|
|
发表于 2025-1-14 15:20:53
|
显示全部楼层
The pattern is not a binary for verdi .
And .....
It is described as scl_lc_checkout_example.
The term "example" means that it is not actual data.
You need to disassemble Verdi to locate the scl_lc_checkout and l_pubkey_verify routines.
Additionally, 55 refers to the first binary of the respective routine, and 31 represents the binary for ret.
This implies that by returning on the first execution of the scl_lc_checkout and l_pubkey_verify routines, those routines will not be executed.
Therefore, the first binary of the scl_lc_checkout and l_pubkey_verify routines may not always be 55.
Furthermore, the disassembled code of the scl_lc_checkout and l_pubkey_verify routines may vary depending on the executable binary file.
As a result, you need to disassemble all executable binaries, extract the scl_lc_checkout and l_pubkey_verify routines for a fixed length, and create replacement patterns.
The fixed length is necessary to avoid confusion with other executable binaries.
Once all the work is completed and patches have been applied, you should disassemble again and compare the patched disassembled code with the original to ensure that only the scl_lc_checkout and l_pubkey_verify routines have been patched.
If more than one patch occurs in a single file, it means that the patch pattern creation is incorrect, as each file should contain only one scl_lc_checkout routine and one l_pubkey_verify routine.
|
|
/2 
eetop公众号
创芯大讲堂
创芯人才网
楼主