(%rax) + 3dbd: 00 00 add %al,(%rax) + ... + +Disassembly of section .fini_array: + +0000000000003dc0 <__do_global_dtors_aux_fini_array_entry>: + 3dc0: 00 11 add %dl,(%rcx) + 3dc2: 00 00 add %al,(%rax) + 3dc4: 00 00 add %al,(%rax) + ... + +Disassembly of section .dynamic: + +0000000000003dc8 <_DYNAMIC>: + 3dc8: 01 00 add %eax,(%rax) + 3dca: 00 00 add %al,(%rax) + 3dcc: 00 00 add %al,(%rax) + 3dce: 00 00 add %al,(%rax) + 3dd0: 27 (bad) + 3dd1: 00 00 add %al,(%rax) + 3dd3: 00 00 add %al,(%rax) + 3dd5: 00 00 add %al,(%rax) + 3dd7: 00 0c 00 add %cl,(%rax,%rax,1) + 3dda: 00 00 add %al,(%rax) + 3ddc: 00 00 add %al,(%rax) + 3dde: 00 00 add %al,(%rax) + 3de0: 00 10 add %dl,(%rax) + 3de2: 00 00 add %al,(%rax) + 3de4: 00 00 add %al,(%rax) + 3de6: 00 00 add %al,(%rax) + 3de8: 0d 00 00 00 00 or $0x0,%eax + 3ded: 00 00 add %al,(%rax) + 3def: 00 64 11 00 add %ah,0x0(%rcx,%rdx,1) + 3df3: 00 00 add %al,(%rax) + 3df5: 00 00 add %al,(%rax) + 3df7: 00 19 add %bl,(%rcx) + 3df9: 00 00 add %al,(%rax) + 3dfb: 00 00 add %al,(%rax) + 3dfd: 00 00 add %al,(%rax) + 3dff: 00 b8 3d 00 00 00 add %bh,0x3d(%rax) + 3e05: 00 00 add %al,(%rax) + 3e07: 00 1b add %bl,(%rbx) + 3e09: 00 00 add %al,(%rax) + 3e0b: 00 00 add %al,(%rax) + 3e0d: 00 00 add %al,(%rax) + 3e0f: 00 08 add %cl,(%rax) + 3e11: 00 00 add %al,(%rax) + 3e13: 00 00 add %al,(%rax) + 3e15: 00 00 add %al,(%rax) + 3e17: 00 1a add %bl,(%rdx) + 3e19: 00 00 add %al,(%rax) + 3e1b: 00 00 add %al,(%rax) + 3e1d: 00 00 add %al,(%rax) + 3e1f: 00 c0 add %al,%al + 3e21: 3d 00 00 00 00 cmp $0x0,%eax + 3e26: 00 00 add %al,(%rax) + 3e28: 1c 00 sbb $0x0,%al + 3e2a: 00 00 add %al,(%rax) + 3e2c: 00 00 add %al,(%rax) + 3e2e: 00 00 add %al,(%rax) + 3e30: 08 00 or %al,(%rax) + 3e32: 00 00 add %al,(%rax) + 3e34: 00 00 add %al,(%rax) + 3e36: 00 00 add %al,(%rax) + 3e38: f5 cmc + 3e39: fe (bad) + 3e3a: ff 6f 00 ljmp *0x0(%rdi) + 3e3d: 00 00 add %al,(%rax) + 3e3f: 00 b0 03 00 00 00 add %dh,0x3(%rax) + 3e45: 00 00 add %al,(%rax) + 3e47: 00 05 00 00 00 00 add %al,0x0(%rip) # 3e4d <_DYNAMIC+0x85> + 3e4d: 00 00 add %al,(%rax) + 3e4f: 00 80 04 00 00 00 add %al,0x4(%rax) + 3e55: 00 00 add %al,(%rax) + 3e57: 00 06 add %al,(%rsi) + 3e59: 00 00 add %al,(%rax) + 3e5b: 00 00 add %al,(%rax) + 3e5d: 00 00 add %al,(%rax) + 3e5f: 00 d8 add %bl,%al + 3e61: 03 00 add (%rax),%eax + 3e63: 00 00 add %al,(%rax) + 3e65: 00 00 add %al,(%rax) + 3e67: 00 0a add %cl,(%rdx) + 3e69: 00 00 add %al,(%rax) + 3e6b: 00 00 add %al,(%rax) + 3e6d: 00 00 add %al,(%rax) + 3e6f: 00 8d 00 00 00 00 add %cl,0x0(%rbp) + 3e75: 00 00 add %al,(%rax) + 3e77: 00 0b add %cl,(%rbx) + 3e79: 00 00 add %al,(%rax) + 3e7b: 00 00 add %al,(%rax) + 3e7d: 00 00 add %al,(%rax) + 3e7f: 00 18 add %bl,(%rax) + 3e81: 00 00 add %al,(%rax) + 3e83: 00 00 add %al,(%rax) + 3e85: 00 00 add %al,(%rax) + 3e87: 00 15 00 00 00 00 add %dl,0x0(%rip) # 3e8d <_DYNAMIC+0xc5> + ... + 3e95: 00 00 add %al,(%rax) + 3e97: 00 03 add %al,(%rbx) + 3e99: 00 00 add %al,(%rax) + 3e9b: 00 00 add %al,(%rax) + 3e9d: 00 00 add %al,(%rax) + 3e9f: 00 b8 3f 00 00 00 add %bh,0x3f(%rax) + 3ea5: 00 00 add %al,(%rax) + 3ea7: 00 02 add %al,(%rdx) + 3ea9: 00 00 add %al,(%rax) + 3eab: 00 00 add %al,(%rax) + 3ead: 00 00 add %al,(%rax) + 3eaf: 00 18 add %bl,(%rax) + 3eb1: 00 00 add %al,(%rax) + 3eb3: 00 00 add %al,(%rax) + 3eb5: 00 00 add %al,(%rax) + 3eb7: 00 14 00 add %dl,(%rax,%rax,1) + 3eba: 00 00 add %al,(%rax) + 3ebc: 00 00 add %al,(%rax) + 3ebe: 00 00 add %al,(%rax) + 3ec0: 07 (bad) + 3ec1: 00 00 add %al,(%rax) + 3ec3: 00 00 add %al,(%rax) + 3ec5: 00 00 add %al,(%rax) + 3ec7: 00 17 add %dl,(%rdi) + 3ec9: 00 00 add %al,(%rax) + 3ecb: 00 00 add %al,(%rax) + 3ecd: 00 00 add %al,(%rax) + 3ecf: 00 10 add %dl,(%rax) + 3ed1: 06 (bad) + 3ed2: 00 00 add %al,(%rax) + 3ed4: 00 00 add %al,(%rax) + 3ed6: 00 00 add %al,(%rax) + 3ed8: 07 (bad) + 3ed9: 00 00 add %al,(%rax) + 3edb: 00 00 add %al,(%rax) + 3edd: 00 00 add %al,(%rax) + 3edf: 00 50 05 add %dl,0x5(%rax) + 3ee2: 00 00 add %al,(%rax) + 3ee4: 00 00 add %al,(%rax) + 3ee6: 00 00 add %al,(%rax) + 3ee8: 08 00 or %al,(%rax) + 3eea: 00 00 add %al,(%rax) + 3eec: 00 00 add %al,(%rax) + 3eee: 00 00 add %al,(%rax) + 3ef0: c0 00 00 rolb $0x0,(%rax) + 3ef3: 00 00 add %al,(%rax) + 3ef5: 00 00 add %al,(%rax) + 3ef7: 00 09 add %cl,(%rcx) + 3ef9: 00 00 add %al,(%rax) + 3efb: 00 00 add %al,(%rax) + 3efd: 00 00 add %al,(%rax) + 3eff: 00 18 add %bl,(%rax) + 3f01: 00 00 add %al,(%rax) + 3f03: 00 00 add %al,(%rax) + 3f05: 00 00 add %al,(%rax) + 3f07: 00 1e add %bl,(%rsi) + 3f09: 00 00 add %al,(%rax) + 3f0b: 00 00 add %al,(%rax) + 3f0d: 00 00 add %al,(%rax) + 3f0f: 00 08 add %cl,(%rax) + 3f11: 00 00 add %al,(%rax) + 3f13: 00 00 add %al,(%rax) + 3f15: 00 00 add %al,(%rax) + 3f17: 00 fb add %bh,%bl + 3f19: ff (bad) + 3f1a: ff 6f 00 ljmp *0x0(%rdi) + 3f1d: 00 00 add %al,(%rax) + 3f1f: 00 01 add %al,(%rcx) + 3f21: 00 00 add %al,(%rax) + 3f23: 08 00 or %al,(%rax) + 3f25: 00 00 add %al,(%rax) + 3f27: 00 fe add %bh,%dh + 3f29: ff (bad) + 3f2a: ff 6f 00 ljmp *0x0(%rdi) + 3f2d: 00 00 add %al,(%rax) + 3f2f: 00 20 add %ah,(%rax) + 3f31: 05 00 00 00 00 add $0x0,%eax + 3f36: 00 00 add %al,(%rax) + 3f38: ff (bad) + 3f39: ff (bad) + 3f3a: ff 6f 00 ljmp *0x0(%rdi) + 3f3d: 00 00 add %al,(%rax) + 3f3f: 00 01 add %al,(%rcx) + 3f41: 00 00 add %al,(%rax) + 3f43: 00 00 add %al,(%rax) + 3f45: 00 00 add %al,(%rax) + 3f47: 00 f0 add %dh,%al + 3f49: ff (bad) + 3f4a: ff 6f 00 ljmp *0x0(%rdi) + 3f4d: 00 00 add %al,(%rax) + 3f4f: 00 0e add %cl,(%rsi) + 3f51: 05 00 00 00 00 add $0x0,%eax + 3f56: 00 00 add %al,(%rax) + 3f58: f9 stc + 3f59: ff (bad) + 3f5a: ff 6f 00 ljmp *0x0(%rdi) + 3f5d: 00 00 add %al,(%rax) + 3f5f: 00 03 add %al,(%rbx) + ... + +Disassembly of section .got: + +0000000000003fb8 <_GLOBAL_OFFSET_TABLE_>: + 3fb8: c8 3d 00 00 enter $0x3d,$0x0 + ... + 3fd0: 30 10 xor %dl,(%rax) + ... + +Disassembly of section .data: + +0000000000004000 <__data_start>: + ... + +0000000000004008 <__dso_handle>: + 4008: 08 40 00 or %al,0x0(%rax) + 400b: 00 00 add %al,(%rax) + 400d: 00 00 add %al,(%rax) + ... + +Disassembly of section .bss: + +0000000000004010 : + ... + +Disassembly of section .comment: + +0000000000000000 <.comment>: + 0: 47 rex.RXB + 1: 43 rex.XB + 2: 43 3a 20 rex.XB cmp (%r8),%spl + 5: 28 55 62 sub %dl,0x62(%rbp) + 8: 75 6e jne 78 <__abi_tag-0x314> + a: 74 75 je 81 <__abi_tag-0x30b> + c: 20 31 and %dh,(%rcx) + e: 30 2e xor %ch,(%rsi) + 10: 35 2e 30 2d 31 xor $0x312d302e,%eax + 15: 75 62 jne 79 <__abi_tag-0x313> + 17: 75 6e jne 87 <__abi_tag-0x305> + 19: 74 75 je 90 <__abi_tag-0x2fc> + 1b: 31 7e 32 xor %edi,0x32(%rsi) + 1e: 32 2e xor (%rsi),%ch + 20: 30 34 29 xor %dh,(%rcx,%rbp,1) + 23: 20 31 and %dh,(%rcx) + 25: 30 2e xor %ch,(%rsi) + 27: 35 .byte 0x35 + 28: 2e 30 00 cs xor %al,(%rax) diff --git a/sample.txt b/sample.txt new file mode 100644 index 0000000..e8f30c0 --- /dev/null +++ b/sample.txt @@ -0,0 +1,825 @@ + +resources/sample64: file format elf64-x86-64 + + +Disassembly of section .interp: + +0000000000000318 <.interp>: + 318: 2f (bad) + 319: 6c insb (%dx),%es:(%rdi) + 31a: 69 62 36 34 2f 6c 64 imul $0x646c2f34,0x36(%rdx),%esp + 321: 2d 6c 69 6e 75 sub $0x756e696c,%eax + 326: 78 2d js 355 <__abi_tag-0x37> + 328: 78 38 js 362 <__abi_tag-0x2a> + 32a: 36 2d 36 34 2e 73 ss sub $0x732e3436,%eax + 330: 6f outsl %ds:(%rsi),(%dx) + 331: 2e 32 00 cs xor (%rax),%al + +Disassembly of section .note.gnu.property: + +0000000000000338 <.note.gnu.property>: + 338: 04 00 add $0x0,%al + 33a: 00 00 add %al,(%rax) + 33c: 20 00 and %al,(%rax) + 33e: 00 00 add %al,(%rax) + 340: 05 00 00 00 47 add $0x47000000,%eax + 345: 4e 55 rex.WRX push %rbp + 347: 00 02 add %al,(%rdx) + 349: 00 00 add %al,(%rax) + 34b: c0 04 00 00 rolb $0x0,(%rax,%rax,1) + 34f: 00 03 add %al,(%rbx) + 351: 00 00 add %al,(%rax) + 353: 00 00 add %al,(%rax) + 355: 00 00 add %al,(%rax) + 357: 00 02 add %al,(%rdx) + 359: 80 00 c0 addb $0xc0,(%rax) + 35c: 04 00 add $0x0,%al + 35e: 00 00 add %al,(%rax) + 360: 01 00 add %eax,(%rax) + 362: 00 00 add %al,(%rax) + 364: 00 00 add %al,(%rax) + ... + +Disassembly of section .note.gnu.build-id: + +0000000000000368 <.note.gnu.build-id>: + 368: 04 00 add $0x0,%al + 36a: 00 00 add %al,(%rax) + 36c: 14 00 adc $0x0,%al + 36e: 00 00 add %al,(%rax) + 370: 03 00 add (%rax),%eax + 372: 00 00 add %al,(%rax) + 374: 47 rex.RXB + 375: 4e 55 rex.WRX push %rbp + 377: 00 aa 0d f4 0f 29 add %ch,0x290ff40d(%rdx) + 37d: 9d popf + 37e: 21 c9 and %ecx,%ecx + 380: 16 (bad) + 381: 1e (bad) + 382: 8a 34 ce mov (%rsi,%rcx,8),%dh + 385: 99 cltd + 386: 69 cc 15 8d 7d 01 imul $0x17d8d15,%esp,%ecx + +Disassembly of section .note.ABI-tag: + +000000000000038c <__abi_tag>: + 38c: 04 00 add $0x0,%al + 38e: 00 00 add %al,(%rax) + 390: 10 00 adc %al,(%rax) + 392: 00 00 add %al,(%rax) + 394: 01 00 add %eax,(%rax) + 396: 00 00 add %al,(%rax) + 398: 47 rex.RXB + 399: 4e 55 rex.WRX push %rbp + 39b: 00 00 add %al,(%rax) + 39d: 00 00 add %al,(%rax) + 39f: 00 03 add %al,(%rbx) + 3a1: 00 00 add %al,(%rax) + 3a3: 00 02 add %al,(%rdx) + 3a5: 00 00 add %al,(%rax) + 3a7: 00 00 add %al,(%rax) + 3a9: 00 00 add %al,(%rax) + ... + +Disassembly of section .gnu.hash: + +00000000000003b0 <.gnu.hash>: + 3b0: 02 00 add (%rax),%al + 3b2: 00 00 add %al,(%rax) + 3b4: 06 (bad) + 3b5: 00 00 add %al,(%rax) + 3b7: 00 01 add %al,(%rcx) + 3b9: 00 00 add %al,(%rax) + 3bb: 00 06 add %al,(%rsi) + 3bd: 00 00 add %al,(%rax) + 3bf: 00 00 add %al,(%rax) + 3c1: 00 81 00 00 00 00 add %al,0x0(%rcx) + 3c7: 00 06 add %al,(%rsi) + 3c9: 00 00 add %al,(%rax) + 3cb: 00 00 add %al,(%rax) + 3cd: 00 00 add %al,(%rax) + 3cf: 00 d1 add %dl,%cl + 3d1: 65 ce gs (bad) + 3d3: 6d insl (%dx),%es:(%rdi) + +Disassembly of section .dynsym: + +00000000000003d8 <.dynsym>: + ... + 3f0: 10 00 adc %al,(%rax) + 3f2: 00 00 add %al,(%rax) + 3f4: 12 00 adc (%rax),%al + ... + 406: 00 00 add %al,(%rax) + 408: 48 00 00 rex.W add %al,(%rax) + 40b: 00 20 add %ah,(%rax) + ... + 41d: 00 00 add %al,(%rax) + 41f: 00 22 add %ah,(%rdx) + 421: 00 00 add %al,(%rax) + 423: 00 12 add %dl,(%rdx) + ... + 435: 00 00 add %al,(%rax) + 437: 00 64 00 00 add %ah,0x0(%rax,%rax,1) + 43b: 00 20 add %ah,(%rax) + ... + 44d: 00 00 add %al,(%rax) + 44f: 00 73 00 add %dh,0x0(%rbx) + 452: 00 00 add %al,(%rax) + 454: 20 00 and %al,(%rax) + ... + 466: 00 00 add %al,(%rax) + 468: 01 00 add %eax,(%rax) + 46a: 00 00 add %al,(%rax) + 46c: 22 00 and (%rax),%al + ... + +Disassembly of section .dynstr: + +0000000000000480 <.dynstr>: + 480: 00 5f 5f add %bl,0x5f(%rdi) + 483: 63 78 61 movsxd 0x61(%rax),%edi + 486: 5f pop %rdi + 487: 66 69 6e 61 6c 69 imul $0x696c,0x61(%rsi),%bp + 48d: 7a 65 jp 4f4 <__abi_tag+0x168> + 48f: 00 5f 5f add %bl,0x5f(%rdi) + 492: 6c insb (%dx),%es:(%rdi) + 493: 69 62 63 5f 73 74 61 imul $0x6174735f,0x63(%rdx),%esp + 49a: 72 74 jb 510 <__abi_tag+0x184> + 49c: 5f pop %rdi + 49d: 6d insl (%dx),%es:(%rdi) + 49e: 61 (bad) + 49f: 69 6e 00 70 75 74 73 imul $0x73747570,0x0(%rsi),%ebp + 4a6: 00 6c 69 62 add %ch,0x62(%rcx,%rbp,2) + 4aa: 63 2e movsxd (%rsi),%ebp + 4ac: 73 6f jae 51d <__abi_tag+0x191> + 4ae: 2e 36 00 47 4c cs ss add %al,0x4c(%rdi) + 4b3: 49 rex.WB + 4b4: 42 rex.X + 4b5: 43 5f rex.XB pop %r15 + 4b7: 32 2e xor (%rsi),%ch + 4b9: 32 2e xor (%rsi),%ch + 4bb: 35 00 47 4c 49 xor $0x494c4700,%eax + 4c0: 42 rex.X + 4c1: 43 5f rex.XB pop %r15 + 4c3: 32 2e xor (%rsi),%ch + 4c5: 33 34 00 xor (%rax,%rax,1),%esi + 4c8: 5f pop %rdi + 4c9: 49 54 rex.WB push %r12 + 4cb: 4d 5f rex.WRB pop %r15 + 4cd: 64 65 72 65 fs gs jb 536 <__abi_tag+0x1aa> + 4d1: 67 69 73 74 65 72 54 imul $0x4d547265,0x74(%ebx),%esi + 4d8: 4d + 4d9: 43 6c rex.XB insb (%dx),%es:(%rdi) + 4db: 6f outsl %ds:(%rsi),(%dx) + 4dc: 6e outsb %ds:(%rsi),(%dx) + 4dd: 65 54 gs push %rsp + 4df: 61 (bad) + 4e0: 62 (bad) + 4e1: 6c insb (%dx),%es:(%rdi) + 4e2: 65 00 5f 5f add %bl,%gs:0x5f(%rdi) + 4e6: 67 6d insl (%dx),%es:(%edi) + 4e8: 6f outsl %ds:(%rsi),(%dx) + 4e9: 6e outsb %ds:(%rsi),(%dx) + 4ea: 5f pop %rdi + 4eb: 73 74 jae 561 <__abi_tag+0x1d5> + 4ed: 61 (bad) + 4ee: 72 74 jb 564 <__abi_tag+0x1d8> + 4f0: 5f pop %rdi + 4f1: 5f pop %rdi + 4f2: 00 5f 49 add %bl,0x49(%rdi) + 4f5: 54 push %rsp + 4f6: 4d 5f rex.WRB pop %r15 + 4f8: 72 65 jb 55f <__abi_tag+0x1d3> + 4fa: 67 69 73 74 65 72 54 imul $0x4d547265,0x74(%ebx),%esi + 501: 4d + 502: 43 6c rex.XB insb (%dx),%es:(%rdi) + 504: 6f outsl %ds:(%rsi),(%dx) + 505: 6e outsb %ds:(%rsi),(%dx) + 506: 65 54 gs push %rsp + 508: 61 (bad) + 509: 62 .byte 0x62 + 50a: 6c insb (%dx),%es:(%rdi) + 50b: 65 gs + ... + +Disassembly of section .gnu.version: + +000000000000050e <.gnu.version>: + 50e: 00 00 add %al,(%rax) + 510: 02 00 add (%rax),%al + 512: 01 00 add %eax,(%rax) + 514: 03 00 add (%rax),%eax + 516: 01 00 add %eax,(%rax) + 518: 01 00 add %eax,(%rax) + 51a: 03 00 add (%rax),%eax + +Disassembly of section .gnu.version_r: + +0000000000000520 <.gnu.version_r>: + 520: 01 00 add %eax,(%rax) + 522: 02 00 add (%rax),%al + 524: 27 (bad) + 525: 00 00 add %al,(%rax) + 527: 00 10 add %dl,(%rax) + 529: 00 00 add %al,(%rax) + 52b: 00 00 add %al,(%rax) + 52d: 00 00 add %al,(%rax) + 52f: 00 75 1a add %dh,0x1a(%rbp) + 532: 69 09 00 00 03 00 imul $0x30000,(%rcx),%ecx + 538: 31 00 xor %eax,(%rax) + 53a: 00 00 add %al,(%rax) + 53c: 10 00 adc %al,(%rax) + 53e: 00 00 add %al,(%rax) + 540: b4 91 mov $0x91,%ah + 542: 96 xchg %eax,%esi + 543: 06 (bad) + 544: 00 00 add %al,(%rax) + 546: 02 00 add (%rax),%al + 548: 3d 00 00 00 00 cmp $0x0,%eax + 54d: 00 00 add %al,(%rax) + ... + +Disassembly of section .rela.dyn: + +0000000000000550 <.rela.dyn>: + 550: b8 3d 00 00 00 mov $0x3d,%eax + 555: 00 00 add %al,(%rax) + 557: 00 08 add %cl,(%rax) + 559: 00 00 add %al,(%rax) + 55b: 00 00 add %al,(%rax) + 55d: 00 00 add %al,(%rax) + 55f: 00 40 11 add %al,0x11(%rax) + 562: 00 00 add %al,(%rax) + 564: 00 00 add %al,(%rax) + 566: 00 00 add %al,(%rax) + 568: c0 3d 00 00 00 00 00 sarb $0x0,0x0(%rip) # 56f <__abi_tag+0x1e3> + 56f: 00 08 add %cl,(%rax) + ... + 579: 11 00 adc %eax,(%rax) + 57b: 00 00 add %al,(%rax) + 57d: 00 00 add %al,(%rax) + 57f: 00 08 add %cl,(%rax) + 581: 40 00 00 rex add %al,(%rax) + 584: 00 00 add %al,(%rax) + 586: 00 00 add %al,(%rax) + 588: 08 00 or %al,(%rax) + 58a: 00 00 add %al,(%rax) + 58c: 00 00 add %al,(%rax) + 58e: 00 00 add %al,(%rax) + 590: 08 40 00 or %al,0x0(%rax) + 593: 00 00 add %al,(%rax) + 595: 00 00 add %al,(%rax) + 597: 00 d8 add %bl,%al + 599: 3f (bad) + 59a: 00 00 add %al,(%rax) + 59c: 00 00 add %al,(%rax) + 59e: 00 00 add %al,(%rax) + 5a0: 06 (bad) + 5a1: 00 00 add %al,(%rax) + 5a3: 00 01 add %al,(%rcx) + ... + 5ad: 00 00 add %al,(%rax) + 5af: 00 e0 add %ah,%al + 5b1: 3f (bad) + 5b2: 00 00 add %al,(%rax) + 5b4: 00 00 add %al,(%rax) + 5b6: 00 00 add %al,(%rax) + 5b8: 06 (bad) + 5b9: 00 00 add %al,(%rax) + 5bb: 00 02 add %al,(%rdx) + ... + 5c5: 00 00 add %al,(%rax) + 5c7: 00 e8 add %ch,%al + 5c9: 3f (bad) + 5ca: 00 00 add %al,(%rax) + 5cc: 00 00 add %al,(%rax) + 5ce: 00 00 add %al,(%rax) + 5d0: 06 (bad) + 5d1: 00 00 add %al,(%rax) + 5d3: 00 04 00 add %al,(%rax,%rax,1) + ... + 5de: 00 00 add %al,(%rax) + 5e0: f0 3f lock (bad) + 5e2: 00 00 add %al,(%rax) + 5e4: 00 00 add %al,(%rax) + 5e6: 00 00 add %al,(%rax) + 5e8: 06 (bad) + 5e9: 00 00 add %al,(%rax) + 5eb: 00 05 00 00 00 00 add %al,0x0(%rip) # 5f1 <__abi_tag+0x265> + 5f1: 00 00 add %al,(%rax) + 5f3: 00 00 add %al,(%rax) + 5f5: 00 00 add %al,(%rax) + 5f7: 00 f8 add %bh,%al + 5f9: 3f (bad) + 5fa: 00 00 add %al,(%rax) + 5fc: 00 00 add %al,(%rax) + 5fe: 00 00 add %al,(%rax) + 600: 06 (bad) + 601: 00 00 add %al,(%rax) + 603: 00 06 add %al,(%rsi) + ... + +Disassembly of section .rela.plt: + +0000000000000610 <.rela.plt>: + 610: d0 3f sarb (%rdi) + 612: 00 00 add %al,(%rax) + 614: 00 00 add %al,(%rax) + 616: 00 00 add %al,(%rax) + 618: 07 (bad) + 619: 00 00 add %al,(%rax) + 61b: 00 03 add %al,(%rbx) + ... + +Disassembly of section .init: + +0000000000001000 <_init>: + 1000: f3 0f 1e fa endbr64 + 1004: 48 83 ec 08 sub $0x8,%rsp + 1008: 48 8b 05 d9 2f 00 00 mov 0x2fd9(%rip),%rax # 3fe8 <__gmon_start__@Base> + 100f: 48 85 c0 test %rax,%rax + 1012: 74 02 je 1016 <_init+0x16> + 1014: ff d0 call *%rax + 1016: 48 83 c4 08 add $0x8,%rsp + 101a: c3 ret + +Disassembly of section .plt: + +0000000000001020 <.plt>: + 1020: ff 35 9a 2f 00 00 push 0x2f9a(%rip) # 3fc0 <_GLOBAL_OFFSET_TABLE_+0x8> + 1026: f2 ff 25 9b 2f 00 00 bnd jmp *0x2f9b(%rip) # 3fc8 <_GLOBAL_OFFSET_TABLE_+0x10> + 102d: 0f 1f 00 nopl (%rax) + 1030: f3 0f 1e fa endbr64 + 1034: 68 00 00 00 00 push $0x0 + 1039: f2 e9 e1 ff ff ff bnd jmp 1020 <_init+0x20> + 103f: 90 nop + +Disassembly of section .plt.got: + +0000000000001040 <__cxa_finalize@plt>: + 1040: f3 0f 1e fa endbr64 + 1044: f2 ff 25 ad 2f 00 00 bnd jmp *0x2fad(%rip) # 3ff8 <__cxa_finalize@GLIBC_2.2.5> + 104b: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) + +Disassembly of section .plt.sec: + +0000000000001050 : + 1050: f3 0f 1e fa endbr64 + 1054: f2 ff 25 75 2f 00 00 bnd jmp *0x2f75(%rip) # 3fd0 + 105b: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) + +Disassembly of section .text: + +0000000000001060 <_start>: + 1060: f3 0f 1e fa endbr64 + 1064: 31 ed xor %ebp,%ebp + 1066: 49 89 d1 mov %rdx,%r9 + 1069: 5e pop %rsi + 106a: 48 89 e2 mov %rsp,%rdx + 106d: 48 83 e4 f0 and $0xfffffffffffffff0,%rsp + 1071: 50 push %rax + 1072: 54 push %rsp + 1073: 45 31 c0 xor %r8d,%r8d + 1076: 31 c9 xor %ecx,%ecx + 1078: 48 8d 3d ca 00 00 00 lea 0xca(%rip),%rdi # 1149
+ 107f: ff 15 53 2f 00 00 call *0x2f53(%rip) # 3fd8 <__libc_start_main@GLIBC_2.34> + 1085: f4 hlt + 1086: 66 2e 0f 1f 84 00 00 cs nopw 0x0(%rax,%rax,1) + 108d: 00 00 00 + +0000000000001090 : + 1090: 48 8d 3d 79 2f 00 00 lea 0x2f79(%rip),%rdi # 4010 <__TMC_END__> + 1097: 48 8d 05 72 2f 00 00 lea 0x2f72(%rip),%rax # 4010 <__TMC_END__> + 109e: 48 39 f8 cmp %rdi,%rax + 10a1: 74 15 je 10b8 + 10a3: 48 8b 05 36 2f 00 00 mov 0x2f36(%rip),%rax # 3fe0 <_ITM_deregisterTMCloneTable@Base> + 10aa: 48 85 c0 test %rax,%rax + 10ad: 74 09 je 10b8 + 10af: ff e0 jmp *%rax + 10b1: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) + 10b8: c3 ret + 10b9: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) + +00000000000010c0 : + 10c0: 48 8d 3d 49 2f 00 00 lea 0x2f49(%rip),%rdi # 4010 <__TMC_END__> + 10c7: 48 8d 35 42 2f 00 00 lea 0x2f42(%rip),%rsi # 4010 <__TMC_END__> + 10ce: 48 29 fe sub %rdi,%rsi + 10d1: 48 89 f0 mov %rsi,%rax + 10d4: 48 c1 ee 3f shr $0x3f,%rsi + 10d8: 48 c1 f8 03 sar $0x3,%rax + 10dc: 48 01 c6 add %rax,%rsi + 10df: 48 d1 fe sar %rsi + 10e2: 74 14 je 10f8 + 10e4: 48 8b 05 05 2f 00 00 mov 0x2f05(%rip),%rax # 3ff0 <_ITM_registerTMCloneTable@Base> + 10eb: 48 85 c0 test %rax,%rax + 10ee: 74 08 je 10f8 + 10f0: ff e0 jmp *%rax + 10f2: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1) + 10f8: c3 ret + 10f9: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) + +0000000000001100 <__do_global_dtors_aux>: + 1100: f3 0f 1e fa endbr64 + 1104: 80 3d 05 2f 00 00 00 cmpb $0x0,0x2f05(%rip) # 4010 <__TMC_END__> + 110b: 75 2b jne 1138 <__do_global_dtors_aux+0x38> + 110d: 55 push %rbp + 110e: 48 83 3d e2 2e 00 00 cmpq $0x0,0x2ee2(%rip) # 3ff8 <__cxa_finalize@GLIBC_2.2.5> + 1115: 00 + 1116: 48 89 e5 mov %rsp,%rbp + 1119: 74 0c je 1127 <__do_global_dtors_aux+0x27> + 111b: 48 8b 3d e6 2e 00 00 mov 0x2ee6(%rip),%rdi # 4008 <__dso_handle> + 1122: e8 19 ff ff ff call 1040 <__cxa_finalize@plt> + 1127: e8 64 ff ff ff call 1090 + 112c: c6 05 dd 2e 00 00 01 movb $0x1,0x2edd(%rip) # 4010 <__TMC_END__> + 1133: 5d pop %rbp + 1134: c3 ret + 1135: 0f 1f 00 nopl (%rax) + 1138: c3 ret + 1139: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) + +0000000000001140 : + 1140: f3 0f 1e fa endbr64 + 1144: e9 77 ff ff ff jmp 10c0 + +0000000000001149
: + 1149: f3 0f 1e fa endbr64 + 114d: 55 push %rbp + 114e: 48 89 e5 mov %rsp,%rbp + 1151: 48 8d 3d ac 0e 00 00 lea 0xeac(%rip),%rdi # 2004 <_IO_stdin_used+0x4> + 1158: e8 f3 fe ff ff call 1050 + 115d: b8 00 00 00 00 mov $0x0,%eax + 1162: 5d pop %rbp + 1163: c3 ret + +Disassembly of section .fini: + +0000000000001164 <_fini>: + 1164: f3 0f 1e fa endbr64 + 1168: 48 83 ec 08 sub $0x8,%rsp + 116c: 48 83 c4 08 add $0x8,%rsp + 1170: c3 ret + +Disassembly of section .rodata: + +0000000000002000 <_IO_stdin_used>: + 2000: 01 00 add %eax,(%rax) + 2002: 02 00 add (%rax),%al + 2004: 48 rex.W + 2005: 65 6c gs insb (%dx),%es:(%rdi) + 2007: 6c insb (%dx),%es:(%rdi) + 2008: 6f outsl %ds:(%rsi),(%dx) + 2009: 2c 20 sub $0x20,%al + 200b: 57 push %rdi + 200c: 6f outsl %ds:(%rsi),(%dx) + 200d: 72 6c jb 207b <__GNU_EH_FRAME_HDR+0x67> + 200f: 64 21 00 and %eax,%fs:(%rax) + +Disassembly of section .eh_frame_hdr: + +0000000000002014 <__GNU_EH_FRAME_HDR>: + 2014: 01 1b add %ebx,(%rbx) + 2016: 03 3b add (%rbx),%edi + 2018: 30 00 xor %al,(%rax) + 201a: 00 00 add %al,(%rax) + 201c: 05 00 00 00 0c add $0xc000000,%eax + 2021: f0 ff lock (bad) + 2023: ff 64 00 00 jmp *0x0(%rax,%rax,1) + 2027: 00 2c f0 add %ch,(%rax,%rsi,8) + 202a: ff (bad) + 202b: ff 8c 00 00 00 3c f0 decl -0xfc40000(%rax,%rax,1) + 2032: ff (bad) + 2033: ff a4 00 00 00 4c f0 jmp *-0xfb40000(%rax,%rax,1) + 203a: ff (bad) + 203b: ff 4c 00 00 decl 0x0(%rax,%rax,1) + 203f: 00 35 f1 ff ff bc add %dh,-0x4300000f(%rip) # ffffffffbd002036 <_end+0xffffffffbcffe01e> + 2045: 00 00 add %al,(%rax) + ... + +Disassembly of section .eh_frame: + +0000000000002048 <__FRAME_END__-0xa8>: + 2048: 14 00 adc $0x0,%al + 204a: 00 00 add %al,(%rax) + 204c: 00 00 add %al,(%rax) + 204e: 00 00 add %al,(%rax) + 2050: 01 7a 52 add %edi,0x52(%rdx) + 2053: 00 01 add %al,(%rcx) + 2055: 78 10 js 2067 <__GNU_EH_FRAME_HDR+0x53> + 2057: 01 1b add %ebx,(%rbx) + 2059: 0c 07 or $0x7,%al + 205b: 08 90 01 00 00 14 or %dl,0x14000001(%rax) + 2061: 00 00 add %al,(%rax) + 2063: 00 1c 00 add %bl,(%rax,%rax,1) + 2066: 00 00 add %al,(%rax) + 2068: f8 clc + 2069: ef out %eax,(%dx) + 206a: ff (bad) + 206b: ff 26 jmp *(%rsi) + 206d: 00 00 add %al,(%rax) + 206f: 00 00 add %al,(%rax) + 2071: 44 07 rex.R (bad) + 2073: 10 00 adc %al,(%rax) + 2075: 00 00 add %al,(%rax) + 2077: 00 24 00 add %ah,(%rax,%rax,1) + 207a: 00 00 add %al,(%rax) + 207c: 34 00 xor $0x0,%al + 207e: 00 00 add %al,(%rax) + 2080: a0 ef ff ff 20 00 00 movabs 0x20ffffef,%al + 2087: 00 00 + 2089: 0e (bad) + 208a: 10 46 0e adc %al,0xe(%rsi) + 208d: 18 4a 0f sbb %cl,0xf(%rdx) + 2090: 0b 77 08 or 0x8(%rdi),%esi + 2093: 80 00 3f addb $0x3f,(%rax) + 2096: 1a 3a sbb (%rdx),%bh + 2098: 2a 33 sub (%rbx),%dh + 209a: 24 22 and $0x22,%al + 209c: 00 00 add %al,(%rax) + 209e: 00 00 add %al,(%rax) + 20a0: 14 00 adc $0x0,%al + 20a2: 00 00 add %al,(%rax) + 20a4: 5c pop %rsp + 20a5: 00 00 add %al,(%rax) + 20a7: 00 98 ef ff ff 10 add %bl,0x10ffffef(%rax) + ... + 20b5: 00 00 add %al,(%rax) + 20b7: 00 14 00 add %dl,(%rax,%rax,1) + 20ba: 00 00 add %al,(%rax) + 20bc: 74 00 je 20be <__GNU_EH_FRAME_HDR+0xaa> + 20be: 00 00 add %al,(%rax) + 20c0: 90 nop + 20c1: ef out %eax,(%dx) + 20c2: ff (bad) + 20c3: ff 10 call *(%rax) + ... + 20cd: 00 00 add %al,(%rax) + 20cf: 00 1c 00 add %bl,(%rax,%rax,1) + 20d2: 00 00 add %al,(%rax) + 20d4: 8c 00 mov %es,(%rax) + 20d6: 00 00 add %al,(%rax) + 20d8: 71 f0 jno 20ca <__GNU_EH_FRAME_HDR+0xb6> + 20da: ff (bad) + 20db: ff 1b lcall *(%rbx) + 20dd: 00 00 add %al,(%rax) + 20df: 00 00 add %al,(%rax) + 20e1: 45 0e rex.RB (bad) + 20e3: 10 86 02 43 0d 06 adc %al,0x60d4302(%rsi) + 20e9: 52 push %rdx + 20ea: 0c 07 or $0x7,%al + 20ec: 08 00 or %al,(%rax) + ... + +00000000000020f0 <__FRAME_END__>: + 20f0: 00 00 add %al,(%rax) + ... + +Disassembly of section .init_array: + +0000000000003db8 <__frame_dummy_init_array_entry>: + 3db8: 40 11 00 rex adc %eax,(%rax) + 3dbb: 00 00 add %al,(%rax) + 3dbd: 00 00 add %al,(%rax) + ... + +Disassembly of section .fini_array: + +0000000000003dc0 <__do_global_dtors_aux_fini_array_entry>: + 3dc0: 00 11 add %dl,(%rcx) + 3dc2: 00 00 add %al,(%rax) + 3dc4: 00 00 add %al,(%rax) + ... + +Disassembly of section .dynamic: + +0000000000003dc8 <_DYNAMIC>: + 3dc8: 01 00 add %eax,(%rax) + 3dca: 00 00 add %al,(%rax) + 3dcc: 00 00 add %al,(%rax) + 3dce: 00 00 add %al,(%rax) + 3dd0: 27 (bad) + 3dd1: 00 00 add %al,(%rax) + 3dd3: 00 00 add %al,(%rax) + 3dd5: 00 00 add %al,(%rax) + 3dd7: 00 0c 00 add %cl,(%rax,%rax,1) + 3dda: 00 00 add %al,(%rax) + 3ddc: 00 00 add %al,(%rax) + 3dde: 00 00 add %al,(%rax) + 3de0: 00 10 add %dl,(%rax) + 3de2: 00 00 add %al,(%rax) + 3de4: 00 00 add %al,(%rax) + 3de6: 00 00 add %al,(%rax) + 3de8: 0d 00 00 00 00 or $0x0,%eax + 3ded: 00 00 add %al,(%rax) + 3def: 00 64 11 00 add %ah,0x0(%rcx,%rdx,1) + 3df3: 00 00 add %al,(%rax) + 3df5: 00 00 add %al,(%rax) + 3df7: 00 19 add %bl,(%rcx) + 3df9: 00 00 add %al,(%rax) + 3dfb: 00 00 add %al,(%rax) + 3dfd: 00 00 add %al,(%rax) + 3dff: 00 b8 3d 00 00 00 add %bh,0x3d(%rax) + 3e05: 00 00 add %al,(%rax) + 3e07: 00 1b add %bl,(%rbx) + 3e09: 00 00 add %al,(%rax) + 3e0b: 00 00 add %al,(%rax) + 3e0d: 00 00 add %al,(%rax) + 3e0f: 00 08 add %cl,(%rax) + 3e11: 00 00 add %al,(%rax) + 3e13: 00 00 add %al,(%rax) + 3e15: 00 00 add %al,(%rax) + 3e17: 00 1a add %bl,(%rdx) + 3e19: 00 00 add %al,(%rax) + 3e1b: 00 00 add %al,(%rax) + 3e1d: 00 00 add %al,(%rax) + 3e1f: 00 c0 add %al,%al + 3e21: 3d 00 00 00 00 cmp $0x0,%eax + 3e26: 00 00 add %al,(%rax) + 3e28: 1c 00 sbb $0x0,%al + 3e2a: 00 00 add %al,(%rax) + 3e2c: 00 00 add %al,(%rax) + 3e2e: 00 00 add %al,(%rax) + 3e30: 08 00 or %al,(%rax) + 3e32: 00 00 add %al,(%rax) + 3e34: 00 00 add %al,(%rax) + 3e36: 00 00 add %al,(%rax) + 3e38: f5 cmc + 3e39: fe (bad) + 3e3a: ff 6f 00 ljmp *0x0(%rdi) + 3e3d: 00 00 add %al,(%rax) + 3e3f: 00 b0 03 00 00 00 add %dh,0x3(%rax) + 3e45: 00 00 add %al,(%rax) + 3e47: 00 05 00 00 00 00 add %al,0x0(%rip) # 3e4d <_DYNAMIC+0x85> + 3e4d: 00 00 add %al,(%rax) + 3e4f: 00 80 04 00 00 00 add %al,0x4(%rax) + 3e55: 00 00 add %al,(%rax) + 3e57: 00 06 add %al,(%rsi) + 3e59: 00 00 add %al,(%rax) + 3e5b: 00 00 add %al,(%rax) + 3e5d: 00 00 add %al,(%rax) + 3e5f: 00 d8 add %bl,%al + 3e61: 03 00 add (%rax),%eax + 3e63: 00 00 add %al,(%rax) + 3e65: 00 00 add %al,(%rax) + 3e67: 00 0a add %cl,(%rdx) + 3e69: 00 00 add %al,(%rax) + 3e6b: 00 00 add %al,(%rax) + 3e6d: 00 00 add %al,(%rax) + 3e6f: 00 8d 00 00 00 00 add %cl,0x0(%rbp) + 3e75: 00 00 add %al,(%rax) + 3e77: 00 0b add %cl,(%rbx) + 3e79: 00 00 add %al,(%rax) + 3e7b: 00 00 add %al,(%rax) + 3e7d: 00 00 add %al,(%rax) + 3e7f: 00 18 add %bl,(%rax) + 3e81: 00 00 add %al,(%rax) + 3e83: 00 00 add %al,(%rax) + 3e85: 00 00 add %al,(%rax) + 3e87: 00 15 00 00 00 00 add %dl,0x0(%rip) # 3e8d <_DYNAMIC+0xc5> + ... + 3e95: 00 00 add %al,(%rax) + 3e97: 00 03 add %al,(%rbx) + 3e99: 00 00 add %al,(%rax) + 3e9b: 00 00 add %al,(%rax) + 3e9d: 00 00 add %al,(%rax) + 3e9f: 00 b8 3f 00 00 00 add %bh,0x3f(%rax) + 3ea5: 00 00 add %al,(%rax) + 3ea7: 00 02 add %al,(%rdx) + 3ea9: 00 00 add %al,(%rax) + 3eab: 00 00 add %al,(%rax) + 3ead: 00 00 add %al,(%rax) + 3eaf: 00 18 add %bl,(%rax) + 3eb1: 00 00 add %al,(%rax) + 3eb3: 00 00 add %al,(%rax) + 3eb5: 00 00 add %al,(%rax) + 3eb7: 00 14 00 add %dl,(%rax,%rax,1) + 3eba: 00 00 add %al,(%rax) + 3ebc: 00 00 add %al,(%rax) + 3ebe: 00 00 add %al,(%rax) + 3ec0: 07 (bad) + 3ec1: 00 00 add %al,(%rax) + 3ec3: 00 00 add %al,(%rax) + 3ec5: 00 00 add %al,(%rax) + 3ec7: 00 17 add %dl,(%rdi) + 3ec9: 00 00 add %al,(%rax) + 3ecb: 00 00 add %al,(%rax) + 3ecd: 00 00 add %al,(%rax) + 3ecf: 00 10 add %dl,(%rax) + 3ed1: 06 (bad) + 3ed2: 00 00 add %al,(%rax) + 3ed4: 00 00 add %al,(%rax) + 3ed6: 00 00 add %al,(%rax) + 3ed8: 07 (bad) + 3ed9: 00 00 add %al,(%rax) + 3edb: 00 00 add %al,(%rax) + 3edd: 00 00 add %al,(%rax) + 3edf: 00 50 05 add %dl,0x5(%rax) + 3ee2: 00 00 add %al,(%rax) + 3ee4: 00 00 add %al,(%rax) + 3ee6: 00 00 add %al,(%rax) + 3ee8: 08 00 or %al,(%rax) + 3eea: 00 00 add %al,(%rax) + 3eec: 00 00 add %al,(%rax) + 3eee: 00 00 add %al,(%rax) + 3ef0: c0 00 00 rolb $0x0,(%rax) + 3ef3: 00 00 add %al,(%rax) + 3ef5: 00 00 add %al,(%rax) + 3ef7: 00 09 add %cl,(%rcx) + 3ef9: 00 00 add %al,(%rax) + 3efb: 00 00 add %al,(%rax) + 3efd: 00 00 add %al,(%rax) + 3eff: 00 18 add %bl,(%rax) + 3f01: 00 00 add %al,(%rax) + 3f03: 00 00 add %al,(%rax) + 3f05: 00 00 add %al,(%rax) + 3f07: 00 1e add %bl,(%rsi) + 3f09: 00 00 add %al,(%rax) + 3f0b: 00 00 add %al,(%rax) + 3f0d: 00 00 add %al,(%rax) + 3f0f: 00 08 add %cl,(%rax) + 3f11: 00 00 add %al,(%rax) + 3f13: 00 00 add %al,(%rax) + 3f15: 00 00 add %al,(%rax) + 3f17: 00 fb add %bh,%bl + 3f19: ff (bad) + 3f1a: ff 6f 00 ljmp *0x0(%rdi) + 3f1d: 00 00 add %al,(%rax) + 3f1f: 00 01 add %al,(%rcx) + 3f21: 00 00 add %al,(%rax) + 3f23: 08 00 or %al,(%rax) + 3f25: 00 00 add %al,(%rax) + 3f27: 00 fe add %bh,%dh + 3f29: ff (bad) + 3f2a: ff 6f 00 ljmp *0x0(%rdi) + 3f2d: 00 00 add %al,(%rax) + 3f2f: 00 20 add %ah,(%rax) + 3f31: 05 00 00 00 00 add $0x0,%eax + 3f36: 00 00 add %al,(%rax) + 3f38: ff (bad) + 3f39: ff (bad) + 3f3a: ff 6f 00 ljmp *0x0(%rdi) + 3f3d: 00 00 add %al,(%rax) + 3f3f: 00 01 add %al,(%rcx) + 3f41: 00 00 add %al,(%rax) + 3f43: 00 00 add %al,(%rax) + 3f45: 00 00 add %al,(%rax) + 3f47: 00 f0 add %dh,%al + 3f49: ff (bad) + 3f4a: ff 6f 00 ljmp *0x0(%rdi) + 3f4d: 00 00 add %al,(%rax) + 3f4f: 00 0e add %cl,(%rsi) + 3f51: 05 00 00 00 00 add $0x0,%eax + 3f56: 00 00 add %al,(%rax) + 3f58: f9 stc + 3f59: ff (bad) + 3f5a: ff 6f 00 ljmp *0x0(%rdi) + 3f5d: 00 00 add %al,(%rax) + 3f5f: 00 03 add %al,(%rbx) + ... + +Disassembly of section .got: + +0000000000003fb8 <_GLOBAL_OFFSET_TABLE_>: + 3fb8: c8 3d 00 00 enter $0x3d,$0x0 + ... + 3fd0: 30 10 xor %dl,(%rax) + ... + +Disassembly of section .data: + +0000000000004000 <__data_start>: + ... + +0000000000004008 <__dso_handle>: + 4008: 08 40 00 or %al,0x0(%rax) + 400b: 00 00 add %al,(%rax) + 400d: 00 00 add %al,(%rax) + ... + +Disassembly of section .bss: + +0000000000004010 : + ... + +Disassembly of section .comment: + +0000000000000000 <.comment>: + 0: 47 rex.RXB + 1: 43 rex.XB + 2: 43 3a 20 rex.XB cmp (%r8),%spl + 5: 28 55 62 sub %dl,0x62(%rbp) + 8: 75 6e jne 78 <__abi_tag-0x314> + a: 74 75 je 81 <__abi_tag-0x30b> + c: 20 31 and %dh,(%rcx) + e: 30 2e xor %ch,(%rsi) + 10: 35 2e 30 2d 31 xor $0x312d302e,%eax + 15: 75 62 jne 79 <__abi_tag-0x313> + 17: 75 6e jne 87 <__abi_tag-0x305> + 19: 74 75 je 90 <__abi_tag-0x2fc> + 1b: 31 7e 32 xor %edi,0x32(%rsi) + 1e: 32 2e xor (%rsi),%ch + 20: 30 34 29 xor %dh,(%rcx,%rbp,1) + 23: 20 31 and %dh,(%rcx) + 25: 30 2e xor %ch,(%rsi) + 27: 35 .byte 0x35 + 28: 2e 30 00 cs xor %al,(%rax) diff --git a/srcs/woody.c b/srcs/woody.c index a3ebdec..17cabd9 100644 --- a/srcs/woody.c +++ b/srcs/woody.c @@ -1,6 +1,7 @@ #include "../includes/woody.h" -#define CODE_MACRO "\x31\xc0\x99\xb2\x0a\xff\xc0\x89\xc7\x48\x8d\x35\x10\x00\x00\x00\x0f\x05\xb2\x2a\x31\xc0\xff\xc0\xf6\xe2\x89\xc7\x31\xc0\x0f\x05\x2e\x2e\x57\x4f\x4f\x44\x59\x2e\x2e\x0a" +#define CODE_MACRO "\x50\x57\x56\x52\x53\x31\xc0\x99\xb2\x0a\xff\xc0\x89\xc7\x48\x8d\x35\x09\x00\x00\x00\x0f\x05\x5a\x5b\x5a\x5e\x5f\x58\xc3\x2e\x2e\x57\x4f\x4f\x44\x59\x2e\x2e\x0a" +char jmp[] = "\xe9\x00\x00\x00\x00"; int elf_magic_numbers(char *str) { @@ -58,7 +59,7 @@ int get_load_segment(t_efl_content *woody, int start, bool executable) void find_cave(t_efl_content *woody) { - woody->Phdr = (Elf64_Phdr *)secure_access(woody->file, woody->file_size, woody->Ehdr->e_phoff, sizeof(Elf64_Phdr)); + woody->Phdr = (Elf64_Phdr *)secure_jump(woody->file, woody->file_size, woody->Ehdr->e_phoff, sizeof(Elf64_Phdr)); int i = get_load_segment(woody, 0, true); int j = get_load_segment(woody, i + 1, false); @@ -69,33 +70,26 @@ void find_cave(t_efl_content *woody) printf("code_cave_size = %lx\n", woody->Phdr[j].p_offset - (woody->Phdr[i].p_offset + woody->Phdr[i].p_filesz)); -// static void inject(t_woody64 *woody, const t_patch *patch) { -// char payload[] = PAYLOAD; - Elf64_Off payload_off = woody->Phdr[i].p_offset + woody->Phdr[i].p_filesz; -// ft_memcpy((void *)woody->file + payload_off, payload, PAYLOAD_SIZE); -// ft_memcpy( -// (void *)woody->file + payload_off + (PAYLOAD_SIZE - sizeof(t_patch)), -// patch, sizeof(t_patch)); - -// woody->file->e_entry = woody->load_seg->p_vaddr + woody->load_seg->p_filesz; -// woody->load_seg->p_filesz += PAYLOAD_SIZE; -// woody->load_seg->p_memsz += PAYLOAD_SIZE; -// } size_t len = sizeof(CODE_MACRO) - 1; ft_memcpy(woody->file + payload_off, CODE_MACRO, len); + printf("old entry : %lx\n", woody->Ehdr->e_entry); woody->Ehdr->e_entry = woody->Phdr[i].p_vaddr + woody->Phdr[i].p_filesz; woody->Phdr[i].p_filesz += len; woody->Phdr[i].p_memsz += len; + + printf("e_entry = %lx\n", woody->Ehdr->e_entry); + printf("p_filesz = %lx\n", woody->Phdr[i].p_filesz); + printf("p_memsz = %lx\n", woody->Phdr[i].p_memsz); } int inject(t_efl_content *woody) { - woody->Ehdr = (Elf64_Ehdr *)secure_access(woody->file, woody->file_size, 0, sizeof(Elf64_Ehdr)); + woody->Ehdr = (Elf64_Ehdr *)secure_jump(woody->file, woody->file_size, 0, sizeof(Elf64_Ehdr)); if (!woody->Ehdr || !elf_magic_numbers(woody->file) || woody->Ehdr->e_ident[EI_CLASS] != 2) { ft_printf("Error: \'%s\' is not a valid 64-bit ELF file\n", woody->file_path); @@ -103,8 +97,8 @@ int inject(t_efl_content *woody) } printf("entry point = %ld\n", woody->Ehdr->e_entry); - Elf64_Shdr *Shdr = (Elf64_Shdr *)secure_access(woody->file, woody->file_size, woody->Ehdr->e_shoff, sizeof(Elf64_Shdr)); - if (Shdr == NULL || !secure_access(woody->file, woody->file_size, woody->Ehdr->e_shoff, woody->Ehdr->e_shnum * sizeof(Elf64_Shdr))) + Elf64_Shdr *Shdr = (Elf64_Shdr *)secure_jump(woody->file, woody->file_size, woody->Ehdr->e_shoff, sizeof(Elf64_Shdr)); + if (Shdr == NULL || !secure_jump(woody->file, woody->file_size, woody->Ehdr->e_shoff, woody->Ehdr->e_shnum * sizeof(Elf64_Shdr))) { return ft_put_error("Corrupted file"); } @@ -116,16 +110,16 @@ int inject(t_efl_content *woody) Elf64_Shdr *symbols_table = NULL; for (int i = 0; i < woody->Ehdr->e_shnum; i++) { if (Shdr[i].sh_type == SHT_SYMTAB) { - symbols_table = secure_access(woody->file, woody->file_size, woody->Ehdr->e_shoff + (i * sizeof(Elf64_Shdr)), sizeof(Elf64_Shdr)); + symbols_table = secure_jump(woody->file, woody->file_size, woody->Ehdr->e_shoff + (i * sizeof(Elf64_Shdr)), sizeof(Elf64_Shdr)); } } if (symbols_table == NULL) return ft_put_error("No symbols"); - if (!secure_access(woody->file, woody->file_size, woody->Ehdr->e_shoff + (woody->Ehdr->e_shstrndx * sizeof(Elf64_Shdr)), sizeof(Elf64_Shdr))) + if (!secure_jump(woody->file, woody->file_size, woody->Ehdr->e_shoff + (woody->Ehdr->e_shstrndx * sizeof(Elf64_Shdr)), sizeof(Elf64_Shdr))) return ft_put_error("Corrupted file"); - char *Sshstrtab = (char *)secure_access(woody->file, woody->file_size, Shdr[woody->Ehdr->e_shstrndx].sh_offset, 0); + char *Sshstrtab = (char *)secure_jump(woody->file, woody->file_size, Shdr[woody->Ehdr->e_shstrndx].sh_offset, 0); if (Sshstrtab == NULL) return ft_put_error("Corrupted file"); @@ -135,14 +129,14 @@ int inject(t_efl_content *woody) } // useless for now - Elf64_Shdr *strtab_header = (Elf64_Shdr *)secure_access(woody->file, woody->file_size, woody->Ehdr->e_shoff + (symbols_table->sh_link * woody->Ehdr->e_shentsize), sizeof(Elf64_Shdr)); + Elf64_Shdr *strtab_header = (Elf64_Shdr *)secure_jump(woody->file, woody->file_size, woody->Ehdr->e_shoff + (symbols_table->sh_link * woody->Ehdr->e_shentsize), sizeof(Elf64_Shdr)); if (!strtab_header) return ft_put_error("Corrupted file"); - char *strtab = secure_access(woody->file, woody->file_size, strtab_header->sh_offset, 0); + char *strtab = secure_jump(woody->file, woody->file_size, strtab_header->sh_offset, 0); if (strtab == NULL) return ft_put_error("Corrupted file"); - Elf64_Sym *symbols = (Elf64_Sym *)secure_access(woody->file, woody->file_size, symbols_table->sh_offset, sizeof(Elf64_Sym)); + Elf64_Sym *symbols = (Elf64_Sym *)secure_jump(woody->file, woody->file_size, symbols_table->sh_offset, sizeof(Elf64_Sym)); if (symbols == NULL) return ft_put_error("Corrupted file"); // end useless woody->Ehdr->e_entry = @@ -153,7 +147,7 @@ int inject(t_efl_content *woody) ft_memcpy(woody_file, woody->file, woody->file_size); - encrypt_zone(woody_file, strtab_header->sh_offset , strtab_header->sh_size); + // encrypt_zone(woody_file, strtab_header->sh_offset , strtab_header->sh_size); return save_elf("woody", woody_file, woody->file_size); } \ No newline at end of file diff --git a/woody.txt b/woody.txt new file mode 100644 index 0000000..dc5f9d3 --- /dev/null +++ b/woody.txt @@ -0,0 +1,825 @@ + +woody: file format elf64-x86-64 + + +Disassembly of section .interp: + +0000000000000318 <.interp>: + 318: 2f (bad) + 319: 6c insb (%dx),%es:(%rdi) + 31a: 69 62 36 34 2f 6c 64 imul $0x646c2f34,0x36(%rdx),%esp + 321: 2d 6c 69 6e 75 sub $0x756e696c,%eax + 326: 78 2d js 355 <__abi_tag-0x37> + 328: 78 38 js 362 <__abi_tag-0x2a> + 32a: 36 2d 36 34 2e 73 ss sub $0x732e3436,%eax + 330: 6f outsl %ds:(%rsi),(%dx) + 331: 2e 32 00 cs xor (%rax),%al + +Disassembly of section .note.gnu.property: + +0000000000000338 <.note.gnu.property>: + 338: 04 00 add $0x0,%al + 33a: 00 00 add %al,(%rax) + 33c: 20 00 and %al,(%rax) + 33e: 00 00 add %al,(%rax) + 340: 05 00 00 00 47 add $0x47000000,%eax + 345: 4e 55 rex.WRX push %rbp + 347: 00 02 add %al,(%rdx) + 349: 00 00 add %al,(%rax) + 34b: c0 04 00 00 rolb $0x0,(%rax,%rax,1) + 34f: 00 03 add %al,(%rbx) + 351: 00 00 add %al,(%rax) + 353: 00 00 add %al,(%rax) + 355: 00 00 add %al,(%rax) + 357: 00 02 add %al,(%rdx) + 359: 80 00 c0 addb $0xc0,(%rax) + 35c: 04 00 add $0x0,%al + 35e: 00 00 add %al,(%rax) + 360: 01 00 add %eax,(%rax) + 362: 00 00 add %al,(%rax) + 364: 00 00 add %al,(%rax) + ... + +Disassembly of section .note.gnu.build-id: + +0000000000000368 <.note.gnu.build-id>: + 368: 04 00 add $0x0,%al + 36a: 00 00 add %al,(%rax) + 36c: 14 00 adc $0x0,%al + 36e: 00 00 add %al,(%rax) + 370: 03 00 add (%rax),%eax + 372: 00 00 add %al,(%rax) + 374: 47 rex.RXB + 375: 4e 55 rex.WRX push %rbp + 377: 00 aa 0d f4 0f 29 add %ch,0x290ff40d(%rdx) + 37d: 9d popf + 37e: 21 c9 and %ecx,%ecx + 380: 16 (bad) + 381: 1e (bad) + 382: 8a 34 ce mov (%rsi,%rcx,8),%dh + 385: 99 cltd + 386: 69 cc 15 8d 7d 01 imul $0x17d8d15,%esp,%ecx + +Disassembly of section .note.ABI-tag: + +000000000000038c <__abi_tag>: + 38c: 04 00 add $0x0,%al + 38e: 00 00 add %al,(%rax) + 390: 10 00 adc %al,(%rax) + 392: 00 00 add %al,(%rax) + 394: 01 00 add %eax,(%rax) + 396: 00 00 add %al,(%rax) + 398: 47 rex.RXB + 399: 4e 55 rex.WRX push %rbp + 39b: 00 00 add %al,(%rax) + 39d: 00 00 add %al,(%rax) + 39f: 00 03 add %al,(%rbx) + 3a1: 00 00 add %al,(%rax) + 3a3: 00 02 add %al,(%rdx) + 3a5: 00 00 add %al,(%rax) + 3a7: 00 00 add %al,(%rax) + 3a9: 00 00 add %al,(%rax) + ... + +Disassembly of section .gnu.hash: + +00000000000003b0 <.gnu.hash>: + 3b0: 02 00 add (%rax),%al + 3b2: 00 00 add %al,(%rax) + 3b4: 06 (bad) + 3b5: 00 00 add %al,(%rax) + 3b7: 00 01 add %al,(%rcx) + 3b9: 00 00 add %al,(%rax) + 3bb: 00 06 add %al,(%rsi) + 3bd: 00 00 add %al,(%rax) + 3bf: 00 00 add %al,(%rax) + 3c1: 00 81 00 00 00 00 add %al,0x0(%rcx) + 3c7: 00 06 add %al,(%rsi) + 3c9: 00 00 add %al,(%rax) + 3cb: 00 00 add %al,(%rax) + 3cd: 00 00 add %al,(%rax) + 3cf: 00 d1 add %dl,%cl + 3d1: 65 ce gs (bad) + 3d3: 6d insl (%dx),%es:(%rdi) + +Disassembly of section .dynsym: + +00000000000003d8 <.dynsym>: + ... + 3f0: 10 00 adc %al,(%rax) + 3f2: 00 00 add %al,(%rax) + 3f4: 12 00 adc (%rax),%al + ... + 406: 00 00 add %al,(%rax) + 408: 48 00 00 rex.W add %al,(%rax) + 40b: 00 20 add %ah,(%rax) + ... + 41d: 00 00 add %al,(%rax) + 41f: 00 22 add %ah,(%rdx) + 421: 00 00 add %al,(%rax) + 423: 00 12 add %dl,(%rdx) + ... + 435: 00 00 add %al,(%rax) + 437: 00 64 00 00 add %ah,0x0(%rax,%rax,1) + 43b: 00 20 add %ah,(%rax) + ... + 44d: 00 00 add %al,(%rax) + 44f: 00 73 00 add %dh,0x0(%rbx) + 452: 00 00 add %al,(%rax) + 454: 20 00 and %al,(%rax) + ... + 466: 00 00 add %al,(%rax) + 468: 01 00 add %eax,(%rax) + 46a: 00 00 add %al,(%rax) + 46c: 22 00 and (%rax),%al + ... + +Disassembly of section .dynstr: + +0000000000000480 <.dynstr>: + 480: 00 5f 5f add %bl,0x5f(%rdi) + 483: 63 78 61 movsxd 0x61(%rax),%edi + 486: 5f pop %rdi + 487: 66 69 6e 61 6c 69 imul $0x696c,0x61(%rsi),%bp + 48d: 7a 65 jp 4f4 <__abi_tag+0x168> + 48f: 00 5f 5f add %bl,0x5f(%rdi) + 492: 6c insb (%dx),%es:(%rdi) + 493: 69 62 63 5f 73 74 61 imul $0x6174735f,0x63(%rdx),%esp + 49a: 72 74 jb 510 <__abi_tag+0x184> + 49c: 5f pop %rdi + 49d: 6d insl (%dx),%es:(%rdi) + 49e: 61 (bad) + 49f: 69 6e 00 70 75 74 73 imul $0x73747570,0x0(%rsi),%ebp + 4a6: 00 6c 69 62 add %ch,0x62(%rcx,%rbp,2) + 4aa: 63 2e movsxd (%rsi),%ebp + 4ac: 73 6f jae 51d <__abi_tag+0x191> + 4ae: 2e 36 00 47 4c cs ss add %al,0x4c(%rdi) + 4b3: 49 rex.WB + 4b4: 42 rex.X + 4b5: 43 5f rex.XB pop %r15 + 4b7: 32 2e xor (%rsi),%ch + 4b9: 32 2e xor (%rsi),%ch + 4bb: 35 00 47 4c 49 xor $0x494c4700,%eax + 4c0: 42 rex.X + 4c1: 43 5f rex.XB pop %r15 + 4c3: 32 2e xor (%rsi),%ch + 4c5: 33 34 00 xor (%rax,%rax,1),%esi + 4c8: 5f pop %rdi + 4c9: 49 54 rex.WB push %r12 + 4cb: 4d 5f rex.WRB pop %r15 + 4cd: 64 65 72 65 fs gs jb 536 <__abi_tag+0x1aa> + 4d1: 67 69 73 74 65 72 54 imul $0x4d547265,0x74(%ebx),%esi + 4d8: 4d + 4d9: 43 6c rex.XB insb (%dx),%es:(%rdi) + 4db: 6f outsl %ds:(%rsi),(%dx) + 4dc: 6e outsb %ds:(%rsi),(%dx) + 4dd: 65 54 gs push %rsp + 4df: 61 (bad) + 4e0: 62 (bad) + 4e1: 6c insb (%dx),%es:(%rdi) + 4e2: 65 00 5f 5f add %bl,%gs:0x5f(%rdi) + 4e6: 67 6d insl (%dx),%es:(%edi) + 4e8: 6f outsl %ds:(%rsi),(%dx) + 4e9: 6e outsb %ds:(%rsi),(%dx) + 4ea: 5f pop %rdi + 4eb: 73 74 jae 561 <__abi_tag+0x1d5> + 4ed: 61 (bad) + 4ee: 72 74 jb 564 <__abi_tag+0x1d8> + 4f0: 5f pop %rdi + 4f1: 5f pop %rdi + 4f2: 00 5f 49 add %bl,0x49(%rdi) + 4f5: 54 push %rsp + 4f6: 4d 5f rex.WRB pop %r15 + 4f8: 72 65 jb 55f <__abi_tag+0x1d3> + 4fa: 67 69 73 74 65 72 54 imul $0x4d547265,0x74(%ebx),%esi + 501: 4d + 502: 43 6c rex.XB insb (%dx),%es:(%rdi) + 504: 6f outsl %ds:(%rsi),(%dx) + 505: 6e outsb %ds:(%rsi),(%dx) + 506: 65 54 gs push %rsp + 508: 61 (bad) + 509: 62 .byte 0x62 + 50a: 6c insb (%dx),%es:(%rdi) + 50b: 65 gs + ... + +Disassembly of section .gnu.version: + +000000000000050e <.gnu.version>: + 50e: 00 00 add %al,(%rax) + 510: 02 00 add (%rax),%al + 512: 01 00 add %eax,(%rax) + 514: 03 00 add (%rax),%eax + 516: 01 00 add %eax,(%rax) + 518: 01 00 add %eax,(%rax) + 51a: 03 00 add (%rax),%eax + +Disassembly of section .gnu.version_r: + +0000000000000520 <.gnu.version_r>: + 520: 01 00 add %eax,(%rax) + 522: 02 00 add (%rax),%al + 524: 27 (bad) + 525: 00 00 add %al,(%rax) + 527: 00 10 add %dl,(%rax) + 529: 00 00 add %al,(%rax) + 52b: 00 00 add %al,(%rax) + 52d: 00 00 add %al,(%rax) + 52f: 00 75 1a add %dh,0x1a(%rbp) + 532: 69 09 00 00 03 00 imul $0x30000,(%rcx),%ecx + 538: 31 00 xor %eax,(%rax) + 53a: 00 00 add %al,(%rax) + 53c: 10 00 adc %al,(%rax) + 53e: 00 00 add %al,(%rax) + 540: b4 91 mov $0x91,%ah + 542: 96 xchg %eax,%esi + 543: 06 (bad) + 544: 00 00 add %al,(%rax) + 546: 02 00 add (%rax),%al + 548: 3d 00 00 00 00 cmp $0x0,%eax + 54d: 00 00 add %al,(%rax) + ... + +Disassembly of section .rela.dyn: + +0000000000000550 <.rela.dyn>: + 550: b8 3d 00 00 00 mov $0x3d,%eax + 555: 00 00 add %al,(%rax) + 557: 00 08 add %cl,(%rax) + 559: 00 00 add %al,(%rax) + 55b: 00 00 add %al,(%rax) + 55d: 00 00 add %al,(%rax) + 55f: 00 40 11 add %al,0x11(%rax) + 562: 00 00 add %al,(%rax) + 564: 00 00 add %al,(%rax) + 566: 00 00 add %al,(%rax) + 568: c0 3d 00 00 00 00 00 sarb $0x0,0x0(%rip) # 56f <__abi_tag+0x1e3> + 56f: 00 08 add %cl,(%rax) + ... + 579: 11 00 adc %eax,(%rax) + 57b: 00 00 add %al,(%rax) + 57d: 00 00 add %al,(%rax) + 57f: 00 08 add %cl,(%rax) + 581: 40 00 00 rex add %al,(%rax) + 584: 00 00 add %al,(%rax) + 586: 00 00 add %al,(%rax) + 588: 08 00 or %al,(%rax) + 58a: 00 00 add %al,(%rax) + 58c: 00 00 add %al,(%rax) + 58e: 00 00 add %al,(%rax) + 590: 08 40 00 or %al,0x0(%rax) + 593: 00 00 add %al,(%rax) + 595: 00 00 add %al,(%rax) + 597: 00 d8 add %bl,%al + 599: 3f (bad) + 59a: 00 00 add %al,(%rax) + 59c: 00 00 add %al,(%rax) + 59e: 00 00 add %al,(%rax) + 5a0: 06 (bad) + 5a1: 00 00 add %al,(%rax) + 5a3: 00 01 add %al,(%rcx) + ... + 5ad: 00 00 add %al,(%rax) + 5af: 00 e0 add %ah,%al + 5b1: 3f (bad) + 5b2: 00 00 add %al,(%rax) + 5b4: 00 00 add %al,(%rax) + 5b6: 00 00 add %al,(%rax) + 5b8: 06 (bad) + 5b9: 00 00 add %al,(%rax) + 5bb: 00 02 add %al,(%rdx) + ... + 5c5: 00 00 add %al,(%rax) + 5c7: 00 e8 add %ch,%al + 5c9: 3f (bad) + 5ca: 00 00 add %al,(%rax) + 5cc: 00 00 add %al,(%rax) + 5ce: 00 00 add %al,(%rax) + 5d0: 06 (bad) + 5d1: 00 00 add %al,(%rax) + 5d3: 00 04 00 add %al,(%rax,%rax,1) + ... + 5de: 00 00 add %al,(%rax) + 5e0: f0 3f lock (bad) + 5e2: 00 00 add %al,(%rax) + 5e4: 00 00 add %al,(%rax) + 5e6: 00 00 add %al,(%rax) + 5e8: 06 (bad) + 5e9: 00 00 add %al,(%rax) + 5eb: 00 05 00 00 00 00 add %al,0x0(%rip) # 5f1 <__abi_tag+0x265> + 5f1: 00 00 add %al,(%rax) + 5f3: 00 00 add %al,(%rax) + 5f5: 00 00 add %al,(%rax) + 5f7: 00 f8 add %bh,%al + 5f9: 3f (bad) + 5fa: 00 00 add %al,(%rax) + 5fc: 00 00 add %al,(%rax) + 5fe: 00 00 add %al,(%rax) + 600: 06 (bad) + 601: 00 00 add %al,(%rax) + 603: 00 06 add %al,(%rsi) + ... + +Disassembly of section .rela.plt: + +0000000000000610 <.rela.plt>: + 610: d0 3f sarb (%rdi) + 612: 00 00 add %al,(%rax) + 614: 00 00 add %al,(%rax) + 616: 00 00 add %al,(%rax) + 618: 07 (bad) + 619: 00 00 add %al,(%rax) + 61b: 00 03 add %al,(%rbx) + ... + +Disassembly of section .init: + +0000000000001000 <_init>: + 1000: f3 0f 1e fa endbr64 + 1004: 48 83 ec 08 sub $0x8,%rsp + 1008: 48 8b 05 d9 2f 00 00 mov 0x2fd9(%rip),%rax # 3fe8 <__gmon_start__@Base> + 100f: 48 85 c0 test %rax,%rax + 1012: 74 02 je 1016 <_init+0x16> + 1014: ff d0 call *%rax + 1016: 48 83 c4 08 add $0x8,%rsp + 101a: c3 ret + +Disassembly of section .plt: + +0000000000001020 <.plt>: + 1020: ff 35 9a 2f 00 00 push 0x2f9a(%rip) # 3fc0 <_GLOBAL_OFFSET_TABLE_+0x8> + 1026: f2 ff 25 9b 2f 00 00 bnd jmp *0x2f9b(%rip) # 3fc8 <_GLOBAL_OFFSET_TABLE_+0x10> + 102d: 0f 1f 00 nopl (%rax) + 1030: f3 0f 1e fa endbr64 + 1034: 68 00 00 00 00 push $0x0 + 1039: f2 e9 e1 ff ff ff bnd jmp 1020 <_init+0x20> + 103f: 90 nop + +Disassembly of section .plt.got: + +0000000000001040 <__cxa_finalize@plt>: + 1040: f3 0f 1e fa endbr64 + 1044: f2 ff 25 ad 2f 00 00 bnd jmp *0x2fad(%rip) # 3ff8 <__cxa_finalize@GLIBC_2.2.5> + 104b: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) + +Disassembly of section .plt.sec: + +0000000000001050 : + 1050: f3 0f 1e fa endbr64 + 1054: f2 ff 25 75 2f 00 00 bnd jmp *0x2f75(%rip) # 3fd0 + 105b: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) + +Disassembly of section .text: + +0000000000001060 <_start>: + 1060: f3 0f 1e fa endbr64 + 1064: 31 ed xor %ebp,%ebp + 1066: 49 89 d1 mov %rdx,%r9 + 1069: 5e pop %rsi + 106a: 48 89 e2 mov %rsp,%rdx + 106d: 48 83 e4 f0 and $0xfffffffffffffff0,%rsp + 1071: 50 push %rax + 1072: 54 push %rsp + 1073: 45 31 c0 xor %r8d,%r8d + 1076: 31 c9 xor %ecx,%ecx + 1078: 48 8d 3d ca 00 00 00 lea 0xca(%rip),%rdi # 1149
+ 107f: ff 15 53 2f 00 00 call *0x2f53(%rip) # 3fd8 <__libc_start_main@GLIBC_2.34> + 1085: f4 hlt + 1086: 66 2e 0f 1f 84 00 00 cs nopw 0x0(%rax,%rax,1) + 108d: 00 00 00 + +0000000000001090 : + 1090: 48 8d 3d 79 2f 00 00 lea 0x2f79(%rip),%rdi # 4010 <__TMC_END__> + 1097: 48 8d 05 72 2f 00 00 lea 0x2f72(%rip),%rax # 4010 <__TMC_END__> + 109e: 48 39 f8 cmp %rdi,%rax + 10a1: 74 15 je 10b8 + 10a3: 48 8b 05 36 2f 00 00 mov 0x2f36(%rip),%rax # 3fe0 <_ITM_deregisterTMCloneTable@Base> + 10aa: 48 85 c0 test %rax,%rax + 10ad: 74 09 je 10b8 + 10af: ff e0 jmp *%rax + 10b1: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) + 10b8: c3 ret + 10b9: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) + +00000000000010c0 : + 10c0: 48 8d 3d 49 2f 00 00 lea 0x2f49(%rip),%rdi # 4010 <__TMC_END__> + 10c7: 48 8d 35 42 2f 00 00 lea 0x2f42(%rip),%rsi # 4010 <__TMC_END__> + 10ce: 48 29 fe sub %rdi,%rsi + 10d1: 48 89 f0 mov %rsi,%rax + 10d4: 48 c1 ee 3f shr $0x3f,%rsi + 10d8: 48 c1 f8 03 sar $0x3,%rax + 10dc: 48 01 c6 add %rax,%rsi + 10df: 48 d1 fe sar %rsi + 10e2: 74 14 je 10f8 + 10e4: 48 8b 05 05 2f 00 00 mov 0x2f05(%rip),%rax # 3ff0 <_ITM_registerTMCloneTable@Base> + 10eb: 48 85 c0 test %rax,%rax + 10ee: 74 08 je 10f8 + 10f0: ff e0 jmp *%rax + 10f2: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1) + 10f8: c3 ret + 10f9: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) + +0000000000001100 <__do_global_dtors_aux>: + 1100: f3 0f 1e fa endbr64 + 1104: 80 3d 05 2f 00 00 00 cmpb $0x0,0x2f05(%rip) # 4010 <__TMC_END__> + 110b: 75 2b jne 1138 <__do_global_dtors_aux+0x38> + 110d: 55 push %rbp + 110e: 48 83 3d e2 2e 00 00 cmpq $0x0,0x2ee2(%rip) # 3ff8 <__cxa_finalize@GLIBC_2.2.5> + 1115: 00 + 1116: 48 89 e5 mov %rsp,%rbp + 1119: 74 0c je 1127 <__do_global_dtors_aux+0x27> + 111b: 48 8b 3d e6 2e 00 00 mov 0x2ee6(%rip),%rdi # 4008 <__dso_handle> + 1122: e8 19 ff ff ff call 1040 <__cxa_finalize@plt> + 1127: e8 64 ff ff ff call 1090 + 112c: c6 05 dd 2e 00 00 01 movb $0x1,0x2edd(%rip) # 4010 <__TMC_END__> + 1133: 5d pop %rbp + 1134: c3 ret + 1135: 0f 1f 00 nopl (%rax) + 1138: c3 ret + 1139: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) + +0000000000001140 : + 1140: f3 0f 1e fa endbr64 + 1144: e9 77 ff ff ff jmp 10c0 + +0000000000001149
: + 1149: f3 0f 1e fa endbr64 + 114d: 55 push %rbp + 114e: 48 89 e5 mov %rsp,%rbp + 1151: 48 8d 3d ac 0e 00 00 lea 0xeac(%rip),%rdi # 2004 <_IO_stdin_used+0x4> + 1158: e8 f3 fe ff ff call 1050 + 115d: b8 00 00 00 00 mov $0x0,%eax + 1162: 5d pop %rbp + 1163: c3 ret + +Disassembly of section .fini: + +0000000000001164 <_fini>: + 1164: f3 0f 1e fa endbr64 + 1168: 48 83 ec 08 sub $0x8,%rsp + 116c: 48 83 c4 08 add $0x8,%rsp + 1170: c3 ret + +Disassembly of section .rodata: + +0000000000002000 <_IO_stdin_used>: + 2000: 01 00 add %eax,(%rax) + 2002: 02 00 add (%rax),%al + 2004: 48 rex.W + 2005: 65 6c gs insb (%dx),%es:(%rdi) + 2007: 6c insb (%dx),%es:(%rdi) + 2008: 6f outsl %ds:(%rsi),(%dx) + 2009: 2c 20 sub $0x20,%al + 200b: 57 push %rdi + 200c: 6f outsl %ds:(%rsi),(%dx) + 200d: 72 6c jb 207b <__GNU_EH_FRAME_HDR+0x67> + 200f: 64 21 00 and %eax,%fs:(%rax) + +Disassembly of section .eh_frame_hdr: + +0000000000002014 <__GNU_EH_FRAME_HDR>: + 2014: 01 1b add %ebx,(%rbx) + 2016: 03 3b add (%rbx),%edi + 2018: 30 00 xor %al,(%rax) + 201a: 00 00 add %al,(%rax) + 201c: 05 00 00 00 0c add $0xc000000,%eax + 2021: f0 ff lock (bad) + 2023: ff 64 00 00 jmp *0x0(%rax,%rax,1) + 2027: 00 2c f0 add %ch,(%rax,%rsi,8) + 202a: ff (bad) + 202b: ff 8c 00 00 00 3c f0 decl -0xfc40000(%rax,%rax,1) + 2032: ff (bad) + 2033: ff a4 00 00 00 4c f0 jmp *-0xfb40000(%rax,%rax,1) + 203a: ff (bad) + 203b: ff 4c 00 00 decl 0x0(%rax,%rax,1) + 203f: 00 35 f1 ff ff bc add %dh,-0x4300000f(%rip) # ffffffffbd002036 <_end+0xffffffffbcffe01e> + 2045: 00 00 add %al,(%rax) + ... + +Disassembly of section .eh_frame: + +0000000000002048 <__FRAME_END__-0xa8>: + 2048: 14 00 adc $0x0,%al + 204a: 00 00 add %al,(%rax) + 204c: 00 00 add %al,(%rax) + 204e: 00 00 add %al,(%rax) + 2050: 01 7a 52 add %edi,0x52(%rdx) + 2053: 00 01 add %al,(%rcx) + 2055: 78 10 js 2067 <__GNU_EH_FRAME_HDR+0x53> + 2057: 01 1b add %ebx,(%rbx) + 2059: 0c 07 or $0x7,%al + 205b: 08 90 01 00 00 14 or %dl,0x14000001(%rax) + 2061: 00 00 add %al,(%rax) + 2063: 00 1c 00 add %bl,(%rax,%rax,1) + 2066: 00 00 add %al,(%rax) + 2068: f8 clc + 2069: ef out %eax,(%dx) + 206a: ff (bad) + 206b: ff 26 jmp *(%rsi) + 206d: 00 00 add %al,(%rax) + 206f: 00 00 add %al,(%rax) + 2071: 44 07 rex.R (bad) + 2073: 10 00 adc %al,(%rax) + 2075: 00 00 add %al,(%rax) + 2077: 00 24 00 add %ah,(%rax,%rax,1) + 207a: 00 00 add %al,(%rax) + 207c: 34 00 xor $0x0,%al + 207e: 00 00 add %al,(%rax) + 2080: a0 ef ff ff 20 00 00 movabs 0x20ffffef,%al + 2087: 00 00 + 2089: 0e (bad) + 208a: 10 46 0e adc %al,0xe(%rsi) + 208d: 18 4a 0f sbb %cl,0xf(%rdx) + 2090: 0b 77 08 or 0x8(%rdi),%esi + 2093: 80 00 3f addb $0x3f,(%rax) + 2096: 1a 3a sbb (%rdx),%bh + 2098: 2a 33 sub (%rbx),%dh + 209a: 24 22 and $0x22,%al + 209c: 00 00 add %al,(%rax) + 209e: 00 00 add %al,(%rax) + 20a0: 14 00 adc $0x0,%al + 20a2: 00 00 add %al,(%rax) + 20a4: 5c pop %rsp + 20a5: 00 00 add %al,(%rax) + 20a7: 00 98 ef ff ff 10 add %bl,0x10ffffef(%rax) + ... + 20b5: 00 00 add %al,(%rax) + 20b7: 00 14 00 add %dl,(%rax,%rax,1) + 20ba: 00 00 add %al,(%rax) + 20bc: 74 00 je 20be <__GNU_EH_FRAME_HDR+0xaa> + 20be: 00 00 add %al,(%rax) + 20c0: 90 nop + 20c1: ef out %eax,(%dx) + 20c2: ff (bad) + 20c3: ff 10 call *(%rax) + ... + 20cd: 00 00 add %al,(%rax) + 20cf: 00 1c 00 add %bl,(%rax,%rax,1) + 20d2: 00 00 add %al,(%rax) + 20d4: 8c 00 mov %es,(%rax) + 20d6: 00 00 add %al,(%rax) + 20d8: 71 f0 jno 20ca <__GNU_EH_FRAME_HDR+0xb6> + 20da: ff (bad) + 20db: ff 1b lcall *(%rbx) + 20dd: 00 00 add %al,(%rax) + 20df: 00 00 add %al,(%rax) + 20e1: 45 0e rex.RB (bad) + 20e3: 10 86 02 43 0d 06 adc %al,0x60d4302(%rsi) + 20e9: 52 push %rdx + 20ea: 0c 07 or $0x7,%al + 20ec: 08 00 or %al,(%rax) + ... + +00000000000020f0 <__FRAME_END__>: + 20f0: 00 00 add %al,(%rax) + ... + +Disassembly of section .init_array: + +0000000000003db8 <__frame_dummy_init_array_entry>: + 3db8: 40 11 00 rex adc %eax,(%rax) + 3dbb: 00 00 add %al,(%rax) + 3dbd: 00 00 add %al,(%rax) + ... + +Disassembly of section .fini_array: + +0000000000003dc0 <__do_global_dtors_aux_fini_array_entry>: + 3dc0: 00 11 add %dl,(%rcx) + 3dc2: 00 00 add %al,(%rax) + 3dc4: 00 00 add %al,(%rax) + ... + +Disassembly of section .dynamic: + +0000000000003dc8 <_DYNAMIC>: + 3dc8: 01 00 add %eax,(%rax) + 3dca: 00 00 add %al,(%rax) + 3dcc: 00 00 add %al,(%rax) + 3dce: 00 00 add %al,(%rax) + 3dd0: 27 (bad) + 3dd1: 00 00 add %al,(%rax) + 3dd3: 00 00 add %al,(%rax) + 3dd5: 00 00 add %al,(%rax) + 3dd7: 00 0c 00 add %cl,(%rax,%rax,1) + 3dda: 00 00 add %al,(%rax) + 3ddc: 00 00 add %al,(%rax) + 3dde: 00 00 add %al,(%rax) + 3de0: 00 10 add %dl,(%rax) + 3de2: 00 00 add %al,(%rax) + 3de4: 00 00 add %al,(%rax) + 3de6: 00 00 add %al,(%rax) + 3de8: 0d 00 00 00 00 or $0x0,%eax + 3ded: 00 00 add %al,(%rax) + 3def: 00 64 11 00 add %ah,0x0(%rcx,%rdx,1) + 3df3: 00 00 add %al,(%rax) + 3df5: 00 00 add %al,(%rax) + 3df7: 00 19 add %bl,(%rcx) + 3df9: 00 00 add %al,(%rax) + 3dfb: 00 00 add %al,(%rax) + 3dfd: 00 00 add %al,(%rax) + 3dff: 00 b8 3d 00 00 00 add %bh,0x3d(%rax) + 3e05: 00 00 add %al,(%rax) + 3e07: 00 1b add %bl,(%rbx) + 3e09: 00 00 add %al,(%rax) + 3e0b: 00 00 add %al,(%rax) + 3e0d: 00 00 add %al,(%rax) + 3e0f: 00 08 add %cl,(%rax) + 3e11: 00 00 add %al,(%rax) + 3e13: 00 00 add %al,(%rax) + 3e15: 00 00 add %al,(%rax) + 3e17: 00 1a add %bl,(%rdx) + 3e19: 00 00 add %al,(%rax) + 3e1b: 00 00 add %al,(%rax) + 3e1d: 00 00 add %al,(%rax) + 3e1f: 00 c0 add %al,%al + 3e21: 3d 00 00 00 00 cmp $0x0,%eax + 3e26: 00 00 add %al,(%rax) + 3e28: 1c 00 sbb $0x0,%al + 3e2a: 00 00 add %al,(%rax) + 3e2c: 00 00 add %al,(%rax) + 3e2e: 00 00 add %al,(%rax) + 3e30: 08 00 or %al,(%rax) + 3e32: 00 00 add %al,(%rax) + 3e34: 00 00 add %al,(%rax) + 3e36: 00 00 add %al,(%rax) + 3e38: f5 cmc + 3e39: fe (bad) + 3e3a: ff 6f 00 ljmp *0x0(%rdi) + 3e3d: 00 00 add %al,(%rax) + 3e3f: 00 b0 03 00 00 00 add %dh,0x3(%rax) + 3e45: 00 00 add %al,(%rax) + 3e47: 00 05 00 00 00 00 add %al,0x0(%rip) # 3e4d <_DYNAMIC+0x85> + 3e4d: 00 00 add %al,(%rax) + 3e4f: 00 80 04 00 00 00 add %al,0x4(%rax) + 3e55: 00 00 add %al,(%rax) + 3e57: 00 06 add %al,(%rsi) + 3e59: 00 00 add %al,(%rax) + 3e5b: 00 00 add %al,(%rax) + 3e5d: 00 00 add %al,(%rax) + 3e5f: 00 d8 add %bl,%al + 3e61: 03 00 add (%rax),%eax + 3e63: 00 00 add %al,(%rax) + 3e65: 00 00 add %al,(%rax) + 3e67: 00 0a add %cl,(%rdx) + 3e69: 00 00 add %al,(%rax) + 3e6b: 00 00 add %al,(%rax) + 3e6d: 00 00 add %al,(%rax) + 3e6f: 00 8d 00 00 00 00 add %cl,0x0(%rbp) + 3e75: 00 00 add %al,(%rax) + 3e77: 00 0b add %cl,(%rbx) + 3e79: 00 00 add %al,(%rax) + 3e7b: 00 00 add %al,(%rax) + 3e7d: 00 00 add %al,(%rax) + 3e7f: 00 18 add %bl,(%rax) + 3e81: 00 00 add %al,(%rax) + 3e83: 00 00 add %al,(%rax) + 3e85: 00 00 add %al,(%rax) + 3e87: 00 15 00 00 00 00 add %dl,0x0(%rip) # 3e8d <_DYNAMIC+0xc5> + ... + 3e95: 00 00 add %al,(%rax) + 3e97: 00 03 add %al,(%rbx) + 3e99: 00 00 add %al,(%rax) + 3e9b: 00 00 add %al,(%rax) + 3e9d: 00 00 add %al,(%rax) + 3e9f: 00 b8 3f 00 00 00 add %bh,0x3f(%rax) + 3ea5: 00 00 add %al,(%rax) + 3ea7: 00 02 add %al,(%rdx) + 3ea9: 00 00 add %al,(%rax) + 3eab: 00 00 add %al,(%rax) + 3ead: 00 00 add %al,(%rax) + 3eaf: 00 18 add %bl,(%rax) + 3eb1: 00 00 add %al,(%rax) + 3eb3: 00 00 add %al,(%rax) + 3eb5: 00 00 add %al,(%rax) + 3eb7: 00 14 00 add %dl,(%rax,%rax,1) + 3eba: 00 00 add %al,(%rax) + 3ebc: 00 00 add %al,(%rax) + 3ebe: 00 00 add %al,(%rax) + 3ec0: 07 (bad) + 3ec1: 00 00 add %al,(%rax) + 3ec3: 00 00 add %al,(%rax) + 3ec5: 00 00 add %al,(%rax) + 3ec7: 00 17 add %dl,(%rdi) + 3ec9: 00 00 add %al,(%rax) + 3ecb: 00 00 add %al,(%rax) + 3ecd: 00 00 add %al,(%rax) + 3ecf: 00 10 add %dl,(%rax) + 3ed1: 06 (bad) + 3ed2: 00 00 add %al,(%rax) + 3ed4: 00 00 add %al,(%rax) + 3ed6: 00 00 add %al,(%rax) + 3ed8: 07 (bad) + 3ed9: 00 00 add %al,(%rax) + 3edb: 00 00 add %al,(%rax) + 3edd: 00 00 add %al,(%rax) + 3edf: 00 50 05 add %dl,0x5(%rax) + 3ee2: 00 00 add %al,(%rax) + 3ee4: 00 00 add %al,(%rax) + 3ee6: 00 00 add %al,(%rax) + 3ee8: 08 00 or %al,(%rax) + 3eea: 00 00 add %al,(%rax) + 3eec: 00 00 add %al,(%rax) + 3eee: 00 00 add %al,(%rax) + 3ef0: c0 00 00 rolb $0x0,(%rax) + 3ef3: 00 00 add %al,(%rax) + 3ef5: 00 00 add %al,(%rax) + 3ef7: 00 09 add %cl,(%rcx) + 3ef9: 00 00 add %al,(%rax) + 3efb: 00 00 add %al,(%rax) + 3efd: 00 00 add %al,(%rax) + 3eff: 00 18 add %bl,(%rax) + 3f01: 00 00 add %al,(%rax) + 3f03: 00 00 add %al,(%rax) + 3f05: 00 00 add %al,(%rax) + 3f07: 00 1e add %bl,(%rsi) + 3f09: 00 00 add %al,(%rax) + 3f0b: 00 00 add %al,(%rax) + 3f0d: 00 00 add %al,(%rax) + 3f0f: 00 08 add %cl,(%rax) + 3f11: 00 00 add %al,(%rax) + 3f13: 00 00 add %al,(%rax) + 3f15: 00 00 add %al,(%rax) + 3f17: 00 fb add %bh,%bl + 3f19: ff (bad) + 3f1a: ff 6f 00 ljmp *0x0(%rdi) + 3f1d: 00 00 add %al,(%rax) + 3f1f: 00 01 add %al,(%rcx) + 3f21: 00 00 add %al,(%rax) + 3f23: 08 00 or %al,(%rax) + 3f25: 00 00 add %al,(%rax) + 3f27: 00 fe add %bh,%dh + 3f29: ff (bad) + 3f2a: ff 6f 00 ljmp *0x0(%rdi) + 3f2d: 00 00 add %al,(%rax) + 3f2f: 00 20 add %ah,(%rax) + 3f31: 05 00 00 00 00 add $0x0,%eax + 3f36: 00 00 add %al,(%rax) + 3f38: ff (bad) + 3f39: ff (bad) + 3f3a: ff 6f 00 ljmp *0x0(%rdi) + 3f3d: 00 00 add %al,(%rax) + 3f3f: 00 01 add %al,(%rcx) + 3f41: 00 00 add %al,(%rax) + 3f43: 00 00 add %al,(%rax) + 3f45: 00 00 add %al,(%rax) + 3f47: 00 f0 add %dh,%al + 3f49: ff (bad) + 3f4a: ff 6f 00 ljmp *0x0(%rdi) + 3f4d: 00 00 add %al,(%rax) + 3f4f: 00 0e add %cl,(%rsi) + 3f51: 05 00 00 00 00 add $0x0,%eax + 3f56: 00 00 add %al,(%rax) + 3f58: f9 stc + 3f59: ff (bad) + 3f5a: ff 6f 00 ljmp *0x0(%rdi) + 3f5d: 00 00 add %al,(%rax) + 3f5f: 00 03 add %al,(%rbx) + ... + +Disassembly of section .got: + +0000000000003fb8 <_GLOBAL_OFFSET_TABLE_>: + 3fb8: c8 3d 00 00 enter $0x3d,$0x0 + ... + 3fd0: 30 10 xor %dl,(%rax) + ... + +Disassembly of section .data: + +0000000000004000 <__data_start>: + ... + +0000000000004008 <__dso_handle>: + 4008: 08 40 00 or %al,0x0(%rax) + 400b: 00 00 add %al,(%rax) + 400d: 00 00 add %al,(%rax) + ... + +Disassembly of section .bss: + +0000000000004010 : + ... + +Disassembly of section .comment: + +0000000000000000 <.comment>: + 0: 47 rex.RXB + 1: 43 rex.XB + 2: 43 3a 20 rex.XB cmp (%r8),%spl + 5: 28 55 62 sub %dl,0x62(%rbp) + 8: 75 6e jne 78 <__abi_tag-0x314> + a: 74 75 je 81 <__abi_tag-0x30b> + c: 20 31 and %dh,(%rcx) + e: 30 2e xor %ch,(%rsi) + 10: 35 2e 30 2d 31 xor $0x312d302e,%eax + 15: 75 62 jne 79 <__abi_tag-0x313> + 17: 75 6e jne 87 <__abi_tag-0x305> + 19: 74 75 je 90 <__abi_tag-0x2fc> + 1b: 31 7e 32 xor %edi,0x32(%rsi) + 1e: 32 2e xor (%rsi),%ch + 20: 30 34 29 xor %dh,(%rcx,%rbp,1) + 23: 20 31 and %dh,(%rcx) + 25: 30 2e xor %ch,(%rsi) + 27: 35 .byte 0x35 + 28: 2e 30 00 cs xor %al,(%rax)