Main Func() in assembly. (rasm2 is used)
Let’s use ghidra to better understand a program.
These code are translated in C from assembly.
This is a simple authentication program with scanf() and strcmp().
- The first scanf() compares with scanf(local_28, &DAT_00400a82).
- Then it checks with strcmp(local_28,local_10).
We can assume that there is user input field being rendered by the program and filtered by an algorithm of a function.
Eye cacthing variable is local_10 defined was “SuperSekretKey”.
strcmp(local_28,local_10) is essentially a simple comparison if user input was “SuperSekretKey”
Now we passed the first gate! :)
The following strcmp(local_28,__s2) seems to mean something. because __s2 derives from FUN_0040078d.
Have a look.
What is this?
Your head is all caught up too much with these nonsensical looking variables and operations!
How about we go back?
What we understand this FUN_0040078d do is that returns pvVar3.
Will this variable be used again?
Let’s go back in our main function.
We see this FUN_00400978 at the end.
local_48 is a parameter of the function. 0x41 = ‘A’
Let’s have a look.
This function does not refer any variable from outside functions.
So, pvVar3 from FUN_0040078d is not used. Okay.
function parameter is ‘A’ because it was local_10 = 0x41 at main().
Note that local_10 is a pointer.
Do you remember 20 variables from main() ?
The pointer points to the array of those…
We observe two major works here.
- XOR operation in put char((int)(char)(*local_10 ^ 9)
- Operation is repeated 14 times, while ((*local != 9 && (local_14 < 0x14))
Basically, the loop condition is
- As long as the value pointed by the pointer is not 9
- until local_14 is 20 (10)
I reworte the code in python just for why-not.
I left the code so you guys can still practice and understand what this code does.
Thank you for reading!