GanbaruTobi · June 9, 2022 20:35
diff --git a/main.rs b/main.rs
 use radius2::{Radius, RadiusOption};
 use radius2::state::State;
 use radius2::value::Value;

 fn scramble_sim(state: &mut State, args: &[Value]) -> Value { //ignore, not implemented yet

    state.concrete_value(1, 64)
 }

 fn getsecretnumber_sim(state: &mut State, args: &[Value]) -> Value { //ignore, not implemented yet

    state.concrete_value(1, 64)
 }

 fn main() {
    let options = [RadiusOption::Debug(true), RadiusOption::Sims(false)];
    let mut radius = Radius::new_with_options(Some("apk://tests/ooo.defcon2019.quals.veryandroidoso.apk"), &options);
    let mut state = radius.call_state(0x00026ac8);
    let scramble = radius.get_address("sym.Looo_defcon2019_quals_veryandroidoso_Solver.method.scramble_I_I").unwrap();
    let getsecretnumber = radius.get_address("sym.Looo_defcon2019_quals_veryandroidoso_Solver.method.getSecretNumber_I_I").unwrap();

    radius.simulate(scramble, scramble_sim);
    radius.simulate(getsecretnumber, getsecretnumber_sim);

    let bv1 = state.symbolic_value("var1", 32);
    let bv2 = state.symbolic_value("var2", 32);
    let bv3 = state.symbolic_value("var3", 32);
    let bv4 = state.symbolic_value("var4", 32);
    let bv5 = state.symbolic_value("var5", 32);
    let bv6 = state.symbolic_value("var6", 32);
    let bv7 = state.symbolic_value("var7", 32);
    let bv8 = state.symbolic_value("var8", 32);
    let bv9 = state.symbolic_value("var9", 32);
    
    state.registers.set("v16", bv1.clone());
    state.registers.set("v17", bv2.clone());
    state.registers.set("v18", bv3.clone());
    state.registers.set("v19", bv4.clone());
    state.registers.set("v20", bv5.clone());
    state.registers.set("v21", bv6.clone());
    state.registers.set("v22", bv7.clone());
    state.registers.set("v23", bv8.clone());
    state.registers.set("v24", bv9.clone());

    let mut new_state = radius.run_until(state, 0x00026b08, &[]).unwrap();
 }
	use radius2::{Radius, RadiusOption};
	use radius2::state::State;
	use radius2::value::Value;

	fn scramble_sim(state: &mut State, args: &[Value]) -> Value { //ignore, not implemented yet

	state.concrete_value(1, 64)
	}

	fn getsecretnumber_sim(state: &mut State, args: &[Value]) -> Value { //ignore, not implemented yet

	state.concrete_value(1, 64)
	}

	fn main() {
	let options = [RadiusOption::Debug(true), RadiusOption::Sims(false)];
	let mut radius = Radius::new_with_options(Some("apk://tests/ooo.defcon2019.quals.veryandroidoso.apk"), &options);
	let mut state = radius.call_state(0x00026ac8);
	let scramble = radius.get_address("sym.Looo_defcon2019_quals_veryandroidoso_Solver.method.scramble_I_I").unwrap();
	let getsecretnumber = radius.get_address("sym.Looo_defcon2019_quals_veryandroidoso_Solver.method.getSecretNumber_I_I").unwrap();

	radius.simulate(scramble, scramble_sim);
	radius.simulate(getsecretnumber, getsecretnumber_sim);

	let bv1 = state.symbolic_value("var1", 32);
	let bv2 = state.symbolic_value("var2", 32);
	let bv3 = state.symbolic_value("var3", 32);
	let bv4 = state.symbolic_value("var4", 32);
	let bv5 = state.symbolic_value("var5", 32);
	let bv6 = state.symbolic_value("var6", 32);
	let bv7 = state.symbolic_value("var7", 32);
	let bv8 = state.symbolic_value("var8", 32);
	let bv9 = state.symbolic_value("var9", 32);

	state.registers.set("v16", bv1.clone());
	state.registers.set("v17", bv2.clone());
	state.registers.set("v18", bv3.clone());
	state.registers.set("v19", bv4.clone());
	state.registers.set("v20", bv5.clone());
	state.registers.set("v21", bv6.clone());
	state.registers.set("v22", bv7.clone());
	state.registers.set("v23", bv8.clone());
	state.registers.set("v24", bv9.clone());

	let mut new_state = radius.run_until(state, 0x00026b08, &[]).unwrap();
	}