Again, we’ll be analyzing the compiled binary which we converted from a C compiled binary into ASM. No special additions or modification, also no JMP/CALL/POP techniques.
Binary checked
asm_linx86_send-string-all-terminals_shellstorm_sample3_mod-alt
Version used
$ r2 -v
radare2 3.0.1 0 @ linux-x86-64 git.3.0.1
commit: HEAD build: 2018-10-20__19:42:15Run all analysis options and open binary
$ r2 -AAA asm_linx86_send-string-all-terminals_shellstorm_sample3_mod-alt
WARNING: Cannot initialize dynamic strings
[x] Analyze all flags starting with sym. and entry0 (aa)
[x] Analyze function calls (aac)
[x] Analyze len bytes of instructions for references (aar)
[x] Constructing a function name for fcn.* and sym.func.* functions (aan)
[x] Enable constraint types analysis for variables
[0x08048060]> Show sections
[0x08048060]> iS
[Sections]
Nm Paddr Size Vaddr Memsz Perms Name
00 0x00000000 0 0x00000000 0 ----
01 0x00000060 60 0x08048060 60 -r-x .text
02 0x0000009c 33 0x00000000 33 ---- .shstrtab
03 0x00000188 128 0x00000000 128 ---- .symtab
04 0x00000208 100 0x00000000 100 ---- .strtabList entrypoints
[0x08048060]> ie
[Entrypoints]
vaddr=0x08048060 paddr=0x00000060 baddr=0x08048000 laddr=0x00000000 haddr=0x00000018 hvaddr=0x08048018 type=program
1 entrypointsSet seeker to address of entrypoint
[0x08048060]> s 0x08048060
[0x08048060]> Show function disassembly
