Complete Baku

This commit is contained in:
Val 2022-12-12 00:55:34 -06:00
parent a441380747
commit 38b35b77a7
4 changed files with 675 additions and 0 deletions

42
23-Baku/baku.md Normal file
View File

@ -0,0 +1,42 @@
# Baku
Main is very simple. It decrypts the user input with a preset key
There's a blob of data in the strings section:
```asm
48ae:
7F7875E0C977D30CE85ECA19D02211F7
4B530B31B5CD58D3F59DC5A9C583C4F3
6F1AF5BBFE9E53E240509D7A301E015A
6259A7399184A659BECECE98704E9C20
539345A8F3DD01602F4A68C1CE8052B8
70076C8BA04E44C8DC9769A1E1CA3A79
FF47B02ED04928437CD92D693D5D53D8
D980482F2F0E986DAC90052A41847EB1
7DCD0F8EF68ED042839E9D47ED147B9B
F2138F148B43DFCC75104D056E8AE6DC
7B2F0D188AF1FA20493CD251F10BBCB5
495e: ; it's the s box!
52096AD53036A538BF40A39E81F3D7FB
7CE339829B2FFF87348E4344C4DEE9CB
547B9432A6C2233DEE4C950B42FAC34E
082EA16628D924B2765BA2496D8BD125
72F8F66486689816D4A45CCC5D65B692
6C704850FDEDB9DA5E154657A78D9D84
90D8AB008CBCD30AF7E45805B8B34506
D02C1E8FCA3F0F02C1AFBD0301138A6B
3A9111414F67DCEA97F2CFCEF0B4E673
96AC7422E7AD3585E2F937E81C75DF6E
47F11A711D29C5896FB7620EAA18BE1B
FC563E4BC6D279209ADBC0FE78CD5AF4
1FDDA8338807C731B11210592780EC5F
60517FA919B54A0D2DE57A9F93C99CEF
A0E03B4DAE2AF5B0C8EBBB3C83539961
172B047EBA77D626E169146355210C7D
```
One is probably the key
494e: 7b2f0d188af1fa20493cd251f10bbcb5
PT: "ACCESS GRANTED!"
CT: aaf7e3ad17bcfd3240422d65fe3ea1b7

46
23-Baku/baku.py Normal file
View File

@ -0,0 +1,46 @@
#!/usr/bin/env python3
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
keys = [
"7F7875E0C977D30CE85ECA19D02211F7", # 48ae
"4B530B31B5CD58D3F59DC5A9C583C4F3", # 48be
"6F1AF5BBFE9E53E240509D7A301E015A", # 48ce
"6259A7399184A659BECECE98704E9C20", # 48de
"539345A8F3DD01602F4A68C1CE8052B8", # 48ee
"70076C8BA04E44C8DC9769A1E1CA3A79", # 48fe
"FF47B02ED04928437CD92D693D5D53D8", # 490e
"D980482F2F0E986DAC90052A41847EB1", # 491e
"7DCD0F8EF68ED042839E9D47ED147B9B", # 492e
"F2138F148B43DFCC75104D056E8AE6DC", # 493e
"7B2F0D188AF1FA20493CD251F10BBCB5" #! 494e
]
# It's sbox!!!
inv_sbox = [
"52096AD53036A538BF40A39E81F3D7FB", # 495e
"7CE339829B2FFF87348E4344C4DEE9CB", # 496e
"547B9432A6C2233DEE4C950B42FAC34E", # 497e
"082EA16628D924B2765BA2496D8BD125", # 498e
"72F8F66486689816D4A45CCC5D65B692", # 499e
"6C704850FDEDB9DA5E154657A78D9D84", # 49ae
"90D8AB008CBCD30AF7E45805B8B34506", # 49be
"D02C1E8FCA3F0F02C1AFBD0301138A6B", # 49ce
"3A9111414F67DCEA97F2CFCEF0B4E673", # 49de
"96AC7422E7AD3585E2F937E81C75DF6E", # 49ee
"47F11A711D29C5896FB7620EAA18BE1B", # 49fe
"FC563E4BC6D279209ADBC0FE78CD5AF4", # 4a0e
"1FDDA8338807C731B11210592780EC5F", # 4a1e
"60517FA919B54A0D2DE57A9F93C99CEF", # 4a2e
"A0E03B4DAE2AF5B0C8EBBB3C83539961", # 4a3e
"172B047EBA77D626E169146355210C7D" # 4a4e
]
for key in keys:
key = bytes.fromhex(key)
cipher = Cipher(algorithms.AES128(key), modes.ECB());
enc = cipher.encryptor()
ciphertext = enc.update(b'ACCESS GRANTED!\x00') + enc.finalize()
print(key.hex(), ciphertext.hex(), "\n");

586
23-Baku/baku.txt Normal file
View File

@ -0,0 +1,586 @@
Hex:
:10 4400 00 55425C0135D0085A8245002431400044 B1
:10 4410 00 3F4000000F930824924200245C012F83 48
:10 4420 00 9F4F5E4A0024F8233F4000000F930724 6B
:10 4430 00 924200245C011F83CF430024F9233150 B2
:10 4440 00 F0FF3D4010000E430F41B0120E483F40 B8
:10 4450 00 7A48B012D6443E4010000F41B012B844 22
:10 4460 00 0E413F40AE48B012FA463D4010000E41 AA
:10 4470 00 3F408F48B012EE470F93E9233F409F48 DB
:10 4480 00 B012D6440312031230127F00B012A044 BF
:10 4490 00 0F433150160032D0F000FD3F30407848 D5
:10 44A0 00 1F41020002124F4F8F103FD00080024F 79
:10 44B0 00 B0121000324130410E120F122312B012 0E
:10 44C0 00 A0443150060030418F110F120312B012 78
:10 44D0 00 A044215230410B120B4F033C1B53B012 2E
:10 44E0 00 C8446F4B4F93FA237F400A00B012C844 70
:10 44F0 00 3B4130414E4F4E5E0E430E6E4C4E4C5C 77
:10 4500 00 4C5E4E4C4E5E4E5E4E5E4E5C4D4F0D5D B3
:10 4510 00 4F4E4FED30410D430C4E0C5DEFEC0000 63
:10 4520 00 1D531F533D901000F72330410B120A12 08
:10 4530 00 0912081207120612051204123150E8FF 80
:10 4540 00 814F0000814E10005D4F0D00DF4F0900 CC
:10 4550 00 0D00DF4F05000900DF4F01000500CF4D C2
:10 4560 00 01005D4F0200DF4F0A000200CF4D0A00 3C
:10 4570 00 5D4F0600DF4F0E000600CF4D0E005D4F 71
:10 4580 00 0300DF4F07000300DF4F0B000700DF4F 82
:10 4590 00 0F000B00CF4D0F000A4F0D4F0C436F4D 16
:10 45A0 00 DD4F5E4900001C531D533C901000F723 63
:10 45B0 00 81430200684A5B4A0100594A0200574A 97
:10 45C0 00 03004F48B012F4444E4F814E0800B012 21
:10 45D0 00 F4444D4F814D1600B012F4444E4F4F4B F2
:10 45E0 00 814F04004F4B814E1400B012F4444C4F E5
:10 45F0 00 814C1200B012F444C14F0C00B012F444 CC
:10 4600 00 444F4B49814B06004F49B012F444C14F 0F
:10 4610 00 0D00B012F4444B4F814B0A00B012F444 29
:10 4620 00 464F45474F47B012F444C14F0E00B012 F9
:10 4630 00 F444474FB012F444494F1D4116001B41 4A
:10 4640 00 08000BED1E4114000BEE1C4112000BEC 98
:10 4650 00 0BE41BE10A000BE60BE91BE104001BE1 84
:10 4660 00 06004BE5CA4B00000B485F410C005841 67
:10 4670 00 0D0047470CEE0CE40CE60CE90CEF0CE8 DF
:10 4680 00 0CE71CE106000CE54CEBCA4C01005C41 58
:10 4690 00 0E000DEE0DE41DE10A000DE60DE90DE8 3A
:10 46A0 00 0DEC1DE104000DE54DEBCA4D02001EE1 CD
:10 46B0 00 08000EE40EE60EE90EEF0EE70EEC1EE1 2A
:10 46C0 00 04001EE106004EEBCA4E0300A1520200 98
:10 46D0 00 2A52B190100002006D231E4110002F41 9C
:10 46E0 00 B0121645315018003441354136413741 3A
:10 46F0 00 384139413A413B4130410B120A120A4F CD
:10 4700 00 0B4E0E4F0F4BB01216450E4A3E501000 86
:10 4710 00 0F4BB0122C450E4A3E5020000F4BB012 EA
:10 4720 00 2C450E4A3E5030000F4BB0122C450E4A 1D
:10 4730 00 3E5040000F4BB0122C450E4A3E505000 E8
:10 4740 00 0F4BB0122C450E4A3E5060000F4BB012 7A
:10 4750 00 2C450E4A3E5070000F4BB0122C450E4A AD
:10 4760 00 3E5080000F4BB0122C450E4A3E509000 38
:10 4770 00 0F4BB0122C450E4A3E50A0005F4B0D00 6F
:10 4780 00 DB4B09000D00DB4B05000900DB4B0100 92
:10 4790 00 0500CB4F01005F4B0200DB4B0A000200 1B
:10 47A0 00 CB4F0A005F4B0600DB4B0E000600CB4F E1
:10 47B0 00 0E005F4B0300DB4B07000300DB4B0B00 DD
:10 47C0 00 0700DB4B0F000B00CB4F0F000F4B0D43 CF
:10 47D0 00 6C4FDF4C5E4900001D531F533D901000 8D
:10 47E0 00 F7230F4BB01216453A413B4130410B12 B3
:10 47F0 00 0D930A247B4F7C4E4B9C04244F4B4E4C 14
:10 4800 00 0F8E033C3D53F43F0F433B4130410B12 AD
:10 4810 00 0A12091208123D900600092C0C4F043C A4
:10 4820 00 CC4E00001C533D530D93FA23203C4E4E BA
:10 4830 00 4B4E0B9303240C4B8C100BDC1FB30624 44
:10 4840 00 3D53CF4E0000094F1953013C094F0C4D 09
:10 4850 00 12C30C100A49084C8A4B00002A533853 E3
:10 4860 00 FB230C5C0C591DF30224CC4E00003841 94
:0A 4870 00 39413A413B4130410013 49
Strings:
:10 487A 00 5343414E205345435552495459204445 C8
:10 488A 00 5649434500414343455353204752414E FD
:10 489A 00 5445442100414343455353204752414E 16
:10 48AA 00 544544007F7875E0C977D30CE85ECA19 8D
:10 48BA 00 D02211F74B530B31B5CD58D3F59DC5A9 6D
:10 48CA 00 C583C4F36F1AF5BBFE9E53E240509D7A 2E
:10 48DA 00 301E015A6259A7399184A659BECECE98 84
:10 48EA 00 704E9C20539345A8F3DD01602F4A68C1 9E
:10 48FA 00 CE8052B870076C8BA04E44C8DC9769A1 71
:10 490A 00 E1CA3A79FF47B02ED04928437CD92D69 AC
:10 491A 00 3D5D53D8D980482F2F0E986DAC90052A 4B
:10 492A 00 41847EB17DCD0F8EF68ED042839E9D47 07
:10 493A 00 ED147B9BF2138F148B43DFCC75104D05 5E
:10 494A 00 6E8AE6DC7B2F0D188AF1FA20493CD251 97
:10 495A 00 F10BBCB552096AD53036A538BF40A39E C3
:10 496A 00 81F3D7FB7CE339829B2FFF87348E4344 44
:10 497A 00 C4DEE9CB547B9432A6C2233DEE4C950B A0
:10 498A 00 42FAC34E082EA16628D924B2765BA249 00
:10 499A 00 6D8BD12572F8F66486689816D4A45CCC 1F
:10 49AA 00 5D65B6926C704850FDEDB9DA5E154657 F2
:10 49BA 00 A78D9D8490D8AB008CBCD30AF7E45805 28
:10 49CA 00 B8B34506D02C1E8FCA3F0F02C1AFBD03 34
:10 49DA 00 01138A6B3A9111414F67DCEA97F2CFCE 05
:10 49EA 00 F0B4E67396AC7422E7AD3585E2F937E8 A0
:10 49FA 00 1C75DF6E47F11A711D29C5896FB7620E E2
:10 4A0A 00 AA18BE1BFC563E4BC6D279209ADBC0FE C2
:10 4A1A 00 78CD5AF41FDDA8338807C731B1121059 6F
:10 4A2A 00 2780EC5F60517FA919B54A0D2DE57A9F 61
:10 4A3A 00 93C99CEFA0E03B4DAE2AF5B0C8EBBB3C 56
:10 4A4A 00 83539961172B047EBA77D626E1691463 DA
:04 4A5A 00 55210C7D 59
Vector_Table:
:10 FF80 00 9C449C449C449C449C449C449C449C44 71
:10 FF90 00 9C449C449C449C449C449C449C440044 FD
Entry:
:04 0000 03 00004400 B5
:00 0000 01 FF
Obj:
0010 <__trap_interrupt>
0010: 3041 ret
4400 <__watchdog_support>
4400: 5542 5c01 mov.b &0x015c, r5
4404: 35d0 085a bis #0x5a08, r5
4408: 8245 0024 mov r5, &0x2400
440c <__init_stack>
440c: 3140 0044 mov #0x4400 <__watchdog_support>, sp
4410 <__do_copy_data>
4410: 3f40 0000 clr r15
4414: 0f93 tst r15
4416: 0824 jz #0x4428 <__do_clear_bss+0x0>
4418: 9242 0024 5c01 mov &0x2400, &0x015c
441e: 2f83 decd r15
4420: 9f4f 5e4a 0024 mov 0x4a5e(r15), 0x2400(r15)
4426: f823 jnz #0x4418 <__do_copy_data+0x8>
4428 <__do_clear_bss>
4428: 3f40 0000 clr r15
442c: 0f93 tst r15
442e: 0724 jz #0x443e <main+0x0>
4430: 9242 0024 5c01 mov &0x2400, &0x015c
4436: 1f83 dec r15
4438: cf43 0024 mov.b #0x0, 0x2400(r15)
443c: f923 jnz #0x4430 <__do_clear_bss+0x8>
443e <main>
443e: 3150 f0ff add #0xfff0, sp
4442: 3d40 1000 mov #0x10, r13
4446: 0e43 clr r14
4448: 0f41 mov sp, r15
444a: b012 0e48 call #0x480e <memset>
continue:
444e: 3f40 7a48 mov #0x487a "SCAN SECURITY DEVICE" <__bss_start+0x247a>, r15
4452: b012 d644 call #0x44d6 <puts>
4456: 3e40 1000 mov #0x10, r14
445a: 0f41 mov sp, r15
445c: b012 b844 call #0x44b8 <getsn>
4460: 0e41 mov sp, r14
4462: 3f40 ae48 mov #0x48ae "\x7fxuw\x0c^\x19..." r15
4466: b012 fa46 call #0x46fa <aes_ecb_decrypt>
446a: 3d40 1000 mov #0x10, r13
446e: 0e41 mov sp, r14
4470: 3f40 8f48 mov #0x488f "ACCESS GRANTED!" r15
4474: b012 ee47 call #0x47ee <memcmp>
4478: 0f93 tst r15
447a: e923 jnz #0x444e <main+0x10>
447c: 3f40 9f48 mov #0x489f "ACCESS GRANTED" r15
4480: b012 d644 call #0x44d6 <puts>
4484: 0312 push #0x0
4486: 0312 push #0x0
4488: 3012 7f00 push #0x7f
448c: b012 a044 call #0x44a0 <INT>
4490: 0f43 clr r15
4492: 3150 1600 add #0x16, sp
4496 <__stop_progExec__>
4496: 32d0 f000 bis #0xf0, sr
449a: fd3f jmp #0x4496 <__stop_progExec__+0x0>
449c <__ctors_end>
449c: 3040 7848 br #0x4878 <_unexpected_>
44a0 <INT>
44a0: 1f41 0200 mov 0x2(sp), r15
44a4: 0212 push sr
44a6: 4f4f mov.b r15, r15
44a8: 8f10 swpb r15
44aa: 3fd0 0080 bis #0x8000, r15
44ae: 024f mov r15, sr
44b0: b012 1000 call #0x10
44b4: 3241 pop sr
44b6: 3041 ret
44b8 <getsn>
44b8: 0e12 push r14
44ba: 0f12 push r15
44bc: 2312 push #0x2
44be: b012 a044 call #0x44a0 <INT>
44c2: 3150 0600 add #0x6, sp
44c6: 3041 ret
44c8 <putchar>
44c8: 8f11 sxt r15
44ca: 0f12 push r15
44cc: 0312 push #0x0
44ce: b012 a044 call #0x44a0 <INT>
44d2: 2152 add #0x4, sp
44d4: 3041 ret
44d6 <puts>
44d6: 0b12 push r11
44d8: 0b4f mov r15, r11
44da: 033c jmp #0x44e2 <puts+0xc>
44dc: 1b53 inc r11
44de: b012 c844 call #0x44c8 <putchar>
44e2: 6f4b mov.b @r11, r15
44e4: 4f93 tst.b r15
44e6: fa23 jnz #0x44dc <puts+0x6>
44e8: 7f40 0a00 mov.b #0xa, r15
44ec: b012 c844 call #0x44c8 <putchar>
44f0: 3b41 pop r11
44f2: 3041 ret
44f4 <xtime>
44f4: 4e4f mov.b r15, r14
44f6: 4e5e add.b r14, r14
44f8: 0e43 clr r14
44fa: 0e6e addc r14, r14
44fc: 4c4e mov.b r14, r12
44fe: 4c5c add.b r12, r12
4500: 4c5e add.b r14, r12
4502: 4e4c mov.b r12, r14
4504: 4e5e add.b r14, r14
4506: 4e5e add.b r14, r14
4508: 4e5e add.b r14, r14
450a: 4e5c add.b r12, r14
450c: 4d4f mov.b r15, r13
450e: 0d5d add r13, r13
4510: 4f4e mov.b r14, r15
4512: 4fed xor.b r13, r15
4514: 3041 ret
4516 <xor128>
4516: 0d43 clr r13
4518: 0c4e mov r14, r12
451a: 0c5d add r13, r12
451c: efec 0000 xor.b @r12, 0x0(r15)
4520: 1d53 inc r13
4522: 1f53 inc r15
4524: 3d90 1000 cmp #0x10, r13
4528: f723 jne #0x4518 <xor128+0x2>
452a: 3041 ret
452c <aesdec128>
452c: 0b12 push r11
452e: 0a12 push r10
4530: 0912 push r9
4532: 0812 push r8
4534: 0712 push r7
4536: 0612 push r6
4538: 0512 push r5
453a: 0412 push r4
453c: 3150 e8ff add #0xffe8, sp
4540: 814f 0000 mov r15, 0x0(sp)
4544: 814e 1000 mov r14, 0x10(sp)
4548: 5d4f 0d00 mov.b 0xd(r15), r13
454c: df4f 0900 0d00 mov.b 0x9(r15), 0xd(r15)
4552: df4f 0500 0900 mov.b 0x5(r15), 0x9(r15)
4558: df4f 0100 0500 mov.b 0x1(r15), 0x5(r15)
455e: cf4d 0100 mov.b r13, 0x1(r15)
4562: 5d4f 0200 mov.b 0x2(r15), r13
4566: df4f 0a00 0200 mov.b 0xa(r15), 0x2(r15)
456c: cf4d 0a00 mov.b r13, 0xa(r15)
4570: 5d4f 0600 mov.b 0x6(r15), r13
4574: df4f 0e00 0600 mov.b 0xe(r15), 0x6(r15)
457a: cf4d 0e00 mov.b r13, 0xe(r15)
457e: 5d4f 0300 mov.b 0x3(r15), r13
4582: df4f 0700 0300 mov.b 0x7(r15), 0x3(r15)
4588: df4f 0b00 0700 mov.b 0xb(r15), 0x7(r15)
458e: df4f 0f00 0b00 mov.b 0xf(r15), 0xb(r15)
4594: cf4d 0f00 mov.b r13, 0xf(r15)
4598: 0a4f mov r15, r10
459a: 0d4f mov r15, r13
459c: 0c43 clr r12
459e: 6f4d mov.b @r13, r15
45a0: dd4f 5e49 0000 mov.b 0x495e(r15), 0x0(r13) ;!!! the box is 495e. What comes before it, then?
45a6: 1c53 inc r12
45a8: 1d53 inc r13
45aa: 3c90 1000 cmp #0x10, r12
45ae: f723 jne #0x459e <aesdec128+0x72>
45b0: 8143 0200 clr 0x2(sp)
45b4: 684a mov.b @r10, r8
45b6: 5b4a 0100 mov.b 0x1(r10), r11
45ba: 594a 0200 mov.b 0x2(r10), r9
45be: 574a 0300 mov.b 0x3(r10), r7
45c2: 4f48 mov.b r8, r15
45c4: b012 f444 call #0x44f4 <xtime>
45c8: 4e4f mov.b r15, r14
45ca: 814e 0800 mov r14, 0x8(sp)
45ce: b012 f444 call #0x44f4 <xtime>
45d2: 4d4f mov.b r15, r13
45d4: 814d 1600 mov r13, 0x16(sp)
45d8: b012 f444 call #0x44f4 <xtime>
45dc: 4e4f mov.b r15, r14
45de: 4f4b mov.b r11, r15
45e0: 814f 0400 mov r15, 0x4(sp)
45e4: 4f4b mov.b r11, r15
45e6: 814e 1400 mov r14, 0x14(sp)
45ea: b012 f444 call #0x44f4 <xtime>
45ee: 4c4f mov.b r15, r12
45f0: 814c 1200 mov r12, 0x12(sp)
45f4: b012 f444 call #0x44f4 <xtime>
45f8: c14f 0c00 mov.b r15, 0xc(sp)
45fc: b012 f444 call #0x44f4 <xtime>
4600: 444f mov.b r15, r4
4602: 4b49 mov.b r9, r11
4604: 814b 0600 mov r11, 0x6(sp)
4608: 4f49 mov.b r9, r15
460a: b012 f444 call #0x44f4 <xtime>
460e: c14f 0d00 mov.b r15, 0xd(sp)
4612: b012 f444 call #0x44f4 <xtime>
4616: 4b4f mov.b r15, r11
4618: 814b 0a00 mov r11, 0xa(sp)
461c: b012 f444 call #0x44f4 <xtime>
4620: 464f mov.b r15, r6
4622: 4547 mov.b r7, r5
4624: 4f47 mov.b r7, r15
4626: b012 f444 call #0x44f4 <xtime>
462a: c14f 0e00 mov.b r15, 0xe(sp)
462e: b012 f444 call #0x44f4 <xtime>
4632: 474f mov.b r15, r7
4634: b012 f444 call #0x44f4 <xtime>
4638: 494f mov.b r15, r9
463a: 1d41 1600 mov 0x16(sp), r13
463e: 1b41 0800 mov 0x8(sp), r11
4642: 0bed xor r13, r11
4644: 1e41 1400 mov 0x14(sp), r14
4648: 0bee xor r14, r11
464a: 1c41 1200 mov 0x12(sp), r12
464e: 0bec xor r12, r11
4650: 0be4 xor r4, r11
4652: 1be1 0a00 xor 0xa(sp), r11
4656: 0be6 xor r6, r11
4658: 0be9 xor r9, r11
465a: 1be1 0400 xor 0x4(sp), r11
465e: 1be1 0600 xor 0x6(sp), r11
4662: 4be5 xor.b r5, r11
4664: ca4b 0000 mov.b r11, 0x0(r10)
4668: 0b48 mov r8, r11
466a: 5f41 0c00 mov.b 0xc(sp), r15
466e: 5841 0d00 mov.b 0xd(sp), r8
4672: 4747 mov.b r7, r7
4674: 0cee xor r14, r12
4676: 0ce4 xor r4, r12
4678: 0ce6 xor r6, r12
467a: 0ce9 xor r9, r12
467c: 0cef xor r15, r12
467e: 0ce8 xor r8, r12
4680: 0ce7 xor r7, r12
4682: 1ce1 0600 xor 0x6(sp), r12
4686: 0ce5 xor r5, r12
4688: 4ceb xor.b r11, r12
468a: ca4c 0100 mov.b r12, 0x1(r10)
468e: 5c41 0e00 mov.b 0xe(sp), r12
4692: 0dee xor r14, r13
4694: 0de4 xor r4, r13
4696: 1de1 0a00 xor 0xa(sp), r13
469a: 0de6 xor r6, r13
469c: 0de9 xor r9, r13
469e: 0de8 xor r8, r13
46a0: 0dec xor r12, r13
46a2: 1de1 0400 xor 0x4(sp), r13
46a6: 0de5 xor r5, r13
46a8: 4deb xor.b r11, r13
46aa: ca4d 0200 mov.b r13, 0x2(r10)
46ae: 1ee1 0800 xor 0x8(sp), r14
46b2: 0ee4 xor r4, r14
46b4: 0ee6 xor r6, r14
46b6: 0ee9 xor r9, r14
46b8: 0eef xor r15, r14
46ba: 0ee7 xor r7, r14
46bc: 0eec xor r12, r14
46be: 1ee1 0400 xor 0x4(sp), r14
46c2: 1ee1 0600 xor 0x6(sp), r14
46c6: 4eeb xor.b r11, r14
46c8: ca4e 0300 mov.b r14, 0x3(r10)
46cc: a152 0200 add #0x4, 0x2(sp)
46d0: 2a52 add #0x4, r10
46d2: b190 1000 0200 cmp #0x10, 0x2(sp)
46d8: 6d23 jne #0x45b4 <aesdec128+0x88>
46da: 1e41 1000 mov 0x10(sp), r14
46de: 2f41 mov @sp, r15
46e0: b012 1645 call #0x4516 <xor128>
46e4: 3150 1800 add #0x18, sp
46e8: 3441 pop r4
46ea: 3541 pop r5
46ec: 3641 pop r6
46ee: 3741 pop r7
46f0: 3841 pop r8
46f2: 3941 pop r9
46f4: 3a41 pop r10
46f6: 3b41 pop r11
46f8: 3041 ret
46fa <aes_ecb_decrypt>
46fa: 0b12 push r11
46fc: 0a12 push r10
46fe: 0a4f mov r15, r10
4700: 0b4e mov r14, r11
4702: 0e4f mov r15, r14
4704: 0f4b mov r11, r15
4706: b012 1645 call #0x4516 <xor128>
470a: 0e4a mov r10, r14
470c: 3e50 1000 add #0x10, r14
4710: 0f4b mov r11, r15
4712: b012 2c45 call #0x452c <aesdec128>
4716: 0e4a mov r10, r14
4718: 3e50 2000 add #0x20, r14
471c: 0f4b mov r11, r15
471e: b012 2c45 call #0x452c <aesdec128>
4722: 0e4a mov r10, r14
4724: 3e50 3000 add #0x30, r14
4728: 0f4b mov r11, r15
472a: b012 2c45 call #0x452c <aesdec128>
472e: 0e4a mov r10, r14
4730: 3e50 4000 add #0x40, r14
4734: 0f4b mov r11, r15
4736: b012 2c45 call #0x452c <aesdec128>
473a: 0e4a mov r10, r14
473c: 3e50 5000 add #0x50, r14
4740: 0f4b mov r11, r15
4742: b012 2c45 call #0x452c <aesdec128>
4746: 0e4a mov r10, r14
4748: 3e50 6000 add #0x60, r14
474c: 0f4b mov r11, r15
474e: b012 2c45 call #0x452c <aesdec128>
4752: 0e4a mov r10, r14
4754: 3e50 7000 add #0x70, r14
4758: 0f4b mov r11, r15
475a: b012 2c45 call #0x452c <aesdec128>
475e: 0e4a mov r10, r14
4760: 3e50 8000 add #0x80, r14
4764: 0f4b mov r11, r15
4766: b012 2c45 call #0x452c <aesdec128>
476a: 0e4a mov r10, r14
476c: 3e50 9000 add #0x90, r14
4770: 0f4b mov r11, r15
4772: b012 2c45 call #0x452c <aesdec128>
4776: 0e4a mov r10, r14
4778: 3e50 a000 add #0xa0, r14
477c: 5f4b 0d00 mov.b 0xd(r11), r15
4780: db4b 0900 0d00 mov.b 0x9(r11), 0xd(r11)
4786: db4b 0500 0900 mov.b 0x5(r11), 0x9(r11)
478c: db4b 0100 0500 mov.b 0x1(r11), 0x5(r11)
4792: cb4f 0100 mov.b r15, 0x1(r11)
4796: 5f4b 0200 mov.b 0x2(r11), r15
479a: db4b 0a00 0200 mov.b 0xa(r11), 0x2(r11)
47a0: cb4f 0a00 mov.b r15, 0xa(r11)
47a4: 5f4b 0600 mov.b 0x6(r11), r15
47a8: db4b 0e00 0600 mov.b 0xe(r11), 0x6(r11)
47ae: cb4f 0e00 mov.b r15, 0xe(r11)
47b2: 5f4b 0300 mov.b 0x3(r11), r15
47b6: db4b 0700 0300 mov.b 0x7(r11), 0x3(r11)
47bc: db4b 0b00 0700 mov.b 0xb(r11), 0x7(r11)
47c2: db4b 0f00 0b00 mov.b 0xf(r11), 0xb(r11)
47c8: cb4f 0f00 mov.b r15, 0xf(r11)
47cc: 0f4b mov r11, r15
47ce: 0d43 clr r13
47d0: 6c4f mov.b @r15, r12
47d2: df4c 5e49 0000 mov.b 0x495e(r12), 0x0(r15)
47d8: 1d53 inc r13
47da: 1f53 inc r15
47dc: 3d90 1000 cmp #0x10, r13
47e0: f723 jne #0x47d0 <aes_ecb_decrypt+0xd6>
47e2: 0f4b mov r11, r15
47e4: b012 1645 call #0x4516 <xor128>
47e8: 3a41 pop r10
47ea: 3b41 pop r11
47ec: 3041 ret
47ee <memcmp>
47ee: 0b12 push r11
47f0: 0d93 tst r13
47f2: 0a24 jz #0x4808 <memcmp+0x1a>
47f4: 7b4f mov.b @r15+, r11
47f6: 7c4e mov.b @r14+, r12
47f8: 4b9c cmp.b r12, r11
47fa: 0424 jeq #0x4804 <memcmp+0x16>
47fc: 4f4b mov.b r11, r15
47fe: 4e4c mov.b r12, r14
4800: 0f8e sub r14, r15
4802: 033c jmp #0x480a <memcmp+0x1c>
4804: 3d53 add #-0x1, r13
4806: f43f jmp #0x47f0 <memcmp+0x2>
4808: 0f43 clr r15
480a: 3b41 pop r11
480c: 3041 ret
480e <memset>
480e: 0b12 push r11
4810: 0a12 push r10
4812: 0912 push r9
4814: 0812 push r8
4816: 3d90 0600 cmp #0x6, r13
481a: 092c jc #0x482e <memset+0x20>
481c: 0c4f mov r15, r12
481e: 043c jmp #0x4828 <memset+0x1a>
4820: cc4e 0000 mov.b r14, 0x0(r12)
4824: 1c53 inc r12
4826: 3d53 add #-0x1, r13
4828: 0d93 tst r13
482a: fa23 jnz #0x4820 <memset+0x12>
482c: 203c jmp #0x486e <memset+0x60>
482e: 4e4e mov.b r14, r14
4830: 4b4e mov.b r14, r11
4832: 0b93 tst r11
4834: 0324 jz #0x483c <memset+0x2e>
4836: 0c4b mov r11, r12
4838: 8c10 swpb r12
483a: 0bdc bis r12, r11
483c: 1fb3 bit #0x1, r15
483e: 0624 jz #0x484c <memset+0x3e>
4840: 3d53 add #-0x1, r13
4842: cf4e 0000 mov.b r14, 0x0(r15)
4846: 094f mov r15, r9
4848: 1953 inc r9
484a: 013c jmp #0x484e <memset+0x40>
484c: 094f mov r15, r9
484e: 0c4d mov r13, r12
4850: 12c3 clrc
4852: 0c10 rrc r12
4854: 0a49 mov r9, r10
4856: 084c mov r12, r8
4858: 8a4b 0000 mov r11, 0x0(r10)
485c: 2a53 incd r10
485e: 3853 add #-0x1, r8
4860: fb23 jnz #0x4858 <memset+0x4a>
4862: 0c5c add r12, r12
4864: 0c59 add r9, r12
4866: 1df3 and #0x1, r13
4868: 0224 jz #0x486e <memset+0x60>
486a: cc4e 0000 mov.b r14, 0x0(r12)
486e: 3841 pop r8
4870: 3941 pop r9
4872: 3a41 pop r10
4874: 3b41 pop r11
4876: 3041 ret
4878 <_unexpected_>
4878: 0013 reti pc
487a <__bss_start+0x247a>
487a .strings:
487a: "SCAN SECURITY DEVICE"
488f: "ACCESS GRANTED!"
489f: "ACCESS GRANTED"
48ae: "\x7fxuw\x0c^\x19 \"\x11KS\x0b1X o\x1aS@Pz 0\x1e\x01ZbY9Y pN SE\x01`/Jh Rp\x07lNDi :yG.I(C|-i =\n]SH //\x0em\x05* A~}\x0fBG \x14{\x13\x14Cu\x10M\x05 n{/\\x18 I<Q \x0bR\ j068@ |9/4CD T{2#=L\x0b BN\x08.f($v[I m%rdh\x16\\ ]elpHP^\x15FW"
49bb: "\nX\x05 E\x06,\x1e?\x0f\x02\x03 \x01\x13k:\x11AOg st\"57 \x1cunG\x1aq\x1d)ob\x0e \x18\x1bV>Ky xZ\x1f3\x071\x12\x10Y \\'_`Q\x7f\x19J\-z ;M*< Sa\x17+\x04~w&i\x14c U!"
Prereqs:"Tutorial"
Name:"Baku"
Text:
Lockitall LOCKIT SecurePlus r a.01
______________________________________________________________________
User Manual: Lockitall LockIT SecurePlus, rev a.01
______________________________________________________________________
OVERVIEW
- This lock contains military grade encryption to secure the lock.
DETAILS
The LockIT SecurePlus a.01 is the first of a new series of locks.
It is controlled by a MSP430 microcontroller, and is the most
advanced MCU-controlled lock available on the market. The MSP430
is a very low-power device which allows the LockIT SecurePlus to
run in almost any environment.
The LockIT SecurePlus contains a NFC reader allowing it to quickly
read credentials from a smartphone, or any compatible device. This
allows LockIT SecurePlus to use complex encrypted credentials
without encumbering the user.
This is Software Revision 01. It is a much more advanced
version of other locks due to the adoption of military strength
encryption, but the first Version A release.
(c) 2022 LOCKITALL Page 1/1
X:200
Y:780
Rating:10
Patch:""

View File

@ -43,3 +43,4 @@ Hopefully in the coming weeks I'll learn enough about malloc and free to get som
### 2022 Dec 11 PM:
St. John's
Baku