I am currently very new to Assembly language, I am doing the microcorruption CTF.
The Assembly language is 32 bit.
The code follows:
4484 <check_password>
4484: 6e4f mov.b @r15, r14
4486: 1f53 inc r15
4488: 1c53 inc r12
448a: 0e93 tst r14
448c: fb23 jnz $-0x8 <check_password+0x0>
448e: 3c90 0900 cmp #0x9, r12
4492: 0224 jz $+0x6 <check_password+0x14>
4494: 0f43 clr r15
4496: 3041 ret
4498: 1f43 mov #0x1, r15
449a: 3041 ret
The function works properly, and I understand that the flag set by the result of "tst r14" must be 0 to break out of the loop.
However I am struggling to understand what operation is being preformed on the r14 to determine the value of the flag.
Normally the "tst" instruction refers to an AND operation on two operands. But with one operand i am at a stump.
Is this a difference in the archetecture the CTF is written on, or am i missing anything.
Any help would be appreciated
I Did some digging, and the "tst" instruction with one operand defaults to the second operand being also the first operand. However, I do not know the extent that this explanation covers
So, the operation would have been something like:
01001010
01001010
--------
01001010
In conclusion the <check_password> function, was reading bytes until a NULL byte was found, setting the zeroFlag to 0, than checking if the amount of bytes read equals #0x09.
So all in all, to break the function, you would need to supply 9 characters or 9 bytes.