ARM 32-bit Raspberry Pi Hacking Float example in Kali Linux.
Join DC540 Discord HERE
FREE Reverse Engineering Self-Study Course HERE
Raspberry Pi 4
64GB Micro SD Card
Micro SD Card Reader/Writer
Download [https://www.offensive-security.com/kali-linux-arm-images/]
POWER UP DEVICE AND LOGIN AS KALI AND SET UP SSH
#include <stdio.h>
int main()
{
float x;
x = 10.5;
printf("%0.2f\n", x);
return 0;
}gcc -o 0x03_arm_32_hacking_float 0x03_arm_32_hacking_float.c
./0x03_arm_32_hacking_float
10.50
r2 -d ./0x03_arm_32_hacking_float
aaa
s main
vv
q
[0x0046550c]> pd 2 @ 0x00465512
│ 0x00465512 4ff00003 mov.w r3, 0
│ 0x00465516 c4f22813 movt r3, 0x4128
wa movw r3, 0xd70a @0x00465512
wa movt r3, 0x4127 @0x00465516
[0x0046550c]> pd 2 @ 0x00465512
│ 0x00465512 4df20a73 movw r3, 0xd70a
│ 0x00465516 c4f22713 movt r3, 0x4127
q
r2 -w ./0x03_arm_32_hacking_float
[0x000003fc]> aaa
[0x000003fc]> s main
[0x0000050c]> vv
q
[0x0000050c]> wa movw r3, 0xd70a @0x00000512
[0x0000050c]> wa movt r3, 0x4127 @0x00000516
./0x03_arm_32_hacking_float
10.49
** NOTE ** If you wanted to hack from 10.50 to 10.51 instead you would simply:
[0x0000050c]> wa movw r3, 0x28f6 @0x00000512
[0x0000050c]> wa movt r3, 0x4128 @0x00000516
This should give you a good idea how the LSB and MSB work for floating point numbers now.
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.
Please make sure to update tests as appropriate.