0

I am working on a bin file to find a secret key hidden or generated somewhere in the programm.I disassembled the file using radare2 and found the instruction that tested the password.The instruction is :

test eax, eax

It means that if eax is 0 the password is correct, otherwise it is incorrect.

Now, what I want to do is find how is the value of the eax register is computed. There is an instruction that i don't understand :

bnd jmp qword[reloc.ifunc_4e67b0]

What i don't understant is why does the value of eax changes after that instruction even though the register is not involved(or is it?).

I am new to assembly...

Thanks to anyone reading this message and trying to help!

Jester
  • 56,577
  • 4
  • 81
  • 125
Howlghii
  • 1
  • 1
    `jmp` goes somewhere else. Presumably the code jumped to changes `eax`. – Jester Jan 19 '22 at 12:45
  • `jmp qword[reloc.ifunc_4e67b0]` doesn't change EAX. The `bnd` prefix doesn't alter that: it either takes an exception or does nothing: [Meaning of BND RET in x86](https://stackoverflow.com/q/43057460). If you're seeing EAX change, **make sure you're actually single-stepping by one instruction at a time.** – Peter Cordes Jan 19 '22 at 15:11

1 Answers1

0

The jmp command jumps to a different section of the code, in it eax changed.

if you are debuging the code, you can jump with it and see whats happening.

or, look at the function in the address 4e67b0 is some cases the return value of the jump will be in eax.

Asaf Avatichi
  • 48
  • 7