Part 22 – Hacking ADC

For a complete table of contents of all the lessons please click below as it will give you a brief of each lesson in addition to the topics it will cover. https://github.com/mytechnotalent/Reverse-Engineering-Tutorial

To recap again, ADC is the same as ADD except it adds a 1 if the carry flag is set. We need to pay particular attention to the CPSR or Status Register when we work with ADC.

Let’s again review our code:

Part 22 – Hacking ADC - 图1

We add 100 decimal into r1, 4,294,967,295 into r2, 100 decimal into r3 and 100 decimal into r4. We then add r1 and r2 and place in r0 and then add r3 and r4 and place into r5.

Part 22 – Hacking ADC - 图2

We run the program and step to where we move 4,294,967,295 into r2. Let’s hack that value in r2 and change it to 100 decimal.

Part 22 – Hacking ADC - 图3

Let’s step a few more times:

Part 22 – Hacking ADC - 图4

Ok so now we add 100 decimal and 100 decimal together in r3 and r4 and we get 200 decimal in r5! Do you remember last week when we had 201? Let’s examine the CPSR below.

We again need to remember that bits 31, 20, 29 and 28 in the CPSR indicate the following:

bit 31 - N = Negative Flag

bit 30 - Z = Zero Flag

bit 29 - C = Carry Flag

bit 28 - V = Overflow Flag

We see the CPSR at 10 hex. The most significant bits of 10 hex in binary is 0001.

Therefore if the value in binary was 0001 of bit 31, 30, 29 and 28 (NZCV) that would mean:

Negative Flag NOT Set

Zero Flag NOT Set

Carry Flag NOT SET

Overflow Flag Set

As we can clearly see the carry flag was NOT set. I hope you can digest and understand each of these very simple operations and how they have an effect on the CPSR. Please take the time and review last weeks lesson for comparison.

Next week we will dive into SUB.