Help/Support Unknown ARM Instructions

[bR34Kr 19.3k]

Hi. I found my offsets, opened up IDA and I have this function for my gems

                 LDR             X8, [X1]
                 STR             X8, [X0,#0x30]
                 LDR             X8, [X1,#8]
                 LSR             X9, X8, #0x20
                 STP             W8, W9, [X0,#0x38]
                 LDR             X8, [X1,#0x10]
                 STR             W8, [X0,#0x40]
                 SBFX            X8, X8, #0x20, #0x10
                 STR             W8, [X0,#0x74]
                 LDRH            W8, [X1,#0x16]
                 AND             W9, W8, #0xFF
                 STR             W9, [X0,#0x78]
                 LSR             W8, W8, #8
                 STR             W8, [X0,#0x80]
                 LDRH            W8, [X1,#0x18]
                 AND             W9, W8, #0xFF
                 LSR             W8, W8, #8
                 STP             W9, W8, [X0,#0x84]
                 LDRB            W8, [X1,#0x1A]
                 STR             W8, [X0,#0x8C]
                 RET

In which W9/X9 holds my exact value of gems (0x8ea) while W8/X8 holds 0x8ea0000000f. So what are the AND, LSR and STP Instructions and how do they affect my gems?

[Ted2 39.1k iPhone 13 Pro 16.0 Donor]

LSR

Logical Shift Right.

This instruction is a preferred synonym for MOV instructions with shifted register operands.

 

STP

Store Pair of Registers.

 

AND, ORR, EOR, BIC, and ORN

Logical AND, OR, Exclusive OR, Bit Clear, and OR NOT.

The AND, EOR, and ORR instructions perform bitwise AND, Exclusive OR, and OR operations on the values in Rn and Operand2.

 

Don't ask me what it means, I never had to use one of those instructions to hack something.

Source: http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dui0489f/Cihdafai.html

 

You may change

STR             W9, [X0,#0x78]

 

to

STR             W23, [X0,#0x78]

[bR34Kr 19.3k]

Just now, Ted2 said:

LSR

Logical Shift Right.

This instruction is a preferred synonym for MOV instructions with shifted register operands.

 

STP

Store Pair of Registers.

 

AND, ORR, EOR, BIC, and ORN

Logical AND, OR, Exclusive OR, Bit Clear, and OR NOT.

The AND, EOR, and ORR instructions perform bitwise AND, Exclusive OR, and OR operations on the values in Rn and Operand2.

 

Don't ask me what it means, I never had to use one of those instructions to hack something.

Source: http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dui0489f/Cihdafai.html

 

You may change

STR             W9, [X0,#0x78]

 

to

STR             W23, [X0,#0x78]

Thanks you so much! The cheat sheet/documentation will come in handy

My W23 is 1 lol

Updated March 8, 2018 by bbReakMe