Giters

uxmal / reko

Reko is a binary decompiler.

Home Page:https://uxmal.github.io/reko

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

arm_pe : Doesn't discover and decompile main method

rfalke opened this issue · comments

commented

The crack-me https://github.com/rfalke/decompiler-subjects/tree/master/from_internet/ioli_crackmes/crackme0x00 is available in 3 binaries. Reko (0.11.4.0-931ca7d) only outputs the real main for ia32_elf and ia32_pe but not for arm_pe.

Expected output:

void main()
{
	char bLoc1C[something];
	printf("IOLI Crackme Level 0x00\n");
	printf("Password: ");
	scanf("%s", &bLoc1C);
	if (strcmp(&bLoc1C, "250382") != 0x00)
		printf("Invalid Password!\n");
	else
		printf("Password OK :)\n");
}
commented

Reko now produces:

void fn00011050()
{
    char bLoc1A;
    fn000113A0();
    puts("IOLI Crackme Level 0x00");
    printf("Password: ");
    scanf("%s", &bLoc1A);
    if (strcmp(&bLoc1A, "250382") != 0x00)
        puts("Invalid Password!");
    else
        puts("Password OK :)");
}

Note how the compiler has converted the parameterless, \n-terminated calls to printf to equivalent calls to puts. It's not possible for Reko or any other decompiler to undo this conversion without serious oracular knowledge.