Thursday, April 16, 2020

Reversing Some C++ Io Operations

In general decompilers are not friendly with c++ let's analyse a simple program to get familiar with it.
Let's implement a simple code that loads a file into a vector and then save the vector with following functions:

  • err
  • load
  • save
  • main


Lets identify the typical way in C++ to print to stdout with the operator "<<"


The basic_ostream is initialized writing the word "error" to the cout, and then the operator<< again to add the endl.




The Main function simply calls  "vec = load(filename)"  but the compiler modified it and passed the vector pointer as a parámeter. Then it bulds and prints "loaded  " << size << " users".
And finally saves the vector to /tmp/pwd and print "saved".
Most of the mess is basically the operator "<<" to concat and print values.
Also note that the vectors and strings are automatically deallocated when exit the function.


And here is the code:


Let's take a look to the load function, which iterates the ifs.getline() and push to the vector.
First of all there is a mess on the function definition, __return_storage_ptr is the vector.
the ifstream object ifs is initialized as a basic_ifstream and then operator! checks if it wasn't possible to open the file and in that case calls err()
We see the memset and a loop, getline read a cstr like line from the file, and then is converted to a string before pushing it to the vector. lVar1 is the stack canary value.

In this situations dont obfuscate with the vector pointer vec initialization at the begining, in this case the logic is quite clear.



The function save is a bit more tricky, but it's no more than a vector iteration and ofs writing.
Looping a simple "for (auto s : *vec)" in the decompiler is quite dense, but we can see clearly two write, the second write DAT_0010400b is a "\n"



As we see, save implememtation is quite straightforward.




Related links

  1. Hak5 Tools
  2. Hacking Tools For Kali Linux
  3. Pentest Tools Subdomain
  4. Hacker Tools Software
  5. Hacking Tools For Games
  6. Hackrf Tools
  7. Game Hacking
  8. Pentest Box Tools Download
  9. Install Pentest Tools Ubuntu
  10. Wifi Hacker Tools For Windows
  11. Pentest Tools Kali Linux
  12. Hacker Tools Hardware
  13. Best Pentesting Tools 2018
  14. Hacking Tools Mac
  15. Pentest Automation Tools
  16. Hacker Security Tools
  17. Pentest Tools Windows
  18. Pentest Tools Website Vulnerability
  19. Hacking Tools For Windows 7
  20. Hacker Security Tools
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)