2023-03-02 05:43:02 +00:00
|
|
|
# Chernobyl
|
|
|
|
|
|
|
|
### First impressions:
|
|
|
|
- Location-independent (my god these relative jumps)
|
|
|
|
- Copies itself around in memory
|
|
|
|
- Tries to be cheeky, and overwrites the original memory
|
|
|
|
- Sucks for it, my disassembler is so bad the instructions are wrong anyway
|
|
|
|
- A top-down disassembly is not possible here.
|
|
|
|
- Does long jumps by calculating large pc-relative offsets, pushing pc, and BR'ing them
|
|
|
|
- Never used Ghidra before, but it really doesn't like this. It crashed so hard.
|
|
|
|
- Decrypts_one_byte a lot -- and there's a blob of garbage in RAM. How fun.
|
|
|
|
- Do I need to find an inverse of the encryption algorithm?
|
|
|
|
|
|
|
|
#### TL;DR: Everybody knows it sucks
|