Grim | GrimSec Ops | r2 visual mode

[0x00401000] - pd $r @ sym.Grim_Profile /bin/grimsec_operative

/ (fcn) sym.Grim_Profile 284

| sym.Grim_Profile (int argc, char **argv, char **envp);

0x0040100055│ push rbp

0x004010014889e5│ mov rbp, rsp

0x004010044881ec200000│ sub rsp, 0x20

0x0040100b488d3d520a00│ lea rdi, str.Grim ; "Grim"

0x00401012e8b9feffff│ call sym.set_alias

0x00401017488d3d4b0a00│ lea rdi, str.Reverse ; "Reverse Engineering"

0x0040101ee8adfeffff│ call sym.add_skill

0x00401023488d3d450a00│ lea rdi, str.Web_Exp ; "Web Exploitation"

0x0040102ae8a1feffff│ call sym.add_skill

0x0040102f488b05320a00│ mov rax, qword [obj.tools]

0x0040103648c700723200│ mov qword [rax], str.r2 ; "radare2"

0x0040103d48c740085265│ mov qword [rax+8], str.req ; "Reqable"

0x00401045bf0a000000│ mov edi, 0xa ; 10

0x0040104abe64000000│ mov esi, str.wan_lai ; "WAN LAI CTF"

0x0040104fe87cfeffff│ call sym.assert_top_team

0x00401054bf19000000│ mov edi, 0x19 ; 25

0x00401059be78000000│ mov esi, str.archactf ; "ArchaCTF"

0x0040105ee86dfeffff│ call sym.assert_top_team

0x00401063e855010000│ call sym.ptrace_traceme

0x0040106885c0│ test eax, eax

0x0040106a7405│ ┌─<je 0x00401071

0x0040106ce8a1020000│ │call sym.exit

0x00401071b800000000│ └─>mov eax, 0x0

0x00401076c9│ leave

0x00401077c3│ ret

\ (fcn) sym.Grim_Profile

[Registers] - dr context

rax0x0000000000000000

rbx0x00007ffc3a5b2108

rcx0x0000000000401000sym.Grim_Profile

rdx0x0000000000000000

rsi0x0000000000402030str.Medium

rdi0x0000000000402010str.Grim

rsp0x00007ffc3a5b2000[stack]

rbp0x00007ffc3a5b2020[stack]

rip0x0000000000401001sym.Grim_Profile+1

r8 0x000000000000000a10

r9 0x000000000000001925

r100x0000000000000000

; stack traceback

0x7ffc3a5b2000 0x004015c0 main+142

0x7ffc3a5b2008 0x7f8a9b1c2083 __libc_start_main+243

[0x00402000] - px 256 @ obj.intel memory

0x0040200043 6f 6e 74 61 63 74 73 00 00 00 00 00 00 00 00|Contacts........|

0x0040201044 69 73 63 6f 72 64 3a 20 5b 52 45 44 41 43 54|Discord: [REDACT|

0x0040202045 44 5d 00 00 00 00 00 00 00 00 00 00 00 00 00|ED].............|

0x004020304d 65 64 69 75 6d 3a 20 68 74 74 70 73 3a 2f 2f|Medium: https://|

0x004020406d 65 64 69 75 6d 2e 63 6f 6d 2f 40 73 69 72 61|medium.com/@sira|

0x0040205077 69 73 68 72 00 00 00 00 00 00 00 00 00 00 00|wishr...........|

0x0040206000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00|................|

0x0040207053 70 65 63 69 61 6c 74 69 65 73 00 00 00 00 00|Specialties.....|

0x0040208052 65 76 65 72 73 65 20 45 6e 67 69 6e 65 65 72|Reverse Engineer|

0x0040209069 6e 67 00 00 00 00 00 00 00 00 00 00 00 00 00|ing.............|

0x004020a057 65 62 20 45 78 70 6c 6f 69 74 61 74 69 6f 6e|Web Exploitation|