-
Notifications
You must be signed in to change notification settings - Fork 163
/
get_key_x86.ini
121 lines (115 loc) · 2.59 KB
/
get_key_x86.ini
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
[analyzer]
unroll = 300
loglevel = 3
store_marshalled_cfa = true
out_marshalled_cfa_file = "cfa.out.marshal"
in_marshalled_cfa_file = "cfa.in.marshal"
ini_version = 4
analysis = forward_binary
analysis_ep = 0x93B
headers = "libc.no"
[program]
mode = protected
call_conv = cdecl
mem_sz = 32
op_sz = 32
stack_width = 32
architecture = x86
filepath = "../get_key/get_key_x86"
format = elf
[x86]
mem_model = flat
GDT[0] = 0x0000000000000000
GDT[1] = 0x0000000000000000
GDT[2] = 0x0000000000000000
GDT[3] = 0x0000000000000000
GDT[4] = 0x0000000000000000
GDT[5] = 0x0000000000000000
GDT[6] = 0x0000000000000000
GDT[7] = 0x0000000000000000
GDT[8] = 0x0000000000000000
GDT[9] = 0x0000000000000000
GDT[10] = 0x0000000000000000
GDT[11] = 0x0000000000000000
GDT[12] = 0x00cf9a000000ffff
GDT[13] = 0x00cf93000000ffff
GDT[14] = 0x00cffa000000ffff
GDT[15] = 0x00cff3000000ffff
GDT[16] = 0xc1008b598cc0206b
GDT[17] = 0x0000000000000000
GDT[18] = 0x00409a000000ffff
GDT[19] = 0x00009a000000ffff
GDT[20] = 0x000092000000ffff
GDT[21] = 0x0000920000000000
GDT[22] = 0x0000920000000000
GDT[23] = 0x00409a000000ffff
GDT[24] = 0x00009a000000ffff
GDT[25] = 0x004092000000ffff
GDT[26] = 0x00cf92000000ffff
GDT[27] = 0x00cf92000000ffff
GDT[28] = 0xc140915f7c800018
GDT[29] = 0x0000000000000000
GDT[30] = 0x0000000000000000
GDT[31] = 0xc1008958e000206b
cs = 0x73
ds = 0x7b
ss = 0x7b
es = 0x7b
fs = 0x00
gs = 0x33
[sections]
section[ph2] = 0x0, 0x26f0, 0x0, 0x26f0
section[ph3] = 0x3ee8, 0x14c, 0x2ee8, 0x148
[state]
reg[ac] = 0?1
reg[vif] = 0?1
reg[af] = 0?1
reg[zf] = 0?1
reg[edi] = 0?0xFFFFFFFF
reg[iopl] = 3
reg[cf] = 0?1
reg[vip] = 0?1
reg[ebp] = 0?0xFFFFFFFF
reg[edx] = 0?0xFFFFFFFF
reg[ebx] = 0?0xFFFFFFFF
reg[id] = 0?1
reg[if] = 0?1
reg[rf] = 0?1
reg[pf] = 0?1
reg[tf] = 0?1
reg[nt] = 0?1
reg[esi] = 0?0xFFFFFFFF
reg[df] = 0
reg[vm] = 0?1
reg[eax] = 0?0xFFFFFFFF
reg[ecx] = 0?0xFFFFFFFF
reg[of] = 0?1
reg[sf] = 0?1
reg[esp] = 0x2000
mem[0x1000*4099] = |00|?0xFF
mem[0x2004] = 5
mem[0x2008] = 0x200000
mem[0x200000] = 0x300100
mem[0x200004] = 0x300140
mem[0x200008] = 0x300180
mem[0x20000C] = 0x3001C0
mem[0x200010] = 0x300200
mem[0x300100] = |6c6f6c3300|
mem[0x300140] = |636f6d70616e7900|!0xFFFFFFFFFFFFFFFF
mem[0x300180] = |64657000|
mem[0x3001C0] = |6c6f6c3100|
mem[0x300200] = |6c6f6c2100|
[imports]
0x4040 = all,"memcpy"
0x4060 = all,"__gmon_start__"
0x4044 = all,"__cxa_finalize"
0x4048 = all,"fwrite"
0x405c = all,"_ITM_deregisterTMCloneTable"
0x404c = all,"puts"
0x4068 = all,"_ITM_registerTMCloneTable"
0x4050 = all,"exit"
0x4058 = all,"sprintf"
0x4054 = all,"__libc_start_main"
0x4038 = all,"printf"
0x4064 = all,"_Jv_RegisterClasses"
0x403c = all,"stderr"