Skip to content

Instantly share code, notes, and snippets.

@francorbacho

francorbacho/decompiled-chat_udc.c

Last active March 31, 2023 12:30
Show Gist options
  • Save francorbacho/642fdfc8968da1f202136e98bd605568 to your computer and use it in GitHub Desktop.
Save francorbacho/642fdfc8968da1f202136e98bd605568 to your computer and use it in GitHub Desktop.
Download ZIP
Decompiled binary from C3TF/PWN/ChatUDC
Raw
decompiled-chat_udc.c
void _init()
{
if (__gmon_start__ != 0)
{
__gmon_start__();
}
}
int64_t sub_401020()
{
int64_t var_8 = data_404008;
/* jump -> data_404010 */
}
int64_t sub_401030()
{
int64_t var_8 = 0;
/* tailcall */
return sub_401020();
}
int64_t sub_401040()
{
int64_t var_8 = 1;
/* tailcall */
return sub_401020();
}
int64_t sub_401050()
{
int64_t var_8 = 2;
/* tailcall */
return sub_401020();
}
int32_t puts(char const* str)
{
/* tailcall */
return puts(str);
}
int32_t fflush(FILE* fp)
{
/* tailcall */
return fflush(fp);
}
int32_t __isoc99_scanf(char const* format, ...)
{
/* tailcall */
return __isoc99_scanf();
}
int64_t _start(int64_t arg1, int64_t arg2, void (* arg3)()) __noreturn
{
int64_t rax;
int64_t var_8 = rax;
__libc_start_main(main, __return_addr, &arg_8, __libc_csu_init, __libc_csu_fini, arg3, &var_8);
/* no return */
}
int64_t _dl_relocate_static_pie()
{
return;
}
void deregister_tm_clones()
{
return;
}
void register_tm_clones()
{
return;
}
void __do_global_dtors_aux()
{
if (completed.8061 != 0)
{
return;
}
deregister_tm_clones();
completed.8061 = 1;
}
int64_t frame_dummy()
{
/* tailcall */
return register_tm_clones();
}
int64_t do_nothing()
{
int64_t rbp;
int64_t var_8 = rbp;
int32_t rdi;
int32_t var_c = rdi;
}
int64_t sub_401187(int64_t* arg1 @ rbp)
{
*arg1;
return puts("/bin/sh");
}
int64_t print_msg(char* arg1, char* arg2)
{
puts(arg1);
fflush(stdout);
void var_38;
__isoc99_scanf(&data_40200c, &var_38);
puts(arg2);
fflush(stdout);
return 1;
}
int32_t main(int32_t argc, char** argv, char** envp)
{
int64_t var_d8 = 0x6f53202e616c6f48;
int64_t var_d0 = 0x4455746168432079;
int64_t var_c8 = 0x206544bfc2202e43;
int64_t var_c0 = 0x69757120a9c37571;
int64_t var_b8 = 0x6261682073657265;
int64_t var_b0 = 0x3f796f682072616c;
int64_t var_a8 = 0;
int64_t var_a0 = 0;
int64_t var_98 = 0;
int64_t var_90 = 0;
int64_t var_88 = 0;
int64_t var_80 = 0;
int64_t var_78 = 0;
int64_t var_70 = 0;
int64_t var_68 = 0;
int64_t var_60 = 0;
int64_t var_58 = 0;
int64_t var_50 = 0;
int64_t var_48 = 0;
int64_t var_40 = 0;
int64_t var_38 = 0;
int64_t var_30 = 0;
int64_t var_28 = 0;
int64_t var_20 = 0;
int64_t var_18 = 0;
int64_t var_1a8 = 0x54203a524f525245;
int64_t var_1a0 = 0x52204f4e20414d45;
int64_t var_198 = 0x4449434f4e4f4345;
int64_t var_190 = 0x45494c4153202e4f;
int64_t var_188 = 0x204c4544204f444e;
int64_t var_180 = 0x414d4152474f5250;
int64_t var_178 = 0x2e2e2e;
int64_t var_170 = 0;
int64_t var_168 = 0;
int64_t var_160 = 0;
int64_t var_158 = 0;
int64_t var_150 = 0;
int64_t var_148 = 0;
int64_t var_140 = 0;
int64_t var_138 = 0;
int64_t var_130 = 0;
int64_t var_128 = 0;
int64_t var_120 = 0;
int64_t var_118 = 0;
int64_t var_110 = 0;
int64_t var_108 = 0;
int64_t var_100 = 0;
int64_t var_f8 = 0;
int64_t var_f0 = 0;
int64_t var_e8 = 0;
print_msg(&var_d8, &var_1a8);
return 1;
}
void __libc_csu_init()
{
_init();
int64_t rbx_1 = 0;
do
{
int64_t rdx;
int64_t rsi;
int32_t rdi;
*(&__init_array_start + (rbx_1 << 3))(rdi, rsi, rdx);
rbx_1 = (rbx_1 + 1);
} while (1 != rbx_1);
}
void __libc_csu_fini()
{
return;
}
int64_t _fini()
{
return;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment