ARM Opcodes - To Higher Level [Archive] - RCE Messageboard's Regroupment

Tsongkie
June 17th, 2013, 00:42
Hey guys,

Glad I found this forum. Seems like there are a lot of people here who can help me.

Anyway, I'm trying to get this piece of code translated to a higher language. I have some background in ASM but this piece of code is just flying through my head and I can't seem to understand it.

I would appreciate it if someone can give me an insight on what is happening here. A pseudo code will be much appreciated, but if that's too much, you can just point me to the right direction where I can some kind of explanation as to what is going on here.

Basically, this function requires a string and then returns a modified version of that string. I got this from IDA:
Code:
.text:00015874 ; Scrambler::getInstagramString(char  const*)

.text:00015874                 EXPORT _ZN9Scrambler18getInstagramStringEPKc

.text:00015874 _ZN9Scrambler18getInstagramStringEPKc   ; CODE XREF: Bridge::getInstagramString(_JNIEnv *,_jobject *,_jstring *)+16p

.text:00015874                 PUSH    {R4-R6,LR}

.text:00015876                 LDR     R1, =(aA4d1b77bbb1a4a - 0x15880)

.text:00015878                 MOVS    R4, R0

.text:0001587A                 MOVS    R5, #0

.text:0001587C                 ADD     R1, PC          ; "a4d1b77bbb1a4a5ca695ad72c84b77e5"

.text:0001587E                 BLX     strcasecmp

.text:00015882                 CMP     R0, #0

.text:00015884                 BNE     loc_1588A

.text:00015886                 LDR     R5, =(unk_6C19C - 0x1588C)

.text:00015888                 ADD     R5, PC

.text:0001588A

.text:0001588A loc_1588A                               ; CODE XREF: Scrambler::getInstagramString(char  const*)+10j

.text:0001588A                 LDR     R1, =(aFf19a68d1f4a4c - 0x15892)

.text:0001588C                 MOVS    R0, R4          ; s1

.text:0001588E                 ADD     R1, PC          ; "ff19a68d1f4a4c29bf4be67ad2c77f12"

.text:00015890                 BLX     strcasecmp

.text:00015894                 CMP     R0, #0

.text:00015896                 BNE     loc_1589E

.text:00015898                 LDR     R5, =(unk_6C19C - 0x1589E)

.text:0001589A                 ADD     R5, PC

.text:0001589C                 ADDS    R5, #0x2C

.text:0001589E

.text:0001589E loc_1589E                               ; CODE XREF: Scrambler::getInstagramString(char  const*)+22j

.text:0001589E                 LDR     R1, =(aEd85650e098847 - 0x158A6)

.text:000158A0                 MOVS    R0, R4          ; s1

.text:000158A2                 ADD     R1, PC          ; "ed85650e09884756a26558259c471af5"

.text:000158A4                 BLX     strcasecmp

.text:000158A8                 CMP     R0, #0

.text:000158AA                 BNE     loc_158B2

.text:000158AC                 LDR     R5, =(unk_6C19C - 0x158B2)

.text:000158AE                 ADD     R5, PC

.text:000158B0                 ADDS    R5, #0x60

.text:000158B2

.text:000158B2 loc_158B2                               ; CODE XREF: Scrambler::getInstagramString(char  const*)+36j

.text:000158B2                 LDR     R1, =(aF9c69e10bbb140 - 0x158BA)

.text:000158B4                 MOVS    R0, R4          ; s1

.text:000158B6                 ADD     R1, PC          ; "f9c69e10bbb140e096e26e3d3f3960ec"

.text:000158B8                 BLX     strcasecmp

.text:000158BC                 CMP     R0, #0

.text:000158BE                 BNE     loc_158C6

.text:000158C0                 LDR     R5, =(unk_6C21C - 0x158C6)

.text:000158C2                 ADD     R5, PC

.text:000158C4                 ADDS    R5, #0xC

.text:000158C6

.text:000158C6 loc_158C6                               ; CODE XREF: Scrambler::getInstagramString(char  const*)+4Aj

.text:000158C6                 LDR     R1, =(aA9fd1ea499854a - 0x158CE)

.text:000158C8                 MOVS    R0, R4          ; s1

.text:000158CA                 ADD     R1, PC          ; "a9fd1ea499854a93bdb89e12d00e56a0"

.text:000158CC                 BLX     strcasecmp

.text:000158D0                 CMP     R0, #0

.text:000158D2                 BNE     loc_158DA

.text:000158D4                 LDR     R5, =(unk_6C21C - 0x158DA)

.text:000158D6                 ADD     R5, PC

.text:000158D8                 ADDS    R5, #0x24

.text:000158DA

.text:000158DA loc_158DA                               ; CODE XREF: Scrambler::getInstagramString(char  const*)+5Ej

.text:000158DA                 LDR     R1, =(aDb9f890529814c - 0x158E2)

.text:000158DC                 MOVS    R0, R4          ; s1

.text:000158DE                 ADD     R1, PC          ; "db9f890529814cc682dae202eb074521"

.text:000158E0                 BLX     strcasecmp

.text:000158E4                 CMP     R0, #0

.text:000158E6                 BNE     loc_158EE

.text:000158E8                 LDR     R5, =(unk_6C21C - 0x158EE)

.text:000158EA                 ADD     R5, PC

.text:000158EC                 ADDS    R5, #0x38

.text:000158EE

.text:000158EE loc_158EE                               ; CODE XREF: Scrambler::getInstagramString(char  const*)+72j

.text:000158EE                 LDR     R1, =(aEc06322a460e44 - 0x158F6)

.text:000158F0                 MOVS    R0, R4          ; s1

.text:000158F2                 ADD     R1, PC          ; "ec06322a460e44a7b8dcadcd49f39374"

.text:000158F4                 BLX     strcasecmp

.text:000158F8                 CMP     R0, #0

.text:000158FA                 BNE     loc_15902

.text:000158FC                 LDR     R5, =(unk_6C21C - 0x15902)

.text:000158FE                 ADD     R5, PC

.text:00015900                 ADDS    R5, #0x5C

.text:00015902

.text:00015902 loc_15902                               ; CODE XREF: Scrambler::getInstagramString(char  const*)+86j

.text:00015902                 LDR     R1, =(aB8382364355a42 - 0x1590A)

.text:00015904                 MOVS    R0, R4          ; s1

.text:00015906                 ADD     R1, PC          ; "b8382364355a42af9b130a7a68feb22a"

.text:00015908                 BLX     strcasecmp

.text:0001590C                 CMP     R0, #0

.text:0001590E                 BNE     loc_15916

.text:00015910                 LDR     R5, =(unk_6C29C - 0x15916)

.text:00015912                 ADD     R5, PC

.text:00015914                 ADDS    R5, #0x10

.text:00015916

.text:00015916 loc_15916                               ; CODE XREF: Scrambler::getInstagramString(char  const*)+9Aj

.text:00015916                 LDR     R1, =(aBdcf8247e5d54d - 0x1591E)

.text:00015918                 MOVS    R0, R4          ; s1

.text:0001591A                 ADD     R1, PC          ; "bdcf8247e5d54dd8a440e77f7c41b208"

.text:0001591C                 BLX     strcasecmp

.text:00015920                 CMP     R0, #0

.text:00015922                 BNE     loc_1592A

.text:00015924                 LDR     R5, =(unk_6C29C - 0x1592A)

.text:00015926                 ADD     R5, PC

.text:00015928                 ADDS    R5, #0x44

.text:0001592A

.text:0001592A loc_1592A                               ; CODE XREF: Scrambler::getInstagramString(char  const*)+AEj

.text:0001592A                 LDR     R1, =(aEf9e3381f0a045 - 0x15932)

.text:0001592C                 MOVS    R0, R4          ; s1

.text:0001592E                 ADD     R1, PC          ; "ef9e3381f0a045d396ee38292ca5481d"

.text:00015930                 BLX     strcasecmp

.text:00015934                 CMP     R0, #0

.text:00015936                 BNE     loc_1593E

.text:00015938                 LDR     R5, =(unk_6C29C - 0x1593E)

.text:0001593A                 ADD     R5, PC

.text:0001593C                 ADDS    R5, #0x78

.text:0001593E

.text:0001593E loc_1593E                               ; CODE XREF: Scrambler::getInstagramString(char  const*)+C2j

.text:0001593E                 LDR     R1, =(aDf1c2873b2cf40 - 0x15946)

.text:00015940                 MOVS    R0, R4          ; s1

.text:00015942                 ADD     R1, PC          ; "df1c2873b2cf408489df344453f9f10e"

.text:00015944                 BLX     strcasecmp

.text:00015948                 CMP     R0, #0

.text:0001594A                 BNE     loc_1595A

.text:0001594C                 LDR     R5, =(unk_6C31C - 0x15952)

.text:0001594E                 ADD     R5, PC

.text:00015950                 ADDS    R5, #0x20

.text:00015952

.text:00015952 loc_15952                               ; CODE XREF: Scrambler::getInstagramString(char  const*)+EAj

.text:00015952                 MOVS    R0, R5

.text:00015954                 BL      _ZN9Scrambler7decryptEPKc ; Scrambler::decrypt(char  const*)

.text:00015958

.text:00015958 locret_15958                            ; CODE XREF: Scrambler::getInstagramString(char  const*)+ECj

.text:00015958                 POP     {R4-R6,PC}

.text:0001595A ; ---------------------------------------------------------------------------

.text:0001595A

.text:0001595A loc_1595A                               ; CODE XREF: Scrambler::getInstagramString(char  const*)+D6j

.text:0001595A                 MOVS    R0, #0

.text:0001595C                 CMP     R5, #0

.text:0001595E                 BNE     loc_15952

.text:00015960                 B       locret_15958

.text:00015960 ; End of function Scrambler::getInstagramString(char  const*)

.text:00015960