From 086bda76420fedf921dadea411d097c0e2aa986c Mon Sep 17 00:00:00 2001 From: pbonilla Date: Wed, 21 Feb 2024 13:54:33 +0100 Subject: [PATCH] a little cleanup --- Makefile | 3 +- README | 5 + includes/woody.h | 9 +- p_memsz | 0 p_offset | 0 payload | Bin 43 -> 0 bytes print | Bin 4704 -> 0 bytes sample | 825 ----------------------------------------------- sample.txt | 825 ----------------------------------------------- shell_test | Bin 15824 -> 0 bytes shellcode_test.c | 9 - srcs/encrypt.c | 11 + srcs/main.c | 2 +- srcs/utils.c | 2 +- srcs/woody.c | 116 +++---- woody.txt | 825 ----------------------------------------------- 16 files changed, 76 insertions(+), 2556 deletions(-) create mode 100644 README delete mode 100644 p_memsz delete mode 100644 p_offset delete mode 100644 payload delete mode 100755 print delete mode 100644 sample delete mode 100644 sample.txt delete mode 100755 shell_test create mode 100644 srcs/encrypt.c delete mode 100644 woody.txt diff --git a/Makefile b/Makefile index 59ab4ab..c441a74 100644 --- a/Makefile +++ b/Makefile @@ -4,7 +4,8 @@ SRCS_PATH = srcs/ SRCS = $(SRCS_PATH)main.c \ $(SRCS_PATH)utils.c \ - $(SRCS_PATH)woody.c + $(SRCS_PATH)woody.c \ + $(SRCS_PATH)encrypt.c OBJS = ${SRCS:.c=.o} diff --git a/README b/README new file mode 100644 index 0000000..ff6b199 --- /dev/null +++ b/README @@ -0,0 +1,5 @@ +Transform payload code in hexa : + +nasm -f elf64 -o print.o print.s && ld -o print print.o && nasm -f bin -o payload print.s && hexdump -v -e '"\\\x\" 1/1 "%02x"' payload + +Append : | xclip -sel clip to directly get it in clipboard \ No newline at end of file diff --git a/includes/woody.h b/includes/woody.h index c5f23e3..64bb890 100644 --- a/includes/woody.h +++ b/includes/woody.h @@ -15,7 +15,7 @@ #include #define PAYLOAD "\x50\x57\x56\x52\x53\x31\xc0\x99\xb2\x0a\xff\xc0\x89\xc7\x48\x8d\x35\x0c\x00\x00\x00\x0f\x05\x5b\x5a\x5e\x5f\x58\xe9\xdf\xff\xff\xff\x2e\x2e\x57\x4f\x4f\x44\x59\x2e\x2e\x0a" -#define JUMP "\xe9\xdf\xff\xff\xff"; +#define JUMP "\xe9";//\xdf\xff\xff\xff"; typedef struct efl_content { @@ -29,10 +29,13 @@ typedef struct efl_content // utils.c -void *secure_jump(char *file, unsigned long file_size, unsigned long offset_to_data, unsigned long supposed_data_size); +void *fetch(char *file, unsigned long file_size, unsigned long offset_to_data, unsigned long supposed_data_size); int ft_put_error(char *str); // woody.c -int inject(t_efl_content *woody); +int prepare_injection(t_efl_content *woody); + +// encrypt.c +void encrypt(char *file, unsigned long int offset, unsigned long int size); #endif \ No newline at end of file diff --git a/p_memsz b/p_memsz deleted file mode 100644 index e69de29..0000000 diff --git a/p_offset b/p_offset deleted file mode 100644 index e69de29..0000000 diff --git a/payload b/payload deleted file mode 100644 index 37d7f4523531c0171bf85412fd665df6ee7ba4a2..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 43 zcmWFt4+{!5JTP+;*Z%{Z$31#Yc^DWN_*tW);^HG--v9sqzn)&WzrRbQo*owff%Fjt diff --git a/print b/print deleted file mode 100755 index f16118f5abef9cc1096627e208402957e30fefa5..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 4704 zcmb<-^>JfjWMqH=CI&kOFi*e%ECeAL7!(9yDi|0X7%Ui=fFvse3s@}+LJG)&>44B1 zpmH#pK>#8EvV#@Ggz_1n_Q7avh%yEk4Oa&hAEib^U^E0qLtr!nMnhmU1V%$(Gz3ON zU^E0qLtr!nMnhmU1c(oTfbg)OV8a75H*x(x(0SaW*OUjSm!CB{DlR_a<)8om|Lf_6 z`}?~@>gjReH5AmJXJPpGA6*eASb&j15!SzlDi8wF0-(_YG;v;-xPk*zC4`d1A+CT! zoS~p7Gp|Iim?5_~ogqFxskk`4xFoTtgdsjPC9xzCNadw4Fz6Lm=9VNT0qK$=2%Q0A zm84dbK&+;Slm_Ysg$*0b6qtXZ;~wzw4X8Y9I0U8~q?ZZCL81+y3RghIn1M71b3pkL lP#P5eAaQhX1FByYO#);eG5`(xVAKB>s$UUVF_4X}9{>fUH=O_g diff --git a/sample b/sample deleted file mode 100644 index e8f30c0..0000000 --- a/sample +++ /dev/null @@ -1,825 +0,0 @@ - -resources/sample64: file format elf64-x86-64 - - -Disassembly of section .interp: - -0000000000000318 <.interp>: - 318: 2f (bad) - 319: 6c insb (%dx),%es:(%rdi) - 31a: 69 62 36 34 2f 6c 64 imul $0x646c2f34,0x36(%rdx),%esp - 321: 2d 6c 69 6e 75 sub $0x756e696c,%eax - 326: 78 2d js 355 <__abi_tag-0x37> - 328: 78 38 js 362 <__abi_tag-0x2a> - 32a: 36 2d 36 34 2e 73 ss sub $0x732e3436,%eax - 330: 6f outsl %ds:(%rsi),(%dx) - 331: 2e 32 00 cs xor (%rax),%al - -Disassembly of section .note.gnu.property: - -0000000000000338 <.note.gnu.property>: - 338: 04 00 add $0x0,%al - 33a: 00 00 add %al,(%rax) - 33c: 20 00 and %al,(%rax) - 33e: 00 00 add %al,(%rax) - 340: 05 00 00 00 47 add $0x47000000,%eax - 345: 4e 55 rex.WRX push %rbp - 347: 00 02 add %al,(%rdx) - 349: 00 00 add %al,(%rax) - 34b: c0 04 00 00 rolb $0x0,(%rax,%rax,1) - 34f: 00 03 add %al,(%rbx) - 351: 00 00 add %al,(%rax) - 353: 00 00 add %al,(%rax) - 355: 00 00 add %al,(%rax) - 357: 00 02 add %al,(%rdx) - 359: 80 00 c0 addb $0xc0,(%rax) - 35c: 04 00 add $0x0,%al - 35e: 00 00 add %al,(%rax) - 360: 01 00 add %eax,(%rax) - 362: 00 00 add %al,(%rax) - 364: 00 00 add %al,(%rax) - ... - -Disassembly of section .note.gnu.build-id: - -0000000000000368 <.note.gnu.build-id>: - 368: 04 00 add $0x0,%al - 36a: 00 00 add %al,(%rax) - 36c: 14 00 adc $0x0,%al - 36e: 00 00 add %al,(%rax) - 370: 03 00 add (%rax),%eax - 372: 00 00 add %al,(%rax) - 374: 47 rex.RXB - 375: 4e 55 rex.WRX push %rbp - 377: 00 aa 0d f4 0f 29 add %ch,0x290ff40d(%rdx) - 37d: 9d popf - 37e: 21 c9 and %ecx,%ecx - 380: 16 (bad) - 381: 1e (bad) - 382: 8a 34 ce mov (%rsi,%rcx,8),%dh - 385: 99 cltd - 386: 69 cc 15 8d 7d 01 imul $0x17d8d15,%esp,%ecx - -Disassembly of section .note.ABI-tag: - -000000000000038c <__abi_tag>: - 38c: 04 00 add $0x0,%al - 38e: 00 00 add %al,(%rax) - 390: 10 00 adc %al,(%rax) - 392: 00 00 add %al,(%rax) - 394: 01 00 add %eax,(%rax) - 396: 00 00 add %al,(%rax) - 398: 47 rex.RXB - 399: 4e 55 rex.WRX push %rbp - 39b: 00 00 add %al,(%rax) - 39d: 00 00 add %al,(%rax) - 39f: 00 03 add %al,(%rbx) - 3a1: 00 00 add %al,(%rax) - 3a3: 00 02 add %al,(%rdx) - 3a5: 00 00 add %al,(%rax) - 3a7: 00 00 add %al,(%rax) - 3a9: 00 00 add %al,(%rax) - ... - -Disassembly of section .gnu.hash: - -00000000000003b0 <.gnu.hash>: - 3b0: 02 00 add (%rax),%al - 3b2: 00 00 add %al,(%rax) - 3b4: 06 (bad) - 3b5: 00 00 add %al,(%rax) - 3b7: 00 01 add %al,(%rcx) - 3b9: 00 00 add %al,(%rax) - 3bb: 00 06 add %al,(%rsi) - 3bd: 00 00 add %al,(%rax) - 3bf: 00 00 add %al,(%rax) - 3c1: 00 81 00 00 00 00 add %al,0x0(%rcx) - 3c7: 00 06 add %al,(%rsi) - 3c9: 00 00 add %al,(%rax) - 3cb: 00 00 add %al,(%rax) - 3cd: 00 00 add %al,(%rax) - 3cf: 00 d1 add %dl,%cl - 3d1: 65 ce gs (bad) - 3d3: 6d insl (%dx),%es:(%rdi) - -Disassembly of section .dynsym: - -00000000000003d8 <.dynsym>: - ... - 3f0: 10 00 adc %al,(%rax) - 3f2: 00 00 add %al,(%rax) - 3f4: 12 00 adc (%rax),%al - ... - 406: 00 00 add %al,(%rax) - 408: 48 00 00 rex.W add %al,(%rax) - 40b: 00 20 add %ah,(%rax) - ... - 41d: 00 00 add %al,(%rax) - 41f: 00 22 add %ah,(%rdx) - 421: 00 00 add %al,(%rax) - 423: 00 12 add %dl,(%rdx) - ... - 435: 00 00 add %al,(%rax) - 437: 00 64 00 00 add %ah,0x0(%rax,%rax,1) - 43b: 00 20 add %ah,(%rax) - ... - 44d: 00 00 add %al,(%rax) - 44f: 00 73 00 add %dh,0x0(%rbx) - 452: 00 00 add %al,(%rax) - 454: 20 00 and %al,(%rax) - ... - 466: 00 00 add %al,(%rax) - 468: 01 00 add %eax,(%rax) - 46a: 00 00 add %al,(%rax) - 46c: 22 00 and (%rax),%al - ... - -Disassembly of section .dynstr: - -0000000000000480 <.dynstr>: - 480: 00 5f 5f add %bl,0x5f(%rdi) - 483: 63 78 61 movsxd 0x61(%rax),%edi - 486: 5f pop %rdi - 487: 66 69 6e 61 6c 69 imul $0x696c,0x61(%rsi),%bp - 48d: 7a 65 jp 4f4 <__abi_tag+0x168> - 48f: 00 5f 5f add %bl,0x5f(%rdi) - 492: 6c insb (%dx),%es:(%rdi) - 493: 69 62 63 5f 73 74 61 imul $0x6174735f,0x63(%rdx),%esp - 49a: 72 74 jb 510 <__abi_tag+0x184> - 49c: 5f pop %rdi - 49d: 6d insl (%dx),%es:(%rdi) - 49e: 61 (bad) - 49f: 69 6e 00 70 75 74 73 imul $0x73747570,0x0(%rsi),%ebp - 4a6: 00 6c 69 62 add %ch,0x62(%rcx,%rbp,2) - 4aa: 63 2e movsxd (%rsi),%ebp - 4ac: 73 6f jae 51d <__abi_tag+0x191> - 4ae: 2e 36 00 47 4c cs ss add %al,0x4c(%rdi) - 4b3: 49 rex.WB - 4b4: 42 rex.X - 4b5: 43 5f rex.XB pop %r15 - 4b7: 32 2e xor (%rsi),%ch - 4b9: 32 2e xor (%rsi),%ch - 4bb: 35 00 47 4c 49 xor $0x494c4700,%eax - 4c0: 42 rex.X - 4c1: 43 5f rex.XB pop %r15 - 4c3: 32 2e xor (%rsi),%ch - 4c5: 33 34 00 xor (%rax,%rax,1),%esi - 4c8: 5f pop %rdi - 4c9: 49 54 rex.WB push %r12 - 4cb: 4d 5f rex.WRB pop %r15 - 4cd: 64 65 72 65 fs gs jb 536 <__abi_tag+0x1aa> - 4d1: 67 69 73 74 65 72 54 imul $0x4d547265,0x74(%ebx),%esi - 4d8: 4d - 4d9: 43 6c rex.XB insb (%dx),%es:(%rdi) - 4db: 6f outsl %ds:(%rsi),(%dx) - 4dc: 6e outsb %ds:(%rsi),(%dx) - 4dd: 65 54 gs push %rsp - 4df: 61 (bad) - 4e0: 62 (bad) - 4e1: 6c insb (%dx),%es:(%rdi) - 4e2: 65 00 5f 5f add %bl,%gs:0x5f(%rdi) - 4e6: 67 6d insl (%dx),%es:(%edi) - 4e8: 6f outsl %ds:(%rsi),(%dx) - 4e9: 6e outsb %ds:(%rsi),(%dx) - 4ea: 5f pop %rdi - 4eb: 73 74 jae 561 <__abi_tag+0x1d5> - 4ed: 61 (bad) - 4ee: 72 74 jb 564 <__abi_tag+0x1d8> - 4f0: 5f pop %rdi - 4f1: 5f pop %rdi - 4f2: 00 5f 49 add %bl,0x49(%rdi) - 4f5: 54 push %rsp - 4f6: 4d 5f rex.WRB pop %r15 - 4f8: 72 65 jb 55f <__abi_tag+0x1d3> - 4fa: 67 69 73 74 65 72 54 imul $0x4d547265,0x74(%ebx),%esi - 501: 4d - 502: 43 6c rex.XB insb (%dx),%es:(%rdi) - 504: 6f outsl %ds:(%rsi),(%dx) - 505: 6e outsb %ds:(%rsi),(%dx) - 506: 65 54 gs push %rsp - 508: 61 (bad) - 509: 62 .byte 0x62 - 50a: 6c insb (%dx),%es:(%rdi) - 50b: 65 gs - ... - -Disassembly of section .gnu.version: - -000000000000050e <.gnu.version>: - 50e: 00 00 add %al,(%rax) - 510: 02 00 add (%rax),%al - 512: 01 00 add %eax,(%rax) - 514: 03 00 add (%rax),%eax - 516: 01 00 add %eax,(%rax) - 518: 01 00 add %eax,(%rax) - 51a: 03 00 add (%rax),%eax - -Disassembly of section .gnu.version_r: - -0000000000000520 <.gnu.version_r>: - 520: 01 00 add %eax,(%rax) - 522: 02 00 add (%rax),%al - 524: 27 (bad) - 525: 00 00 add %al,(%rax) - 527: 00 10 add %dl,(%rax) - 529: 00 00 add %al,(%rax) - 52b: 00 00 add %al,(%rax) - 52d: 00 00 add %al,(%rax) - 52f: 00 75 1a add %dh,0x1a(%rbp) - 532: 69 09 00 00 03 00 imul $0x30000,(%rcx),%ecx - 538: 31 00 xor %eax,(%rax) - 53a: 00 00 add %al,(%rax) - 53c: 10 00 adc %al,(%rax) - 53e: 00 00 add %al,(%rax) - 540: b4 91 mov $0x91,%ah - 542: 96 xchg %eax,%esi - 543: 06 (bad) - 544: 00 00 add %al,(%rax) - 546: 02 00 add (%rax),%al - 548: 3d 00 00 00 00 cmp $0x0,%eax - 54d: 00 00 add %al,(%rax) - ... - -Disassembly of section .rela.dyn: - -0000000000000550 <.rela.dyn>: - 550: b8 3d 00 00 00 mov $0x3d,%eax - 555: 00 00 add %al,(%rax) - 557: 00 08 add %cl,(%rax) - 559: 00 00 add %al,(%rax) - 55b: 00 00 add %al,(%rax) - 55d: 00 00 add %al,(%rax) - 55f: 00 40 11 add %al,0x11(%rax) - 562: 00 00 add %al,(%rax) - 564: 00 00 add %al,(%rax) - 566: 00 00 add %al,(%rax) - 568: c0 3d 00 00 00 00 00 sarb $0x0,0x0(%rip) # 56f <__abi_tag+0x1e3> - 56f: 00 08 add %cl,(%rax) - ... - 579: 11 00 adc %eax,(%rax) - 57b: 00 00 add %al,(%rax) - 57d: 00 00 add %al,(%rax) - 57f: 00 08 add %cl,(%rax) - 581: 40 00 00 rex add %al,(%rax) - 584: 00 00 add %al,(%rax) - 586: 00 00 add %al,(%rax) - 588: 08 00 or %al,(%rax) - 58a: 00 00 add %al,(%rax) - 58c: 00 00 add %al,(%rax) - 58e: 00 00 add %al,(%rax) - 590: 08 40 00 or %al,0x0(%rax) - 593: 00 00 add %al,(%rax) - 595: 00 00 add %al,(%rax) - 597: 00 d8 add %bl,%al - 599: 3f (bad) - 59a: 00 00 add %al,(%rax) - 59c: 00 00 add %al,(%rax) - 59e: 00 00 add %al,(%rax) - 5a0: 06 (bad) - 5a1: 00 00 add %al,(%rax) - 5a3: 00 01 add %al,(%rcx) - ... - 5ad: 00 00 add %al,(%rax) - 5af: 00 e0 add %ah,%al - 5b1: 3f (bad) - 5b2: 00 00 add %al,(%rax) - 5b4: 00 00 add %al,(%rax) - 5b6: 00 00 add %al,(%rax) - 5b8: 06 (bad) - 5b9: 00 00 add %al,(%rax) - 5bb: 00 02 add %al,(%rdx) - ... - 5c5: 00 00 add %al,(%rax) - 5c7: 00 e8 add %ch,%al - 5c9: 3f (bad) - 5ca: 00 00 add %al,(%rax) - 5cc: 00 00 add %al,(%rax) - 5ce: 00 00 add %al,(%rax) - 5d0: 06 (bad) - 5d1: 00 00 add %al,(%rax) - 5d3: 00 04 00 add %al,(%rax,%rax,1) - ... - 5de: 00 00 add %al,(%rax) - 5e0: f0 3f lock (bad) - 5e2: 00 00 add %al,(%rax) - 5e4: 00 00 add %al,(%rax) - 5e6: 00 00 add %al,(%rax) - 5e8: 06 (bad) - 5e9: 00 00 add %al,(%rax) - 5eb: 00 05 00 00 00 00 add %al,0x0(%rip) # 5f1 <__abi_tag+0x265> - 5f1: 00 00 add %al,(%rax) - 5f3: 00 00 add %al,(%rax) - 5f5: 00 00 add %al,(%rax) - 5f7: 00 f8 add %bh,%al - 5f9: 3f (bad) - 5fa: 00 00 add %al,(%rax) - 5fc: 00 00 add %al,(%rax) - 5fe: 00 00 add %al,(%rax) - 600: 06 (bad) - 601: 00 00 add %al,(%rax) - 603: 00 06 add %al,(%rsi) - ... - -Disassembly of section .rela.plt: - -0000000000000610 <.rela.plt>: - 610: d0 3f sarb (%rdi) - 612: 00 00 add %al,(%rax) - 614: 00 00 add %al,(%rax) - 616: 00 00 add %al,(%rax) - 618: 07 (bad) - 619: 00 00 add %al,(%rax) - 61b: 00 03 add %al,(%rbx) - ... - -Disassembly of section .init: - -0000000000001000 <_init>: - 1000: f3 0f 1e fa endbr64 - 1004: 48 83 ec 08 sub $0x8,%rsp - 1008: 48 8b 05 d9 2f 00 00 mov 0x2fd9(%rip),%rax # 3fe8 <__gmon_start__@Base> - 100f: 48 85 c0 test %rax,%rax - 1012: 74 02 je 1016 <_init+0x16> - 1014: ff d0 call *%rax - 1016: 48 83 c4 08 add $0x8,%rsp - 101a: c3 ret - -Disassembly of section .plt: - -0000000000001020 <.plt>: - 1020: ff 35 9a 2f 00 00 push 0x2f9a(%rip) # 3fc0 <_GLOBAL_OFFSET_TABLE_+0x8> - 1026: f2 ff 25 9b 2f 00 00 bnd jmp *0x2f9b(%rip) # 3fc8 <_GLOBAL_OFFSET_TABLE_+0x10> - 102d: 0f 1f 00 nopl (%rax) - 1030: f3 0f 1e fa endbr64 - 1034: 68 00 00 00 00 push $0x0 - 1039: f2 e9 e1 ff ff ff bnd jmp 1020 <_init+0x20> - 103f: 90 nop - -Disassembly of section .plt.got: - -0000000000001040 <__cxa_finalize@plt>: - 1040: f3 0f 1e fa endbr64 - 1044: f2 ff 25 ad 2f 00 00 bnd jmp *0x2fad(%rip) # 3ff8 <__cxa_finalize@GLIBC_2.2.5> - 104b: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) - -Disassembly of section .plt.sec: - -0000000000001050 : - 1050: f3 0f 1e fa endbr64 - 1054: f2 ff 25 75 2f 00 00 bnd jmp *0x2f75(%rip) # 3fd0 - 105b: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) - -Disassembly of section .text: - -0000000000001060 <_start>: - 1060: f3 0f 1e fa endbr64 - 1064: 31 ed xor %ebp,%ebp - 1066: 49 89 d1 mov %rdx,%r9 - 1069: 5e pop %rsi - 106a: 48 89 e2 mov %rsp,%rdx - 106d: 48 83 e4 f0 and $0xfffffffffffffff0,%rsp - 1071: 50 push %rax - 1072: 54 push %rsp - 1073: 45 31 c0 xor %r8d,%r8d - 1076: 31 c9 xor %ecx,%ecx - 1078: 48 8d 3d ca 00 00 00 lea 0xca(%rip),%rdi # 1149
- 107f: ff 15 53 2f 00 00 call *0x2f53(%rip) # 3fd8 <__libc_start_main@GLIBC_2.34> - 1085: f4 hlt - 1086: 66 2e 0f 1f 84 00 00 cs nopw 0x0(%rax,%rax,1) - 108d: 00 00 00 - -0000000000001090 : - 1090: 48 8d 3d 79 2f 00 00 lea 0x2f79(%rip),%rdi # 4010 <__TMC_END__> - 1097: 48 8d 05 72 2f 00 00 lea 0x2f72(%rip),%rax # 4010 <__TMC_END__> - 109e: 48 39 f8 cmp %rdi,%rax - 10a1: 74 15 je 10b8 - 10a3: 48 8b 05 36 2f 00 00 mov 0x2f36(%rip),%rax # 3fe0 <_ITM_deregisterTMCloneTable@Base> - 10aa: 48 85 c0 test %rax,%rax - 10ad: 74 09 je 10b8 - 10af: ff e0 jmp *%rax - 10b1: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) - 10b8: c3 ret - 10b9: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) - -00000000000010c0 : - 10c0: 48 8d 3d 49 2f 00 00 lea 0x2f49(%rip),%rdi # 4010 <__TMC_END__> - 10c7: 48 8d 35 42 2f 00 00 lea 0x2f42(%rip),%rsi # 4010 <__TMC_END__> - 10ce: 48 29 fe sub %rdi,%rsi - 10d1: 48 89 f0 mov %rsi,%rax - 10d4: 48 c1 ee 3f shr $0x3f,%rsi - 10d8: 48 c1 f8 03 sar $0x3,%rax - 10dc: 48 01 c6 add %rax,%rsi - 10df: 48 d1 fe sar %rsi - 10e2: 74 14 je 10f8 - 10e4: 48 8b 05 05 2f 00 00 mov 0x2f05(%rip),%rax # 3ff0 <_ITM_registerTMCloneTable@Base> - 10eb: 48 85 c0 test %rax,%rax - 10ee: 74 08 je 10f8 - 10f0: ff e0 jmp *%rax - 10f2: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1) - 10f8: c3 ret - 10f9: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) - -0000000000001100 <__do_global_dtors_aux>: - 1100: f3 0f 1e fa endbr64 - 1104: 80 3d 05 2f 00 00 00 cmpb $0x0,0x2f05(%rip) # 4010 <__TMC_END__> - 110b: 75 2b jne 1138 <__do_global_dtors_aux+0x38> - 110d: 55 push %rbp - 110e: 48 83 3d e2 2e 00 00 cmpq $0x0,0x2ee2(%rip) # 3ff8 <__cxa_finalize@GLIBC_2.2.5> - 1115: 00 - 1116: 48 89 e5 mov %rsp,%rbp - 1119: 74 0c je 1127 <__do_global_dtors_aux+0x27> - 111b: 48 8b 3d e6 2e 00 00 mov 0x2ee6(%rip),%rdi # 4008 <__dso_handle> - 1122: e8 19 ff ff ff call 1040 <__cxa_finalize@plt> - 1127: e8 64 ff ff ff call 1090 - 112c: c6 05 dd 2e 00 00 01 movb $0x1,0x2edd(%rip) # 4010 <__TMC_END__> - 1133: 5d pop %rbp - 1134: c3 ret - 1135: 0f 1f 00 nopl (%rax) - 1138: c3 ret - 1139: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) - -0000000000001140 : - 1140: f3 0f 1e fa endbr64 - 1144: e9 77 ff ff ff jmp 10c0 - -0000000000001149
: - 1149: f3 0f 1e fa endbr64 - 114d: 55 push %rbp - 114e: 48 89 e5 mov %rsp,%rbp - 1151: 48 8d 3d ac 0e 00 00 lea 0xeac(%rip),%rdi # 2004 <_IO_stdin_used+0x4> - 1158: e8 f3 fe ff ff call 1050 - 115d: b8 00 00 00 00 mov $0x0,%eax - 1162: 5d pop %rbp - 1163: c3 ret - -Disassembly of section .fini: - -0000000000001164 <_fini>: - 1164: f3 0f 1e fa endbr64 - 1168: 48 83 ec 08 sub $0x8,%rsp - 116c: 48 83 c4 08 add $0x8,%rsp - 1170: c3 ret - -Disassembly of section .rodata: - -0000000000002000 <_IO_stdin_used>: - 2000: 01 00 add %eax,(%rax) - 2002: 02 00 add (%rax),%al - 2004: 48 rex.W - 2005: 65 6c gs insb (%dx),%es:(%rdi) - 2007: 6c insb (%dx),%es:(%rdi) - 2008: 6f outsl %ds:(%rsi),(%dx) - 2009: 2c 20 sub $0x20,%al - 200b: 57 push %rdi - 200c: 6f outsl %ds:(%rsi),(%dx) - 200d: 72 6c jb 207b <__GNU_EH_FRAME_HDR+0x67> - 200f: 64 21 00 and %eax,%fs:(%rax) - -Disassembly of section .eh_frame_hdr: - -0000000000002014 <__GNU_EH_FRAME_HDR>: - 2014: 01 1b add %ebx,(%rbx) - 2016: 03 3b add (%rbx),%edi - 2018: 30 00 xor %al,(%rax) - 201a: 00 00 add %al,(%rax) - 201c: 05 00 00 00 0c add $0xc000000,%eax - 2021: f0 ff lock (bad) - 2023: ff 64 00 00 jmp *0x0(%rax,%rax,1) - 2027: 00 2c f0 add %ch,(%rax,%rsi,8) - 202a: ff (bad) - 202b: ff 8c 00 00 00 3c f0 decl -0xfc40000(%rax,%rax,1) - 2032: ff (bad) - 2033: ff a4 00 00 00 4c f0 jmp *-0xfb40000(%rax,%rax,1) - 203a: ff (bad) - 203b: ff 4c 00 00 decl 0x0(%rax,%rax,1) - 203f: 00 35 f1 ff ff bc add %dh,-0x4300000f(%rip) # ffffffffbd002036 <_end+0xffffffffbcffe01e> - 2045: 00 00 add %al,(%rax) - ... - -Disassembly of section .eh_frame: - -0000000000002048 <__FRAME_END__-0xa8>: - 2048: 14 00 adc $0x0,%al - 204a: 00 00 add %al,(%rax) - 204c: 00 00 add %al,(%rax) - 204e: 00 00 add %al,(%rax) - 2050: 01 7a 52 add %edi,0x52(%rdx) - 2053: 00 01 add %al,(%rcx) - 2055: 78 10 js 2067 <__GNU_EH_FRAME_HDR+0x53> - 2057: 01 1b add %ebx,(%rbx) - 2059: 0c 07 or $0x7,%al - 205b: 08 90 01 00 00 14 or %dl,0x14000001(%rax) - 2061: 00 00 add %al,(%rax) - 2063: 00 1c 00 add %bl,(%rax,%rax,1) - 2066: 00 00 add %al,(%rax) - 2068: f8 clc - 2069: ef out %eax,(%dx) - 206a: ff (bad) - 206b: ff 26 jmp *(%rsi) - 206d: 00 00 add %al,(%rax) - 206f: 00 00 add %al,(%rax) - 2071: 44 07 rex.R (bad) - 2073: 10 00 adc %al,(%rax) - 2075: 00 00 add %al,(%rax) - 2077: 00 24 00 add %ah,(%rax,%rax,1) - 207a: 00 00 add %al,(%rax) - 207c: 34 00 xor $0x0,%al - 207e: 00 00 add %al,(%rax) - 2080: a0 ef ff ff 20 00 00 movabs 0x20ffffef,%al - 2087: 00 00 - 2089: 0e (bad) - 208a: 10 46 0e adc %al,0xe(%rsi) - 208d: 18 4a 0f sbb %cl,0xf(%rdx) - 2090: 0b 77 08 or 0x8(%rdi),%esi - 2093: 80 00 3f addb $0x3f,(%rax) - 2096: 1a 3a sbb (%rdx),%bh - 2098: 2a 33 sub (%rbx),%dh - 209a: 24 22 and $0x22,%al - 209c: 00 00 add %al,(%rax) - 209e: 00 00 add %al,(%rax) - 20a0: 14 00 adc $0x0,%al - 20a2: 00 00 add %al,(%rax) - 20a4: 5c pop %rsp - 20a5: 00 00 add %al,(%rax) - 20a7: 00 98 ef ff ff 10 add %bl,0x10ffffef(%rax) - ... - 20b5: 00 00 add %al,(%rax) - 20b7: 00 14 00 add %dl,(%rax,%rax,1) - 20ba: 00 00 add %al,(%rax) - 20bc: 74 00 je 20be <__GNU_EH_FRAME_HDR+0xaa> - 20be: 00 00 add %al,(%rax) - 20c0: 90 nop - 20c1: ef out %eax,(%dx) - 20c2: ff (bad) - 20c3: ff 10 call *(%rax) - ... - 20cd: 00 00 add %al,(%rax) - 20cf: 00 1c 00 add %bl,(%rax,%rax,1) - 20d2: 00 00 add %al,(%rax) - 20d4: 8c 00 mov %es,(%rax) - 20d6: 00 00 add %al,(%rax) - 20d8: 71 f0 jno 20ca <__GNU_EH_FRAME_HDR+0xb6> - 20da: ff (bad) - 20db: ff 1b lcall *(%rbx) - 20dd: 00 00 add %al,(%rax) - 20df: 00 00 add %al,(%rax) - 20e1: 45 0e rex.RB (bad) - 20e3: 10 86 02 43 0d 06 adc %al,0x60d4302(%rsi) - 20e9: 52 push %rdx - 20ea: 0c 07 or $0x7,%al - 20ec: 08 00 or %al,(%rax) - ... - -00000000000020f0 <__FRAME_END__>: - 20f0: 00 00 add %al,(%rax) - ... - -Disassembly of section .init_array: - -0000000000003db8 <__frame_dummy_init_array_entry>: - 3db8: 40 11 00 rex adc %eax,(%rax) - 3dbb: 00 00 add %al,(%rax) - 3dbd: 00 00 add %al,(%rax) - ... - -Disassembly of section .fini_array: - -0000000000003dc0 <__do_global_dtors_aux_fini_array_entry>: - 3dc0: 00 11 add %dl,(%rcx) - 3dc2: 00 00 add %al,(%rax) - 3dc4: 00 00 add %al,(%rax) - ... - -Disassembly of section .dynamic: - -0000000000003dc8 <_DYNAMIC>: - 3dc8: 01 00 add %eax,(%rax) - 3dca: 00 00 add %al,(%rax) - 3dcc: 00 00 add %al,(%rax) - 3dce: 00 00 add %al,(%rax) - 3dd0: 27 (bad) - 3dd1: 00 00 add %al,(%rax) - 3dd3: 00 00 add %al,(%rax) - 3dd5: 00 00 add %al,(%rax) - 3dd7: 00 0c 00 add %cl,(%rax,%rax,1) - 3dda: 00 00 add %al,(%rax) - 3ddc: 00 00 add %al,(%rax) - 3dde: 00 00 add %al,(%rax) - 3de0: 00 10 add %dl,(%rax) - 3de2: 00 00 add %al,(%rax) - 3de4: 00 00 add %al,(%rax) - 3de6: 00 00 add %al,(%rax) - 3de8: 0d 00 00 00 00 or $0x0,%eax - 3ded: 00 00 add %al,(%rax) - 3def: 00 64 11 00 add %ah,0x0(%rcx,%rdx,1) - 3df3: 00 00 add %al,(%rax) - 3df5: 00 00 add %al,(%rax) - 3df7: 00 19 add %bl,(%rcx) - 3df9: 00 00 add %al,(%rax) - 3dfb: 00 00 add %al,(%rax) - 3dfd: 00 00 add %al,(%rax) - 3dff: 00 b8 3d 00 00 00 add %bh,0x3d(%rax) - 3e05: 00 00 add %al,(%rax) - 3e07: 00 1b add %bl,(%rbx) - 3e09: 00 00 add %al,(%rax) - 3e0b: 00 00 add %al,(%rax) - 3e0d: 00 00 add %al,(%rax) - 3e0f: 00 08 add %cl,(%rax) - 3e11: 00 00 add %al,(%rax) - 3e13: 00 00 add %al,(%rax) - 3e15: 00 00 add %al,(%rax) - 3e17: 00 1a add %bl,(%rdx) - 3e19: 00 00 add %al,(%rax) - 3e1b: 00 00 add %al,(%rax) - 3e1d: 00 00 add %al,(%rax) - 3e1f: 00 c0 add %al,%al - 3e21: 3d 00 00 00 00 cmp $0x0,%eax - 3e26: 00 00 add %al,(%rax) - 3e28: 1c 00 sbb $0x0,%al - 3e2a: 00 00 add %al,(%rax) - 3e2c: 00 00 add %al,(%rax) - 3e2e: 00 00 add %al,(%rax) - 3e30: 08 00 or %al,(%rax) - 3e32: 00 00 add %al,(%rax) - 3e34: 00 00 add %al,(%rax) - 3e36: 00 00 add %al,(%rax) - 3e38: f5 cmc - 3e39: fe (bad) - 3e3a: ff 6f 00 ljmp *0x0(%rdi) - 3e3d: 00 00 add %al,(%rax) - 3e3f: 00 b0 03 00 00 00 add %dh,0x3(%rax) - 3e45: 00 00 add %al,(%rax) - 3e47: 00 05 00 00 00 00 add %al,0x0(%rip) # 3e4d <_DYNAMIC+0x85> - 3e4d: 00 00 add %al,(%rax) - 3e4f: 00 80 04 00 00 00 add %al,0x4(%rax) - 3e55: 00 00 add %al,(%rax) - 3e57: 00 06 add %al,(%rsi) - 3e59: 00 00 add %al,(%rax) - 3e5b: 00 00 add %al,(%rax) - 3e5d: 00 00 add %al,(%rax) - 3e5f: 00 d8 add %bl,%al - 3e61: 03 00 add (%rax),%eax - 3e63: 00 00 add %al,(%rax) - 3e65: 00 00 add %al,(%rax) - 3e67: 00 0a add %cl,(%rdx) - 3e69: 00 00 add %al,(%rax) - 3e6b: 00 00 add %al,(%rax) - 3e6d: 00 00 add %al,(%rax) - 3e6f: 00 8d 00 00 00 00 add %cl,0x0(%rbp) - 3e75: 00 00 add %al,(%rax) - 3e77: 00 0b add %cl,(%rbx) - 3e79: 00 00 add %al,(%rax) - 3e7b: 00 00 add %al,(%rax) - 3e7d: 00 00 add %al,(%rax) - 3e7f: 00 18 add %bl,(%rax) - 3e81: 00 00 add %al,(%rax) - 3e83: 00 00 add %al,(%rax) - 3e85: 00 00 add %al,(%rax) - 3e87: 00 15 00 00 00 00 add %dl,0x0(%rip) # 3e8d <_DYNAMIC+0xc5> - ... - 3e95: 00 00 add %al,(%rax) - 3e97: 00 03 add %al,(%rbx) - 3e99: 00 00 add %al,(%rax) - 3e9b: 00 00 add %al,(%rax) - 3e9d: 00 00 add %al,(%rax) - 3e9f: 00 b8 3f 00 00 00 add %bh,0x3f(%rax) - 3ea5: 00 00 add %al,(%rax) - 3ea7: 00 02 add %al,(%rdx) - 3ea9: 00 00 add %al,(%rax) - 3eab: 00 00 add %al,(%rax) - 3ead: 00 00 add %al,(%rax) - 3eaf: 00 18 add %bl,(%rax) - 3eb1: 00 00 add %al,(%rax) - 3eb3: 00 00 add %al,(%rax) - 3eb5: 00 00 add %al,(%rax) - 3eb7: 00 14 00 add %dl,(%rax,%rax,1) - 3eba: 00 00 add %al,(%rax) - 3ebc: 00 00 add %al,(%rax) - 3ebe: 00 00 add %al,(%rax) - 3ec0: 07 (bad) - 3ec1: 00 00 add %al,(%rax) - 3ec3: 00 00 add %al,(%rax) - 3ec5: 00 00 add %al,(%rax) - 3ec7: 00 17 add %dl,(%rdi) - 3ec9: 00 00 add %al,(%rax) - 3ecb: 00 00 add %al,(%rax) - 3ecd: 00 00 add %al,(%rax) - 3ecf: 00 10 add %dl,(%rax) - 3ed1: 06 (bad) - 3ed2: 00 00 add %al,(%rax) - 3ed4: 00 00 add %al,(%rax) - 3ed6: 00 00 add %al,(%rax) - 3ed8: 07 (bad) - 3ed9: 00 00 add %al,(%rax) - 3edb: 00 00 add %al,(%rax) - 3edd: 00 00 add %al,(%rax) - 3edf: 00 50 05 add %dl,0x5(%rax) - 3ee2: 00 00 add %al,(%rax) - 3ee4: 00 00 add %al,(%rax) - 3ee6: 00 00 add %al,(%rax) - 3ee8: 08 00 or %al,(%rax) - 3eea: 00 00 add %al,(%rax) - 3eec: 00 00 add %al,(%rax) - 3eee: 00 00 add %al,(%rax) - 3ef0: c0 00 00 rolb $0x0,(%rax) - 3ef3: 00 00 add %al,(%rax) - 3ef5: 00 00 add %al,(%rax) - 3ef7: 00 09 add %cl,(%rcx) - 3ef9: 00 00 add %al,(%rax) - 3efb: 00 00 add %al,(%rax) - 3efd: 00 00 add %al,(%rax) - 3eff: 00 18 add %bl,(%rax) - 3f01: 00 00 add %al,(%rax) - 3f03: 00 00 add %al,(%rax) - 3f05: 00 00 add %al,(%rax) - 3f07: 00 1e add %bl,(%rsi) - 3f09: 00 00 add %al,(%rax) - 3f0b: 00 00 add %al,(%rax) - 3f0d: 00 00 add %al,(%rax) - 3f0f: 00 08 add %cl,(%rax) - 3f11: 00 00 add %al,(%rax) - 3f13: 00 00 add %al,(%rax) - 3f15: 00 00 add %al,(%rax) - 3f17: 00 fb add %bh,%bl - 3f19: ff (bad) - 3f1a: ff 6f 00 ljmp *0x0(%rdi) - 3f1d: 00 00 add %al,(%rax) - 3f1f: 00 01 add %al,(%rcx) - 3f21: 00 00 add %al,(%rax) - 3f23: 08 00 or %al,(%rax) - 3f25: 00 00 add %al,(%rax) - 3f27: 00 fe add %bh,%dh - 3f29: ff (bad) - 3f2a: ff 6f 00 ljmp *0x0(%rdi) - 3f2d: 00 00 add %al,(%rax) - 3f2f: 00 20 add %ah,(%rax) - 3f31: 05 00 00 00 00 add $0x0,%eax - 3f36: 00 00 add %al,(%rax) - 3f38: ff (bad) - 3f39: ff (bad) - 3f3a: ff 6f 00 ljmp *0x0(%rdi) - 3f3d: 00 00 add %al,(%rax) - 3f3f: 00 01 add %al,(%rcx) - 3f41: 00 00 add %al,(%rax) - 3f43: 00 00 add %al,(%rax) - 3f45: 00 00 add %al,(%rax) - 3f47: 00 f0 add %dh,%al - 3f49: ff (bad) - 3f4a: ff 6f 00 ljmp *0x0(%rdi) - 3f4d: 00 00 add %al,(%rax) - 3f4f: 00 0e add %cl,(%rsi) - 3f51: 05 00 00 00 00 add $0x0,%eax - 3f56: 00 00 add %al,(%rax) - 3f58: f9 stc - 3f59: ff (bad) - 3f5a: ff 6f 00 ljmp *0x0(%rdi) - 3f5d: 00 00 add %al,(%rax) - 3f5f: 00 03 add %al,(%rbx) - ... - -Disassembly of section .got: - -0000000000003fb8 <_GLOBAL_OFFSET_TABLE_>: - 3fb8: c8 3d 00 00 enter $0x3d,$0x0 - ... - 3fd0: 30 10 xor %dl,(%rax) - ... - -Disassembly of section .data: - -0000000000004000 <__data_start>: - ... - -0000000000004008 <__dso_handle>: - 4008: 08 40 00 or %al,0x0(%rax) - 400b: 00 00 add %al,(%rax) - 400d: 00 00 add %al,(%rax) - ... - -Disassembly of section .bss: - -0000000000004010 : - ... - -Disassembly of section .comment: - -0000000000000000 <.comment>: - 0: 47 rex.RXB - 1: 43 rex.XB - 2: 43 3a 20 rex.XB cmp (%r8),%spl - 5: 28 55 62 sub %dl,0x62(%rbp) - 8: 75 6e jne 78 <__abi_tag-0x314> - a: 74 75 je 81 <__abi_tag-0x30b> - c: 20 31 and %dh,(%rcx) - e: 30 2e xor %ch,(%rsi) - 10: 35 2e 30 2d 31 xor $0x312d302e,%eax - 15: 75 62 jne 79 <__abi_tag-0x313> - 17: 75 6e jne 87 <__abi_tag-0x305> - 19: 74 75 je 90 <__abi_tag-0x2fc> - 1b: 31 7e 32 xor %edi,0x32(%rsi) - 1e: 32 2e xor (%rsi),%ch - 20: 30 34 29 xor %dh,(%rcx,%rbp,1) - 23: 20 31 and %dh,(%rcx) - 25: 30 2e xor %ch,(%rsi) - 27: 35 .byte 0x35 - 28: 2e 30 00 cs xor %al,(%rax) diff --git a/sample.txt b/sample.txt deleted file mode 100644 index e8f30c0..0000000 --- a/sample.txt +++ /dev/null @@ -1,825 +0,0 @@ - -resources/sample64: file format elf64-x86-64 - - -Disassembly of section .interp: - -0000000000000318 <.interp>: - 318: 2f (bad) - 319: 6c insb (%dx),%es:(%rdi) - 31a: 69 62 36 34 2f 6c 64 imul $0x646c2f34,0x36(%rdx),%esp - 321: 2d 6c 69 6e 75 sub $0x756e696c,%eax - 326: 78 2d js 355 <__abi_tag-0x37> - 328: 78 38 js 362 <__abi_tag-0x2a> - 32a: 36 2d 36 34 2e 73 ss sub $0x732e3436,%eax - 330: 6f outsl %ds:(%rsi),(%dx) - 331: 2e 32 00 cs xor (%rax),%al - -Disassembly of section .note.gnu.property: - -0000000000000338 <.note.gnu.property>: - 338: 04 00 add $0x0,%al - 33a: 00 00 add %al,(%rax) - 33c: 20 00 and %al,(%rax) - 33e: 00 00 add %al,(%rax) - 340: 05 00 00 00 47 add $0x47000000,%eax - 345: 4e 55 rex.WRX push %rbp - 347: 00 02 add %al,(%rdx) - 349: 00 00 add %al,(%rax) - 34b: c0 04 00 00 rolb $0x0,(%rax,%rax,1) - 34f: 00 03 add %al,(%rbx) - 351: 00 00 add %al,(%rax) - 353: 00 00 add %al,(%rax) - 355: 00 00 add %al,(%rax) - 357: 00 02 add %al,(%rdx) - 359: 80 00 c0 addb $0xc0,(%rax) - 35c: 04 00 add $0x0,%al - 35e: 00 00 add %al,(%rax) - 360: 01 00 add %eax,(%rax) - 362: 00 00 add %al,(%rax) - 364: 00 00 add %al,(%rax) - ... - -Disassembly of section .note.gnu.build-id: - -0000000000000368 <.note.gnu.build-id>: - 368: 04 00 add $0x0,%al - 36a: 00 00 add %al,(%rax) - 36c: 14 00 adc $0x0,%al - 36e: 00 00 add %al,(%rax) - 370: 03 00 add (%rax),%eax - 372: 00 00 add %al,(%rax) - 374: 47 rex.RXB - 375: 4e 55 rex.WRX push %rbp - 377: 00 aa 0d f4 0f 29 add %ch,0x290ff40d(%rdx) - 37d: 9d popf - 37e: 21 c9 and %ecx,%ecx - 380: 16 (bad) - 381: 1e (bad) - 382: 8a 34 ce mov (%rsi,%rcx,8),%dh - 385: 99 cltd - 386: 69 cc 15 8d 7d 01 imul $0x17d8d15,%esp,%ecx - -Disassembly of section .note.ABI-tag: - -000000000000038c <__abi_tag>: - 38c: 04 00 add $0x0,%al - 38e: 00 00 add %al,(%rax) - 390: 10 00 adc %al,(%rax) - 392: 00 00 add %al,(%rax) - 394: 01 00 add %eax,(%rax) - 396: 00 00 add %al,(%rax) - 398: 47 rex.RXB - 399: 4e 55 rex.WRX push %rbp - 39b: 00 00 add %al,(%rax) - 39d: 00 00 add %al,(%rax) - 39f: 00 03 add %al,(%rbx) - 3a1: 00 00 add %al,(%rax) - 3a3: 00 02 add %al,(%rdx) - 3a5: 00 00 add %al,(%rax) - 3a7: 00 00 add %al,(%rax) - 3a9: 00 00 add %al,(%rax) - ... - -Disassembly of section .gnu.hash: - -00000000000003b0 <.gnu.hash>: - 3b0: 02 00 add (%rax),%al - 3b2: 00 00 add %al,(%rax) - 3b4: 06 (bad) - 3b5: 00 00 add %al,(%rax) - 3b7: 00 01 add %al,(%rcx) - 3b9: 00 00 add %al,(%rax) - 3bb: 00 06 add %al,(%rsi) - 3bd: 00 00 add %al,(%rax) - 3bf: 00 00 add %al,(%rax) - 3c1: 00 81 00 00 00 00 add %al,0x0(%rcx) - 3c7: 00 06 add %al,(%rsi) - 3c9: 00 00 add %al,(%rax) - 3cb: 00 00 add %al,(%rax) - 3cd: 00 00 add %al,(%rax) - 3cf: 00 d1 add %dl,%cl - 3d1: 65 ce gs (bad) - 3d3: 6d insl (%dx),%es:(%rdi) - -Disassembly of section .dynsym: - -00000000000003d8 <.dynsym>: - ... - 3f0: 10 00 adc %al,(%rax) - 3f2: 00 00 add %al,(%rax) - 3f4: 12 00 adc (%rax),%al - ... - 406: 00 00 add %al,(%rax) - 408: 48 00 00 rex.W add %al,(%rax) - 40b: 00 20 add %ah,(%rax) - ... - 41d: 00 00 add %al,(%rax) - 41f: 00 22 add %ah,(%rdx) - 421: 00 00 add %al,(%rax) - 423: 00 12 add %dl,(%rdx) - ... - 435: 00 00 add %al,(%rax) - 437: 00 64 00 00 add %ah,0x0(%rax,%rax,1) - 43b: 00 20 add %ah,(%rax) - ... - 44d: 00 00 add %al,(%rax) - 44f: 00 73 00 add %dh,0x0(%rbx) - 452: 00 00 add %al,(%rax) - 454: 20 00 and %al,(%rax) - ... - 466: 00 00 add %al,(%rax) - 468: 01 00 add %eax,(%rax) - 46a: 00 00 add %al,(%rax) - 46c: 22 00 and (%rax),%al - ... - -Disassembly of section .dynstr: - -0000000000000480 <.dynstr>: - 480: 00 5f 5f add %bl,0x5f(%rdi) - 483: 63 78 61 movsxd 0x61(%rax),%edi - 486: 5f pop %rdi - 487: 66 69 6e 61 6c 69 imul $0x696c,0x61(%rsi),%bp - 48d: 7a 65 jp 4f4 <__abi_tag+0x168> - 48f: 00 5f 5f add %bl,0x5f(%rdi) - 492: 6c insb (%dx),%es:(%rdi) - 493: 69 62 63 5f 73 74 61 imul $0x6174735f,0x63(%rdx),%esp - 49a: 72 74 jb 510 <__abi_tag+0x184> - 49c: 5f pop %rdi - 49d: 6d insl (%dx),%es:(%rdi) - 49e: 61 (bad) - 49f: 69 6e 00 70 75 74 73 imul $0x73747570,0x0(%rsi),%ebp - 4a6: 00 6c 69 62 add %ch,0x62(%rcx,%rbp,2) - 4aa: 63 2e movsxd (%rsi),%ebp - 4ac: 73 6f jae 51d <__abi_tag+0x191> - 4ae: 2e 36 00 47 4c cs ss add %al,0x4c(%rdi) - 4b3: 49 rex.WB - 4b4: 42 rex.X - 4b5: 43 5f rex.XB pop %r15 - 4b7: 32 2e xor (%rsi),%ch - 4b9: 32 2e xor (%rsi),%ch - 4bb: 35 00 47 4c 49 xor $0x494c4700,%eax - 4c0: 42 rex.X - 4c1: 43 5f rex.XB pop %r15 - 4c3: 32 2e xor (%rsi),%ch - 4c5: 33 34 00 xor (%rax,%rax,1),%esi - 4c8: 5f pop %rdi - 4c9: 49 54 rex.WB push %r12 - 4cb: 4d 5f rex.WRB pop %r15 - 4cd: 64 65 72 65 fs gs jb 536 <__abi_tag+0x1aa> - 4d1: 67 69 73 74 65 72 54 imul $0x4d547265,0x74(%ebx),%esi - 4d8: 4d - 4d9: 43 6c rex.XB insb (%dx),%es:(%rdi) - 4db: 6f outsl %ds:(%rsi),(%dx) - 4dc: 6e outsb %ds:(%rsi),(%dx) - 4dd: 65 54 gs push %rsp - 4df: 61 (bad) - 4e0: 62 (bad) - 4e1: 6c insb (%dx),%es:(%rdi) - 4e2: 65 00 5f 5f add %bl,%gs:0x5f(%rdi) - 4e6: 67 6d insl (%dx),%es:(%edi) - 4e8: 6f outsl %ds:(%rsi),(%dx) - 4e9: 6e outsb %ds:(%rsi),(%dx) - 4ea: 5f pop %rdi - 4eb: 73 74 jae 561 <__abi_tag+0x1d5> - 4ed: 61 (bad) - 4ee: 72 74 jb 564 <__abi_tag+0x1d8> - 4f0: 5f pop %rdi - 4f1: 5f pop %rdi - 4f2: 00 5f 49 add %bl,0x49(%rdi) - 4f5: 54 push %rsp - 4f6: 4d 5f rex.WRB pop %r15 - 4f8: 72 65 jb 55f <__abi_tag+0x1d3> - 4fa: 67 69 73 74 65 72 54 imul $0x4d547265,0x74(%ebx),%esi - 501: 4d - 502: 43 6c rex.XB insb (%dx),%es:(%rdi) - 504: 6f outsl %ds:(%rsi),(%dx) - 505: 6e outsb %ds:(%rsi),(%dx) - 506: 65 54 gs push %rsp - 508: 61 (bad) - 509: 62 .byte 0x62 - 50a: 6c insb (%dx),%es:(%rdi) - 50b: 65 gs - ... - -Disassembly of section .gnu.version: - -000000000000050e <.gnu.version>: - 50e: 00 00 add %al,(%rax) - 510: 02 00 add (%rax),%al - 512: 01 00 add %eax,(%rax) - 514: 03 00 add (%rax),%eax - 516: 01 00 add %eax,(%rax) - 518: 01 00 add %eax,(%rax) - 51a: 03 00 add (%rax),%eax - -Disassembly of section .gnu.version_r: - -0000000000000520 <.gnu.version_r>: - 520: 01 00 add %eax,(%rax) - 522: 02 00 add (%rax),%al - 524: 27 (bad) - 525: 00 00 add %al,(%rax) - 527: 00 10 add %dl,(%rax) - 529: 00 00 add %al,(%rax) - 52b: 00 00 add %al,(%rax) - 52d: 00 00 add %al,(%rax) - 52f: 00 75 1a add %dh,0x1a(%rbp) - 532: 69 09 00 00 03 00 imul $0x30000,(%rcx),%ecx - 538: 31 00 xor %eax,(%rax) - 53a: 00 00 add %al,(%rax) - 53c: 10 00 adc %al,(%rax) - 53e: 00 00 add %al,(%rax) - 540: b4 91 mov $0x91,%ah - 542: 96 xchg %eax,%esi - 543: 06 (bad) - 544: 00 00 add %al,(%rax) - 546: 02 00 add (%rax),%al - 548: 3d 00 00 00 00 cmp $0x0,%eax - 54d: 00 00 add %al,(%rax) - ... - -Disassembly of section .rela.dyn: - -0000000000000550 <.rela.dyn>: - 550: b8 3d 00 00 00 mov $0x3d,%eax - 555: 00 00 add %al,(%rax) - 557: 00 08 add %cl,(%rax) - 559: 00 00 add %al,(%rax) - 55b: 00 00 add %al,(%rax) - 55d: 00 00 add %al,(%rax) - 55f: 00 40 11 add %al,0x11(%rax) - 562: 00 00 add %al,(%rax) - 564: 00 00 add %al,(%rax) - 566: 00 00 add %al,(%rax) - 568: c0 3d 00 00 00 00 00 sarb $0x0,0x0(%rip) # 56f <__abi_tag+0x1e3> - 56f: 00 08 add %cl,(%rax) - ... - 579: 11 00 adc %eax,(%rax) - 57b: 00 00 add %al,(%rax) - 57d: 00 00 add %al,(%rax) - 57f: 00 08 add %cl,(%rax) - 581: 40 00 00 rex add %al,(%rax) - 584: 00 00 add %al,(%rax) - 586: 00 00 add %al,(%rax) - 588: 08 00 or %al,(%rax) - 58a: 00 00 add %al,(%rax) - 58c: 00 00 add %al,(%rax) - 58e: 00 00 add %al,(%rax) - 590: 08 40 00 or %al,0x0(%rax) - 593: 00 00 add %al,(%rax) - 595: 00 00 add %al,(%rax) - 597: 00 d8 add %bl,%al - 599: 3f (bad) - 59a: 00 00 add %al,(%rax) - 59c: 00 00 add %al,(%rax) - 59e: 00 00 add %al,(%rax) - 5a0: 06 (bad) - 5a1: 00 00 add %al,(%rax) - 5a3: 00 01 add %al,(%rcx) - ... - 5ad: 00 00 add %al,(%rax) - 5af: 00 e0 add %ah,%al - 5b1: 3f (bad) - 5b2: 00 00 add %al,(%rax) - 5b4: 00 00 add %al,(%rax) - 5b6: 00 00 add %al,(%rax) - 5b8: 06 (bad) - 5b9: 00 00 add %al,(%rax) - 5bb: 00 02 add %al,(%rdx) - ... - 5c5: 00 00 add %al,(%rax) - 5c7: 00 e8 add %ch,%al - 5c9: 3f (bad) - 5ca: 00 00 add %al,(%rax) - 5cc: 00 00 add %al,(%rax) - 5ce: 00 00 add %al,(%rax) - 5d0: 06 (bad) - 5d1: 00 00 add %al,(%rax) - 5d3: 00 04 00 add %al,(%rax,%rax,1) - ... - 5de: 00 00 add %al,(%rax) - 5e0: f0 3f lock (bad) - 5e2: 00 00 add %al,(%rax) - 5e4: 00 00 add %al,(%rax) - 5e6: 00 00 add %al,(%rax) - 5e8: 06 (bad) - 5e9: 00 00 add %al,(%rax) - 5eb: 00 05 00 00 00 00 add %al,0x0(%rip) # 5f1 <__abi_tag+0x265> - 5f1: 00 00 add %al,(%rax) - 5f3: 00 00 add %al,(%rax) - 5f5: 00 00 add %al,(%rax) - 5f7: 00 f8 add %bh,%al - 5f9: 3f (bad) - 5fa: 00 00 add %al,(%rax) - 5fc: 00 00 add %al,(%rax) - 5fe: 00 00 add %al,(%rax) - 600: 06 (bad) - 601: 00 00 add %al,(%rax) - 603: 00 06 add %al,(%rsi) - ... - -Disassembly of section .rela.plt: - -0000000000000610 <.rela.plt>: - 610: d0 3f sarb (%rdi) - 612: 00 00 add %al,(%rax) - 614: 00 00 add %al,(%rax) - 616: 00 00 add %al,(%rax) - 618: 07 (bad) - 619: 00 00 add %al,(%rax) - 61b: 00 03 add %al,(%rbx) - ... - -Disassembly of section .init: - -0000000000001000 <_init>: - 1000: f3 0f 1e fa endbr64 - 1004: 48 83 ec 08 sub $0x8,%rsp - 1008: 48 8b 05 d9 2f 00 00 mov 0x2fd9(%rip),%rax # 3fe8 <__gmon_start__@Base> - 100f: 48 85 c0 test %rax,%rax - 1012: 74 02 je 1016 <_init+0x16> - 1014: ff d0 call *%rax - 1016: 48 83 c4 08 add $0x8,%rsp - 101a: c3 ret - -Disassembly of section .plt: - -0000000000001020 <.plt>: - 1020: ff 35 9a 2f 00 00 push 0x2f9a(%rip) # 3fc0 <_GLOBAL_OFFSET_TABLE_+0x8> - 1026: f2 ff 25 9b 2f 00 00 bnd jmp *0x2f9b(%rip) # 3fc8 <_GLOBAL_OFFSET_TABLE_+0x10> - 102d: 0f 1f 00 nopl (%rax) - 1030: f3 0f 1e fa endbr64 - 1034: 68 00 00 00 00 push $0x0 - 1039: f2 e9 e1 ff ff ff bnd jmp 1020 <_init+0x20> - 103f: 90 nop - -Disassembly of section .plt.got: - -0000000000001040 <__cxa_finalize@plt>: - 1040: f3 0f 1e fa endbr64 - 1044: f2 ff 25 ad 2f 00 00 bnd jmp *0x2fad(%rip) # 3ff8 <__cxa_finalize@GLIBC_2.2.5> - 104b: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) - -Disassembly of section .plt.sec: - -0000000000001050 : - 1050: f3 0f 1e fa endbr64 - 1054: f2 ff 25 75 2f 00 00 bnd jmp *0x2f75(%rip) # 3fd0 - 105b: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) - -Disassembly of section .text: - -0000000000001060 <_start>: - 1060: f3 0f 1e fa endbr64 - 1064: 31 ed xor %ebp,%ebp - 1066: 49 89 d1 mov %rdx,%r9 - 1069: 5e pop %rsi - 106a: 48 89 e2 mov %rsp,%rdx - 106d: 48 83 e4 f0 and $0xfffffffffffffff0,%rsp - 1071: 50 push %rax - 1072: 54 push %rsp - 1073: 45 31 c0 xor %r8d,%r8d - 1076: 31 c9 xor %ecx,%ecx - 1078: 48 8d 3d ca 00 00 00 lea 0xca(%rip),%rdi # 1149
- 107f: ff 15 53 2f 00 00 call *0x2f53(%rip) # 3fd8 <__libc_start_main@GLIBC_2.34> - 1085: f4 hlt - 1086: 66 2e 0f 1f 84 00 00 cs nopw 0x0(%rax,%rax,1) - 108d: 00 00 00 - -0000000000001090 : - 1090: 48 8d 3d 79 2f 00 00 lea 0x2f79(%rip),%rdi # 4010 <__TMC_END__> - 1097: 48 8d 05 72 2f 00 00 lea 0x2f72(%rip),%rax # 4010 <__TMC_END__> - 109e: 48 39 f8 cmp %rdi,%rax - 10a1: 74 15 je 10b8 - 10a3: 48 8b 05 36 2f 00 00 mov 0x2f36(%rip),%rax # 3fe0 <_ITM_deregisterTMCloneTable@Base> - 10aa: 48 85 c0 test %rax,%rax - 10ad: 74 09 je 10b8 - 10af: ff e0 jmp *%rax - 10b1: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) - 10b8: c3 ret - 10b9: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) - -00000000000010c0 : - 10c0: 48 8d 3d 49 2f 00 00 lea 0x2f49(%rip),%rdi # 4010 <__TMC_END__> - 10c7: 48 8d 35 42 2f 00 00 lea 0x2f42(%rip),%rsi # 4010 <__TMC_END__> - 10ce: 48 29 fe sub %rdi,%rsi - 10d1: 48 89 f0 mov %rsi,%rax - 10d4: 48 c1 ee 3f shr $0x3f,%rsi - 10d8: 48 c1 f8 03 sar $0x3,%rax - 10dc: 48 01 c6 add %rax,%rsi - 10df: 48 d1 fe sar %rsi - 10e2: 74 14 je 10f8 - 10e4: 48 8b 05 05 2f 00 00 mov 0x2f05(%rip),%rax # 3ff0 <_ITM_registerTMCloneTable@Base> - 10eb: 48 85 c0 test %rax,%rax - 10ee: 74 08 je 10f8 - 10f0: ff e0 jmp *%rax - 10f2: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1) - 10f8: c3 ret - 10f9: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) - -0000000000001100 <__do_global_dtors_aux>: - 1100: f3 0f 1e fa endbr64 - 1104: 80 3d 05 2f 00 00 00 cmpb $0x0,0x2f05(%rip) # 4010 <__TMC_END__> - 110b: 75 2b jne 1138 <__do_global_dtors_aux+0x38> - 110d: 55 push %rbp - 110e: 48 83 3d e2 2e 00 00 cmpq $0x0,0x2ee2(%rip) # 3ff8 <__cxa_finalize@GLIBC_2.2.5> - 1115: 00 - 1116: 48 89 e5 mov %rsp,%rbp - 1119: 74 0c je 1127 <__do_global_dtors_aux+0x27> - 111b: 48 8b 3d e6 2e 00 00 mov 0x2ee6(%rip),%rdi # 4008 <__dso_handle> - 1122: e8 19 ff ff ff call 1040 <__cxa_finalize@plt> - 1127: e8 64 ff ff ff call 1090 - 112c: c6 05 dd 2e 00 00 01 movb $0x1,0x2edd(%rip) # 4010 <__TMC_END__> - 1133: 5d pop %rbp - 1134: c3 ret - 1135: 0f 1f 00 nopl (%rax) - 1138: c3 ret - 1139: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) - -0000000000001140 : - 1140: f3 0f 1e fa endbr64 - 1144: e9 77 ff ff ff jmp 10c0 - -0000000000001149
: - 1149: f3 0f 1e fa endbr64 - 114d: 55 push %rbp - 114e: 48 89 e5 mov %rsp,%rbp - 1151: 48 8d 3d ac 0e 00 00 lea 0xeac(%rip),%rdi # 2004 <_IO_stdin_used+0x4> - 1158: e8 f3 fe ff ff call 1050 - 115d: b8 00 00 00 00 mov $0x0,%eax - 1162: 5d pop %rbp - 1163: c3 ret - -Disassembly of section .fini: - -0000000000001164 <_fini>: - 1164: f3 0f 1e fa endbr64 - 1168: 48 83 ec 08 sub $0x8,%rsp - 116c: 48 83 c4 08 add $0x8,%rsp - 1170: c3 ret - -Disassembly of section .rodata: - -0000000000002000 <_IO_stdin_used>: - 2000: 01 00 add %eax,(%rax) - 2002: 02 00 add (%rax),%al - 2004: 48 rex.W - 2005: 65 6c gs insb (%dx),%es:(%rdi) - 2007: 6c insb (%dx),%es:(%rdi) - 2008: 6f outsl %ds:(%rsi),(%dx) - 2009: 2c 20 sub $0x20,%al - 200b: 57 push %rdi - 200c: 6f outsl %ds:(%rsi),(%dx) - 200d: 72 6c jb 207b <__GNU_EH_FRAME_HDR+0x67> - 200f: 64 21 00 and %eax,%fs:(%rax) - -Disassembly of section .eh_frame_hdr: - -0000000000002014 <__GNU_EH_FRAME_HDR>: - 2014: 01 1b add %ebx,(%rbx) - 2016: 03 3b add (%rbx),%edi - 2018: 30 00 xor %al,(%rax) - 201a: 00 00 add %al,(%rax) - 201c: 05 00 00 00 0c add $0xc000000,%eax - 2021: f0 ff lock (bad) - 2023: ff 64 00 00 jmp *0x0(%rax,%rax,1) - 2027: 00 2c f0 add %ch,(%rax,%rsi,8) - 202a: ff (bad) - 202b: ff 8c 00 00 00 3c f0 decl -0xfc40000(%rax,%rax,1) - 2032: ff (bad) - 2033: ff a4 00 00 00 4c f0 jmp *-0xfb40000(%rax,%rax,1) - 203a: ff (bad) - 203b: ff 4c 00 00 decl 0x0(%rax,%rax,1) - 203f: 00 35 f1 ff ff bc add %dh,-0x4300000f(%rip) # ffffffffbd002036 <_end+0xffffffffbcffe01e> - 2045: 00 00 add %al,(%rax) - ... - -Disassembly of section .eh_frame: - -0000000000002048 <__FRAME_END__-0xa8>: - 2048: 14 00 adc $0x0,%al - 204a: 00 00 add %al,(%rax) - 204c: 00 00 add %al,(%rax) - 204e: 00 00 add %al,(%rax) - 2050: 01 7a 52 add %edi,0x52(%rdx) - 2053: 00 01 add %al,(%rcx) - 2055: 78 10 js 2067 <__GNU_EH_FRAME_HDR+0x53> - 2057: 01 1b add %ebx,(%rbx) - 2059: 0c 07 or $0x7,%al - 205b: 08 90 01 00 00 14 or %dl,0x14000001(%rax) - 2061: 00 00 add %al,(%rax) - 2063: 00 1c 00 add %bl,(%rax,%rax,1) - 2066: 00 00 add %al,(%rax) - 2068: f8 clc - 2069: ef out %eax,(%dx) - 206a: ff (bad) - 206b: ff 26 jmp *(%rsi) - 206d: 00 00 add %al,(%rax) - 206f: 00 00 add %al,(%rax) - 2071: 44 07 rex.R (bad) - 2073: 10 00 adc %al,(%rax) - 2075: 00 00 add %al,(%rax) - 2077: 00 24 00 add %ah,(%rax,%rax,1) - 207a: 00 00 add %al,(%rax) - 207c: 34 00 xor $0x0,%al - 207e: 00 00 add %al,(%rax) - 2080: a0 ef ff ff 20 00 00 movabs 0x20ffffef,%al - 2087: 00 00 - 2089: 0e (bad) - 208a: 10 46 0e adc %al,0xe(%rsi) - 208d: 18 4a 0f sbb %cl,0xf(%rdx) - 2090: 0b 77 08 or 0x8(%rdi),%esi - 2093: 80 00 3f addb $0x3f,(%rax) - 2096: 1a 3a sbb (%rdx),%bh - 2098: 2a 33 sub (%rbx),%dh - 209a: 24 22 and $0x22,%al - 209c: 00 00 add %al,(%rax) - 209e: 00 00 add %al,(%rax) - 20a0: 14 00 adc $0x0,%al - 20a2: 00 00 add %al,(%rax) - 20a4: 5c pop %rsp - 20a5: 00 00 add %al,(%rax) - 20a7: 00 98 ef ff ff 10 add %bl,0x10ffffef(%rax) - ... - 20b5: 00 00 add %al,(%rax) - 20b7: 00 14 00 add %dl,(%rax,%rax,1) - 20ba: 00 00 add %al,(%rax) - 20bc: 74 00 je 20be <__GNU_EH_FRAME_HDR+0xaa> - 20be: 00 00 add %al,(%rax) - 20c0: 90 nop - 20c1: ef out %eax,(%dx) - 20c2: ff (bad) - 20c3: ff 10 call *(%rax) - ... - 20cd: 00 00 add %al,(%rax) - 20cf: 00 1c 00 add %bl,(%rax,%rax,1) - 20d2: 00 00 add %al,(%rax) - 20d4: 8c 00 mov %es,(%rax) - 20d6: 00 00 add %al,(%rax) - 20d8: 71 f0 jno 20ca <__GNU_EH_FRAME_HDR+0xb6> - 20da: ff (bad) - 20db: ff 1b lcall *(%rbx) - 20dd: 00 00 add %al,(%rax) - 20df: 00 00 add %al,(%rax) - 20e1: 45 0e rex.RB (bad) - 20e3: 10 86 02 43 0d 06 adc %al,0x60d4302(%rsi) - 20e9: 52 push %rdx - 20ea: 0c 07 or $0x7,%al - 20ec: 08 00 or %al,(%rax) - ... - -00000000000020f0 <__FRAME_END__>: - 20f0: 00 00 add %al,(%rax) - ... - -Disassembly of section .init_array: - -0000000000003db8 <__frame_dummy_init_array_entry>: - 3db8: 40 11 00 rex adc %eax,(%rax) - 3dbb: 00 00 add %al,(%rax) - 3dbd: 00 00 add %al,(%rax) - ... - -Disassembly of section .fini_array: - -0000000000003dc0 <__do_global_dtors_aux_fini_array_entry>: - 3dc0: 00 11 add %dl,(%rcx) - 3dc2: 00 00 add %al,(%rax) - 3dc4: 00 00 add %al,(%rax) - ... - -Disassembly of section .dynamic: - -0000000000003dc8 <_DYNAMIC>: - 3dc8: 01 00 add %eax,(%rax) - 3dca: 00 00 add %al,(%rax) - 3dcc: 00 00 add %al,(%rax) - 3dce: 00 00 add %al,(%rax) - 3dd0: 27 (bad) - 3dd1: 00 00 add %al,(%rax) - 3dd3: 00 00 add %al,(%rax) - 3dd5: 00 00 add %al,(%rax) - 3dd7: 00 0c 00 add %cl,(%rax,%rax,1) - 3dda: 00 00 add %al,(%rax) - 3ddc: 00 00 add %al,(%rax) - 3dde: 00 00 add %al,(%rax) - 3de0: 00 10 add %dl,(%rax) - 3de2: 00 00 add %al,(%rax) - 3de4: 00 00 add %al,(%rax) - 3de6: 00 00 add %al,(%rax) - 3de8: 0d 00 00 00 00 or $0x0,%eax - 3ded: 00 00 add %al,(%rax) - 3def: 00 64 11 00 add %ah,0x0(%rcx,%rdx,1) - 3df3: 00 00 add %al,(%rax) - 3df5: 00 00 add %al,(%rax) - 3df7: 00 19 add %bl,(%rcx) - 3df9: 00 00 add %al,(%rax) - 3dfb: 00 00 add %al,(%rax) - 3dfd: 00 00 add %al,(%rax) - 3dff: 00 b8 3d 00 00 00 add %bh,0x3d(%rax) - 3e05: 00 00 add %al,(%rax) - 3e07: 00 1b add %bl,(%rbx) - 3e09: 00 00 add %al,(%rax) - 3e0b: 00 00 add %al,(%rax) - 3e0d: 00 00 add %al,(%rax) - 3e0f: 00 08 add %cl,(%rax) - 3e11: 00 00 add %al,(%rax) - 3e13: 00 00 add %al,(%rax) - 3e15: 00 00 add %al,(%rax) - 3e17: 00 1a add %bl,(%rdx) - 3e19: 00 00 add %al,(%rax) - 3e1b: 00 00 add %al,(%rax) - 3e1d: 00 00 add %al,(%rax) - 3e1f: 00 c0 add %al,%al - 3e21: 3d 00 00 00 00 cmp $0x0,%eax - 3e26: 00 00 add %al,(%rax) - 3e28: 1c 00 sbb $0x0,%al - 3e2a: 00 00 add %al,(%rax) - 3e2c: 00 00 add %al,(%rax) - 3e2e: 00 00 add %al,(%rax) - 3e30: 08 00 or %al,(%rax) - 3e32: 00 00 add %al,(%rax) - 3e34: 00 00 add %al,(%rax) - 3e36: 00 00 add %al,(%rax) - 3e38: f5 cmc - 3e39: fe (bad) - 3e3a: ff 6f 00 ljmp *0x0(%rdi) - 3e3d: 00 00 add %al,(%rax) - 3e3f: 00 b0 03 00 00 00 add %dh,0x3(%rax) - 3e45: 00 00 add %al,(%rax) - 3e47: 00 05 00 00 00 00 add %al,0x0(%rip) # 3e4d <_DYNAMIC+0x85> - 3e4d: 00 00 add %al,(%rax) - 3e4f: 00 80 04 00 00 00 add %al,0x4(%rax) - 3e55: 00 00 add %al,(%rax) - 3e57: 00 06 add %al,(%rsi) - 3e59: 00 00 add %al,(%rax) - 3e5b: 00 00 add %al,(%rax) - 3e5d: 00 00 add %al,(%rax) - 3e5f: 00 d8 add %bl,%al - 3e61: 03 00 add (%rax),%eax - 3e63: 00 00 add %al,(%rax) - 3e65: 00 00 add %al,(%rax) - 3e67: 00 0a add %cl,(%rdx) - 3e69: 00 00 add %al,(%rax) - 3e6b: 00 00 add %al,(%rax) - 3e6d: 00 00 add %al,(%rax) - 3e6f: 00 8d 00 00 00 00 add %cl,0x0(%rbp) - 3e75: 00 00 add %al,(%rax) - 3e77: 00 0b add %cl,(%rbx) - 3e79: 00 00 add %al,(%rax) - 3e7b: 00 00 add %al,(%rax) - 3e7d: 00 00 add %al,(%rax) - 3e7f: 00 18 add %bl,(%rax) - 3e81: 00 00 add %al,(%rax) - 3e83: 00 00 add %al,(%rax) - 3e85: 00 00 add %al,(%rax) - 3e87: 00 15 00 00 00 00 add %dl,0x0(%rip) # 3e8d <_DYNAMIC+0xc5> - ... - 3e95: 00 00 add %al,(%rax) - 3e97: 00 03 add %al,(%rbx) - 3e99: 00 00 add %al,(%rax) - 3e9b: 00 00 add %al,(%rax) - 3e9d: 00 00 add %al,(%rax) - 3e9f: 00 b8 3f 00 00 00 add %bh,0x3f(%rax) - 3ea5: 00 00 add %al,(%rax) - 3ea7: 00 02 add %al,(%rdx) - 3ea9: 00 00 add %al,(%rax) - 3eab: 00 00 add %al,(%rax) - 3ead: 00 00 add %al,(%rax) - 3eaf: 00 18 add %bl,(%rax) - 3eb1: 00 00 add %al,(%rax) - 3eb3: 00 00 add %al,(%rax) - 3eb5: 00 00 add %al,(%rax) - 3eb7: 00 14 00 add %dl,(%rax,%rax,1) - 3eba: 00 00 add %al,(%rax) - 3ebc: 00 00 add %al,(%rax) - 3ebe: 00 00 add %al,(%rax) - 3ec0: 07 (bad) - 3ec1: 00 00 add %al,(%rax) - 3ec3: 00 00 add %al,(%rax) - 3ec5: 00 00 add %al,(%rax) - 3ec7: 00 17 add %dl,(%rdi) - 3ec9: 00 00 add %al,(%rax) - 3ecb: 00 00 add %al,(%rax) - 3ecd: 00 00 add %al,(%rax) - 3ecf: 00 10 add %dl,(%rax) - 3ed1: 06 (bad) - 3ed2: 00 00 add %al,(%rax) - 3ed4: 00 00 add %al,(%rax) - 3ed6: 00 00 add %al,(%rax) - 3ed8: 07 (bad) - 3ed9: 00 00 add %al,(%rax) - 3edb: 00 00 add %al,(%rax) - 3edd: 00 00 add %al,(%rax) - 3edf: 00 50 05 add %dl,0x5(%rax) - 3ee2: 00 00 add %al,(%rax) - 3ee4: 00 00 add %al,(%rax) - 3ee6: 00 00 add %al,(%rax) - 3ee8: 08 00 or %al,(%rax) - 3eea: 00 00 add %al,(%rax) - 3eec: 00 00 add %al,(%rax) - 3eee: 00 00 add %al,(%rax) - 3ef0: c0 00 00 rolb $0x0,(%rax) - 3ef3: 00 00 add %al,(%rax) - 3ef5: 00 00 add %al,(%rax) - 3ef7: 00 09 add %cl,(%rcx) - 3ef9: 00 00 add %al,(%rax) - 3efb: 00 00 add %al,(%rax) - 3efd: 00 00 add %al,(%rax) - 3eff: 00 18 add %bl,(%rax) - 3f01: 00 00 add %al,(%rax) - 3f03: 00 00 add %al,(%rax) - 3f05: 00 00 add %al,(%rax) - 3f07: 00 1e add %bl,(%rsi) - 3f09: 00 00 add %al,(%rax) - 3f0b: 00 00 add %al,(%rax) - 3f0d: 00 00 add %al,(%rax) - 3f0f: 00 08 add %cl,(%rax) - 3f11: 00 00 add %al,(%rax) - 3f13: 00 00 add %al,(%rax) - 3f15: 00 00 add %al,(%rax) - 3f17: 00 fb add %bh,%bl - 3f19: ff (bad) - 3f1a: ff 6f 00 ljmp *0x0(%rdi) - 3f1d: 00 00 add %al,(%rax) - 3f1f: 00 01 add %al,(%rcx) - 3f21: 00 00 add %al,(%rax) - 3f23: 08 00 or %al,(%rax) - 3f25: 00 00 add %al,(%rax) - 3f27: 00 fe add %bh,%dh - 3f29: ff (bad) - 3f2a: ff 6f 00 ljmp *0x0(%rdi) - 3f2d: 00 00 add %al,(%rax) - 3f2f: 00 20 add %ah,(%rax) - 3f31: 05 00 00 00 00 add $0x0,%eax - 3f36: 00 00 add %al,(%rax) - 3f38: ff (bad) - 3f39: ff (bad) - 3f3a: ff 6f 00 ljmp *0x0(%rdi) - 3f3d: 00 00 add %al,(%rax) - 3f3f: 00 01 add %al,(%rcx) - 3f41: 00 00 add %al,(%rax) - 3f43: 00 00 add %al,(%rax) - 3f45: 00 00 add %al,(%rax) - 3f47: 00 f0 add %dh,%al - 3f49: ff (bad) - 3f4a: ff 6f 00 ljmp *0x0(%rdi) - 3f4d: 00 00 add %al,(%rax) - 3f4f: 00 0e add %cl,(%rsi) - 3f51: 05 00 00 00 00 add $0x0,%eax - 3f56: 00 00 add %al,(%rax) - 3f58: f9 stc - 3f59: ff (bad) - 3f5a: ff 6f 00 ljmp *0x0(%rdi) - 3f5d: 00 00 add %al,(%rax) - 3f5f: 00 03 add %al,(%rbx) - ... - -Disassembly of section .got: - -0000000000003fb8 <_GLOBAL_OFFSET_TABLE_>: - 3fb8: c8 3d 00 00 enter $0x3d,$0x0 - ... - 3fd0: 30 10 xor %dl,(%rax) - ... - -Disassembly of section .data: - -0000000000004000 <__data_start>: - ... - -0000000000004008 <__dso_handle>: - 4008: 08 40 00 or %al,0x0(%rax) - 400b: 00 00 add %al,(%rax) - 400d: 00 00 add %al,(%rax) - ... - -Disassembly of section .bss: - -0000000000004010 : - ... - -Disassembly of section .comment: - -0000000000000000 <.comment>: - 0: 47 rex.RXB - 1: 43 rex.XB - 2: 43 3a 20 rex.XB cmp (%r8),%spl - 5: 28 55 62 sub %dl,0x62(%rbp) - 8: 75 6e jne 78 <__abi_tag-0x314> - a: 74 75 je 81 <__abi_tag-0x30b> - c: 20 31 and %dh,(%rcx) - e: 30 2e xor %ch,(%rsi) - 10: 35 2e 30 2d 31 xor $0x312d302e,%eax - 15: 75 62 jne 79 <__abi_tag-0x313> - 17: 75 6e jne 87 <__abi_tag-0x305> - 19: 74 75 je 90 <__abi_tag-0x2fc> - 1b: 31 7e 32 xor %edi,0x32(%rsi) - 1e: 32 2e xor (%rsi),%ch - 20: 30 34 29 xor %dh,(%rcx,%rbp,1) - 23: 20 31 and %dh,(%rcx) - 25: 30 2e xor %ch,(%rsi) - 27: 35 .byte 0x35 - 28: 2e 30 00 cs xor %al,(%rax) diff --git a/shell_test b/shell_test deleted file mode 100755 index 15ec415a5e362e2036ebf2435a95193c15653010..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 15824 zcmeHOZEPGz8J;`m!=;JsBn|nbS(OHA8gK3#+X@9Y=h)}0!AVMDgMh-a_O0!c?!(;e zwRVBxDtuXKM37M72S`Aft|}?ezUN zbx>^~dsD#a@{9&5)#-Y2J+=zpLdbD@Inx9WYMNTm2|Z-wxQ){CW?ceQavdBO6p0NU zn3o2C;2Z53(qaUk6&e_hV{MkZw8L`$dh8TkQi6zMljD@B{b@LK60A!i= zGm0sx1{jT-k+>)hNgR;d;B@{KFZbWHcb~*Nv4QqKNI(vQ9KqhJ2lFJIX8+n3rq-gLb#sZT2?u$9j}KGIrX|xfORhU-jI|*y+JSx#W&H z69ukrx>znrb+&eG>c|Qvf`59X5@d6KF<)x?^S7|-JpY*c@mC%rnUnOy(+T%6?jK`^ z=2ztY2EQZ~wq|rWc-YrZXr9NAHA7ko@!@g55#lk&IA%G-^ZY?t3GqB%;uI?oD-bIX zD-bIXD-bIXD-bKd3jC%0_J3LzUTw85ZvORArL51_y`=x5b>Z38X99uz-Y1Cuvw!$o z1nq|cf3kiWSVKBK{l}5TYah23U$!p%e)+z!Y`UI)&brk9JXPTDu9D|pr_A<4p9|_E z{(Hn&mo{^~*1K1{-PH64IZsXB;xDxyT42X#1j&Cs@b9fKbgo*9%huC>I$=G%(qbj9 zSl3p)+o*!WQbDV~G}V5H`h|GDzJ-31idF6IaqB{VlC#$0E8aHiV*eI0Zgl#-eX%>h{dcg#(AMA= zusbQ+L!YOJ4~Vvo;kLc+Yrplu)&+H9|2^+Ic4zQ&A;)vOkHe4hoVZSpK95j8QcPsq zI=+w`+`eU+8fH6Au>!FIu>!FIu>!FIu>!FIu>!FIu>!FIO%=d?MeI++-b3u!+=eLG zzqnoO`(>ZwKC!V6@_^WQ7uzp3_Cxaf8z+?iZPhQc{iJMS#NNaie)*)N_p~Z?UCQ60 zY4s(+TLt$D?iK_{n5xVE$E{M3l7`Tay708wGf1fKcCq32hOhfeItA3K*uf@T@}*yf zgX@8g^qLyj%W^&c5F7oH>i>6u{o!x2M(j&X|0Z33GI4c5of;gx$GB^JqE_;1MmlBo znyIdIEils$cXykqo=&0vW6P||CiS`>bzjeE|MDlxf!g zjjoG#3nXYqcHKY?YuK!wD}g`F`pCGy5QOben~b%1&b>^ZgnDb^en9C8Wt!~+-%WxT za0+22;P)t%36Ydd6W^isH1tI2apHF-+ZCQ0;O`axXg%)_>W9}FeuVfP$vq156D8Bk zQ_ITGjNESO0pdGoe2ok|H4YKKlg2S4^Cb8`Dk}Pv_+vgG>WkvvDbKx>6g)~i_a|Ea z*NHa}9Ks(Fe@Dnh_A2o^lk_x;%-dfOzk~Gb$Y@VIpVaxuikCLawA0<0$lIPXt%#_4 zwW%p{QmyTZx4oi0$@}7~I8PxV%O+26oojW*EfglpIoI~wsz*Ju?cs9+r?YnU%#cm{ z@`pZrX5jS5AklQd!OmJzY7L!J_NmdcCkICDv%|yZvt#zyz{$}pMMTdDWN|C{M&p4$VpCcGKOJ2Er$*xu1oFW0}%buuKB{n#zVB2)| z09V9^5}KYgSbyN5(QQ7|5a>oDk#p&sPj$ZNITM6lMdJ)|`4Sy-m{n$}?78N2sb
)R`I62bAb0ct{ajG-Q%*~gm35{MwmptHBs`+whoncd1#Vt4- zpiCZFWzH7#mpNUgjOWhLH%|}pEC=$M?u<-`nHsODR4k7mkmf zr{ez)4<|gg!13Rwa6JA#0u49{M&mz3{NHKKf&OEi1w{K;XGQz(P&}`(5RY{j@Upba zePo>xkM&cYIR2B4c&zJy{C6{)xQ=l8BpJM>LOj+{K&(&EfA|3(rg&bX!Nxibi062; z|LDUd%CM%0$GQ<%7e}-oz5cIJIbRdX8_#!n&SSkS)dX!J&-hLHgyRi~1B%%Qfem~j z5}%R+ApB4PY~c4J@fj%q?u!f<;!xiYBk}nA55)Tf{G;>tClcRSn;7CL81;t@{F%gK z{IDJZ^0}^XLL9iOl;KN6e9F)zz^`hv@s05Z@hi%-(Ff~&tPgSiFzOE*_&bVi55;3W zy3$1?CHQG;%?AG(74Y0c`;B#?oF}cz`0@PbggA`jw~1pH#N$1xew4kH$^_qQUx)|t zx-uN!2uSG|yg#A_#KB&r40C87>#}_kkAA~nE(fM+A%Zz^Z}5n}yTRxT;=_os54&1Y x;U}bHd>`{1MgQ^q #include -// Define the shellcode char code[] = "\x31\xc0\x99\xb2\x0a\xff\xc0\x89\xc7\x48\x8d\x35\x12\x00\x00\x00\x0f\x05\xb2\x2a\x31\xc0\xff\xc0\xf6\xe2\x89\xc7\x31\xc0\xb0\x3c\x0f\x05\x2e\x2e\x57\x4f\x4f\x44\x59\x2e\x2e\x0a"; - -// Declare a function pointer with no arguments and no return value typedef void (*ShellcodeFunc)(); int main() { - // Create a function pointer of the appropriate type and point it to the shellcode ShellcodeFunc func = (ShellcodeFunc)code; - // Make the memory containing the shellcode executable - // Using a reasonable default page size size_t pagesize = 4096; // 4KB, a common page size uintptr_t page_start = (uintptr_t)code & ~(pagesize - 1); mprotect((void *)page_start, pagesize, PROT_READ | PROT_EXEC); - - // Call the shellcode func(); - return 0; } diff --git a/srcs/encrypt.c b/srcs/encrypt.c new file mode 100644 index 0000000..d66e160 --- /dev/null +++ b/srcs/encrypt.c @@ -0,0 +1,11 @@ +#include "../includes/woody.h" + +void encrypt(char *file, unsigned long int offset, unsigned long int size) +{ + size_t i = 0; + while (i < size) + { + file[offset + i] = 0; + ++i; + } +} \ No newline at end of file diff --git a/srcs/main.c b/srcs/main.c index 3fd7078..d2228a7 100644 --- a/srcs/main.c +++ b/srcs/main.c @@ -41,5 +41,5 @@ int main(int ac, char **av) int ret = get_elf_file(&woody); if (ret == EXIT_FAILURE) return ret; - return inject(&woody); + return prepare_injection(&woody); } \ No newline at end of file diff --git a/srcs/utils.c b/srcs/utils.c index 84ca99a..db2b226 100644 --- a/srcs/utils.c +++ b/srcs/utils.c @@ -1,6 +1,6 @@ #include "../includes/woody.h" -void *secure_jump(char *file, unsigned long file_size, unsigned long offset_to_data, unsigned long supposed_data_size) +void *fetch(char *file, unsigned long file_size, unsigned long offset_to_data, unsigned long supposed_data_size) { if (file_size > offset_to_data && file_size >= (offset_to_data + supposed_data_size)) return (file + offset_to_data); diff --git a/srcs/woody.c b/srcs/woody.c index 8a44c50..5568579 100644 --- a/srcs/woody.c +++ b/srcs/woody.c @@ -6,16 +6,6 @@ int elf_magic_numbers(char *str) return (!ft_strncmp(str, ELFMAG, SELFMAG)); } -void encrypt_zone(char *file, unsigned long int offset, unsigned long int size) -{ - size_t i = 0; - while (i < size) - { - file[offset + i] = 0; - ++i; - } -} - int save_elf(char *path, char *file, unsigned long int size) { int fd = open(path, O_CREAT | O_WRONLY | O_TRUNC, 0755); @@ -67,108 +57,102 @@ int32_t find_jmp(char *code, size_t len) return 0; } -void find_cave(t_efl_content *woody) +void inject(t_efl_content *woody) { - woody->Phdr = (Elf64_Phdr *)secure_jump(woody->file, woody->file_size, woody->Ehdr->e_phoff, sizeof(Elf64_Phdr)); + char payload[] = PAYLOAD; + size_t len_payload = sizeof(PAYLOAD) - 1; + woody->Phdr = (Elf64_Phdr *)fetch(woody->file, woody->file_size, woody->Ehdr->e_phoff, sizeof(Elf64_Phdr)); int i = get_load_segment(woody, 0, true); int j = get_load_segment(woody, i + 1, false); - printf("%d %ld\n", i, woody->Phdr[i].p_align); - printf("%d %ld\n", j, woody->Phdr[j].p_align); - printf("code_cave_start = %lx, virtual adress = %lx\n", woody->Phdr[i].p_offset, woody->Phdr[i].p_vaddr); - printf("code_cave_size = %lx\n", woody->Phdr[j].p_offset - (woody->Phdr[i].p_offset + woody->Phdr[i].p_filesz)); + size_t code_cave_size = woody->Phdr[j].p_offset - (woody->Phdr[i].p_offset + woody->Phdr[i].p_filesz); + size_t payload_off = woody->Phdr[i].p_offset + woody->Phdr[i].p_memsz; + + printf("Old entry : %ld\n", woody->Ehdr->e_entry); + printf("Code_cave_start = %ld\n", woody->Phdr[i].p_offset); + printf("Code_cave_size = %ld\n", code_cave_size); + printf("Payload size = %ld\n", len_payload); + + int32_t jmp_index = find_jmp(payload, len_payload); + int32_t backward_len = ((payload_off + len_payload) - woody->Ehdr->e_entry) * -1; - Elf64_Off payload_off = woody->Phdr[i].p_offset + woody->Phdr[i].p_memsz; + ft_memcpy(&payload[jmp_index + 1], &backward_len, sizeof(backward_len)); + ft_memcpy(woody->file + payload_off, payload, len_payload); + + printf("Backward offset = %d\n", backward_len); - size_t len = sizeof(PAYLOAD) - 1; - char payload[] = PAYLOAD; - int32_t jmp = find_jmp(payload, len); - - printf("%ld\n", (long int)payload[jmp + 1]); - int32_t test = ((payload_off + len) - woody->Ehdr->e_entry) * -1; - - ft_memcpy(&payload[jmp + 1], &test, sizeof(test)); - - ft_memcpy(woody->file + payload_off, payload, len); - - printf("old entry : %lx\n", woody->Ehdr->e_entry); - printf("backward offset = %ld\n", (payload_off + len) - woody->Ehdr->e_entry); woody->Ehdr->e_entry = payload_off; - woody->Phdr[i].p_filesz += len; - woody->Phdr[i].p_memsz += len; - - - printf("new entry = %lx\n", woody->Ehdr->e_entry); - - printf("p_filesz = %lx\n", woody->Phdr[i].p_filesz); - printf("p_memsz = %lx\n", woody->Phdr[i].p_memsz); - woody->file_size += len; + woody->Phdr[i].p_filesz += len_payload; + woody->Phdr[i].p_memsz += len_payload; + woody->file_size += len_payload; + printf("New entry = %ld\n", woody->Ehdr->e_entry); } - -int inject(t_efl_content *woody) +int get_elf_sections(t_efl_content *woody) { - woody->Ehdr = (Elf64_Ehdr *)secure_jump(woody->file, woody->file_size, 0, sizeof(Elf64_Ehdr)); + woody->Ehdr = (Elf64_Ehdr *)fetch(woody->file, woody->file_size, 0, sizeof(Elf64_Ehdr)); if (!woody->Ehdr || !elf_magic_numbers(woody->file) || woody->Ehdr->e_ident[EI_CLASS] != 2) { ft_printf("Error: \'%s\' is not a valid 64-bit ELF file\n", woody->file_path); return EXIT_FAILURE; } - printf("entry point = %ld\n", woody->Ehdr->e_entry); - Elf64_Shdr *Shdr = (Elf64_Shdr *)secure_jump(woody->file, woody->file_size, woody->Ehdr->e_shoff, sizeof(Elf64_Shdr)); - if (Shdr == NULL || !secure_jump(woody->file, woody->file_size, woody->Ehdr->e_shoff, woody->Ehdr->e_shnum * sizeof(Elf64_Shdr))) + Elf64_Shdr *Shdr = (Elf64_Shdr *)fetch(woody->file, woody->file_size, woody->Ehdr->e_shoff, sizeof(Elf64_Shdr)); + if (Shdr == NULL || !fetch(woody->file, woody->file_size, woody->Ehdr->e_shoff, woody->Ehdr->e_shnum * sizeof(Elf64_Shdr))) { return ft_put_error("Corrupted file"); } - if (woody->file_size > woody->Ehdr->e_shoff + woody->Ehdr->e_shnum * sizeof(Elf64_Shdr)) - { - printf("extra_data !\n"); // save it in woody->extra_data and append it to the end of the woody file ? Could be dangerous - } Elf64_Shdr *symbols_table = NULL; for (int i = 0; i < woody->Ehdr->e_shnum; i++) { if (Shdr[i].sh_type == SHT_SYMTAB) { - symbols_table = secure_jump(woody->file, woody->file_size, woody->Ehdr->e_shoff + (i * sizeof(Elf64_Shdr)), sizeof(Elf64_Shdr)); + symbols_table = fetch(woody->file, woody->file_size, woody->Ehdr->e_shoff + (i * sizeof(Elf64_Shdr)), sizeof(Elf64_Shdr)); } } if (symbols_table == NULL) return ft_put_error("No symbols"); - if (!secure_jump(woody->file, woody->file_size, woody->Ehdr->e_shoff + (woody->Ehdr->e_shstrndx * sizeof(Elf64_Shdr)), sizeof(Elf64_Shdr))) + if (!fetch(woody->file, woody->file_size, woody->Ehdr->e_shoff + (woody->Ehdr->e_shstrndx * sizeof(Elf64_Shdr)), sizeof(Elf64_Shdr))) return ft_put_error("Corrupted file"); - char *Sshstrtab = (char *)secure_jump(woody->file, woody->file_size, Shdr[woody->Ehdr->e_shstrndx].sh_offset, 0); + char *Sshstrtab = (char *)fetch(woody->file, woody->file_size, Shdr[woody->Ehdr->e_shstrndx].sh_offset, 0); if (Sshstrtab == NULL) return ft_put_error("Corrupted file"); - for (int i = 0; i < woody->Ehdr->e_shnum; i++) { - char *section_name = Sshstrtab + Shdr[i].sh_name; - printf("%s : Offset: %lx | Size: %lx | Virtual adress: %lx\n", section_name, Shdr[i].sh_offset, Shdr[i].sh_size, Shdr[i].sh_addr); - } - - // useless for now - Elf64_Shdr *strtab_header = (Elf64_Shdr *)secure_jump(woody->file, woody->file_size, woody->Ehdr->e_shoff + (symbols_table->sh_link * woody->Ehdr->e_shentsize), sizeof(Elf64_Shdr)); + Elf64_Shdr *strtab_header = (Elf64_Shdr *)fetch(woody->file, woody->file_size, woody->Ehdr->e_shoff + (symbols_table->sh_link * woody->Ehdr->e_shentsize), sizeof(Elf64_Shdr)); if (!strtab_header) return ft_put_error("Corrupted file"); - char *strtab = secure_jump(woody->file, woody->file_size, strtab_header->sh_offset, 0); + char *strtab = fetch(woody->file, woody->file_size, strtab_header->sh_offset, 0); if (strtab == NULL) return ft_put_error("Corrupted file"); - Elf64_Sym *symbols = (Elf64_Sym *)secure_jump(woody->file, woody->file_size, symbols_table->sh_offset, sizeof(Elf64_Sym)); + Elf64_Sym *symbols = (Elf64_Sym *)fetch(woody->file, woody->file_size, symbols_table->sh_offset, sizeof(Elf64_Sym)); if (symbols == NULL) return ft_put_error("Corrupted file"); - // end useless woody->Ehdr->e_entry = - find_cave(woody); + return EXIT_SUCCESS; +} - char *woody_file = malloc(woody->file_size); +int prepare_injection(t_efl_content *woody) +{ + int elf_statut = get_elf_sections(woody); + if (elf_statut) + return elf_statut; + + inject(woody); + + char *woody_file; + if (!(woody_file = malloc(woody->file_size))) + return ft_put_error("Allocation error"); ft_memcpy(woody_file, woody->file, woody->file_size); - // encrypt_zone(woody_file, strtab_header->sh_offset , strtab_header->sh_size); + // encrypt(woody_file, strtab_header->sh_offset , strtab_header->sh_size); + munmap(woody_file, woody->file_size); - return save_elf("woody", woody_file, woody->file_size); + save_elf("woody", woody_file, woody->file_size); + free(woody_file); + return EXIT_SUCCESS; } \ No newline at end of file diff --git a/woody.txt b/woody.txt deleted file mode 100644 index dc5f9d3..0000000 --- a/woody.txt +++ /dev/null @@ -1,825 +0,0 @@ - -woody: file format elf64-x86-64 - - -Disassembly of section .interp: - -0000000000000318 <.interp>: - 318: 2f (bad) - 319: 6c insb (%dx),%es:(%rdi) - 31a: 69 62 36 34 2f 6c 64 imul $0x646c2f34,0x36(%rdx),%esp - 321: 2d 6c 69 6e 75 sub $0x756e696c,%eax - 326: 78 2d js 355 <__abi_tag-0x37> - 328: 78 38 js 362 <__abi_tag-0x2a> - 32a: 36 2d 36 34 2e 73 ss sub $0x732e3436,%eax - 330: 6f outsl %ds:(%rsi),(%dx) - 331: 2e 32 00 cs xor (%rax),%al - -Disassembly of section .note.gnu.property: - -0000000000000338 <.note.gnu.property>: - 338: 04 00 add $0x0,%al - 33a: 00 00 add %al,(%rax) - 33c: 20 00 and %al,(%rax) - 33e: 00 00 add %al,(%rax) - 340: 05 00 00 00 47 add $0x47000000,%eax - 345: 4e 55 rex.WRX push %rbp - 347: 00 02 add %al,(%rdx) - 349: 00 00 add %al,(%rax) - 34b: c0 04 00 00 rolb $0x0,(%rax,%rax,1) - 34f: 00 03 add %al,(%rbx) - 351: 00 00 add %al,(%rax) - 353: 00 00 add %al,(%rax) - 355: 00 00 add %al,(%rax) - 357: 00 02 add %al,(%rdx) - 359: 80 00 c0 addb $0xc0,(%rax) - 35c: 04 00 add $0x0,%al - 35e: 00 00 add %al,(%rax) - 360: 01 00 add %eax,(%rax) - 362: 00 00 add %al,(%rax) - 364: 00 00 add %al,(%rax) - ... - -Disassembly of section .note.gnu.build-id: - -0000000000000368 <.note.gnu.build-id>: - 368: 04 00 add $0x0,%al - 36a: 00 00 add %al,(%rax) - 36c: 14 00 adc $0x0,%al - 36e: 00 00 add %al,(%rax) - 370: 03 00 add (%rax),%eax - 372: 00 00 add %al,(%rax) - 374: 47 rex.RXB - 375: 4e 55 rex.WRX push %rbp - 377: 00 aa 0d f4 0f 29 add %ch,0x290ff40d(%rdx) - 37d: 9d popf - 37e: 21 c9 and %ecx,%ecx - 380: 16 (bad) - 381: 1e (bad) - 382: 8a 34 ce mov (%rsi,%rcx,8),%dh - 385: 99 cltd - 386: 69 cc 15 8d 7d 01 imul $0x17d8d15,%esp,%ecx - -Disassembly of section .note.ABI-tag: - -000000000000038c <__abi_tag>: - 38c: 04 00 add $0x0,%al - 38e: 00 00 add %al,(%rax) - 390: 10 00 adc %al,(%rax) - 392: 00 00 add %al,(%rax) - 394: 01 00 add %eax,(%rax) - 396: 00 00 add %al,(%rax) - 398: 47 rex.RXB - 399: 4e 55 rex.WRX push %rbp - 39b: 00 00 add %al,(%rax) - 39d: 00 00 add %al,(%rax) - 39f: 00 03 add %al,(%rbx) - 3a1: 00 00 add %al,(%rax) - 3a3: 00 02 add %al,(%rdx) - 3a5: 00 00 add %al,(%rax) - 3a7: 00 00 add %al,(%rax) - 3a9: 00 00 add %al,(%rax) - ... - -Disassembly of section .gnu.hash: - -00000000000003b0 <.gnu.hash>: - 3b0: 02 00 add (%rax),%al - 3b2: 00 00 add %al,(%rax) - 3b4: 06 (bad) - 3b5: 00 00 add %al,(%rax) - 3b7: 00 01 add %al,(%rcx) - 3b9: 00 00 add %al,(%rax) - 3bb: 00 06 add %al,(%rsi) - 3bd: 00 00 add %al,(%rax) - 3bf: 00 00 add %al,(%rax) - 3c1: 00 81 00 00 00 00 add %al,0x0(%rcx) - 3c7: 00 06 add %al,(%rsi) - 3c9: 00 00 add %al,(%rax) - 3cb: 00 00 add %al,(%rax) - 3cd: 00 00 add %al,(%rax) - 3cf: 00 d1 add %dl,%cl - 3d1: 65 ce gs (bad) - 3d3: 6d insl (%dx),%es:(%rdi) - -Disassembly of section .dynsym: - -00000000000003d8 <.dynsym>: - ... - 3f0: 10 00 adc %al,(%rax) - 3f2: 00 00 add %al,(%rax) - 3f4: 12 00 adc (%rax),%al - ... - 406: 00 00 add %al,(%rax) - 408: 48 00 00 rex.W add %al,(%rax) - 40b: 00 20 add %ah,(%rax) - ... - 41d: 00 00 add %al,(%rax) - 41f: 00 22 add %ah,(%rdx) - 421: 00 00 add %al,(%rax) - 423: 00 12 add %dl,(%rdx) - ... - 435: 00 00 add %al,(%rax) - 437: 00 64 00 00 add %ah,0x0(%rax,%rax,1) - 43b: 00 20 add %ah,(%rax) - ... - 44d: 00 00 add %al,(%rax) - 44f: 00 73 00 add %dh,0x0(%rbx) - 452: 00 00 add %al,(%rax) - 454: 20 00 and %al,(%rax) - ... - 466: 00 00 add %al,(%rax) - 468: 01 00 add %eax,(%rax) - 46a: 00 00 add %al,(%rax) - 46c: 22 00 and (%rax),%al - ... - -Disassembly of section .dynstr: - -0000000000000480 <.dynstr>: - 480: 00 5f 5f add %bl,0x5f(%rdi) - 483: 63 78 61 movsxd 0x61(%rax),%edi - 486: 5f pop %rdi - 487: 66 69 6e 61 6c 69 imul $0x696c,0x61(%rsi),%bp - 48d: 7a 65 jp 4f4 <__abi_tag+0x168> - 48f: 00 5f 5f add %bl,0x5f(%rdi) - 492: 6c insb (%dx),%es:(%rdi) - 493: 69 62 63 5f 73 74 61 imul $0x6174735f,0x63(%rdx),%esp - 49a: 72 74 jb 510 <__abi_tag+0x184> - 49c: 5f pop %rdi - 49d: 6d insl (%dx),%es:(%rdi) - 49e: 61 (bad) - 49f: 69 6e 00 70 75 74 73 imul $0x73747570,0x0(%rsi),%ebp - 4a6: 00 6c 69 62 add %ch,0x62(%rcx,%rbp,2) - 4aa: 63 2e movsxd (%rsi),%ebp - 4ac: 73 6f jae 51d <__abi_tag+0x191> - 4ae: 2e 36 00 47 4c cs ss add %al,0x4c(%rdi) - 4b3: 49 rex.WB - 4b4: 42 rex.X - 4b5: 43 5f rex.XB pop %r15 - 4b7: 32 2e xor (%rsi),%ch - 4b9: 32 2e xor (%rsi),%ch - 4bb: 35 00 47 4c 49 xor $0x494c4700,%eax - 4c0: 42 rex.X - 4c1: 43 5f rex.XB pop %r15 - 4c3: 32 2e xor (%rsi),%ch - 4c5: 33 34 00 xor (%rax,%rax,1),%esi - 4c8: 5f pop %rdi - 4c9: 49 54 rex.WB push %r12 - 4cb: 4d 5f rex.WRB pop %r15 - 4cd: 64 65 72 65 fs gs jb 536 <__abi_tag+0x1aa> - 4d1: 67 69 73 74 65 72 54 imul $0x4d547265,0x74(%ebx),%esi - 4d8: 4d - 4d9: 43 6c rex.XB insb (%dx),%es:(%rdi) - 4db: 6f outsl %ds:(%rsi),(%dx) - 4dc: 6e outsb %ds:(%rsi),(%dx) - 4dd: 65 54 gs push %rsp - 4df: 61 (bad) - 4e0: 62 (bad) - 4e1: 6c insb (%dx),%es:(%rdi) - 4e2: 65 00 5f 5f add %bl,%gs:0x5f(%rdi) - 4e6: 67 6d insl (%dx),%es:(%edi) - 4e8: 6f outsl %ds:(%rsi),(%dx) - 4e9: 6e outsb %ds:(%rsi),(%dx) - 4ea: 5f pop %rdi - 4eb: 73 74 jae 561 <__abi_tag+0x1d5> - 4ed: 61 (bad) - 4ee: 72 74 jb 564 <__abi_tag+0x1d8> - 4f0: 5f pop %rdi - 4f1: 5f pop %rdi - 4f2: 00 5f 49 add %bl,0x49(%rdi) - 4f5: 54 push %rsp - 4f6: 4d 5f rex.WRB pop %r15 - 4f8: 72 65 jb 55f <__abi_tag+0x1d3> - 4fa: 67 69 73 74 65 72 54 imul $0x4d547265,0x74(%ebx),%esi - 501: 4d - 502: 43 6c rex.XB insb (%dx),%es:(%rdi) - 504: 6f outsl %ds:(%rsi),(%dx) - 505: 6e outsb %ds:(%rsi),(%dx) - 506: 65 54 gs push %rsp - 508: 61 (bad) - 509: 62 .byte 0x62 - 50a: 6c insb (%dx),%es:(%rdi) - 50b: 65 gs - ... - -Disassembly of section .gnu.version: - -000000000000050e <.gnu.version>: - 50e: 00 00 add %al,(%rax) - 510: 02 00 add (%rax),%al - 512: 01 00 add %eax,(%rax) - 514: 03 00 add (%rax),%eax - 516: 01 00 add %eax,(%rax) - 518: 01 00 add %eax,(%rax) - 51a: 03 00 add (%rax),%eax - -Disassembly of section .gnu.version_r: - -0000000000000520 <.gnu.version_r>: - 520: 01 00 add %eax,(%rax) - 522: 02 00 add (%rax),%al - 524: 27 (bad) - 525: 00 00 add %al,(%rax) - 527: 00 10 add %dl,(%rax) - 529: 00 00 add %al,(%rax) - 52b: 00 00 add %al,(%rax) - 52d: 00 00 add %al,(%rax) - 52f: 00 75 1a add %dh,0x1a(%rbp) - 532: 69 09 00 00 03 00 imul $0x30000,(%rcx),%ecx - 538: 31 00 xor %eax,(%rax) - 53a: 00 00 add %al,(%rax) - 53c: 10 00 adc %al,(%rax) - 53e: 00 00 add %al,(%rax) - 540: b4 91 mov $0x91,%ah - 542: 96 xchg %eax,%esi - 543: 06 (bad) - 544: 00 00 add %al,(%rax) - 546: 02 00 add (%rax),%al - 548: 3d 00 00 00 00 cmp $0x0,%eax - 54d: 00 00 add %al,(%rax) - ... - -Disassembly of section .rela.dyn: - -0000000000000550 <.rela.dyn>: - 550: b8 3d 00 00 00 mov $0x3d,%eax - 555: 00 00 add %al,(%rax) - 557: 00 08 add %cl,(%rax) - 559: 00 00 add %al,(%rax) - 55b: 00 00 add %al,(%rax) - 55d: 00 00 add %al,(%rax) - 55f: 00 40 11 add %al,0x11(%rax) - 562: 00 00 add %al,(%rax) - 564: 00 00 add %al,(%rax) - 566: 00 00 add %al,(%rax) - 568: c0 3d 00 00 00 00 00 sarb $0x0,0x0(%rip) # 56f <__abi_tag+0x1e3> - 56f: 00 08 add %cl,(%rax) - ... - 579: 11 00 adc %eax,(%rax) - 57b: 00 00 add %al,(%rax) - 57d: 00 00 add %al,(%rax) - 57f: 00 08 add %cl,(%rax) - 581: 40 00 00 rex add %al,(%rax) - 584: 00 00 add %al,(%rax) - 586: 00 00 add %al,(%rax) - 588: 08 00 or %al,(%rax) - 58a: 00 00 add %al,(%rax) - 58c: 00 00 add %al,(%rax) - 58e: 00 00 add %al,(%rax) - 590: 08 40 00 or %al,0x0(%rax) - 593: 00 00 add %al,(%rax) - 595: 00 00 add %al,(%rax) - 597: 00 d8 add %bl,%al - 599: 3f (bad) - 59a: 00 00 add %al,(%rax) - 59c: 00 00 add %al,(%rax) - 59e: 00 00 add %al,(%rax) - 5a0: 06 (bad) - 5a1: 00 00 add %al,(%rax) - 5a3: 00 01 add %al,(%rcx) - ... - 5ad: 00 00 add %al,(%rax) - 5af: 00 e0 add %ah,%al - 5b1: 3f (bad) - 5b2: 00 00 add %al,(%rax) - 5b4: 00 00 add %al,(%rax) - 5b6: 00 00 add %al,(%rax) - 5b8: 06 (bad) - 5b9: 00 00 add %al,(%rax) - 5bb: 00 02 add %al,(%rdx) - ... - 5c5: 00 00 add %al,(%rax) - 5c7: 00 e8 add %ch,%al - 5c9: 3f (bad) - 5ca: 00 00 add %al,(%rax) - 5cc: 00 00 add %al,(%rax) - 5ce: 00 00 add %al,(%rax) - 5d0: 06 (bad) - 5d1: 00 00 add %al,(%rax) - 5d3: 00 04 00 add %al,(%rax,%rax,1) - ... - 5de: 00 00 add %al,(%rax) - 5e0: f0 3f lock (bad) - 5e2: 00 00 add %al,(%rax) - 5e4: 00 00 add %al,(%rax) - 5e6: 00 00 add %al,(%rax) - 5e8: 06 (bad) - 5e9: 00 00 add %al,(%rax) - 5eb: 00 05 00 00 00 00 add %al,0x0(%rip) # 5f1 <__abi_tag+0x265> - 5f1: 00 00 add %al,(%rax) - 5f3: 00 00 add %al,(%rax) - 5f5: 00 00 add %al,(%rax) - 5f7: 00 f8 add %bh,%al - 5f9: 3f (bad) - 5fa: 00 00 add %al,(%rax) - 5fc: 00 00 add %al,(%rax) - 5fe: 00 00 add %al,(%rax) - 600: 06 (bad) - 601: 00 00 add %al,(%rax) - 603: 00 06 add %al,(%rsi) - ... - -Disassembly of section .rela.plt: - -0000000000000610 <.rela.plt>: - 610: d0 3f sarb (%rdi) - 612: 00 00 add %al,(%rax) - 614: 00 00 add %al,(%rax) - 616: 00 00 add %al,(%rax) - 618: 07 (bad) - 619: 00 00 add %al,(%rax) - 61b: 00 03 add %al,(%rbx) - ... - -Disassembly of section .init: - -0000000000001000 <_init>: - 1000: f3 0f 1e fa endbr64 - 1004: 48 83 ec 08 sub $0x8,%rsp - 1008: 48 8b 05 d9 2f 00 00 mov 0x2fd9(%rip),%rax # 3fe8 <__gmon_start__@Base> - 100f: 48 85 c0 test %rax,%rax - 1012: 74 02 je 1016 <_init+0x16> - 1014: ff d0 call *%rax - 1016: 48 83 c4 08 add $0x8,%rsp - 101a: c3 ret - -Disassembly of section .plt: - -0000000000001020 <.plt>: - 1020: ff 35 9a 2f 00 00 push 0x2f9a(%rip) # 3fc0 <_GLOBAL_OFFSET_TABLE_+0x8> - 1026: f2 ff 25 9b 2f 00 00 bnd jmp *0x2f9b(%rip) # 3fc8 <_GLOBAL_OFFSET_TABLE_+0x10> - 102d: 0f 1f 00 nopl (%rax) - 1030: f3 0f 1e fa endbr64 - 1034: 68 00 00 00 00 push $0x0 - 1039: f2 e9 e1 ff ff ff bnd jmp 1020 <_init+0x20> - 103f: 90 nop - -Disassembly of section .plt.got: - -0000000000001040 <__cxa_finalize@plt>: - 1040: f3 0f 1e fa endbr64 - 1044: f2 ff 25 ad 2f 00 00 bnd jmp *0x2fad(%rip) # 3ff8 <__cxa_finalize@GLIBC_2.2.5> - 104b: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) - -Disassembly of section .plt.sec: - -0000000000001050 : - 1050: f3 0f 1e fa endbr64 - 1054: f2 ff 25 75 2f 00 00 bnd jmp *0x2f75(%rip) # 3fd0 - 105b: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) - -Disassembly of section .text: - -0000000000001060 <_start>: - 1060: f3 0f 1e fa endbr64 - 1064: 31 ed xor %ebp,%ebp - 1066: 49 89 d1 mov %rdx,%r9 - 1069: 5e pop %rsi - 106a: 48 89 e2 mov %rsp,%rdx - 106d: 48 83 e4 f0 and $0xfffffffffffffff0,%rsp - 1071: 50 push %rax - 1072: 54 push %rsp - 1073: 45 31 c0 xor %r8d,%r8d - 1076: 31 c9 xor %ecx,%ecx - 1078: 48 8d 3d ca 00 00 00 lea 0xca(%rip),%rdi # 1149
- 107f: ff 15 53 2f 00 00 call *0x2f53(%rip) # 3fd8 <__libc_start_main@GLIBC_2.34> - 1085: f4 hlt - 1086: 66 2e 0f 1f 84 00 00 cs nopw 0x0(%rax,%rax,1) - 108d: 00 00 00 - -0000000000001090 : - 1090: 48 8d 3d 79 2f 00 00 lea 0x2f79(%rip),%rdi # 4010 <__TMC_END__> - 1097: 48 8d 05 72 2f 00 00 lea 0x2f72(%rip),%rax # 4010 <__TMC_END__> - 109e: 48 39 f8 cmp %rdi,%rax - 10a1: 74 15 je 10b8 - 10a3: 48 8b 05 36 2f 00 00 mov 0x2f36(%rip),%rax # 3fe0 <_ITM_deregisterTMCloneTable@Base> - 10aa: 48 85 c0 test %rax,%rax - 10ad: 74 09 je 10b8 - 10af: ff e0 jmp *%rax - 10b1: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) - 10b8: c3 ret - 10b9: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) - -00000000000010c0 : - 10c0: 48 8d 3d 49 2f 00 00 lea 0x2f49(%rip),%rdi # 4010 <__TMC_END__> - 10c7: 48 8d 35 42 2f 00 00 lea 0x2f42(%rip),%rsi # 4010 <__TMC_END__> - 10ce: 48 29 fe sub %rdi,%rsi - 10d1: 48 89 f0 mov %rsi,%rax - 10d4: 48 c1 ee 3f shr $0x3f,%rsi - 10d8: 48 c1 f8 03 sar $0x3,%rax - 10dc: 48 01 c6 add %rax,%rsi - 10df: 48 d1 fe sar %rsi - 10e2: 74 14 je 10f8 - 10e4: 48 8b 05 05 2f 00 00 mov 0x2f05(%rip),%rax # 3ff0 <_ITM_registerTMCloneTable@Base> - 10eb: 48 85 c0 test %rax,%rax - 10ee: 74 08 je 10f8 - 10f0: ff e0 jmp *%rax - 10f2: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1) - 10f8: c3 ret - 10f9: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) - -0000000000001100 <__do_global_dtors_aux>: - 1100: f3 0f 1e fa endbr64 - 1104: 80 3d 05 2f 00 00 00 cmpb $0x0,0x2f05(%rip) # 4010 <__TMC_END__> - 110b: 75 2b jne 1138 <__do_global_dtors_aux+0x38> - 110d: 55 push %rbp - 110e: 48 83 3d e2 2e 00 00 cmpq $0x0,0x2ee2(%rip) # 3ff8 <__cxa_finalize@GLIBC_2.2.5> - 1115: 00 - 1116: 48 89 e5 mov %rsp,%rbp - 1119: 74 0c je 1127 <__do_global_dtors_aux+0x27> - 111b: 48 8b 3d e6 2e 00 00 mov 0x2ee6(%rip),%rdi # 4008 <__dso_handle> - 1122: e8 19 ff ff ff call 1040 <__cxa_finalize@plt> - 1127: e8 64 ff ff ff call 1090 - 112c: c6 05 dd 2e 00 00 01 movb $0x1,0x2edd(%rip) # 4010 <__TMC_END__> - 1133: 5d pop %rbp - 1134: c3 ret - 1135: 0f 1f 00 nopl (%rax) - 1138: c3 ret - 1139: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) - -0000000000001140 : - 1140: f3 0f 1e fa endbr64 - 1144: e9 77 ff ff ff jmp 10c0 - -0000000000001149
: - 1149: f3 0f 1e fa endbr64 - 114d: 55 push %rbp - 114e: 48 89 e5 mov %rsp,%rbp - 1151: 48 8d 3d ac 0e 00 00 lea 0xeac(%rip),%rdi # 2004 <_IO_stdin_used+0x4> - 1158: e8 f3 fe ff ff call 1050 - 115d: b8 00 00 00 00 mov $0x0,%eax - 1162: 5d pop %rbp - 1163: c3 ret - -Disassembly of section .fini: - -0000000000001164 <_fini>: - 1164: f3 0f 1e fa endbr64 - 1168: 48 83 ec 08 sub $0x8,%rsp - 116c: 48 83 c4 08 add $0x8,%rsp - 1170: c3 ret - -Disassembly of section .rodata: - -0000000000002000 <_IO_stdin_used>: - 2000: 01 00 add %eax,(%rax) - 2002: 02 00 add (%rax),%al - 2004: 48 rex.W - 2005: 65 6c gs insb (%dx),%es:(%rdi) - 2007: 6c insb (%dx),%es:(%rdi) - 2008: 6f outsl %ds:(%rsi),(%dx) - 2009: 2c 20 sub $0x20,%al - 200b: 57 push %rdi - 200c: 6f outsl %ds:(%rsi),(%dx) - 200d: 72 6c jb 207b <__GNU_EH_FRAME_HDR+0x67> - 200f: 64 21 00 and %eax,%fs:(%rax) - -Disassembly of section .eh_frame_hdr: - -0000000000002014 <__GNU_EH_FRAME_HDR>: - 2014: 01 1b add %ebx,(%rbx) - 2016: 03 3b add (%rbx),%edi - 2018: 30 00 xor %al,(%rax) - 201a: 00 00 add %al,(%rax) - 201c: 05 00 00 00 0c add $0xc000000,%eax - 2021: f0 ff lock (bad) - 2023: ff 64 00 00 jmp *0x0(%rax,%rax,1) - 2027: 00 2c f0 add %ch,(%rax,%rsi,8) - 202a: ff (bad) - 202b: ff 8c 00 00 00 3c f0 decl -0xfc40000(%rax,%rax,1) - 2032: ff (bad) - 2033: ff a4 00 00 00 4c f0 jmp *-0xfb40000(%rax,%rax,1) - 203a: ff (bad) - 203b: ff 4c 00 00 decl 0x0(%rax,%rax,1) - 203f: 00 35 f1 ff ff bc add %dh,-0x4300000f(%rip) # ffffffffbd002036 <_end+0xffffffffbcffe01e> - 2045: 00 00 add %al,(%rax) - ... - -Disassembly of section .eh_frame: - -0000000000002048 <__FRAME_END__-0xa8>: - 2048: 14 00 adc $0x0,%al - 204a: 00 00 add %al,(%rax) - 204c: 00 00 add %al,(%rax) - 204e: 00 00 add %al,(%rax) - 2050: 01 7a 52 add %edi,0x52(%rdx) - 2053: 00 01 add %al,(%rcx) - 2055: 78 10 js 2067 <__GNU_EH_FRAME_HDR+0x53> - 2057: 01 1b add %ebx,(%rbx) - 2059: 0c 07 or $0x7,%al - 205b: 08 90 01 00 00 14 or %dl,0x14000001(%rax) - 2061: 00 00 add %al,(%rax) - 2063: 00 1c 00 add %bl,(%rax,%rax,1) - 2066: 00 00 add %al,(%rax) - 2068: f8 clc - 2069: ef out %eax,(%dx) - 206a: ff (bad) - 206b: ff 26 jmp *(%rsi) - 206d: 00 00 add %al,(%rax) - 206f: 00 00 add %al,(%rax) - 2071: 44 07 rex.R (bad) - 2073: 10 00 adc %al,(%rax) - 2075: 00 00 add %al,(%rax) - 2077: 00 24 00 add %ah,(%rax,%rax,1) - 207a: 00 00 add %al,(%rax) - 207c: 34 00 xor $0x0,%al - 207e: 00 00 add %al,(%rax) - 2080: a0 ef ff ff 20 00 00 movabs 0x20ffffef,%al - 2087: 00 00 - 2089: 0e (bad) - 208a: 10 46 0e adc %al,0xe(%rsi) - 208d: 18 4a 0f sbb %cl,0xf(%rdx) - 2090: 0b 77 08 or 0x8(%rdi),%esi - 2093: 80 00 3f addb $0x3f,(%rax) - 2096: 1a 3a sbb (%rdx),%bh - 2098: 2a 33 sub (%rbx),%dh - 209a: 24 22 and $0x22,%al - 209c: 00 00 add %al,(%rax) - 209e: 00 00 add %al,(%rax) - 20a0: 14 00 adc $0x0,%al - 20a2: 00 00 add %al,(%rax) - 20a4: 5c pop %rsp - 20a5: 00 00 add %al,(%rax) - 20a7: 00 98 ef ff ff 10 add %bl,0x10ffffef(%rax) - ... - 20b5: 00 00 add %al,(%rax) - 20b7: 00 14 00 add %dl,(%rax,%rax,1) - 20ba: 00 00 add %al,(%rax) - 20bc: 74 00 je 20be <__GNU_EH_FRAME_HDR+0xaa> - 20be: 00 00 add %al,(%rax) - 20c0: 90 nop - 20c1: ef out %eax,(%dx) - 20c2: ff (bad) - 20c3: ff 10 call *(%rax) - ... - 20cd: 00 00 add %al,(%rax) - 20cf: 00 1c 00 add %bl,(%rax,%rax,1) - 20d2: 00 00 add %al,(%rax) - 20d4: 8c 00 mov %es,(%rax) - 20d6: 00 00 add %al,(%rax) - 20d8: 71 f0 jno 20ca <__GNU_EH_FRAME_HDR+0xb6> - 20da: ff (bad) - 20db: ff 1b lcall *(%rbx) - 20dd: 00 00 add %al,(%rax) - 20df: 00 00 add %al,(%rax) - 20e1: 45 0e rex.RB (bad) - 20e3: 10 86 02 43 0d 06 adc %al,0x60d4302(%rsi) - 20e9: 52 push %rdx - 20ea: 0c 07 or $0x7,%al - 20ec: 08 00 or %al,(%rax) - ... - -00000000000020f0 <__FRAME_END__>: - 20f0: 00 00 add %al,(%rax) - ... - -Disassembly of section .init_array: - -0000000000003db8 <__frame_dummy_init_array_entry>: - 3db8: 40 11 00 rex adc %eax,(%rax) - 3dbb: 00 00 add %al,(%rax) - 3dbd: 00 00 add %al,(%rax) - ... - -Disassembly of section .fini_array: - -0000000000003dc0 <__do_global_dtors_aux_fini_array_entry>: - 3dc0: 00 11 add %dl,(%rcx) - 3dc2: 00 00 add %al,(%rax) - 3dc4: 00 00 add %al,(%rax) - ... - -Disassembly of section .dynamic: - -0000000000003dc8 <_DYNAMIC>: - 3dc8: 01 00 add %eax,(%rax) - 3dca: 00 00 add %al,(%rax) - 3dcc: 00 00 add %al,(%rax) - 3dce: 00 00 add %al,(%rax) - 3dd0: 27 (bad) - 3dd1: 00 00 add %al,(%rax) - 3dd3: 00 00 add %al,(%rax) - 3dd5: 00 00 add %al,(%rax) - 3dd7: 00 0c 00 add %cl,(%rax,%rax,1) - 3dda: 00 00 add %al,(%rax) - 3ddc: 00 00 add %al,(%rax) - 3dde: 00 00 add %al,(%rax) - 3de0: 00 10 add %dl,(%rax) - 3de2: 00 00 add %al,(%rax) - 3de4: 00 00 add %al,(%rax) - 3de6: 00 00 add %al,(%rax) - 3de8: 0d 00 00 00 00 or $0x0,%eax - 3ded: 00 00 add %al,(%rax) - 3def: 00 64 11 00 add %ah,0x0(%rcx,%rdx,1) - 3df3: 00 00 add %al,(%rax) - 3df5: 00 00 add %al,(%rax) - 3df7: 00 19 add %bl,(%rcx) - 3df9: 00 00 add %al,(%rax) - 3dfb: 00 00 add %al,(%rax) - 3dfd: 00 00 add %al,(%rax) - 3dff: 00 b8 3d 00 00 00 add %bh,0x3d(%rax) - 3e05: 00 00 add %al,(%rax) - 3e07: 00 1b add %bl,(%rbx) - 3e09: 00 00 add %al,(%rax) - 3e0b: 00 00 add %al,(%rax) - 3e0d: 00 00 add %al,(%rax) - 3e0f: 00 08 add %cl,(%rax) - 3e11: 00 00 add %al,(%rax) - 3e13: 00 00 add %al,(%rax) - 3e15: 00 00 add %al,(%rax) - 3e17: 00 1a add %bl,(%rdx) - 3e19: 00 00 add %al,(%rax) - 3e1b: 00 00 add %al,(%rax) - 3e1d: 00 00 add %al,(%rax) - 3e1f: 00 c0 add %al,%al - 3e21: 3d 00 00 00 00 cmp $0x0,%eax - 3e26: 00 00 add %al,(%rax) - 3e28: 1c 00 sbb $0x0,%al - 3e2a: 00 00 add %al,(%rax) - 3e2c: 00 00 add %al,(%rax) - 3e2e: 00 00 add %al,(%rax) - 3e30: 08 00 or %al,(%rax) - 3e32: 00 00 add %al,(%rax) - 3e34: 00 00 add %al,(%rax) - 3e36: 00 00 add %al,(%rax) - 3e38: f5 cmc - 3e39: fe (bad) - 3e3a: ff 6f 00 ljmp *0x0(%rdi) - 3e3d: 00 00 add %al,(%rax) - 3e3f: 00 b0 03 00 00 00 add %dh,0x3(%rax) - 3e45: 00 00 add %al,(%rax) - 3e47: 00 05 00 00 00 00 add %al,0x0(%rip) # 3e4d <_DYNAMIC+0x85> - 3e4d: 00 00 add %al,(%rax) - 3e4f: 00 80 04 00 00 00 add %al,0x4(%rax) - 3e55: 00 00 add %al,(%rax) - 3e57: 00 06 add %al,(%rsi) - 3e59: 00 00 add %al,(%rax) - 3e5b: 00 00 add %al,(%rax) - 3e5d: 00 00 add %al,(%rax) - 3e5f: 00 d8 add %bl,%al - 3e61: 03 00 add (%rax),%eax - 3e63: 00 00 add %al,(%rax) - 3e65: 00 00 add %al,(%rax) - 3e67: 00 0a add %cl,(%rdx) - 3e69: 00 00 add %al,(%rax) - 3e6b: 00 00 add %al,(%rax) - 3e6d: 00 00 add %al,(%rax) - 3e6f: 00 8d 00 00 00 00 add %cl,0x0(%rbp) - 3e75: 00 00 add %al,(%rax) - 3e77: 00 0b add %cl,(%rbx) - 3e79: 00 00 add %al,(%rax) - 3e7b: 00 00 add %al,(%rax) - 3e7d: 00 00 add %al,(%rax) - 3e7f: 00 18 add %bl,(%rax) - 3e81: 00 00 add %al,(%rax) - 3e83: 00 00 add %al,(%rax) - 3e85: 00 00 add %al,(%rax) - 3e87: 00 15 00 00 00 00 add %dl,0x0(%rip) # 3e8d <_DYNAMIC+0xc5> - ... - 3e95: 00 00 add %al,(%rax) - 3e97: 00 03 add %al,(%rbx) - 3e99: 00 00 add %al,(%rax) - 3e9b: 00 00 add %al,(%rax) - 3e9d: 00 00 add %al,(%rax) - 3e9f: 00 b8 3f 00 00 00 add %bh,0x3f(%rax) - 3ea5: 00 00 add %al,(%rax) - 3ea7: 00 02 add %al,(%rdx) - 3ea9: 00 00 add %al,(%rax) - 3eab: 00 00 add %al,(%rax) - 3ead: 00 00 add %al,(%rax) - 3eaf: 00 18 add %bl,(%rax) - 3eb1: 00 00 add %al,(%rax) - 3eb3: 00 00 add %al,(%rax) - 3eb5: 00 00 add %al,(%rax) - 3eb7: 00 14 00 add %dl,(%rax,%rax,1) - 3eba: 00 00 add %al,(%rax) - 3ebc: 00 00 add %al,(%rax) - 3ebe: 00 00 add %al,(%rax) - 3ec0: 07 (bad) - 3ec1: 00 00 add %al,(%rax) - 3ec3: 00 00 add %al,(%rax) - 3ec5: 00 00 add %al,(%rax) - 3ec7: 00 17 add %dl,(%rdi) - 3ec9: 00 00 add %al,(%rax) - 3ecb: 00 00 add %al,(%rax) - 3ecd: 00 00 add %al,(%rax) - 3ecf: 00 10 add %dl,(%rax) - 3ed1: 06 (bad) - 3ed2: 00 00 add %al,(%rax) - 3ed4: 00 00 add %al,(%rax) - 3ed6: 00 00 add %al,(%rax) - 3ed8: 07 (bad) - 3ed9: 00 00 add %al,(%rax) - 3edb: 00 00 add %al,(%rax) - 3edd: 00 00 add %al,(%rax) - 3edf: 00 50 05 add %dl,0x5(%rax) - 3ee2: 00 00 add %al,(%rax) - 3ee4: 00 00 add %al,(%rax) - 3ee6: 00 00 add %al,(%rax) - 3ee8: 08 00 or %al,(%rax) - 3eea: 00 00 add %al,(%rax) - 3eec: 00 00 add %al,(%rax) - 3eee: 00 00 add %al,(%rax) - 3ef0: c0 00 00 rolb $0x0,(%rax) - 3ef3: 00 00 add %al,(%rax) - 3ef5: 00 00 add %al,(%rax) - 3ef7: 00 09 add %cl,(%rcx) - 3ef9: 00 00 add %al,(%rax) - 3efb: 00 00 add %al,(%rax) - 3efd: 00 00 add %al,(%rax) - 3eff: 00 18 add %bl,(%rax) - 3f01: 00 00 add %al,(%rax) - 3f03: 00 00 add %al,(%rax) - 3f05: 00 00 add %al,(%rax) - 3f07: 00 1e add %bl,(%rsi) - 3f09: 00 00 add %al,(%rax) - 3f0b: 00 00 add %al,(%rax) - 3f0d: 00 00 add %al,(%rax) - 3f0f: 00 08 add %cl,(%rax) - 3f11: 00 00 add %al,(%rax) - 3f13: 00 00 add %al,(%rax) - 3f15: 00 00 add %al,(%rax) - 3f17: 00 fb add %bh,%bl - 3f19: ff (bad) - 3f1a: ff 6f 00 ljmp *0x0(%rdi) - 3f1d: 00 00 add %al,(%rax) - 3f1f: 00 01 add %al,(%rcx) - 3f21: 00 00 add %al,(%rax) - 3f23: 08 00 or %al,(%rax) - 3f25: 00 00 add %al,(%rax) - 3f27: 00 fe add %bh,%dh - 3f29: ff (bad) - 3f2a: ff 6f 00 ljmp *0x0(%rdi) - 3f2d: 00 00 add %al,(%rax) - 3f2f: 00 20 add %ah,(%rax) - 3f31: 05 00 00 00 00 add $0x0,%eax - 3f36: 00 00 add %al,(%rax) - 3f38: ff (bad) - 3f39: ff (bad) - 3f3a: ff 6f 00 ljmp *0x0(%rdi) - 3f3d: 00 00 add %al,(%rax) - 3f3f: 00 01 add %al,(%rcx) - 3f41: 00 00 add %al,(%rax) - 3f43: 00 00 add %al,(%rax) - 3f45: 00 00 add %al,(%rax) - 3f47: 00 f0 add %dh,%al - 3f49: ff (bad) - 3f4a: ff 6f 00 ljmp *0x0(%rdi) - 3f4d: 00 00 add %al,(%rax) - 3f4f: 00 0e add %cl,(%rsi) - 3f51: 05 00 00 00 00 add $0x0,%eax - 3f56: 00 00 add %al,(%rax) - 3f58: f9 stc - 3f59: ff (bad) - 3f5a: ff 6f 00 ljmp *0x0(%rdi) - 3f5d: 00 00 add %al,(%rax) - 3f5f: 00 03 add %al,(%rbx) - ... - -Disassembly of section .got: - -0000000000003fb8 <_GLOBAL_OFFSET_TABLE_>: - 3fb8: c8 3d 00 00 enter $0x3d,$0x0 - ... - 3fd0: 30 10 xor %dl,(%rax) - ... - -Disassembly of section .data: - -0000000000004000 <__data_start>: - ... - -0000000000004008 <__dso_handle>: - 4008: 08 40 00 or %al,0x0(%rax) - 400b: 00 00 add %al,(%rax) - 400d: 00 00 add %al,(%rax) - ... - -Disassembly of section .bss: - -0000000000004010 : - ... - -Disassembly of section .comment: - -0000000000000000 <.comment>: - 0: 47 rex.RXB - 1: 43 rex.XB - 2: 43 3a 20 rex.XB cmp (%r8),%spl - 5: 28 55 62 sub %dl,0x62(%rbp) - 8: 75 6e jne 78 <__abi_tag-0x314> - a: 74 75 je 81 <__abi_tag-0x30b> - c: 20 31 and %dh,(%rcx) - e: 30 2e xor %ch,(%rsi) - 10: 35 2e 30 2d 31 xor $0x312d302e,%eax - 15: 75 62 jne 79 <__abi_tag-0x313> - 17: 75 6e jne 87 <__abi_tag-0x305> - 19: 74 75 je 90 <__abi_tag-0x2fc> - 1b: 31 7e 32 xor %edi,0x32(%rsi) - 1e: 32 2e xor (%rsi),%ch - 20: 30 34 29 xor %dh,(%rcx,%rbp,1) - 23: 20 31 and %dh,(%rcx) - 25: 30 2e xor %ch,(%rsi) - 27: 35 .byte 0x35 - 28: 2e 30 00 cs xor %al,(%rax)