Hi All,
Today, I am going to write about the assembly code for the crack challenge 1. But this time the topic is about reversing the code in the decompiled mode. What is decompiled mode? The decompiled mode is assembly code that has been reinterpret back to higher level of code.
We can see the screen capture as below in assembly code
When the above code is decompiled to C it will be like below
I use Ghidra decompiler integration with IDA.
From the above decompiled code, we can study easier the code because it is reinterpret back to C code that more human readeable
We can see that iterator is initiated with 0xc = 12. The loop will end if the iterator reach 15 or less than 0x10 (16)
The above loop does the same operation like the one I discussed previously but it sum the value of char between 12 to 15 of array elements
The DECOMPILER
Using decompiler make the interpretation become much easier because it give you the higher level of programming language. But for me personaly I like to debug it in assembly code :). Decompiling is just to give me an overview idea on how the application work but the detail will run through the assembly.
Here is the mapping between assembly and C code
Cyber Security Architect | Red/Blue Teaming | Exploit/Malware Analysis 