Skip to content

Instantly share code, notes, and snippets.

@aharisu

aharisu/gist:3803433

Created September 29, 2012 07:33
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save aharisu/3803433 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save aharisu/3803433 to your computer and use it in GitHub Desktop.
Download ZIP
objdump -d csaw2012reversing
Raw
gistfile1.txt
csaw2012reversing: file format elf64-x86-64
Disassembly of section .init:
0000000000400460 <_init>:
400460: 48 83 ec 08 sub $0x8,%rsp
400464: e8 93 00 00 00 callq 4004fc <call_gmon_start>
400469: e8 22 01 00 00 callq 400590 <frame_dummy>
40046e: e8 3d 03 00 00 callq 4007b0 <__do_global_ctors_aux>
400473: 48 83 c4 08 add $0x8,%rsp
400477: c3 retq
Disassembly of section .plt:
0000000000400480 <__stack_chk_fail@plt-0x10>:
400480: ff 35 6a 0b 20 00 pushq 0x200b6a(%rip) # 600ff0 <_GLOBAL_OFFSET_TABLE_+0x8>
400486: ff 25 6c 0b 20 00 jmpq *0x200b6c(%rip) # 600ff8 <_GLOBAL_OFFSET_TABLE_+0x10>
40048c: 0f 1f 40 00 nopl 0x0(%rax)
0000000000400490 <__stack_chk_fail@plt>:
400490: ff 25 6a 0b 20 00 jmpq *0x200b6a(%rip) # 601000 <_GLOBAL_OFFSET_TABLE_+0x18>
400496: 68 00 00 00 00 pushq $0x0
40049b: e9 e0 ff ff ff jmpq 400480 <_init+0x20>
00000000004004a0 <printf@plt>:
4004a0: ff 25 62 0b 20 00 jmpq *0x200b62(%rip) # 601008 <_GLOBAL_OFFSET_TABLE_+0x20>
4004a6: 68 01 00 00 00 pushq $0x1
4004ab: e9 d0 ff ff ff jmpq 400480 <_init+0x20>
00000000004004b0 <__libc_start_main@plt>:
4004b0: ff 25 5a 0b 20 00 jmpq *0x200b5a(%rip) # 601010 <_GLOBAL_OFFSET_TABLE_+0x28>
4004b6: 68 02 00 00 00 pushq $0x2
4004bb: e9 c0 ff ff ff jmpq 400480 <_init+0x20>
00000000004004c0 <exit@plt>:
4004c0: ff 25 52 0b 20 00 jmpq *0x200b52(%rip) # 601018 <_GLOBAL_OFFSET_TABLE_+0x30>
4004c6: 68 03 00 00 00 pushq $0x3
4004cb: e9 b0 ff ff ff jmpq 400480 <_init+0x20>
Disassembly of section .text:
00000000004004d0 <_start>:
4004d0: 31 ed xor %ebp,%ebp
4004d2: 49 89 d1 mov %rdx,%r9
4004d5: 5e pop %rsi
4004d6: 48 89 e2 mov %rsp,%rdx
4004d9: 48 83 e4 f0 and $0xfffffffffffffff0,%rsp
4004dd: 50 push %rax
4004de: 54 push %rsp
4004df: 49 c7 c0 a0 07 40 00 mov $0x4007a0,%r8
4004e6: 48 c7 c1 10 07 40 00 mov $0x400710,%rcx
4004ed: 48 c7 c7 2e 06 40 00 mov $0x40062e,%rdi
4004f4: e8 b7 ff ff ff callq 4004b0 <__libc_start_main@plt>
4004f9: f4 hlt
4004fa: 90 nop
4004fb: 90 nop
00000000004004fc <call_gmon_start>:
4004fc: 48 83 ec 08 sub $0x8,%rsp
400500: 48 8b 05 d9 0a 20 00 mov 0x200ad9(%rip),%rax # 600fe0 <_DYNAMIC+0x190>
400507: 48 85 c0 test %rax,%rax
40050a: 74 02 je 40050e <call_gmon_start+0x12>
40050c: ff d0 callq *%rax
40050e: 48 83 c4 08 add $0x8,%rsp
400512: c3 retq
400513: 90 nop
400514: 90 nop
400515: 90 nop
400516: 90 nop
400517: 90 nop
400518: 90 nop
400519: 90 nop
40051a: 90 nop
40051b: 90 nop
40051c: 90 nop
40051d: 90 nop
40051e: 90 nop
40051f: 90 nop
0000000000400520 <__do_global_dtors_aux>:
400520: 55 push %rbp
400521: 48 89 e5 mov %rsp,%rbp
400524: 53 push %rbx
400525: 48 83 ec 08 sub $0x8,%rsp
400529: 80 3d 00 0b 20 00 00 cmpb $0x0,0x200b00(%rip) # 601030 <__bss_start>
400530: 75 4b jne 40057d <__do_global_dtors_aux+0x5d>
400532: bb 40 0e 60 00 mov $0x600e40,%ebx
400537: 48 8b 05 fa 0a 20 00 mov 0x200afa(%rip),%rax # 601038 <dtor_idx.6533>
40053e: 48 81 eb 38 0e 60 00 sub $0x600e38,%rbx
400545: 48 c1 fb 03 sar $0x3,%rbx
400549: 48 83 eb 01 sub $0x1,%rbx
40054d: 48 39 d8 cmp %rbx,%rax
400550: 73 24 jae 400576 <__do_global_dtors_aux+0x56>
400552: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1)
400558: 48 83 c0 01 add $0x1,%rax
40055c: 48 89 05 d5 0a 20 00 mov %rax,0x200ad5(%rip) # 601038 <dtor_idx.6533>
400563: ff 14 c5 38 0e 60 00 callq *0x600e38(,%rax,8)
40056a: 48 8b 05 c7 0a 20 00 mov 0x200ac7(%rip),%rax # 601038 <dtor_idx.6533>
400571: 48 39 d8 cmp %rbx,%rax
400574: 72 e2 jb 400558 <__do_global_dtors_aux+0x38>
400576: c6 05 b3 0a 20 00 01 movb $0x1,0x200ab3(%rip) # 601030 <__bss_start>
40057d: 48 83 c4 08 add $0x8,%rsp
400581: 5b pop %rbx
400582: 5d pop %rbp
400583: c3 retq
400584: 66 66 66 2e 0f 1f 84 nopw %cs:0x0(%rax,%rax,1)
40058b: 00 00 00 00 00
0000000000400590 <frame_dummy>:
400590: 48 83 3d b0 08 20 00 cmpq $0x0,0x2008b0(%rip) # 600e48 <__JCR_END__>
400597: 00
400598: 55 push %rbp
400599: 48 89 e5 mov %rsp,%rbp
40059c: 74 12 je 4005b0 <frame_dummy+0x20>
40059e: b8 00 00 00 00 mov $0x0,%eax
4005a3: 48 85 c0 test %rax,%rax
4005a6: 74 08 je 4005b0 <frame_dummy+0x20>
4005a8: 5d pop %rbp
4005a9: bf 48 0e 60 00 mov $0x600e48,%edi
4005ae: ff e0 jmpq *%rax
4005b0: 5d pop %rbp
4005b1: c3 retq
4005b2: 90 nop
4005b3: 90 nop
00000000004005b4 <done>:
4005b4: 55 push %rbp
4005b5: 48 89 e5 mov %rsp,%rbp
4005b8: 48 83 ec 10 sub $0x10,%rsp
4005bc: 89 7d fc mov %edi,-0x4(%rbp)
4005bf: 8b 45 fc mov -0x4(%rbp),%eax
4005c2: 89 c7 mov %eax,%edi
4005c4: e8 f7 fe ff ff callq 4004c0 <exit@plt>
00000000004005c9 <encrypt>:
4005c9: 55 push %rbp
4005ca: 48 89 e5 mov %rsp,%rbp
4005cd: 48 89 7d e8 mov %rdi,-0x18(%rbp)
4005d1: c7 45 fc 00 00 00 00 movl $0x0,-0x4(%rbp)
4005d8: eb 09 jmp 4005e3 <encrypt+0x1a>
4005da: 48 83 45 e8 01 addq $0x1,-0x18(%rbp)
4005df: 83 45 fc 01 addl $0x1,-0x4(%rbp)
4005e3: 48 8b 45 e8 mov -0x18(%rbp),%rax
4005e7: 0f b6 00 movzbl (%rax),%eax
4005ea: 84 c0 test %al,%al
4005ec: 75 ec jne 4005da <encrypt+0x11>
4005ee: 8b 45 fc mov -0x4(%rbp),%eax
4005f1: 5d pop %rbp
4005f2: c3 retq
00000000004005f3 <decrypt>:
4005f3: 55 push %rbp
4005f4: 48 89 e5 mov %rsp,%rbp
4005f7: 48 89 7d e8 mov %rdi,-0x18(%rbp)
4005fb: c7 45 fc 00 00 00 00 movl $0x0,-0x4(%rbp)
400602: eb 1a jmp 40061e <decrypt+0x2b>
400604: 48 8b 45 e8 mov -0x18(%rbp),%rax
400608: 0f b6 00 movzbl (%rax),%eax
40060b: 89 c2 mov %eax,%edx
40060d: f7 d2 not %edx
40060f: 48 8b 45 e8 mov -0x18(%rbp),%rax
400613: 88 10 mov %dl,(%rax)
400615: 48 83 45 e8 01 addq $0x1,-0x18(%rbp)
40061a: 83 45 fc 01 addl $0x1,-0x4(%rbp)
40061e: 48 8b 45 e8 mov -0x18(%rbp),%rax
400622: 0f b6 00 movzbl (%rax),%eax
400625: 84 c0 test %al,%al
400627: 75 db jne 400604 <decrypt+0x11>
400629: 8b 45 fc mov -0x4(%rbp),%eax
40062c: 5d pop %rbp
40062d: c3 retq
000000000040062e <main>:
40062e: 55 push %rbp
40062f: 48 89 e5 mov %rsp,%rbp
400632: 48 83 ec 40 sub $0x40,%rsp
400636: 89 7d dc mov %edi,-0x24(%rbp)
400639: 48 89 75 d0 mov %rsi,-0x30(%rbp)
40063d: 48 89 55 c8 mov %rdx,-0x38(%rbp)
400641: 64 48 8b 04 25 28 00 mov %fs:0x28,%rax
400648: 00 00
40064a: 48 89 45 f8 mov %rax,-0x8(%rbp)
40064e: 31 c0 xor %eax,%eax
400650: c6 45 e0 9c movb $0x9c,-0x20(%rbp)
400654: c6 45 e1 8c movb $0x8c,-0x1f(%rbp)
400658: c6 45 e2 9e movb $0x9e,-0x1e(%rbp)
40065c: c6 45 e3 88 movb $0x88,-0x1d(%rbp)
400660: c6 45 e4 96 movb $0x96,-0x1c(%rbp)
400664: c6 45 e5 8c movb $0x8c,-0x1b(%rbp)
400668: c6 45 e6 8c movb $0x8c,-0x1a(%rbp)
40066c: c6 45 e7 90 movb $0x90,-0x19(%rbp)
400670: c6 45 e8 97 movb $0x97,-0x18(%rbp)
400674: c6 45 e9 9e movb $0x9e,-0x17(%rbp)
400678: c6 45 ea 8d movb $0x8d,-0x16(%rbp)
40067c: c6 45 eb 9b movb $0x9b,-0x15(%rbp)
400680: c6 45 ec a0 movb $0xa0,-0x14(%rbp)
400684: c6 45 ed a0 movb $0xa0,-0x13(%rbp)
400688: c6 45 ee c5 movb $0xc5,-0x12(%rbp)
40068c: c6 45 ef d7 movb $0xd7,-0x11(%rbp)
400690: c6 45 f0 00 movb $0x0,-0x10(%rbp)
400694: 48 8d 45 e0 lea -0x20(%rbp),%rax
400698: 48 89 c7 mov %rax,%rdi
40069b: e8 29 ff ff ff callq 4005c9 <encrypt>
4006a0: b8 fc 07 40 00 mov $0x4007fc,%eax
4006a5: 48 8d 55 e0 lea -0x20(%rbp),%rdx
4006a9: 48 89 d6 mov %rdx,%rsi
4006ac: 48 89 c7 mov %rax,%rdi
4006af: b8 00 00 00 00 mov $0x0,%eax
4006b4: e8 e7 fd ff ff callq 4004a0 <printf@plt>
4006b9: bf ff ff ff ff mov $0xffffffff,%edi
4006be: e8 f1 fe ff ff callq 4005b4 <done>
4006c3: 48 8d 45 e0 lea -0x20(%rbp),%rax
4006c7: 48 89 c7 mov %rax,%rdi
4006ca: e8 24 ff ff ff callq 4005f3 <decrypt>
4006cf: b8 10 08 40 00 mov $0x400810,%eax
4006d4: 48 8d 55 e0 lea -0x20(%rbp),%rdx
4006d8: 48 89 d6 mov %rdx,%rsi
4006db: 48 89 c7 mov %rax,%rdi
4006de: b8 00 00 00 00 mov $0x0,%eax
4006e3: e8 b8 fd ff ff callq 4004a0 <printf@plt>
4006e8: bf 00 00 00 00 mov $0x0,%edi
4006ed: e8 c2 fe ff ff callq 4005b4 <done>
4006f2: 48 8b 55 f8 mov -0x8(%rbp),%rdx
4006f6: 64 48 33 14 25 28 00 xor %fs:0x28,%rdx
4006fd: 00 00
4006ff: 74 05 je 400706 <main+0xd8>
400701: e8 8a fd ff ff callq 400490 <__stack_chk_fail@plt>
400706: c9 leaveq
400707: c3 retq
400708: 90 nop
400709: 90 nop
40070a: 90 nop
40070b: 90 nop
40070c: 90 nop
40070d: 90 nop
40070e: 90 nop
40070f: 90 nop
0000000000400710 <__libc_csu_init>:
400710: 48 89 6c 24 d8 mov %rbp,-0x28(%rsp)
400715: 4c 89 64 24 e0 mov %r12,-0x20(%rsp)
40071a: 48 8d 2d 03 07 20 00 lea 0x200703(%rip),%rbp # 600e24 <__init_array_end>
400721: 4c 8d 25 fc 06 20 00 lea 0x2006fc(%rip),%r12 # 600e24 <__init_array_end>
400728: 4c 89 6c 24 e8 mov %r13,-0x18(%rsp)
40072d: 4c 89 74 24 f0 mov %r14,-0x10(%rsp)
400732: 4c 89 7c 24 f8 mov %r15,-0x8(%rsp)
400737: 48 89 5c 24 d0 mov %rbx,-0x30(%rsp)
40073c: 48 83 ec 38 sub $0x38,%rsp
400740: 4c 29 e5 sub %r12,%rbp
400743: 41 89 fd mov %edi,%r13d
400746: 49 89 f6 mov %rsi,%r14
400749: 48 c1 fd 03 sar $0x3,%rbp
40074d: 49 89 d7 mov %rdx,%r15
400750: e8 0b fd ff ff callq 400460 <_init>
400755: 48 85 ed test %rbp,%rbp
400758: 74 1c je 400776 <__libc_csu_init+0x66>
40075a: 31 db xor %ebx,%ebx
40075c: 0f 1f 40 00 nopl 0x0(%rax)
400760: 4c 89 fa mov %r15,%rdx
400763: 4c 89 f6 mov %r14,%rsi
400766: 44 89 ef mov %r13d,%edi
400769: 41 ff 14 dc callq *(%r12,%rbx,8)
40076d: 48 83 c3 01 add $0x1,%rbx
400771: 48 39 eb cmp %rbp,%rbx
400774: 75 ea jne 400760 <__libc_csu_init+0x50>
400776: 48 8b 5c 24 08 mov 0x8(%rsp),%rbx
40077b: 48 8b 6c 24 10 mov 0x10(%rsp),%rbp
400780: 4c 8b 64 24 18 mov 0x18(%rsp),%r12
400785: 4c 8b 6c 24 20 mov 0x20(%rsp),%r13
40078a: 4c 8b 74 24 28 mov 0x28(%rsp),%r14
40078f: 4c 8b 7c 24 30 mov 0x30(%rsp),%r15
400794: 48 83 c4 38 add $0x38,%rsp
400798: c3 retq
400799: 0f 1f 80 00 00 00 00 nopl 0x0(%rax)
00000000004007a0 <__libc_csu_fini>:
4007a0: f3 c3 repz retq
4007a2: 90 nop
4007a3: 90 nop
4007a4: 90 nop
4007a5: 90 nop
4007a6: 90 nop
4007a7: 90 nop
4007a8: 90 nop
4007a9: 90 nop
4007aa: 90 nop
4007ab: 90 nop
4007ac: 90 nop
4007ad: 90 nop
4007ae: 90 nop
4007af: 90 nop
00000000004007b0 <__do_global_ctors_aux>:
4007b0: 55 push %rbp
4007b1: 48 89 e5 mov %rsp,%rbp
4007b4: 53 push %rbx
4007b5: 48 83 ec 08 sub $0x8,%rsp
4007b9: 48 8b 05 68 06 20 00 mov 0x200668(%rip),%rax # 600e28 <__CTOR_LIST__>
4007c0: 48 83 f8 ff cmp $0xffffffffffffffff,%rax
4007c4: 74 19 je 4007df <__do_global_ctors_aux+0x2f>
4007c6: bb 28 0e 60 00 mov $0x600e28,%ebx
4007cb: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1)
4007d0: 48 83 eb 08 sub $0x8,%rbx
4007d4: ff d0 callq *%rax
4007d6: 48 8b 03 mov (%rbx),%rax
4007d9: 48 83 f8 ff cmp $0xffffffffffffffff,%rax
4007dd: 75 f1 jne 4007d0 <__do_global_ctors_aux+0x20>
4007df: 48 83 c4 08 add $0x8,%rsp
4007e3: 5b pop %rbx
4007e4: 5d pop %rbp
4007e5: c3 retq
4007e6: 90 nop
4007e7: 90 nop
Disassembly of section .fini:
00000000004007e8 <_fini>:
4007e8: 48 83 ec 08 sub $0x8,%rsp
4007ec: e8 2f fd ff ff callq 400520 <__do_global_dtors_aux>
4007f1: 48 83 c4 08 add $0x8,%rsp
4007f5: c3 retq
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment