Help/Support IDA Address is strange

[bR34Kr 19.2k]

So I saw a whole bunch of tutorials on IDA and can't figure out my problem.

LLDB Told me my address is 0x5408b4

And my register read told me it stored it at r0

So I go there and it looks like this:

 

The r0 store is before which should be on the same line right?

Updated February 23, 2018 by bbReakMe

[K_K 166.7k iPhone 13 Pro Max 15.1]

1 hour ago, bbReakMe said:

So I saw a whole bunch of tutorials on IDA and can't figure out my problem.

LLDB Told me my address is 0x5408b4

And my register read told me it stored it at r0

So I go there and it looks like this:

 

The r0 store is before which should be on the same line right?

games have ASLR armv7 you can remove it but ARM64 you have to calculate , it doesn't always take you to the exact place it should. With experience you can sort of work it out. Check out the STR.W r0 5408B0

[bR34Kr 19.2k]

1 minute ago, K_K said:

games have ASLR armv7 you can remove it but ARM64 you have to calculate , it doesn't always take you to the exact place it should. With experience you can sort of work it out. Check out the STR.W r0 5408B0

Thanks.

[bR34Kr 19.2k]

On 2/22/2018 at 10:07 PM, K_K said:

games have ASLR armv7 you can remove it but ARM64 you have to calculate , it doesn't always take you to the exact place it should. With experience you can sort of work it out. Check out the STR.W r0 5408B0

Should I also change the 5408BE and the 5408C2 ?

Because I changed what you told me + the LDR and it does not work.

Spoiler

__text:005408AC                 LDR.W           R0, [R7,#var_s0]
__text:005408B0                 STR.W           R7, [R8,#0x40]

(This does not work)

 

Updated February 24, 2018 by bbReakMe

[xiaov 6.6k iPhone 6 8.3]

3 hours ago, bbReakMe said:

Should I also change the 5408BE and the 5408C2 ?

Because I changed what you told me + the LDR and it does not work.

  Hide contents

__text:005408AC                 LDR.W           R0, [R7,#var_s0]
__text:005408B0                 STR.W           R7, [R8,#0x40]

(This does not work)

 

app name if cal Zenonia4,

lldb type :

image list "Zenonia4" 

u can see the ASLR for the App ,

u need to minus out if lldb =0x1234567,

ASLR = 0x1A000,

use calculator from PC (programmer format)

enter 1234567 - 1A000 , the final IDA offset is this.

[bR34Kr 19.2k]

6 hours ago, xiaov said:

app name if cal Zenonia4,

lldb type :

image list "Zenonia4" 

u can see the ASLR for the App ,

u need to minus out if lldb =0x1234567,

ASLR = 0x1A000,

use calculator from PC (programmer format)

enter 1234567 - 1A000 , the final IDA offset is this.

 

6 hours ago, xiaov said:

app name if cal Zenonia4,

lldb type :

image list "Zenonia4" 

u can see the ASLR for the App ,

u need to minus out if lldb =0x1234567,

ASLR = 0x1A000,

use calculator from PC (programmer format)

enter 1234567 - 1A000 , the final IDA offset is this.

I'm not sure to do this because I already removed ASLR and it's armv7 thinned. Should I just restart the whole thing with an ARM64 with ASLR binary and follow your steps?

[bR34Kr 19.2k]

10 hours ago, xiaov said:

app name if cal Zenonia4,

lldb type :

image list "Zenonia4" 

u can see the ASLR for the App ,

u need to minus out if lldb =0x1234567,

ASLR = 0x1A000,

use calculator from PC (programmer format)

enter 1234567 - 1A000 , the final IDA offset is this.

I did this with an untouched binary and the address does not exist. It gives me 0x637474 when I calculate but the smallest address is 0x100004A60. The raw address given by lldb is 0x100703474 so I go there and it's a BL. 

 

EDIT: This happened with the plain arm64 binary.

Updated February 24, 2018 by bbReakMe