pancake radare

## gist:f6f731199370013b289b
$ rasm2 -a arm -b 16 -D e8b1d0f80090b9f80cc0d9f808900cea010c09ebcc09d9f800c09cea010f02d1
0x00000000   2                     e8b1  cbz r0, 0x3e
0x00000002   4                 d0f80090  ldr.w sb, [r0]
0x00000006   4                 b9f80cc0  ldrh.w ip, [sb, 0xc]
0x0000000a   4                 d9f80890  ldr.w sb, [sb, 8]
0x0000000e   4                 0cea010c  and.w ip, ip, r1
0x00000012   4                 09ebcc09  add.w sb, sb, ip, lsl 3
0x00000016   4                 d9f800c0  ldr.w ip, [sb]
0x0000001a   4                 9cea010f  teq.w ip, r1
0x0000001e   2                     02d1  bne 0x26

## gist:7a98953de8f7d4b242ad
21:15 < pancake> looks like To*() methods have been deprecated in latest v8.. how can I replace them?
21:16 < caitp> you mean the "Use maybe version" deprecation warning?
21:16 < pancake> yes
21:16 < pancake> well, i dont get that warning i just get an undefined symbol
21:16 < pancake> which is a bit more anoying
21:17 < caitp> an undefined symbol, as in a linker error?
21:17 < pancake> node: symbol lookup error:
                 /home/pancake/Sync/private/frida-dumper/node_modules/frida/lib/binding/Release/node-v14-linux-x64/frida_binding.node: undefined
                 symbol: _ZNK2v85Value7ToInt32EPNS_7IsolateE
21:17 < pancake> yes

## gist:b2bab6a065b60f1bea79
> lets attach
/usr/bin/node: symbol lookup error: /home/pancake/Sync/private/frida-dumper/node_modules/frida/lib/binding/Release/node-v14-linux-x64/frida_binding.node: undefined symbol: _ZNK2v85Value9ToIntegerEPNS_7IsolateE

Breakpoint 1, _exit (status=127) at ../sysdeps/unix/sysv/linux/_exit.c:28
28      ../sysdeps/unix/sysv/linux/_exit.c: No such file or directory.
(gdb) bt
#0  _exit (status=127) at ../sysdeps/unix/sysv/linux/_exit.c:28
#1  0x00007ffff7de9e89 in _dl_signal_error (errcode=errcode@entry=0,
    objname=objname@entry=0xfc1920 "/home/pancake/Sync/private/frida-dumper/node_modules/frida/lib/binding/Release/node-v14-linux-x64/frida_binding.node", occation=occation@entry=0x7ffff7df65b8 "symbol lookup error",
    errstring=errstring@entry=0x7fffffffa150 "undefined symbol: _ZNK2v85Value9ToIntegerEPNS_7IsolateE")

## gist:60a0b89c874d37dcf75f
Sparc instructions not found in Capstone?
-----------------------------------------
RDPSR
RDWIM
RDTBR
WRPSR
WRWIM
WRTBR
RETT
LDA

## gist:fa86e9f2e35c25b34f97
```
tccgen.c: In function 'is_compatible_func':
tccgen.c:514:5: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
     if (FUNC_CALL(s1->r) != FUNC_CALL(s2->r))
     ^
tccgen.c:514:5: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
tccgen.c: In function 'parse_btype':
tccgen.c:1220:21: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
                     ad->aligned = FUNC_ALIGN(s->r);
                     ^

## gist:2805bd415688398d0023
$ r2 /tmp/tmpuT4fF8.fil
=================================================================
==6926==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61d00001c011 at pc 0x7f6add883c57 bp 0x7fffa5cd87a0 sp 0x7fffa5cd7f48
READ of size 11 at 0x61d00001c011 thread T0
    #0 0x7f6add883c56 in __interceptor_strncpy (/usr/lib/libasan.so.1+0x2ec56)
    #1 0x7f6adc7e50ee in Elf32_r_bin_elf_get_symbols /home/pancake/prg/radare2/libr/..//libr/bin/p/../format/elf/elf.c:1263
    #2 0x7f6adc7d3eac in symbols /home/pancake/prg/radare2/libr/..//libr/bin/p/bin_elf.c:248
    #3 0x7f6adc79d6ef in r_bin_object_set_items /home/pancake/prg/radare2/libr/bin/bin.c:377
    #4 0x7f6adc7a0a49 in r_bin_object_new /home/pancake/prg/radare2/libr/bin/bin.c:855
    #5 0x7f6adc7a16a4 in r_bin_file_new_from_bytes /home/pancake/prg/radare2/libr/bin/bin.c:961

## gist:53e8f89506466376439a
$ grep -re getrandom /usr/include/
/usr/include/bits/syscall.h:#define SYS_getrandom __NR_getrandom
/usr/include/bits/syscall.h:#define SYS_getrandom __NR_getrandom
/usr/include/bits/syscall.h:#define SYS_getrandom __NR_getrandom
/usr/include/asm/unistd_64.h:#define __NR_getrandom 318
/usr/include/asm/unistd_32.h:#define __NR_getrandom 355
/usr/include/asm/unistd_x32.h:#define __NR_getrandom (__X32_SYSCALL_BIT + 318)
/usr/include/linux/random.h: * Flags for getrandom(2)
/usr/include/asm-generic/unistd.h:#define __NR_getrandom 278
/usr/include/asm-generic/unistd.h:__SYSCALL(__NR_getrandom, sys_getrandom)

## gist:342cefab6b7f732e6638
```
[0x7f90d08b8ce0]> "(foo x,?e $0,?e `ai@$0`)"
[0x7f90d08b8ce0]> .(foo rsp)
rsp
read write flag stack
[0x7f90d08b8ce0]> .(foo rip)
rip
exec read flag
[0x7f90d08b8ce0]>
```

## gist:4e5e90338029c41e4818
[pancake@koega ~]$ r2 -qni test.r2 -
- offset -   0 1  2 3  4 5  6 7  8 9  A B  C D  E F  0123456789ABCDEF
0x00050000  2020 2023 2050 6572 7661 7369 7665 204c     # Pervasive L
0x00050010  6973 7465 6e65 720a 7076 7377 2020 2020  istener.pvsw
- 3397568 malloc://512 @ 0x0 ; rw
- 6 /etc/services @ 0x4000 ; r
- 8 /bin/ls @ 0x50000 ; r
file    /bin/ls
fd      8
size    0x1c6c8

## gist:fd1a3ea41d31073311b8
$ r2 -
 -- ASLR stands for Age/Sex/Location/Reverser.
[0x00000000]> ae 2,1,==,%z,zf,=,zf,?{,80,}
zf=0x0
zf=0x0
zf=0x0
StackDump:
 [1] }
 [0] 80
[0x00000000]> ae 1,1,==,%z,zf,=,zf,?{,80,}
	$ rasm2 -a arm -b 16 -D e8b1d0f80090b9f80cc0d9f808900cea010c09ebcc09d9f800c09cea010f02d1
	0x00000000 2 e8b1 cbz r0, 0x3e
	0x00000002 4 d0f80090 ldr.w sb, [r0]
	0x00000006 4 b9f80cc0 ldrh.w ip, [sb, 0xc]
	0x0000000a 4 d9f80890 ldr.w sb, [sb, 8]
	0x0000000e 4 0cea010c and.w ip, ip, r1
	0x00000012 4 09ebcc09 add.w sb, sb, ip, lsl 3
	0x00000016 4 d9f800c0 ldr.w ip, [sb]
	0x0000001a 4 9cea010f teq.w ip, r1
	0x0000001e 2 02d1 bne 0x26
	21:15 < pancake> looks like To*() methods have been deprecated in latest v8.. how can I replace them?
	21:16 < caitp> you mean the "Use maybe version" deprecation warning?
	21:16 < pancake> yes
	21:16 < pancake> well, i dont get that warning i just get an undefined symbol
	21:16 < pancake> which is a bit more anoying
	21:17 < caitp> an undefined symbol, as in a linker error?
	21:17 < pancake> node: symbol lookup error:
	/home/pancake/Sync/private/frida-dumper/node_modules/frida/lib/binding/Release/node-v14-linux-x64/frida_binding.node: undefined
	symbol: _ZNK2v85Value7ToInt32EPNS_7IsolateE
	21:17 < pancake> yes
	> lets attach
	/usr/bin/node: symbol lookup error: /home/pancake/Sync/private/frida-dumper/node_modules/frida/lib/binding/Release/node-v14-linux-x64/frida_binding.node: undefined symbol: _ZNK2v85Value9ToIntegerEPNS_7IsolateE

	Breakpoint 1, _exit (status=127) at ../sysdeps/unix/sysv/linux/_exit.c:28
	28 ../sysdeps/unix/sysv/linux/_exit.c: No such file or directory.
	(gdb) bt
	#0 _exit (status=127) at ../sysdeps/unix/sysv/linux/_exit.c:28
	#1 0x00007ffff7de9e89 in _dl_signal_error (errcode=errcode@entry=0,
	objname=objname@entry=0xfc1920 "/home/pancake/Sync/private/frida-dumper/node_modules/frida/lib/binding/Release/node-v14-linux-x64/frida_binding.node", occation=occation@entry=0x7ffff7df65b8 "symbol lookup error",
	errstring=errstring@entry=0x7fffffffa150 "undefined symbol: _ZNK2v85Value9ToIntegerEPNS_7IsolateE")
	Sparc instructions not found in Capstone?
	-----------------------------------------
	RDPSR
	RDWIM
	RDTBR
	WRPSR
	WRWIM
	WRTBR
	RETT
	LDA
	```
	tccgen.c: In function 'is_compatible_func':
	tccgen.c:514:5: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
	if (FUNC_CALL(s1->r) != FUNC_CALL(s2->r))
	^
	tccgen.c:514:5: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
	tccgen.c: In function 'parse_btype':
	tccgen.c:1220:21: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
	ad->aligned = FUNC_ALIGN(s->r);
	^
	$ r2 /tmp/tmpuT4fF8.fil
	=================================================================
	==6926==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61d00001c011 at pc 0x7f6add883c57 bp 0x7fffa5cd87a0 sp 0x7fffa5cd7f48
	READ of size 11 at 0x61d00001c011 thread T0
	#0 0x7f6add883c56 in __interceptor_strncpy (/usr/lib/libasan.so.1+0x2ec56)
	#1 0x7f6adc7e50ee in Elf32_r_bin_elf_get_symbols /home/pancake/prg/radare2/libr/..//libr/bin/p/../format/elf/elf.c:1263
	#2 0x7f6adc7d3eac in symbols /home/pancake/prg/radare2/libr/..//libr/bin/p/bin_elf.c:248
	#3 0x7f6adc79d6ef in r_bin_object_set_items /home/pancake/prg/radare2/libr/bin/bin.c:377
	#4 0x7f6adc7a0a49 in r_bin_object_new /home/pancake/prg/radare2/libr/bin/bin.c:855
	#5 0x7f6adc7a16a4 in r_bin_file_new_from_bytes /home/pancake/prg/radare2/libr/bin/bin.c:961
	$ grep -re getrandom /usr/include/
	/usr/include/bits/syscall.h:#define SYS_getrandom __NR_getrandom
	/usr/include/bits/syscall.h:#define SYS_getrandom __NR_getrandom
	/usr/include/bits/syscall.h:#define SYS_getrandom __NR_getrandom
	/usr/include/asm/unistd_64.h:#define __NR_getrandom 318
	/usr/include/asm/unistd_32.h:#define __NR_getrandom 355
	/usr/include/asm/unistd_x32.h:#define __NR_getrandom (__X32_SYSCALL_BIT + 318)
	/usr/include/linux/random.h: * Flags for getrandom(2)
	/usr/include/asm-generic/unistd.h:#define __NR_getrandom 278
	/usr/include/asm-generic/unistd.h:__SYSCALL(__NR_getrandom, sys_getrandom)
	```
	[0x7f90d08b8ce0]> "(foo x,?e $0,?e `ai@$0`)"
	[0x7f90d08b8ce0]> .(foo rsp)
	rsp
	read write flag stack
	[0x7f90d08b8ce0]> .(foo rip)
	rip
	exec read flag
	[0x7f90d08b8ce0]>
	```
	[pancake@koega ~]$ r2 -qni test.r2 -
	- offset - 0 1 2 3 4 5 6 7 8 9 A B C D E F 0123456789ABCDEF
	0x00050000 2020 2023 2050 6572 7661 7369 7665 204c # Pervasive L
	0x00050010 6973 7465 6e65 720a 7076 7377 2020 2020 istener.pvsw
	- 3397568 malloc://512 @ 0x0 ; rw
	- 6 /etc/services @ 0x4000 ; r
	- 8 /bin/ls @ 0x50000 ; r
	file /bin/ls
	fd 8
	size 0x1c6c8
	$ r2 -
	-- ASLR stands for Age/Sex/Location/Reverser.
	[0x00000000]> ae 2,1,==,%z,zf,=,zf,?{,80,}
	zf=0x0
	zf=0x0
	zf=0x0
	StackDump:
	[1] }
	[0] 80
	[0x00000000]> ae 1,1,==,%z,zf,=,zf,?{,80,}