➜ e9patch git:(master) ✗ ./e9tool --debug -M 'plugin(funcMatch).match()' -P 'state_tracer(state,asm,size,offset)@afl-rt' test-state-tracer-v0 -o test-state-tracer-1128
[*] funcmatch init...
[*] ----------------------------------------------------
[*] matching fucntion: malloc:0x1210
[*] matching fucntion: calloc:0x11e0
[*] matching fucntion: realloc:0x1220
[*] matching fucntion: free:0x1160
[*] matching fucntion: recv:0x1369
[*] matching fucntion: send:0x1381
[*] matching fucntion: fprintf:0x11f0
[*] matching fucntion: fgets:0x11d0
[*] matching fucntion: fwrite:0x1260
[*] matching fucntion: fclose:0x1190
debug: 0x1000: disassemble endbr64
debug: 0x1004: disassemble sub $0x8, %rsp
debug: 0x1008: disassemble movq 0x2fd9(%rip), %rax
debug: 0x100f: disassemble test %rax, %rax
debug: 0x1012: disassemble jz 0x1016
debug: 0x1014: disassemble call *%rax
debug: 0x1016: disassemble add $0x8, %rsp
debug: 0x101a: disassemble ret
debug: 0x1280: disassemble endbr64
debug: 0x1284: disassemble xor %ebp, %ebp
debug: 0x1286: disassemble mov %rdx, %r9
debug: 0x1289: disassemble pop %rsi
debug: 0x128a: disassemble mov %rsp, %rdx
debug: 0x128d: disassemble and $-0x10, %rsp
debug: 0x1291: disassemble push %rax
debug: 0x1292: disassemble push %rsp
debug: 0x1293: disassemble lea 0x666(%rip), %r8
debug: 0x129a: disassemble lea 0x5ef(%rip), %rcx
debug: 0x12a1: disassemble lea 0x29a(%rip), %rdi
debug: 0x12a8: disassemble callq *0x2d32(%rip)
debug: 0x12ae: disassemble hlt
debug: 0x12af: disassemble nop
debug: 0x12b0: disassemble lea 0x2d59(%rip), %rdi
debug: 0x12b7: disassemble lea 0x2d52(%rip), %rax
debug: 0x12be: disassemble cmp %rdi, %rax
debug: 0x12c1: disassemble jz 0x12d8
debug: 0x12c3: disassemble movq 0x2d0e(%rip), %rax
debug: 0x12ca: disassemble test %rax, %rax
debug: 0x12cd: disassemble jz 0x12d8
debug: 0x12cf: disassemble jmp *%rax
debug: 0x12d1: disassemble nopl %eax, (%rax)
debug: 0x12d8: disassemble ret
debug: 0x12d9: disassemble nopl %eax, (%rax)
debug: 0x12e0: disassemble lea 0x2d29(%rip), %rdi
debug: 0x12e7: disassemble lea 0x2d22(%rip), %rsi
debug: 0x12ee: disassemble sub %rdi, %rsi
debug: 0x12f1: disassemble mov %rsi, %rax
debug: 0x12f4: disassemble shr $0x3f, %rsi
debug: 0x12f8: disassemble sar $0x3, %rax
debug: 0x12fc: disassemble add %rax, %rsi
debug: 0x12ff: disassemble sar $0x1, %rsi
debug: 0x1302: disassemble jz 0x1318
debug: 0x1304: disassemble movq 0x2ce5(%rip), %rax
debug: 0x130b: disassemble test %rax, %rax
debug: 0x130e: disassemble jz 0x1318
debug: 0x1310: disassemble jmp *%rax
debug: 0x1312: disassemble nopw %ax, (%rax,%rax,1)
debug: 0x1318: disassemble ret
debug: 0x1319: disassemble nopl %eax, (%rax)
debug: 0x1320: disassemble endbr64
debug: 0x1324: disassemble cmpb $0x0, 0x2ce5(%rip)
debug: 0x132b: disassemble jnz 0x1358
debug: 0x132d: disassemble push %rbp
debug: 0x132e: disassemble cmpq $0x0, 0x2cc2(%rip)
debug: 0x1336: disassemble mov %rsp, %rbp
debug: 0x1339: disassemble jz 0x1347
debug: 0x133b: disassemble movq 0x2cc6(%rip), %rdi
debug: 0x1342: disassemble call 0x1150
debug: 0x1347: disassemble call 0x12b0
debug: 0x134c: disassemble movb $0x1, 0x2cbd(%rip)
debug: 0x1353: disassemble pop %rbp
debug: 0x1354: disassemble ret
debug: 0x1355: disassemble nopl %eax, (%rax)
debug: 0x1358: disassemble ret
debug: 0x1359: disassemble nopl %eax, (%rax)
debug: 0x1360: disassemble endbr64
debug: 0x1364: disassemble jmp 0x12e0
debug: 0x1369: disassemble endbr64
debug: 0x136d: disassemble push %rbp
debug: 0x136e: disassemble mov %rsp, %rbp
debug: 0x1371: disassemble movl %edi, -0x4(%rbp)
debug: 0x1374: disassemble movq %rsi, -0x10(%rbp)
debug: 0x1378: disassemble movl %edx, -0x8(%rbp)
debug: 0x137b: disassemble movl %ecx, -0x14(%rbp)
debug: 0x137e: disassemble nop
debug: 0x137f: disassemble pop %rbp
debug: 0x1380: disassemble ret
debug: 0x1381: disassemble endbr64
debug: 0x1385: disassemble push %rbp
debug: 0x1386: disassemble mov %rsp, %rbp
debug: 0x1389: disassemble movl %edi, -0x4(%rbp)
debug: 0x138c: disassemble movq %rsi, -0x10(%rbp)
debug: 0x1390: disassemble movl %edx, -0x8(%rbp)
debug: 0x1393: disassemble movl %ecx, -0x14(%rbp)
debug: 0x1396: disassemble nop
debug: 0x1397: disassemble pop %rbp
debug: 0x1398: disassemble ret
debug: 0x1399: disassemble endbr64
debug: 0x139d: disassemble push %rbp
debug: 0x139e: disassemble mov %rsp, %rbp
debug: 0x13a1: disassemble movl %edi, -0x4(%rbp)
debug: 0x13a4: disassemble movq %rsi, -0x10(%rbp)
debug: 0x13a8: disassemble nop
debug: 0x13a9: disassemble pop %rbp
debug: 0x13aa: disassemble ret
debug: 0x13ab: disassemble endbr64
debug: 0x13af: disassemble push %rbp
debug: 0x13b0: disassemble mov %rsp, %rbp
debug: 0x13b3: disassemble movl %edi, -0x4(%rbp)
debug: 0x13b6: disassemble movq %rsi, -0x10(%rbp)
debug: 0x13ba: disassemble nop
debug: 0x13bb: disassemble pop %rbp
debug: 0x13bc: disassemble ret
debug: 0x13bd: disassemble endbr64
debug: 0x13c1: disassemble push %rbp
debug: 0x13c2: disassemble mov %rsp, %rbp
debug: 0x13c5: disassemble sub $0x10, %rsp
debug: 0x13c9: disassemble movq %rdi, -0x8(%rbp)
debug: 0x13cd: disassemble call 0x1270
debug: 0x13d2: disassemble movq -0x8(%rbp), %rdx
debug: 0x13d6: disassemble movl %eax, (%rdx)
debug: 0x13d8: disassemble call 0x1270
debug: 0x13dd: disassemble movsxd %eax, %rdx
debug: 0x13e0: disassemble imul $0x4ec4ec4f, %rdx, %rdx
debug: 0x13e7: disassemble shr $0x20, %rdx
debug: 0x13eb: disassemble mov %edx, %ecx
debug: 0x13ed: disassemble sar $0x3, %ecx
debug: 0x13f0: disassemble cdq
debug: 0x13f1: disassemble sub %edx, %ecx
debug: 0x13f3: disassemble mov %ecx, %edx
debug: 0x13f5: disassemble imul $0x1a, %edx, %edx
debug: 0x13f8: disassemble sub %edx, %eax
debug: 0x13fa: disassemble mov %eax, %edx
debug: 0x13fc: disassemble mov %edx, %eax
debug: 0x13fe: disassemble add $0x41, %eax
debug: 0x1401: disassemble mov %eax, %edx
debug: 0x1403: disassemble movq -0x8(%rbp), %rax
debug: 0x1407: disassemble movb %dl, 0x4(%rax)
debug: 0x140a: disassemble nop
debug: 0x140b: disassemble leave
debug: 0x140c: disassemble ret
debug: 0x140d: disassemble endbr64
debug: 0x1411: disassemble push %rbp
debug: 0x1412: disassemble mov %rsp, %rbp
debug: 0x1415: disassemble sub $0x400, %rsp
debug: 0x141c: disassemble movq %fs:0x28, %rax
debug: 0x1425: disassemble movq %rax, -0x8(%rbp)
debug: 0x1429: disassemble xor %eax, %eax
debug: 0x142b: disassemble lea 0xbd6(%rip), %rsi
debug: 0x1432: disassemble lea 0xbd7(%rip), %rdi
debug: 0x1439: disassemble call 0x1230
debug: 0x143e: disassemble movq %rax, -0x3f8(%rbp)
debug: 0x1445: disassemble cmpq $0x0, -0x3f8(%rbp)
debug: 0x144d: disassemble jnz 0x146a
debug: 0x144f: disassemble lea 0xbe5(%rip), %rdi
debug: 0x1456: disassemble mov $0x0, %eax
debug: 0x145b: disassemble call 0x11b0
debug: 0x1460: disassemble mov $0x1, %eax
debug: 0x1465: disassemble jmp 0x152c
debug: 0x146a: disassemble movl $0x0, -0x400(%rbp)
debug: 0x1474: disassemble jmp 0x14d4
debug: 0x1476: disassemble lea -0x3f0(%rbp), %rax
debug: 0x147d: disassemble mov $0x3e8, %edx
debug: 0x1482: disassemble mov $0x0, %esi
debug: 0x1487: disassemble mov %rax, %rdi
debug: 0x148a: disassemble call 0x11c0
debug: 0x148f: disassemble movq -0x3f8(%rbp), %rdx
debug: 0x1496: disassemble lea -0x3f0(%rbp), %rax
debug: 0x149d: disassemble mov $0x3e8, %esi
debug: 0x14a2: disassemble mov %rax, %rdi
debug: 0x14a5: disassemble call 0x11d0
debug: 0x14aa: disassemble movl $0x0, -0x3fc(%rbp)
debug: 0x14b4: disassemble lea -0x3f0(%rbp), %rdx
debug: 0x14bb: disassemble movl -0x400(%rbp), %eax
debug: 0x14c1: disassemble mov %eax, %esi
debug: 0x14c3: disassemble lea 0xb84(%rip), %rdi
debug: 0x14ca: disassemble mov $0x0, %eax
debug: 0x14cf: disassemble call 0x11b0
debug: 0x14d4: disassemble movq -0x3f8(%rbp), %rax
debug: 0x14db: disassemble mov %rax, %rdi
debug: 0x14de: disassemble call 0x1200
debug: 0x14e3: disassemble test %eax, %eax
debug: 0x14e5: disassemble jz 0x1476
debug: 0x14e7: disassemble movq -0x3f8(%rbp), %rax
debug: 0x14ee: disassemble mov $0x7de, %r9d
debug: 0x14f4: disassemble lea 0xb5b(%rip), %r8
debug: 0x14fb: disassemble lea 0xb57(%rip), %rcx
debug: 0x1502: disassemble lea 0xb54(%rip), %rdx
debug: 0x1509: disassemble lea 0xb50(%rip), %rsi
debug: 0x1510: disassemble mov %rax, %rdi
debug: 0x1513: disassemble mov $0x0, %eax
debug: 0x1518: disassemble call 0x11f0
debug: 0x151d: disassemble movq -0x3f8(%rbp), %rax
debug: 0x1524: disassemble mov %rax, %rdi
debug: 0x1527: disassemble call 0x1190
debug: 0x152c: disassemble movq -0x8(%rbp), %rcx
debug: 0x1530: disassemble xorq %fs:0x28, %rcx
debug: 0x1539: disassemble jz 0x1540
debug: 0x153b: disassemble call 0x11a0
debug: 0x1540: disassemble leave
debug: 0x1541: disassemble ret
debug: 0x1542: disassemble endbr64
debug: 0x1546: disassemble push %rbp
debug: 0x1547: disassemble mov %rsp, %rbp
debug: 0x154a: disassemble sub $0x160, %rsp
debug: 0x1551: disassemble movl %edi, -0x154(%rbp)
debug: 0x1557: disassemble movq %rsi, -0x160(%rbp)
debug: 0x155e: disassemble movq %fs:0x28, %rax
debug: 0x1567: disassemble movq %rax, -0x8(%rbp)
debug: 0x156b: disassemble xor %eax, %eax
debug: 0x156d: disassemble lea 0xaf8(%rip), %rsi
debug: 0x1574: disassemble lea 0xaf4(%rip), %rdi
debug: 0x157b: disassemble call 0x1230
debug: 0x1580: disassemble movq %rax, -0x138(%rbp)
debug: 0x1587: disassemble movq -0x138(%rbp), %rax
debug: 0x158e: disassemble mov %rax, %rcx
debug: 0x1591: disassemble mov $0x5, %edx
debug: 0x1596: disassemble mov $0x1, %esi
debug: 0x159b: disassemble lea 0xad8(%rip), %rdi
debug: 0x15a2: disassemble call 0x1260
debug: 0x15a7: disassemble movq -0x138(%rbp), %rax
debug: 0x15ae: disassemble mov %rax, %rdi
debug: 0x15b1: disassemble call 0x1190
debug: 0x15b6: disassemble mov $0x0, %eax
debug: 0x15bb: disassemble call 0x140d
debug: 0x15c0: disassemble movl $0x2, -0x148(%rbp)
debug: 0x15ca: disassemble movl $0x2, -0x144(%rbp)
debug: 0x15d4: disassemble movl -0x148(%rbp), %edx
debug: 0x15da: disassemble movl -0x144(%rbp), %eax
debug: 0x15e0: disassemble add %edx, %eax
debug: 0x15e2: disassemble movl %eax, -0x140(%rbp)
debug: 0x15e8: disassemble movl -0x140(%rbp), %eax
debug: 0x15ee: disassemble mov %eax, %esi
debug: 0x15f0: disassemble lea 0xa89(%rip), %rdi
debug: 0x15f7: disassemble mov $0x0, %eax
debug: 0x15fc: disassemble call 0x11b0
debug: 0x1601: disassemble mov $0xa, %edi
debug: 0x1606: disassemble call 0x1210
debug: 0x160b: disassemble movq %rax, -0x130(%rbp)
debug: 0x1612: disassemble movl $0xc8, -0x13c(%rbp)
debug: 0x161c: disassemble movl -0x13c(%rbp), %eax
debug: 0x1622: disassemble movsxd %eax, %rdx
debug: 0x1625: disassemble movq -0x130(%rbp), %rax
debug: 0x162c: disassemble mov %rdx, %rsi
debug: 0x162f: disassemble mov %rax, %rdi
debug: 0x1632: disassemble call 0x1220
debug: 0x1637: disassemble movq %rax, -0x128(%rbp)
debug: 0x163e: disassemble mov $0x4, %esi
debug: 0x1643: disassemble mov $0xa, %edi
debug: 0x1648: disassemble call 0x11e0
debug: 0x164d: disassemble movq %rax, -0x120(%rbp)
debug: 0x1654: disassemble lea -0x110(%rbp), %rax
debug: 0x165b: disassemble mov %rax, %rdi
debug: 0x165e: disassemble call 0x13bd
debug: 0x1663: disassemble movq -0x130(%rbp), %rax
debug: 0x166a: disassemble add $0x1, %rax
debug: 0x166e: disassemble movq %rax, -0x100(%rbp)
debug: 0x1675: disassemble movl $0xd, -0x94(%rbp)
debug: 0x167f: disassemble movzxb -0x10c(%rbp), %eax
debug: 0x1686: disassemble movsx %al, %ecx
debug: 0x1689: disassemble movl -0x110(%rbp), %edx
debug: 0x168f: disassemble lea -0x110(%rbp), %rax
debug: 0x1696: disassemble mov %rax, %rsi
debug: 0x1699: disassemble lea 0x9ec(%rip), %rdi
debug: 0x16a0: disassemble mov $0x0, %eax
debug: 0x16a5: disassemble call 0x11b0
debug: 0x16aa: disassemble movl $0x0, -0x14c(%rbp)
debug: 0x16b4: disassemble jmp 0x184d
debug: 0x16b9: disassemble lea -0x90(%rbp), %rax
debug: 0x16c0: disassemble mov %rax, %rdi
debug: 0x16c3: disassemble call 0x13bd
debug: 0x16c8: disassemble movzxb -0x8c(%rbp), %eax
debug: 0x16cf: disassemble movsx %al, %edx
debug: 0x16d2: disassemble movl -0x90(%rbp), %eax
debug: 0x16d8: disassemble mov %eax, %esi
debug: 0x16da: disassemble lea 0x9bb(%rip), %rdi
debug: 0x16e1: disassemble mov $0x0, %eax
debug: 0x16e6: disassemble call 0x11b0
debug: 0x16eb: disassemble movq -0x130(%rbp), %rax
debug: 0x16f2: disassemble mov %rax, %rsi
debug: 0x16f5: disassemble lea 0x9ad(%rip), %rdi
debug: 0x16fc: disassemble mov $0x0, %eax
debug: 0x1701: disassemble call 0x11b0
debug: 0x1706: disassemble movq -0x160(%rbp), %rax
debug: 0x170d: disassemble movq (%rax), %rcx
debug: 0x1710: disassemble movq -0x130(%rbp), %rax
debug: 0x1717: disassemble mov $0xa, %edx
debug: 0x171c: disassemble mov %rcx, %rsi
debug: 0x171f: disassemble mov %rax, %rdi
debug: 0x1722: disassemble call 0x1170
debug: 0x1727: disassemble movq -0x130(%rbp), %rax
debug: 0x172e: disassemble add $0x9, %rax
debug: 0x1732: disassemble movzxb (%rax), %eax
debug: 0x1735: disassemble mov %eax, %edx
debug: 0x1737: disassemble movl -0x14c(%rbp), %eax
debug: 0x173d: disassemble add %eax, %edx
debug: 0x173f: disassemble movq -0x130(%rbp), %rax
debug: 0x1746: disassemble add $0x9, %rax
debug: 0x174a: disassemble movb %dl, (%rax)
debug: 0x174c: disassemble movq -0x160(%rbp), %rax
debug: 0x1753: disassemble movq (%rax), %rax
debug: 0x1756: disassemble mov %rax, %rdi
debug: 0x1759: disassemble call 0x1240
debug: 0x175e: disassemble movl %eax, -0x90(%rbp)
debug: 0x1764: disassemble mov $0x14, %edi
debug: 0x1769: disassemble call 0x1210
debug: 0x176e: disassemble movq %rax, -0x118(%rbp)
debug: 0x1775: disassemble movq -0x118(%rbp), %rax
debug: 0x177c: disassemble mov %rax, %rsi
debug: 0x177f: disassemble lea 0x92b(%rip), %rdi
debug: 0x1786: disassemble mov $0x0, %eax
debug: 0x178b: disassemble call 0x11b0
debug: 0x1790: disassemble movq -0x160(%rbp), %rax
debug: 0x1797: disassemble movq (%rax), %rdx
debug: 0x179a: disassemble movq -0x118(%rbp), %rax
debug: 0x17a1: disassemble lea 0x911(%rip), %rsi
debug: 0x17a8: disassemble mov %rax, %rdi
debug: 0x17ab: disassemble mov $0x0, %eax
debug: 0x17b0: disassemble call 0x1250
debug: 0x17b5: disassemble movq -0x130(%rbp), %rax
debug: 0x17bc: disassemble mov %rax, %rdi
debug: 0x17bf: disassemble call 0x1180
debug: 0x17c4: disassemble movq -0x118(%rbp), %rax
debug: 0x17cb: disassemble mov %rax, %rdi
debug: 0x17ce: disassemble call 0x1180
debug: 0x17d3: disassemble lea -0x110(%rbp), %rax
debug: 0x17da: disassemble add $0x18, %rax
debug: 0x17de: disassemble mov $0x0, %ecx
debug: 0x17e3: disassemble mov $0x64, %edx
debug: 0x17e8: disassemble mov %rax, %rsi
debug: 0x17eb: disassemble mov $0x0, %edi
debug: 0x17f0: disassemble call 0x1369
debug: 0x17f5: disassemble mov $0x1234, %esi
debug: 0x17fa: disassemble mov $0x1, %edi
debug: 0x17ff: disassemble call 0x13ab
debug: 0x1804: disassemble mov $0x0, %ecx
debug: 0x1809: disassemble mov $0x0, %edx
debug: 0x180e: disassemble mov $0x0, %esi
debug: 0x1813: disassemble mov $0x0, %edi
debug: 0x1818: disassemble call 0x1381
debug: 0x181d: disassemble mov $0x1234, %esi
debug: 0x1822: disassemble mov $0x1, %edi
debug: 0x1827: disassemble call 0x1399
debug: 0x182c: disassemble movq -0x118(%rbp), %rax
debug: 0x1833: disassemble mov %rax, %rdi
debug: 0x1836: disassemble call 0x1160
debug: 0x183b: disassemble movq $0x0, -0x118(%rbp)
debug: 0x1846: disassemble addl $0x1, -0x14c(%rbp)
debug: 0x184d: disassemble cmpl $0x2, -0x14c(%rbp)
debug: 0x1854: disassemble jle 0x16b9
debug: 0x185a: disassemble movq -0x128(%rbp), %rax
debug: 0x1861: disassemble mov %rax, %rdi
debug: 0x1864: disassemble call 0x1160
debug: 0x1869: disassemble mov $0x0, %eax
debug: 0x186e: disassemble movq -0x8(%rbp), %rcx
debug: 0x1872: disassemble xorq %fs:0x28, %rcx
debug: 0x187b: disassemble jz 0x1882
debug: 0x187d: disassemble call 0x11a0
debug: 0x1882: disassemble leave
debug: 0x1883: disassemble ret
debug: 0x1884: disassemble nopw %ax, (%rax,%rax,1)
debug: 0x188e: disassemble nop
debug: 0x1890: disassemble endbr64
debug: 0x1894: disassemble push %r15
debug: 0x1896: disassemble lea 0x2493(%rip), %r15
debug: 0x189d: disassemble push %r14
debug: 0x189f: disassemble mov %rdx, %r14
debug: 0x18a2: disassemble push %r13
debug: 0x18a4: disassemble mov %rsi, %r13
debug: 0x18a7: disassemble push %r12
debug: 0x18a9: disassemble mov %edi, %r12d
debug: 0x18ac: disassemble push %rbp
debug: 0x18ad: disassemble lea 0x2484(%rip), %rbp
debug: 0x18b4: disassemble push %rbx
debug: 0x18b5: disassemble sub %r15, %rbp
debug: 0x18b8: disassemble sub $0x8, %rsp
debug: 0x18bc: disassemble call 0x1000
debug: 0x18c1: disassemble sar $0x3, %rbp
debug: 0x18c5: disassemble jz 0x18e6
debug: 0x18c7: disassemble xor %ebx, %ebx
debug: 0x18c9: disassemble nopl %eax, (%rax)
debug: 0x18d0: disassemble mov %r14, %rdx
debug: 0x18d3: disassemble mov %r13, %rsi
debug: 0x18d6: disassemble mov %r12d, %edi
debug: 0x18d9: disassemble callq *(%r15,%rbx,8)
debug: 0x18dd: disassemble add $0x1, %rbx
debug: 0x18e1: disassemble cmp %rbx, %rbp
debug: 0x18e4: disassemble jnz 0x18d0
debug: 0x18e6: disassemble add $0x8, %rsp
debug: 0x18ea: disassemble pop %rbx
debug: 0x18eb: disassemble pop %rbp
debug: 0x18ec: disassemble pop %r12
debug: 0x18ee: disassemble pop %r13
debug: 0x18f0: disassemble pop %r14
debug: 0x18f2: disassemble pop %r15
debug: 0x18f4: disassemble ret
debug: 0x18f5: disassemble nopw %ax, (%rax,%rax,1)
debug: 0x1900: disassemble endbr64
debug: 0x1904: disassemble ret
debug: 0x1908: disassemble endbr64
debug: 0x190c: disassemble sub $0x8, %rsp
debug: 0x1910: disassemble add $0x8, %rsp
debug: 0x1914: disassemble ret
[*] ----------------------------------------------------
[*] funcmatch matching instr [endbr64]..
[*] not a call instruction
debug: 0x1000: instr endbr64
debug: 0x1000: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1000: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1000: match endbr64
[*] ----------------------------------------------------
[*] funcmatch matching instr [sub $0x8, %rsp]..
[*] not a call instruction
debug: 0x1004: instr sub $0x8, %rsp
debug: 0x1004: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1004: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1004: match sub $0x8, %rsp
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq 0x2fd9(%rip), %rax]..
[*] not a call instruction
debug: 0x1008: instr movq 0x2fd9(%rip), %rax
debug: 0x1008: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1008: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1008: match movq 0x2fd9(%rip), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [test %rax, %rax]..
[*] not a call instruction
debug: 0x100f: instr test %rax, %rax
debug: 0x100f: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x100f: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x100f: match test %rax, %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [jz 0x1016]..
[*] not a call instruction
debug: 0x1012: instr jz 0x1016
debug: 0x1012: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1012: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1012: match jz 0x1016
[*] ----------------------------------------------------
[*] funcmatch matching instr [call *%rax]..
[*] undefine address..
debug: 0x1014: instr call *%rax
debug: 0x1014: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1014: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1014: match call *%rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [add $0x8, %rsp]..
[*] not a call instruction
debug: 0x1016: instr add $0x8, %rsp
debug: 0x1016: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1016: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1016: match add $0x8, %rsp
[*] ----------------------------------------------------
[*] funcmatch matching instr [ret]..
debug: 0x101a: instr ret
debug: 0x101a: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x101a: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x101a: match ret
[*] ----------------------------------------------------
[*] funcmatch matching instr [endbr64]..
[*] not a call instruction
debug: 0x1280: instr endbr64
debug: 0x1280: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1280: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1280: match endbr64
[*] ----------------------------------------------------
[*] funcmatch matching instr [xor %ebp, %ebp]..
[*] not a call instruction
debug: 0x1284: instr xor %ebp, %ebp
debug: 0x1284: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1284: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1284: match xor %ebp, %ebp
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rdx, %r9]..
[*] not a call instruction
debug: 0x1286: instr mov %rdx, %r9
debug: 0x1286: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1286: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1286: match mov %rdx, %r9
[*] ----------------------------------------------------
[*] funcmatch matching instr [pop %rsi]..
[*] not a call instruction
debug: 0x1289: instr pop %rsi
debug: 0x1289: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1289: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1289: match pop %rsi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rsp, %rdx]..
[*] not a call instruction
debug: 0x128a: instr mov %rsp, %rdx
debug: 0x128a: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x128a: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x128a: match mov %rsp, %rdx
[*] ----------------------------------------------------
[*] funcmatch matching instr [and $-0x10, %rsp]..
[*] not a call instruction
debug: 0x128d: instr and $-0x10, %rsp
debug: 0x128d: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x128d: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x128d: match and $-0x10, %rsp
[*] ----------------------------------------------------
[*] funcmatch matching instr [push %rax]..
[*] not a call instruction
debug: 0x1291: instr push %rax
debug: 0x1291: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1291: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1291: match push %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [push %rsp]..
[*] not a call instruction
debug: 0x1292: instr push %rsp
debug: 0x1292: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1292: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1292: match push %rsp
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0x666(%rip), %r8]..
[*] not a call instruction
debug: 0x1293: instr lea 0x666(%rip), %r8
debug: 0x1293: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1293: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1293: match lea 0x666(%rip), %r8
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0x5ef(%rip), %rcx]..
[*] not a call instruction
debug: 0x129a: instr lea 0x5ef(%rip), %rcx
debug: 0x129a: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x129a: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x129a: match lea 0x5ef(%rip), %rcx
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0x29a(%rip), %rdi]..
[*] not a call instruction
debug: 0x12a1: instr lea 0x29a(%rip), %rdi
debug: 0x12a1: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12a1: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12a1: match lea 0x29a(%rip), %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [callq *0x2d32(%rip)]..
[*] undefine address..
debug: 0x12a8: instr callq *0x2d32(%rip)
debug: 0x12a8: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12a8: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12a8: match callq *0x2d32(%rip)
[*] ----------------------------------------------------
[*] funcmatch matching instr [hlt]..
[*] not a call instruction
debug: 0x12ae: instr hlt
debug: 0x12ae: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12ae: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12ae: match hlt
[*] ----------------------------------------------------
[*] funcmatch matching instr [nop]..
[*] not a call instruction
debug: 0x12af: instr nop
debug: 0x12af: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12af: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12af: match nop
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0x2d59(%rip), %rdi]..
[*] not a call instruction
debug: 0x12b0: instr lea 0x2d59(%rip), %rdi
debug: 0x12b0: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12b0: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12b0: match lea 0x2d59(%rip), %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0x2d52(%rip), %rax]..
[*] not a call instruction
debug: 0x12b7: instr lea 0x2d52(%rip), %rax
debug: 0x12b7: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12b7: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12b7: match lea 0x2d52(%rip), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [cmp %rdi, %rax]..
[*] not a call instruction
debug: 0x12be: instr cmp %rdi, %rax
debug: 0x12be: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12be: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12be: match cmp %rdi, %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [jz 0x12d8]..
[*] not a call instruction
debug: 0x12c1: instr jz 0x12d8
debug: 0x12c1: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12c1: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12c1: match jz 0x12d8
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq 0x2d0e(%rip), %rax]..
[*] not a call instruction
debug: 0x12c3: instr movq 0x2d0e(%rip), %rax
debug: 0x12c3: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12c3: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12c3: match movq 0x2d0e(%rip), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [test %rax, %rax]..
[*] not a call instruction
debug: 0x12ca: instr test %rax, %rax
debug: 0x12ca: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12ca: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12ca: match test %rax, %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [jz 0x12d8]..
[*] not a call instruction
debug: 0x12cd: instr jz 0x12d8
debug: 0x12cd: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12cd: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12cd: match jz 0x12d8
[*] ----------------------------------------------------
[*] funcmatch matching instr [jmp *%rax]..
[*] undefine address..
debug: 0x12cf: instr jmp *%rax
debug: 0x12cf: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12cf: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12cf: match jmp *%rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [nopl %eax, (%rax)]..
[*] not a call instruction
debug: 0x12d1: instr nopl %eax, (%rax)
debug: 0x12d1: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12d1: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12d1: match nopl %eax, (%rax)
[*] ----------------------------------------------------
[*] funcmatch matching instr [ret]..
debug: 0x12d8: instr ret
debug: 0x12d8: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12d8: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12d8: match ret
[*] ----------------------------------------------------
[*] funcmatch matching instr [nopl %eax, (%rax)]..
[*] not a call instruction
debug: 0x12d9: instr nopl %eax, (%rax)
debug: 0x12d9: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12d9: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12d9: match nopl %eax, (%rax)
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0x2d29(%rip), %rdi]..
[*] not a call instruction
debug: 0x12e0: instr lea 0x2d29(%rip), %rdi
debug: 0x12e0: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12e0: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12e0: match lea 0x2d29(%rip), %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0x2d22(%rip), %rsi]..
[*] not a call instruction
debug: 0x12e7: instr lea 0x2d22(%rip), %rsi
debug: 0x12e7: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12e7: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12e7: match lea 0x2d22(%rip), %rsi
[*] ----------------------------------------------------
[*] funcmatch matching instr [sub %rdi, %rsi]..
[*] not a call instruction
debug: 0x12ee: instr sub %rdi, %rsi
debug: 0x12ee: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12ee: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12ee: match sub %rdi, %rsi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rsi, %rax]..
[*] not a call instruction
debug: 0x12f1: instr mov %rsi, %rax
debug: 0x12f1: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12f1: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12f1: match mov %rsi, %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [shr $0x3f, %rsi]..
[*] not a call instruction
debug: 0x12f4: instr shr $0x3f, %rsi
debug: 0x12f4: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12f4: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12f4: match shr $0x3f, %rsi
[*] ----------------------------------------------------
[*] funcmatch matching instr [sar $0x3, %rax]..
[*] not a call instruction
debug: 0x12f8: instr sar $0x3, %rax
debug: 0x12f8: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12f8: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12f8: match sar $0x3, %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [add %rax, %rsi]..
[*] not a call instruction
debug: 0x12fc: instr add %rax, %rsi
debug: 0x12fc: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12fc: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12fc: match add %rax, %rsi
[*] ----------------------------------------------------
[*] funcmatch matching instr [sar $0x1, %rsi]..
[*] not a call instruction
debug: 0x12ff: instr sar $0x1, %rsi
debug: 0x12ff: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x12ff: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x12ff: match sar $0x1, %rsi
[*] ----------------------------------------------------
[*] funcmatch matching instr [jz 0x1318]..
[*] not a call instruction
debug: 0x1302: instr jz 0x1318
debug: 0x1302: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1302: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1302: match jz 0x1318
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq 0x2ce5(%rip), %rax]..
[*] not a call instruction
debug: 0x1304: instr movq 0x2ce5(%rip), %rax
debug: 0x1304: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1304: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1304: match movq 0x2ce5(%rip), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [test %rax, %rax]..
[*] not a call instruction
debug: 0x130b: instr test %rax, %rax
debug: 0x130b: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x130b: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x130b: match test %rax, %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [jz 0x1318]..
[*] not a call instruction
debug: 0x130e: instr jz 0x1318
debug: 0x130e: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x130e: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x130e: match jz 0x1318
[*] ----------------------------------------------------
[*] funcmatch matching instr [jmp *%rax]..
[*] undefine address..
debug: 0x1310: instr jmp *%rax
debug: 0x1310: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1310: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1310: match jmp *%rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [nopw %ax, (%rax,%rax,1)]..
[*] not a call instruction
debug: 0x1312: instr nopw %ax, (%rax,%rax,1)
debug: 0x1312: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1312: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1312: match nopw %ax, (%rax,%rax,1)
[*] ----------------------------------------------------
[*] funcmatch matching instr [ret]..
debug: 0x1318: instr ret
debug: 0x1318: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1318: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1318: match ret
[*] ----------------------------------------------------
[*] funcmatch matching instr [nopl %eax, (%rax)]..
[*] not a call instruction
debug: 0x1319: instr nopl %eax, (%rax)
debug: 0x1319: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1319: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1319: match nopl %eax, (%rax)
[*] ----------------------------------------------------
[*] funcmatch matching instr [endbr64]..
[*] not a call instruction
debug: 0x1320: instr endbr64
debug: 0x1320: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1320: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1320: match endbr64
[*] ----------------------------------------------------
[*] funcmatch matching instr [cmpb $0x0, 0x2ce5(%rip)]..
[*] not a call instruction
debug: 0x1324: instr cmpb $0x0, 0x2ce5(%rip)
debug: 0x1324: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1324: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1324: match cmpb $0x0, 0x2ce5(%rip)
[*] ----------------------------------------------------
[*] funcmatch matching instr [jnz 0x1358]..
[*] not a call instruction
debug: 0x132b: instr jnz 0x1358
debug: 0x132b: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x132b: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x132b: match jnz 0x1358
[*] ----------------------------------------------------
[*] funcmatch matching instr [push %rbp]..
[*] not a call instruction
debug: 0x132d: instr push %rbp
debug: 0x132d: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x132d: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x132d: match push %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [cmpq $0x0, 0x2cc2(%rip)]..
[*] not a call instruction
debug: 0x132e: instr cmpq $0x0, 0x2cc2(%rip)
debug: 0x132e: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x132e: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x132e: match cmpq $0x0, 0x2cc2(%rip)
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rsp, %rbp]..
[*] not a call instruction
debug: 0x1336: instr mov %rsp, %rbp
debug: 0x1336: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1336: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1336: match mov %rsp, %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [jz 0x1347]..
[*] not a call instruction
debug: 0x1339: instr jz 0x1347
debug: 0x1339: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1339: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1339: match jz 0x1347
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq 0x2cc6(%rip), %rdi]..
[*] not a call instruction
debug: 0x133b: instr movq 0x2cc6(%rip), %rdi
debug: 0x133b: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x133b: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x133b: match movq 0x2cc6(%rip), %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1150]..
[*] call instruction not match any function
debug: 0x1342: instr call 0x1150
debug: 0x1342: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1342: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1342: match call 0x1150
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x12b0]..
[*] call instruction not match any function
debug: 0x1347: instr call 0x12b0
debug: 0x1347: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1347: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1347: match call 0x12b0
[*] ----------------------------------------------------
[*] funcmatch matching instr [movb $0x1, 0x2cbd(%rip)]..
[*] not a call instruction
debug: 0x134c: instr movb $0x1, 0x2cbd(%rip)
debug: 0x134c: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x134c: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x134c: match movb $0x1, 0x2cbd(%rip)
[*] ----------------------------------------------------
[*] funcmatch matching instr [pop %rbp]..
[*] not a call instruction
debug: 0x1353: instr pop %rbp
debug: 0x1353: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1353: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1353: match pop %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [ret]..
debug: 0x1354: instr ret
debug: 0x1354: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1354: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1354: match ret
[*] ----------------------------------------------------
[*] funcmatch matching instr [nopl %eax, (%rax)]..
[*] not a call instruction
debug: 0x1355: instr nopl %eax, (%rax)
debug: 0x1355: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1355: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1355: match nopl %eax, (%rax)
[*] ----------------------------------------------------
[*] funcmatch matching instr [ret]..
debug: 0x1358: instr ret
debug: 0x1358: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1358: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1358: match ret
[*] ----------------------------------------------------
[*] funcmatch matching instr [nopl %eax, (%rax)]..
[*] not a call instruction
debug: 0x1359: instr nopl %eax, (%rax)
debug: 0x1359: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1359: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1359: match nopl %eax, (%rax)
[*] ----------------------------------------------------
[*] funcmatch matching instr [endbr64]..
[*] not a call instruction
debug: 0x1360: instr endbr64
debug: 0x1360: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1360: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1360: match endbr64
[*] ----------------------------------------------------
[*] funcmatch matching instr [jmp 0x12e0]..
[*] call instruction not match any function
debug: 0x1364: instr jmp 0x12e0
debug: 0x1364: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1364: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1364: match jmp 0x12e0
[*] ----------------------------------------------------
[*] funcmatch matching instr [endbr64]..
[*] not a call instruction
debug: 0x1369: instr endbr64
debug: 0x1369: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1369: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1369: match endbr64
[*] ----------------------------------------------------
[*] funcmatch matching instr [push %rbp]..
[*] not a call instruction
debug: 0x136d: instr push %rbp
debug: 0x136d: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x136d: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x136d: match push %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rsp, %rbp]..
[*] not a call instruction
debug: 0x136e: instr mov %rsp, %rbp
debug: 0x136e: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x136e: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x136e: match mov %rsp, %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl %edi, -0x4(%rbp)]..
[*] not a call instruction
debug: 0x1371: instr movl %edi, -0x4(%rbp)
debug: 0x1371: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1371: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1371: match movl %edi, -0x4(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq %rsi, -0x10(%rbp)]..
[*] not a call instruction
debug: 0x1374: instr movq %rsi, -0x10(%rbp)
debug: 0x1374: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1374: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1374: match movq %rsi, -0x10(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl %edx, -0x8(%rbp)]..
[*] not a call instruction
debug: 0x1378: instr movl %edx, -0x8(%rbp)
debug: 0x1378: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1378: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1378: match movl %edx, -0x8(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl %ecx, -0x14(%rbp)]..
[*] not a call instruction
debug: 0x137b: instr movl %ecx, -0x14(%rbp)
debug: 0x137b: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x137b: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x137b: match movl %ecx, -0x14(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [nop]..
[*] not a call instruction
debug: 0x137e: instr nop
debug: 0x137e: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x137e: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x137e: match nop
[*] ----------------------------------------------------
[*] funcmatch matching instr [pop %rbp]..
[*] not a call instruction
debug: 0x137f: instr pop %rbp
debug: 0x137f: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x137f: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x137f: match pop %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [ret]..
debug: 0x1380: instr ret
debug: 0x1380: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1380: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1380: match ret
[*] ----------------------------------------------------
[*] funcmatch matching instr [endbr64]..
[*] not a call instruction
debug: 0x1381: instr endbr64
debug: 0x1381: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1381: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1381: match endbr64
[*] ----------------------------------------------------
[*] funcmatch matching instr [push %rbp]..
[*] not a call instruction
debug: 0x1385: instr push %rbp
debug: 0x1385: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1385: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1385: match push %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rsp, %rbp]..
[*] not a call instruction
debug: 0x1386: instr mov %rsp, %rbp
debug: 0x1386: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1386: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1386: match mov %rsp, %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl %edi, -0x4(%rbp)]..
[*] not a call instruction
debug: 0x1389: instr movl %edi, -0x4(%rbp)
debug: 0x1389: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1389: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1389: match movl %edi, -0x4(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq %rsi, -0x10(%rbp)]..
[*] not a call instruction
debug: 0x138c: instr movq %rsi, -0x10(%rbp)
debug: 0x138c: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x138c: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x138c: match movq %rsi, -0x10(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl %edx, -0x8(%rbp)]..
[*] not a call instruction
debug: 0x1390: instr movl %edx, -0x8(%rbp)
debug: 0x1390: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1390: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1390: match movl %edx, -0x8(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl %ecx, -0x14(%rbp)]..
[*] not a call instruction
debug: 0x1393: instr movl %ecx, -0x14(%rbp)
debug: 0x1393: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1393: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1393: match movl %ecx, -0x14(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [nop]..
[*] not a call instruction
debug: 0x1396: instr nop
debug: 0x1396: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1396: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1396: match nop
[*] ----------------------------------------------------
[*] funcmatch matching instr [pop %rbp]..
[*] not a call instruction
debug: 0x1397: instr pop %rbp
debug: 0x1397: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1397: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1397: match pop %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [ret]..
debug: 0x1398: instr ret
debug: 0x1398: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1398: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1398: match ret
[*] ----------------------------------------------------
[*] funcmatch matching instr [endbr64]..
[*] not a call instruction
debug: 0x1399: instr endbr64
debug: 0x1399: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1399: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1399: match endbr64
[*] ----------------------------------------------------
[*] funcmatch matching instr [push %rbp]..
[*] not a call instruction
debug: 0x139d: instr push %rbp
debug: 0x139d: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x139d: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x139d: match push %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rsp, %rbp]..
[*] not a call instruction
debug: 0x139e: instr mov %rsp, %rbp
debug: 0x139e: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x139e: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x139e: match mov %rsp, %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl %edi, -0x4(%rbp)]..
[*] not a call instruction
debug: 0x13a1: instr movl %edi, -0x4(%rbp)
debug: 0x13a1: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13a1: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13a1: match movl %edi, -0x4(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq %rsi, -0x10(%rbp)]..
[*] not a call instruction
debug: 0x13a4: instr movq %rsi, -0x10(%rbp)
debug: 0x13a4: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13a4: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13a4: match movq %rsi, -0x10(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [nop]..
[*] not a call instruction
debug: 0x13a8: instr nop
debug: 0x13a8: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13a8: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13a8: match nop
[*] ----------------------------------------------------
[*] funcmatch matching instr [pop %rbp]..
[*] not a call instruction
debug: 0x13a9: instr pop %rbp
debug: 0x13a9: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13a9: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13a9: match pop %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [ret]..
debug: 0x13aa: instr ret
debug: 0x13aa: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13aa: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13aa: match ret
[*] ----------------------------------------------------
[*] funcmatch matching instr [endbr64]..
[*] not a call instruction
debug: 0x13ab: instr endbr64
debug: 0x13ab: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13ab: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13ab: match endbr64
[*] ----------------------------------------------------
[*] funcmatch matching instr [push %rbp]..
[*] not a call instruction
debug: 0x13af: instr push %rbp
debug: 0x13af: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13af: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13af: match push %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rsp, %rbp]..
[*] not a call instruction
debug: 0x13b0: instr mov %rsp, %rbp
debug: 0x13b0: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13b0: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13b0: match mov %rsp, %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl %edi, -0x4(%rbp)]..
[*] not a call instruction
debug: 0x13b3: instr movl %edi, -0x4(%rbp)
debug: 0x13b3: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13b3: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13b3: match movl %edi, -0x4(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq %rsi, -0x10(%rbp)]..
[*] not a call instruction
debug: 0x13b6: instr movq %rsi, -0x10(%rbp)
debug: 0x13b6: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13b6: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13b6: match movq %rsi, -0x10(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [nop]..
[*] not a call instruction
debug: 0x13ba: instr nop
debug: 0x13ba: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13ba: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13ba: match nop
[*] ----------------------------------------------------
[*] funcmatch matching instr [pop %rbp]..
[*] not a call instruction
debug: 0x13bb: instr pop %rbp
debug: 0x13bb: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13bb: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13bb: match pop %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [ret]..
debug: 0x13bc: instr ret
debug: 0x13bc: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13bc: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13bc: match ret
[*] ----------------------------------------------------
[*] funcmatch matching instr [endbr64]..
[*] not a call instruction
debug: 0x13bd: instr endbr64
debug: 0x13bd: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13bd: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13bd: match endbr64
[*] ----------------------------------------------------
[*] funcmatch matching instr [push %rbp]..
[*] not a call instruction
debug: 0x13c1: instr push %rbp
debug: 0x13c1: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13c1: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13c1: match push %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rsp, %rbp]..
[*] not a call instruction
debug: 0x13c2: instr mov %rsp, %rbp
debug: 0x13c2: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13c2: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13c2: match mov %rsp, %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [sub $0x10, %rsp]..
[*] not a call instruction
debug: 0x13c5: instr sub $0x10, %rsp
debug: 0x13c5: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13c5: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13c5: match sub $0x10, %rsp
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq %rdi, -0x8(%rbp)]..
[*] not a call instruction
debug: 0x13c9: instr movq %rdi, -0x8(%rbp)
debug: 0x13c9: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13c9: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13c9: match movq %rdi, -0x8(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1270]..
[*] call instruction not match any function
debug: 0x13cd: instr call 0x1270
debug: 0x13cd: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13cd: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13cd: match call 0x1270
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x8(%rbp), %rdx]..
[*] not a call instruction
debug: 0x13d2: instr movq -0x8(%rbp), %rdx
debug: 0x13d2: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13d2: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13d2: match movq -0x8(%rbp), %rdx
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl %eax, (%rdx)]..
[*] not a call instruction
debug: 0x13d6: instr movl %eax, (%rdx)
debug: 0x13d6: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13d6: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13d6: match movl %eax, (%rdx)
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1270]..
[*] call instruction not match any function
debug: 0x13d8: instr call 0x1270
debug: 0x13d8: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13d8: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13d8: match call 0x1270
[*] ----------------------------------------------------
[*] funcmatch matching instr [movsxd %eax, %rdx]..
[*] not a call instruction
debug: 0x13dd: instr movsxd %eax, %rdx
debug: 0x13dd: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13dd: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13dd: match movsxd %eax, %rdx
[*] ----------------------------------------------------
[*] funcmatch matching instr [imul $0x4ec4ec4f, %rdx, %rdx]..
[*] not a call instruction
debug: 0x13e0: instr imul $0x4ec4ec4f, %rdx, %rdx
debug: 0x13e0: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13e0: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13e0: match imul $0x4ec4ec4f, %rdx, %rdx
[*] ----------------------------------------------------
[*] funcmatch matching instr [shr $0x20, %rdx]..
[*] not a call instruction
debug: 0x13e7: instr shr $0x20, %rdx
debug: 0x13e7: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13e7: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13e7: match shr $0x20, %rdx
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %edx, %ecx]..
[*] not a call instruction
debug: 0x13eb: instr mov %edx, %ecx
debug: 0x13eb: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13eb: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13eb: match mov %edx, %ecx
[*] ----------------------------------------------------
[*] funcmatch matching instr [sar $0x3, %ecx]..
[*] not a call instruction
debug: 0x13ed: instr sar $0x3, %ecx
debug: 0x13ed: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13ed: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13ed: match sar $0x3, %ecx
[*] ----------------------------------------------------
[*] funcmatch matching instr [cdq]..
[*] not a call instruction
debug: 0x13f0: instr cdq
debug: 0x13f0: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13f0: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13f0: match cdq
[*] ----------------------------------------------------
[*] funcmatch matching instr [sub %edx, %ecx]..
[*] not a call instruction
debug: 0x13f1: instr sub %edx, %ecx
debug: 0x13f1: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13f1: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13f1: match sub %edx, %ecx
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %ecx, %edx]..
[*] not a call instruction
debug: 0x13f3: instr mov %ecx, %edx
debug: 0x13f3: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13f3: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13f3: match mov %ecx, %edx
[*] ----------------------------------------------------
[*] funcmatch matching instr [imul $0x1a, %edx, %edx]..
[*] not a call instruction
debug: 0x13f5: instr imul $0x1a, %edx, %edx
debug: 0x13f5: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13f5: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13f5: match imul $0x1a, %edx, %edx
[*] ----------------------------------------------------
[*] funcmatch matching instr [sub %edx, %eax]..
[*] not a call instruction
debug: 0x13f8: instr sub %edx, %eax
debug: 0x13f8: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13f8: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13f8: match sub %edx, %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %eax, %edx]..
[*] not a call instruction
debug: 0x13fa: instr mov %eax, %edx
debug: 0x13fa: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13fa: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13fa: match mov %eax, %edx
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %edx, %eax]..
[*] not a call instruction
debug: 0x13fc: instr mov %edx, %eax
debug: 0x13fc: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13fc: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13fc: match mov %edx, %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [add $0x41, %eax]..
[*] not a call instruction
debug: 0x13fe: instr add $0x41, %eax
debug: 0x13fe: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x13fe: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x13fe: match add $0x41, %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %eax, %edx]..
[*] not a call instruction
debug: 0x1401: instr mov %eax, %edx
debug: 0x1401: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1401: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1401: match mov %eax, %edx
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x8(%rbp), %rax]..
[*] not a call instruction
debug: 0x1403: instr movq -0x8(%rbp), %rax
debug: 0x1403: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1403: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1403: match movq -0x8(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [movb %dl, 0x4(%rax)]..
[*] not a call instruction
debug: 0x1407: instr movb %dl, 0x4(%rax)
debug: 0x1407: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1407: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1407: match movb %dl, 0x4(%rax)
[*] ----------------------------------------------------
[*] funcmatch matching instr [nop]..
[*] not a call instruction
debug: 0x140a: instr nop
debug: 0x140a: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x140a: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x140a: match nop
[*] ----------------------------------------------------
[*] funcmatch matching instr [leave]..
[*] not a call instruction
debug: 0x140b: instr leave
debug: 0x140b: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x140b: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x140b: match leave
[*] ----------------------------------------------------
[*] funcmatch matching instr [ret]..
debug: 0x140c: instr ret
debug: 0x140c: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x140c: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x140c: match ret
[*] ----------------------------------------------------
[*] funcmatch matching instr [endbr64]..
[*] match entrypoint of function:load_file
debug: 0x140d: instr endbr64
debug: 0x140d: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x140d: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x140d: match endbr64
[*] ----------------------------------------------------
[*] funcmatch matching instr [push %rbp]..
[*] not a call instruction
debug: 0x1411: instr push %rbp
debug: 0x1411: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1411: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1411: match push %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rsp, %rbp]..
[*] not a call instruction
debug: 0x1412: instr mov %rsp, %rbp
debug: 0x1412: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1412: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1412: match mov %rsp, %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [sub $0x400, %rsp]..
[*] not a call instruction
debug: 0x1415: instr sub $0x400, %rsp
debug: 0x1415: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1415: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1415: match sub $0x400, %rsp
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq %fs:0x28, %rax]..
[*] not a call instruction
debug: 0x141c: instr movq %fs:0x28, %rax
debug: 0x141c: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x141c: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x141c: match movq %fs:0x28, %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq %rax, -0x8(%rbp)]..
[*] not a call instruction
debug: 0x1425: instr movq %rax, -0x8(%rbp)
debug: 0x1425: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1425: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1425: match movq %rax, -0x8(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [xor %eax, %eax]..
[*] not a call instruction
debug: 0x1429: instr xor %eax, %eax
debug: 0x1429: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1429: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1429: match xor %eax, %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0xbd6(%rip), %rsi]..
[*] not a call instruction
debug: 0x142b: instr lea 0xbd6(%rip), %rsi
debug: 0x142b: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x142b: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x142b: match lea 0xbd6(%rip), %rsi
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0xbd7(%rip), %rdi]..
[*] not a call instruction
debug: 0x1432: instr lea 0xbd7(%rip), %rdi
debug: 0x1432: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1432: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1432: match lea 0xbd7(%rip), %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1230]..
[*] call instruction not match any function
debug: 0x1439: instr call 0x1230
debug: 0x1439: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1439: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1439: match call 0x1230
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq %rax, -0x3f8(%rbp)]..
[*] not a call instruction
debug: 0x143e: instr movq %rax, -0x3f8(%rbp)
debug: 0x143e: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x143e: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x143e: match movq %rax, -0x3f8(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [cmpq $0x0, -0x3f8(%rbp)]..
[*] not a call instruction
debug: 0x1445: instr cmpq $0x0, -0x3f8(%rbp)
debug: 0x1445: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1445: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1445: match cmpq $0x0, -0x3f8(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [jnz 0x146a]..
[*] not a call instruction
debug: 0x144d: instr jnz 0x146a
debug: 0x144d: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x144d: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x144d: match jnz 0x146a
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0xbe5(%rip), %rdi]..
[*] not a call instruction
debug: 0x144f: instr lea 0xbe5(%rip), %rdi
debug: 0x144f: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x144f: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x144f: match lea 0xbe5(%rip), %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x0, %eax]..
[*] not a call instruction
debug: 0x1456: instr mov $0x0, %eax
debug: 0x1456: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1456: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1456: match mov $0x0, %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x11b0]..
[*] call instruction not match any function
debug: 0x145b: instr call 0x11b0
debug: 0x145b: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x145b: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x145b: match call 0x11b0
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x1, %eax]..
[*] not a call instruction
debug: 0x1460: instr mov $0x1, %eax
debug: 0x1460: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1460: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1460: match mov $0x1, %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [jmp 0x152c]..
[*] call instruction not match any function
debug: 0x1465: instr jmp 0x152c
debug: 0x1465: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1465: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1465: match jmp 0x152c
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl $0x0, -0x400(%rbp)]..
[*] not a call instruction
debug: 0x146a: instr movl $0x0, -0x400(%rbp)
debug: 0x146a: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x146a: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x146a: match movl $0x0, -0x400(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [jmp 0x14d4]..
[*] call instruction not match any function
debug: 0x1474: instr jmp 0x14d4
debug: 0x1474: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1474: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1474: match jmp 0x14d4
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea -0x3f0(%rbp), %rax]..
[*] not a call instruction
debug: 0x1476: instr lea -0x3f0(%rbp), %rax
debug: 0x1476: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1476: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1476: match lea -0x3f0(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x3e8, %edx]..
[*] not a call instruction
debug: 0x147d: instr mov $0x3e8, %edx
debug: 0x147d: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x147d: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x147d: match mov $0x3e8, %edx
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x0, %esi]..
[*] not a call instruction
debug: 0x1482: instr mov $0x0, %esi
debug: 0x1482: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1482: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1482: match mov $0x0, %esi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rax, %rdi]..
[*] not a call instruction
debug: 0x1487: instr mov %rax, %rdi
debug: 0x1487: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1487: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1487: match mov %rax, %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x11c0]..
[*] call instruction not match any function
debug: 0x148a: instr call 0x11c0
debug: 0x148a: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x148a: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x148a: match call 0x11c0
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x3f8(%rbp), %rdx]..
[*] not a call instruction
debug: 0x148f: instr movq -0x3f8(%rbp), %rdx
debug: 0x148f: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x148f: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x148f: match movq -0x3f8(%rbp), %rdx
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea -0x3f0(%rbp), %rax]..
[*] not a call instruction
debug: 0x1496: instr lea -0x3f0(%rbp), %rax
debug: 0x1496: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1496: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1496: match lea -0x3f0(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x3e8, %esi]..
[*] not a call instruction
debug: 0x149d: instr mov $0x3e8, %esi
debug: 0x149d: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x149d: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x149d: match mov $0x3e8, %esi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rax, %rdi]..
[*] not a call instruction
debug: 0x14a2: instr mov %rax, %rdi
debug: 0x14a2: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x14a2: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x14a2: match mov %rax, %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x11d0]..
[*] [call 0x11d0] matching function:fgets
debug: 0x14a5: instr call 0x11d0
debug: 0x14a5: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x14a5: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x14a5: match call 0x11d0
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl $0x0, -0x3fc(%rbp)]..
[*] not a call instruction
debug: 0x14aa: instr movl $0x0, -0x3fc(%rbp)
debug: 0x14aa: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x14aa: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x14aa: match movl $0x0, -0x3fc(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea -0x3f0(%rbp), %rdx]..
[*] not a call instruction
debug: 0x14b4: instr lea -0x3f0(%rbp), %rdx
debug: 0x14b4: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x14b4: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x14b4: match lea -0x3f0(%rbp), %rdx
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl -0x400(%rbp), %eax]..
[*] not a call instruction
debug: 0x14bb: instr movl -0x400(%rbp), %eax
debug: 0x14bb: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x14bb: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x14bb: match movl -0x400(%rbp), %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %eax, %esi]..
[*] not a call instruction
debug: 0x14c1: instr mov %eax, %esi
debug: 0x14c1: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x14c1: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x14c1: match mov %eax, %esi
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0xb84(%rip), %rdi]..
[*] not a call instruction
debug: 0x14c3: instr lea 0xb84(%rip), %rdi
debug: 0x14c3: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x14c3: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x14c3: match lea 0xb84(%rip), %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x0, %eax]..
[*] not a call instruction
debug: 0x14ca: instr mov $0x0, %eax
debug: 0x14ca: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x14ca: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x14ca: match mov $0x0, %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x11b0]..
[*] call instruction not match any function
debug: 0x14cf: instr call 0x11b0
debug: 0x14cf: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x14cf: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x14cf: match call 0x11b0
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x3f8(%rbp), %rax]..
[*] not a call instruction
debug: 0x14d4: instr movq -0x3f8(%rbp), %rax
debug: 0x14d4: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x14d4: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x14d4: match movq -0x3f8(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rax, %rdi]..
[*] not a call instruction
debug: 0x14db: instr mov %rax, %rdi
debug: 0x14db: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x14db: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x14db: match mov %rax, %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1200]..
[*] call instruction not match any function
debug: 0x14de: instr call 0x1200
debug: 0x14de: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x14de: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x14de: match call 0x1200
[*] ----------------------------------------------------
[*] funcmatch matching instr [test %eax, %eax]..
[*] not a call instruction
debug: 0x14e3: instr test %eax, %eax
debug: 0x14e3: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x14e3: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x14e3: match test %eax, %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [jz 0x1476]..
[*] not a call instruction
debug: 0x14e5: instr jz 0x1476
debug: 0x14e5: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x14e5: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x14e5: match jz 0x1476
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x3f8(%rbp), %rax]..
[*] not a call instruction
debug: 0x14e7: instr movq -0x3f8(%rbp), %rax
debug: 0x14e7: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x14e7: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x14e7: match movq -0x3f8(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x7de, %r9d]..
[*] not a call instruction
debug: 0x14ee: instr mov $0x7de, %r9d
debug: 0x14ee: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x14ee: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x14ee: match mov $0x7de, %r9d
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0xb5b(%rip), %r8]..
[*] not a call instruction
debug: 0x14f4: instr lea 0xb5b(%rip), %r8
debug: 0x14f4: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x14f4: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x14f4: match lea 0xb5b(%rip), %r8
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0xb57(%rip), %rcx]..
[*] not a call instruction
debug: 0x14fb: instr lea 0xb57(%rip), %rcx
debug: 0x14fb: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x14fb: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x14fb: match lea 0xb57(%rip), %rcx
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0xb54(%rip), %rdx]..
[*] not a call instruction
debug: 0x1502: instr lea 0xb54(%rip), %rdx
debug: 0x1502: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1502: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1502: match lea 0xb54(%rip), %rdx
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0xb50(%rip), %rsi]..
[*] not a call instruction
debug: 0x1509: instr lea 0xb50(%rip), %rsi
debug: 0x1509: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1509: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1509: match lea 0xb50(%rip), %rsi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rax, %rdi]..
[*] not a call instruction
debug: 0x1510: instr mov %rax, %rdi
debug: 0x1510: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1510: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1510: match mov %rax, %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x0, %eax]..
[*] not a call instruction
debug: 0x1513: instr mov $0x0, %eax
debug: 0x1513: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1513: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1513: match mov $0x0, %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x11f0]..
[*] [call 0x11f0] matching function:fprintf
debug: 0x1518: instr call 0x11f0
debug: 0x1518: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x1518: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x1518: match call 0x11f0
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x3f8(%rbp), %rax]..
[*] previous instruction target a function
debug: 0x151d: instr movq -0x3f8(%rbp), %rax
debug: 0x151d: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x151d: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x151d: match movq -0x3f8(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rax, %rdi]..
[*] not a call instruction
debug: 0x1524: instr mov %rax, %rdi
debug: 0x1524: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1524: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1524: match mov %rax, %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1190]..
[*] [call 0x1190] matching function:fclose
debug: 0x1527: instr call 0x1190
debug: 0x1527: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x1527: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x1527: match call 0x1190
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x8(%rbp), %rcx]..
[*] previous instruction target a function
debug: 0x152c: instr movq -0x8(%rbp), %rcx
debug: 0x152c: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x152c: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x152c: match movq -0x8(%rbp), %rcx
[*] ----------------------------------------------------
[*] funcmatch matching instr [xorq %fs:0x28, %rcx]..
[*] not a call instruction
debug: 0x1530: instr xorq %fs:0x28, %rcx
debug: 0x1530: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1530: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1530: match xorq %fs:0x28, %rcx
[*] ----------------------------------------------------
[*] funcmatch matching instr [jz 0x1540]..
[*] not a call instruction
debug: 0x1539: instr jz 0x1540
debug: 0x1539: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1539: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1539: match jz 0x1540
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x11a0]..
[*] call instruction not match any function
debug: 0x153b: instr call 0x11a0
debug: 0x153b: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x153b: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x153b: match call 0x11a0
[*] ----------------------------------------------------
[*] funcmatch matching instr [leave]..
[*] not a call instruction
debug: 0x1540: instr leave
debug: 0x1540: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1540: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1540: match leave
[*] ----------------------------------------------------
[*] funcmatch matching instr [ret]..
[*] match ret addr of function:load_file
debug: 0x1541: instr ret
debug: 0x1541: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x1541: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x1541: match ret
[*] ----------------------------------------------------
[*] funcmatch matching instr [endbr64]..
[*] match entrypoint of function:main
debug: 0x1542: instr endbr64
debug: 0x1542: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x1542: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x1542: match endbr64
[*] ----------------------------------------------------
[*] funcmatch matching instr [push %rbp]..
[*] not a call instruction
debug: 0x1546: instr push %rbp
debug: 0x1546: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1546: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1546: match push %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rsp, %rbp]..
[*] not a call instruction
debug: 0x1547: instr mov %rsp, %rbp
debug: 0x1547: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1547: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1547: match mov %rsp, %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [sub $0x160, %rsp]..
[*] not a call instruction
debug: 0x154a: instr sub $0x160, %rsp
debug: 0x154a: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x154a: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x154a: match sub $0x160, %rsp
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl %edi, -0x154(%rbp)]..
[*] not a call instruction
debug: 0x1551: instr movl %edi, -0x154(%rbp)
debug: 0x1551: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1551: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1551: match movl %edi, -0x154(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq %rsi, -0x160(%rbp)]..
[*] not a call instruction
debug: 0x1557: instr movq %rsi, -0x160(%rbp)
debug: 0x1557: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1557: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1557: match movq %rsi, -0x160(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq %fs:0x28, %rax]..
[*] not a call instruction
debug: 0x155e: instr movq %fs:0x28, %rax
debug: 0x155e: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x155e: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x155e: match movq %fs:0x28, %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq %rax, -0x8(%rbp)]..
[*] not a call instruction
debug: 0x1567: instr movq %rax, -0x8(%rbp)
debug: 0x1567: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1567: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1567: match movq %rax, -0x8(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [xor %eax, %eax]..
[*] not a call instruction
debug: 0x156b: instr xor %eax, %eax
debug: 0x156b: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x156b: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x156b: match xor %eax, %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0xaf8(%rip), %rsi]..
[*] not a call instruction
debug: 0x156d: instr lea 0xaf8(%rip), %rsi
debug: 0x156d: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x156d: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x156d: match lea 0xaf8(%rip), %rsi
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0xaf4(%rip), %rdi]..
[*] not a call instruction
debug: 0x1574: instr lea 0xaf4(%rip), %rdi
debug: 0x1574: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1574: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1574: match lea 0xaf4(%rip), %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1230]..
[*] call instruction not match any function
debug: 0x157b: instr call 0x1230
debug: 0x157b: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x157b: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x157b: match call 0x1230
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq %rax, -0x138(%rbp)]..
[*] not a call instruction
debug: 0x1580: instr movq %rax, -0x138(%rbp)
debug: 0x1580: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1580: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1580: match movq %rax, -0x138(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x138(%rbp), %rax]..
[*] not a call instruction
debug: 0x1587: instr movq -0x138(%rbp), %rax
debug: 0x1587: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1587: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1587: match movq -0x138(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rax, %rcx]..
[*] not a call instruction
debug: 0x158e: instr mov %rax, %rcx
debug: 0x158e: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x158e: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x158e: match mov %rax, %rcx
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x5, %edx]..
[*] not a call instruction
debug: 0x1591: instr mov $0x5, %edx
debug: 0x1591: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1591: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1591: match mov $0x5, %edx
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x1, %esi]..
[*] not a call instruction
debug: 0x1596: instr mov $0x1, %esi
debug: 0x1596: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1596: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1596: match mov $0x1, %esi
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0xad8(%rip), %rdi]..
[*] not a call instruction
debug: 0x159b: instr lea 0xad8(%rip), %rdi
debug: 0x159b: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x159b: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x159b: match lea 0xad8(%rip), %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1260]..
[*] [call 0x1260] matching function:fwrite
debug: 0x15a2: instr call 0x1260
debug: 0x15a2: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x15a2: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x15a2: match call 0x1260
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x138(%rbp), %rax]..
[*] not a call instruction
debug: 0x15a7: instr movq -0x138(%rbp), %rax
debug: 0x15a7: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x15a7: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x15a7: match movq -0x138(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rax, %rdi]..
[*] not a call instruction
debug: 0x15ae: instr mov %rax, %rdi
debug: 0x15ae: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x15ae: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x15ae: match mov %rax, %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1190]..
[*] [call 0x1190] matching function:fclose
debug: 0x15b1: instr call 0x1190
debug: 0x15b1: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x15b1: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x15b1: match call 0x1190
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x0, %eax]..
[*] previous instruction target a function
debug: 0x15b6: instr mov $0x0, %eax
debug: 0x15b6: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x15b6: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x15b6: match mov $0x0, %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x140d]..
[*] call instruction not match any function
debug: 0x15bb: instr call 0x140d
debug: 0x15bb: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x15bb: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x15bb: match call 0x140d
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl $0x2, -0x148(%rbp)]..
[*] not a call instruction
debug: 0x15c0: instr movl $0x2, -0x148(%rbp)
debug: 0x15c0: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x15c0: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x15c0: match movl $0x2, -0x148(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl $0x2, -0x144(%rbp)]..
[*] not a call instruction
debug: 0x15ca: instr movl $0x2, -0x144(%rbp)
debug: 0x15ca: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x15ca: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x15ca: match movl $0x2, -0x144(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl -0x148(%rbp), %edx]..
[*] not a call instruction
debug: 0x15d4: instr movl -0x148(%rbp), %edx
debug: 0x15d4: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x15d4: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x15d4: match movl -0x148(%rbp), %edx
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl -0x144(%rbp), %eax]..
[*] not a call instruction
debug: 0x15da: instr movl -0x144(%rbp), %eax
debug: 0x15da: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x15da: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x15da: match movl -0x144(%rbp), %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [add %edx, %eax]..
[*] not a call instruction
debug: 0x15e0: instr add %edx, %eax
debug: 0x15e0: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x15e0: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x15e0: match add %edx, %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl %eax, -0x140(%rbp)]..
[*] not a call instruction
debug: 0x15e2: instr movl %eax, -0x140(%rbp)
debug: 0x15e2: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x15e2: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x15e2: match movl %eax, -0x140(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl -0x140(%rbp), %eax]..
[*] not a call instruction
debug: 0x15e8: instr movl -0x140(%rbp), %eax
debug: 0x15e8: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x15e8: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x15e8: match movl -0x140(%rbp), %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %eax, %esi]..
[*] not a call instruction
debug: 0x15ee: instr mov %eax, %esi
debug: 0x15ee: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x15ee: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x15ee: match mov %eax, %esi
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0xa89(%rip), %rdi]..
[*] not a call instruction
debug: 0x15f0: instr lea 0xa89(%rip), %rdi
debug: 0x15f0: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x15f0: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x15f0: match lea 0xa89(%rip), %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x0, %eax]..
[*] not a call instruction
debug: 0x15f7: instr mov $0x0, %eax
debug: 0x15f7: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x15f7: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x15f7: match mov $0x0, %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x11b0]..
[*] call instruction not match any function
debug: 0x15fc: instr call 0x11b0
debug: 0x15fc: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x15fc: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x15fc: match call 0x11b0
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0xa, %edi]..
[*] not a call instruction
debug: 0x1601: instr mov $0xa, %edi
debug: 0x1601: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1601: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1601: match mov $0xa, %edi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1210]..
[*] [call 0x1210] matching function:malloc
debug: 0x1606: instr call 0x1210
debug: 0x1606: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x1606: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x1606: match call 0x1210
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq %rax, -0x130(%rbp)]..
[*] previous instruction target a function
debug: 0x160b: instr movq %rax, -0x130(%rbp)
debug: 0x160b: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x160b: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x160b: match movq %rax, -0x130(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl $0xc8, -0x13c(%rbp)]..
[*] not a call instruction
debug: 0x1612: instr movl $0xc8, -0x13c(%rbp)
debug: 0x1612: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1612: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1612: match movl $0xc8, -0x13c(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl -0x13c(%rbp), %eax]..
[*] not a call instruction
debug: 0x161c: instr movl -0x13c(%rbp), %eax
debug: 0x161c: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x161c: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x161c: match movl -0x13c(%rbp), %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [movsxd %eax, %rdx]..
[*] not a call instruction
debug: 0x1622: instr movsxd %eax, %rdx
debug: 0x1622: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1622: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1622: match movsxd %eax, %rdx
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x130(%rbp), %rax]..
[*] not a call instruction
debug: 0x1625: instr movq -0x130(%rbp), %rax
debug: 0x1625: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1625: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1625: match movq -0x130(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rdx, %rsi]..
[*] not a call instruction
debug: 0x162c: instr mov %rdx, %rsi
debug: 0x162c: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x162c: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x162c: match mov %rdx, %rsi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rax, %rdi]..
[*] not a call instruction
debug: 0x162f: instr mov %rax, %rdi
debug: 0x162f: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x162f: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x162f: match mov %rax, %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1220]..
[*] [call 0x1220] matching function:realloc
debug: 0x1632: instr call 0x1220
debug: 0x1632: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x1632: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x1632: match call 0x1220
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq %rax, -0x128(%rbp)]..
[*] previous instruction target a function
debug: 0x1637: instr movq %rax, -0x128(%rbp)
debug: 0x1637: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x1637: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x1637: match movq %rax, -0x128(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x4, %esi]..
[*] not a call instruction
debug: 0x163e: instr mov $0x4, %esi
debug: 0x163e: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x163e: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x163e: match mov $0x4, %esi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0xa, %edi]..
[*] not a call instruction
debug: 0x1643: instr mov $0xa, %edi
debug: 0x1643: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1643: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1643: match mov $0xa, %edi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x11e0]..
[*] [call 0x11e0] matching function:calloc
debug: 0x1648: instr call 0x11e0
debug: 0x1648: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x1648: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x1648: match call 0x11e0
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq %rax, -0x120(%rbp)]..
[*] previous instruction target a function
debug: 0x164d: instr movq %rax, -0x120(%rbp)
debug: 0x164d: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x164d: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x164d: match movq %rax, -0x120(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea -0x110(%rbp), %rax]..
[*] not a call instruction
debug: 0x1654: instr lea -0x110(%rbp), %rax
debug: 0x1654: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1654: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1654: match lea -0x110(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rax, %rdi]..
[*] not a call instruction
debug: 0x165b: instr mov %rax, %rdi
debug: 0x165b: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x165b: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x165b: match mov %rax, %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x13bd]..
[*] call instruction not match any function
debug: 0x165e: instr call 0x13bd
debug: 0x165e: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x165e: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x165e: match call 0x13bd
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x130(%rbp), %rax]..
[*] not a call instruction
debug: 0x1663: instr movq -0x130(%rbp), %rax
debug: 0x1663: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1663: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1663: match movq -0x130(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [add $0x1, %rax]..
[*] not a call instruction
debug: 0x166a: instr add $0x1, %rax
debug: 0x166a: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x166a: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x166a: match add $0x1, %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq %rax, -0x100(%rbp)]..
[*] not a call instruction
debug: 0x166e: instr movq %rax, -0x100(%rbp)
debug: 0x166e: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x166e: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x166e: match movq %rax, -0x100(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl $0xd, -0x94(%rbp)]..
[*] not a call instruction
debug: 0x1675: instr movl $0xd, -0x94(%rbp)
debug: 0x1675: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1675: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1675: match movl $0xd, -0x94(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [movzxb -0x10c(%rbp), %eax]..
[*] not a call instruction
debug: 0x167f: instr movzxb -0x10c(%rbp), %eax
debug: 0x167f: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x167f: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x167f: match movzxb -0x10c(%rbp), %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [movsx %al, %ecx]..
[*] not a call instruction
debug: 0x1686: instr movsx %al, %ecx
debug: 0x1686: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1686: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1686: match movsx %al, %ecx
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl -0x110(%rbp), %edx]..
[*] not a call instruction
debug: 0x1689: instr movl -0x110(%rbp), %edx
debug: 0x1689: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1689: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1689: match movl -0x110(%rbp), %edx
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea -0x110(%rbp), %rax]..
[*] not a call instruction
debug: 0x168f: instr lea -0x110(%rbp), %rax
debug: 0x168f: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x168f: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x168f: match lea -0x110(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rax, %rsi]..
[*] not a call instruction
debug: 0x1696: instr mov %rax, %rsi
debug: 0x1696: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1696: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1696: match mov %rax, %rsi
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0x9ec(%rip), %rdi]..
[*] not a call instruction
debug: 0x1699: instr lea 0x9ec(%rip), %rdi
debug: 0x1699: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1699: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1699: match lea 0x9ec(%rip), %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x0, %eax]..
[*] not a call instruction
debug: 0x16a0: instr mov $0x0, %eax
debug: 0x16a0: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x16a0: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x16a0: match mov $0x0, %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x11b0]..
[*] call instruction not match any function
debug: 0x16a5: instr call 0x11b0
debug: 0x16a5: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x16a5: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x16a5: match call 0x11b0
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl $0x0, -0x14c(%rbp)]..
[*] not a call instruction
debug: 0x16aa: instr movl $0x0, -0x14c(%rbp)
debug: 0x16aa: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x16aa: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x16aa: match movl $0x0, -0x14c(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [jmp 0x184d]..
[*] call instruction not match any function
debug: 0x16b4: instr jmp 0x184d
debug: 0x16b4: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x16b4: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x16b4: match jmp 0x184d
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea -0x90(%rbp), %rax]..
[*] not a call instruction
debug: 0x16b9: instr lea -0x90(%rbp), %rax
debug: 0x16b9: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x16b9: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x16b9: match lea -0x90(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rax, %rdi]..
[*] not a call instruction
debug: 0x16c0: instr mov %rax, %rdi
debug: 0x16c0: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x16c0: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x16c0: match mov %rax, %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x13bd]..
[*] call instruction not match any function
debug: 0x16c3: instr call 0x13bd
debug: 0x16c3: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x16c3: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x16c3: match call 0x13bd
[*] ----------------------------------------------------
[*] funcmatch matching instr [movzxb -0x8c(%rbp), %eax]..
[*] not a call instruction
debug: 0x16c8: instr movzxb -0x8c(%rbp), %eax
debug: 0x16c8: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x16c8: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x16c8: match movzxb -0x8c(%rbp), %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [movsx %al, %edx]..
[*] not a call instruction
debug: 0x16cf: instr movsx %al, %edx
debug: 0x16cf: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x16cf: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x16cf: match movsx %al, %edx
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl -0x90(%rbp), %eax]..
[*] not a call instruction
debug: 0x16d2: instr movl -0x90(%rbp), %eax
debug: 0x16d2: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x16d2: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x16d2: match movl -0x90(%rbp), %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %eax, %esi]..
[*] not a call instruction
debug: 0x16d8: instr mov %eax, %esi
debug: 0x16d8: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x16d8: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x16d8: match mov %eax, %esi
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0x9bb(%rip), %rdi]..
[*] not a call instruction
debug: 0x16da: instr lea 0x9bb(%rip), %rdi
debug: 0x16da: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x16da: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x16da: match lea 0x9bb(%rip), %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x0, %eax]..
[*] not a call instruction
debug: 0x16e1: instr mov $0x0, %eax
debug: 0x16e1: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x16e1: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x16e1: match mov $0x0, %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x11b0]..
[*] call instruction not match any function
debug: 0x16e6: instr call 0x11b0
debug: 0x16e6: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x16e6: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x16e6: match call 0x11b0
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x130(%rbp), %rax]..
[*] not a call instruction
debug: 0x16eb: instr movq -0x130(%rbp), %rax
debug: 0x16eb: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x16eb: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x16eb: match movq -0x130(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rax, %rsi]..
[*] not a call instruction
debug: 0x16f2: instr mov %rax, %rsi
debug: 0x16f2: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x16f2: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x16f2: match mov %rax, %rsi
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0x9ad(%rip), %rdi]..
[*] not a call instruction
debug: 0x16f5: instr lea 0x9ad(%rip), %rdi
debug: 0x16f5: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x16f5: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x16f5: match lea 0x9ad(%rip), %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x0, %eax]..
[*] not a call instruction
debug: 0x16fc: instr mov $0x0, %eax
debug: 0x16fc: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x16fc: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x16fc: match mov $0x0, %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x11b0]..
[*] call instruction not match any function
debug: 0x1701: instr call 0x11b0
debug: 0x1701: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1701: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1701: match call 0x11b0
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x160(%rbp), %rax]..
[*] not a call instruction
debug: 0x1706: instr movq -0x160(%rbp), %rax
debug: 0x1706: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1706: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1706: match movq -0x160(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq (%rax), %rcx]..
[*] not a call instruction
debug: 0x170d: instr movq (%rax), %rcx
debug: 0x170d: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x170d: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x170d: match movq (%rax), %rcx
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x130(%rbp), %rax]..
[*] not a call instruction
debug: 0x1710: instr movq -0x130(%rbp), %rax
debug: 0x1710: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1710: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1710: match movq -0x130(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0xa, %edx]..
[*] not a call instruction
debug: 0x1717: instr mov $0xa, %edx
debug: 0x1717: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1717: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1717: match mov $0xa, %edx
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rcx, %rsi]..
[*] not a call instruction
debug: 0x171c: instr mov %rcx, %rsi
debug: 0x171c: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x171c: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x171c: match mov %rcx, %rsi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rax, %rdi]..
[*] not a call instruction
debug: 0x171f: instr mov %rax, %rdi
debug: 0x171f: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x171f: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x171f: match mov %rax, %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1170]..
[*] call instruction not match any function
debug: 0x1722: instr call 0x1170
debug: 0x1722: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1722: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1722: match call 0x1170
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x130(%rbp), %rax]..
[*] not a call instruction
debug: 0x1727: instr movq -0x130(%rbp), %rax
debug: 0x1727: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1727: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1727: match movq -0x130(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [add $0x9, %rax]..
[*] not a call instruction
debug: 0x172e: instr add $0x9, %rax
debug: 0x172e: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x172e: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x172e: match add $0x9, %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [movzxb (%rax), %eax]..
[*] not a call instruction
debug: 0x1732: instr movzxb (%rax), %eax
debug: 0x1732: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1732: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1732: match movzxb (%rax), %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %eax, %edx]..
[*] not a call instruction
debug: 0x1735: instr mov %eax, %edx
debug: 0x1735: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1735: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1735: match mov %eax, %edx
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl -0x14c(%rbp), %eax]..
[*] not a call instruction
debug: 0x1737: instr movl -0x14c(%rbp), %eax
debug: 0x1737: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1737: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1737: match movl -0x14c(%rbp), %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [add %eax, %edx]..
[*] not a call instruction
debug: 0x173d: instr add %eax, %edx
debug: 0x173d: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x173d: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x173d: match add %eax, %edx
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x130(%rbp), %rax]..
[*] not a call instruction
debug: 0x173f: instr movq -0x130(%rbp), %rax
debug: 0x173f: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x173f: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x173f: match movq -0x130(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [add $0x9, %rax]..
[*] not a call instruction
debug: 0x1746: instr add $0x9, %rax
debug: 0x1746: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1746: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1746: match add $0x9, %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [movb %dl, (%rax)]..
[*] not a call instruction
debug: 0x174a: instr movb %dl, (%rax)
debug: 0x174a: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x174a: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x174a: match movb %dl, (%rax)
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x160(%rbp), %rax]..
[*] not a call instruction
debug: 0x174c: instr movq -0x160(%rbp), %rax
debug: 0x174c: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x174c: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x174c: match movq -0x160(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq (%rax), %rax]..
[*] not a call instruction
debug: 0x1753: instr movq (%rax), %rax
debug: 0x1753: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1753: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1753: match movq (%rax), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rax, %rdi]..
[*] not a call instruction
debug: 0x1756: instr mov %rax, %rdi
debug: 0x1756: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1756: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1756: match mov %rax, %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1240]..
[*] call instruction not match any function
debug: 0x1759: instr call 0x1240
debug: 0x1759: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1759: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1759: match call 0x1240
[*] ----------------------------------------------------
[*] funcmatch matching instr [movl %eax, -0x90(%rbp)]..
[*] not a call instruction
debug: 0x175e: instr movl %eax, -0x90(%rbp)
debug: 0x175e: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x175e: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x175e: match movl %eax, -0x90(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x14, %edi]..
[*] not a call instruction
debug: 0x1764: instr mov $0x14, %edi
debug: 0x1764: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1764: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1764: match mov $0x14, %edi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1210]..
[*] [call 0x1210] matching function:malloc
debug: 0x1769: instr call 0x1210
debug: 0x1769: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x1769: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x1769: match call 0x1210
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq %rax, -0x118(%rbp)]..
[*] previous instruction target a function
debug: 0x176e: instr movq %rax, -0x118(%rbp)
debug: 0x176e: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x176e: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x176e: match movq %rax, -0x118(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x118(%rbp), %rax]..
[*] not a call instruction
debug: 0x1775: instr movq -0x118(%rbp), %rax
debug: 0x1775: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1775: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1775: match movq -0x118(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rax, %rsi]..
[*] not a call instruction
debug: 0x177c: instr mov %rax, %rsi
debug: 0x177c: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x177c: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x177c: match mov %rax, %rsi
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0x92b(%rip), %rdi]..
[*] not a call instruction
debug: 0x177f: instr lea 0x92b(%rip), %rdi
debug: 0x177f: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x177f: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x177f: match lea 0x92b(%rip), %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x0, %eax]..
[*] not a call instruction
debug: 0x1786: instr mov $0x0, %eax
debug: 0x1786: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1786: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1786: match mov $0x0, %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x11b0]..
[*] call instruction not match any function
debug: 0x178b: instr call 0x11b0
debug: 0x178b: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x178b: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x178b: match call 0x11b0
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x160(%rbp), %rax]..
[*] not a call instruction
debug: 0x1790: instr movq -0x160(%rbp), %rax
debug: 0x1790: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1790: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1790: match movq -0x160(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq (%rax), %rdx]..
[*] not a call instruction
debug: 0x1797: instr movq (%rax), %rdx
debug: 0x1797: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1797: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1797: match movq (%rax), %rdx
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x118(%rbp), %rax]..
[*] not a call instruction
debug: 0x179a: instr movq -0x118(%rbp), %rax
debug: 0x179a: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x179a: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x179a: match movq -0x118(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0x911(%rip), %rsi]..
[*] not a call instruction
debug: 0x17a1: instr lea 0x911(%rip), %rsi
debug: 0x17a1: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x17a1: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x17a1: match lea 0x911(%rip), %rsi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rax, %rdi]..
[*] not a call instruction
debug: 0x17a8: instr mov %rax, %rdi
debug: 0x17a8: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x17a8: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x17a8: match mov %rax, %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x0, %eax]..
[*] not a call instruction
debug: 0x17ab: instr mov $0x0, %eax
debug: 0x17ab: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x17ab: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x17ab: match mov $0x0, %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1250]..
[*] call instruction not match any function
debug: 0x17b0: instr call 0x1250
debug: 0x17b0: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x17b0: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x17b0: match call 0x1250
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x130(%rbp), %rax]..
[*] not a call instruction
debug: 0x17b5: instr movq -0x130(%rbp), %rax
debug: 0x17b5: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x17b5: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x17b5: match movq -0x130(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rax, %rdi]..
[*] not a call instruction
debug: 0x17bc: instr mov %rax, %rdi
debug: 0x17bc: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x17bc: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x17bc: match mov %rax, %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1180]..
[*] call instruction not match any function
debug: 0x17bf: instr call 0x1180
debug: 0x17bf: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x17bf: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x17bf: match call 0x1180
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x118(%rbp), %rax]..
[*] not a call instruction
debug: 0x17c4: instr movq -0x118(%rbp), %rax
debug: 0x17c4: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x17c4: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x17c4: match movq -0x118(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rax, %rdi]..
[*] not a call instruction
debug: 0x17cb: instr mov %rax, %rdi
debug: 0x17cb: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x17cb: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x17cb: match mov %rax, %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1180]..
[*] call instruction not match any function
debug: 0x17ce: instr call 0x1180
debug: 0x17ce: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x17ce: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x17ce: match call 0x1180
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea -0x110(%rbp), %rax]..
[*] not a call instruction
debug: 0x17d3: instr lea -0x110(%rbp), %rax
debug: 0x17d3: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x17d3: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x17d3: match lea -0x110(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [add $0x18, %rax]..
[*] not a call instruction
debug: 0x17da: instr add $0x18, %rax
debug: 0x17da: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x17da: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x17da: match add $0x18, %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x0, %ecx]..
[*] not a call instruction
debug: 0x17de: instr mov $0x0, %ecx
debug: 0x17de: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x17de: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x17de: match mov $0x0, %ecx
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x64, %edx]..
[*] not a call instruction
debug: 0x17e3: instr mov $0x64, %edx
debug: 0x17e3: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x17e3: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x17e3: match mov $0x64, %edx
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rax, %rsi]..
[*] not a call instruction
debug: 0x17e8: instr mov %rax, %rsi
debug: 0x17e8: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x17e8: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x17e8: match mov %rax, %rsi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x0, %edi]..
[*] not a call instruction
debug: 0x17eb: instr mov $0x0, %edi
debug: 0x17eb: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x17eb: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x17eb: match mov $0x0, %edi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1369]..
[*] [call 0x1369] matching function:recv
debug: 0x17f0: instr call 0x1369
debug: 0x17f0: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x17f0: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x17f0: match call 0x1369
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x1234, %esi]..
[*] not a call instruction
debug: 0x17f5: instr mov $0x1234, %esi
debug: 0x17f5: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x17f5: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x17f5: match mov $0x1234, %esi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x1, %edi]..
[*] not a call instruction
debug: 0x17fa: instr mov $0x1, %edi
debug: 0x17fa: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x17fa: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x17fa: match mov $0x1, %edi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x13ab]..
[*] call instruction not match any function
debug: 0x17ff: instr call 0x13ab
debug: 0x17ff: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x17ff: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x17ff: match call 0x13ab
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x0, %ecx]..
[*] not a call instruction
debug: 0x1804: instr mov $0x0, %ecx
debug: 0x1804: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1804: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1804: match mov $0x0, %ecx
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x0, %edx]..
[*] not a call instruction
debug: 0x1809: instr mov $0x0, %edx
debug: 0x1809: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1809: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1809: match mov $0x0, %edx
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x0, %esi]..
[*] not a call instruction
debug: 0x180e: instr mov $0x0, %esi
debug: 0x180e: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x180e: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x180e: match mov $0x0, %esi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x0, %edi]..
[*] not a call instruction
debug: 0x1813: instr mov $0x0, %edi
debug: 0x1813: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1813: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1813: match mov $0x0, %edi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1381]..
[*] [call 0x1381] matching function:send
debug: 0x1818: instr call 0x1381
debug: 0x1818: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x1818: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x1818: match call 0x1381
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x1234, %esi]..
[*] not a call instruction
debug: 0x181d: instr mov $0x1234, %esi
debug: 0x181d: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x181d: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x181d: match mov $0x1234, %esi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x1, %edi]..
[*] not a call instruction
debug: 0x1822: instr mov $0x1, %edi
debug: 0x1822: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1822: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1822: match mov $0x1, %edi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1399]..
[*] call instruction not match any function
debug: 0x1827: instr call 0x1399
debug: 0x1827: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1827: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1827: match call 0x1399
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x118(%rbp), %rax]..
[*] not a call instruction
debug: 0x182c: instr movq -0x118(%rbp), %rax
debug: 0x182c: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x182c: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x182c: match movq -0x118(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rax, %rdi]..
[*] not a call instruction
debug: 0x1833: instr mov %rax, %rdi
debug: 0x1833: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1833: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1833: match mov %rax, %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1160]..
[*] [call 0x1160] matching function:free
debug: 0x1836: instr call 0x1160
debug: 0x1836: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x1836: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x1836: match call 0x1160
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq $0x0, -0x118(%rbp)]..
[*] not a call instruction
debug: 0x183b: instr movq $0x0, -0x118(%rbp)
debug: 0x183b: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x183b: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x183b: match movq $0x0, -0x118(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [addl $0x1, -0x14c(%rbp)]..
[*] not a call instruction
debug: 0x1846: instr addl $0x1, -0x14c(%rbp)
debug: 0x1846: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1846: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1846: match addl $0x1, -0x14c(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [cmpl $0x2, -0x14c(%rbp)]..
[*] not a call instruction
debug: 0x184d: instr cmpl $0x2, -0x14c(%rbp)
debug: 0x184d: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x184d: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x184d: match cmpl $0x2, -0x14c(%rbp)
[*] ----------------------------------------------------
[*] funcmatch matching instr [jle 0x16b9]..
[*] not a call instruction
debug: 0x1854: instr jle 0x16b9
debug: 0x1854: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1854: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1854: match jle 0x16b9
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x128(%rbp), %rax]..
[*] not a call instruction
debug: 0x185a: instr movq -0x128(%rbp), %rax
debug: 0x185a: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x185a: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x185a: match movq -0x128(%rbp), %rax
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rax, %rdi]..
[*] not a call instruction
debug: 0x1861: instr mov %rax, %rdi
debug: 0x1861: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1861: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1861: match mov %rax, %rdi
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1160]..
[*] [call 0x1160] matching function:free
debug: 0x1864: instr call 0x1160
debug: 0x1864: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x1864: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x1864: match call 0x1160
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov $0x0, %eax]..
[*] not a call instruction
debug: 0x1869: instr mov $0x0, %eax
debug: 0x1869: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1869: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1869: match mov $0x0, %eax
[*] ----------------------------------------------------
[*] funcmatch matching instr [movq -0x8(%rbp), %rcx]..
[*] not a call instruction
debug: 0x186e: instr movq -0x8(%rbp), %rcx
debug: 0x186e: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x186e: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x186e: match movq -0x8(%rbp), %rcx
[*] ----------------------------------------------------
[*] funcmatch matching instr [xorq %fs:0x28, %rcx]..
[*] not a call instruction
debug: 0x1872: instr xorq %fs:0x28, %rcx
debug: 0x1872: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1872: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1872: match xorq %fs:0x28, %rcx
[*] ----------------------------------------------------
[*] funcmatch matching instr [jz 0x1882]..
[*] not a call instruction
debug: 0x187b: instr jz 0x1882
debug: 0x187b: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x187b: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x187b: match jz 0x1882
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x11a0]..
[*] call instruction not match any function
debug: 0x187d: instr call 0x11a0
debug: 0x187d: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x187d: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x187d: match call 0x11a0
[*] ----------------------------------------------------
[*] funcmatch matching instr [leave]..
[*] not a call instruction
debug: 0x1882: instr leave
debug: 0x1882: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1882: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1882: match leave
[*] ----------------------------------------------------
[*] funcmatch matching instr [ret]..
[*] match ret addr of function:main
debug: 0x1883: instr ret
debug: 0x1883: var plugin("/home/echo/e9patch/funcMatch.so").match() = 1
debug: 0x1883: expr plugin("/home/echo/e9patch/funcMatch.so").match() = TRUE
debug: 0x1883: match ret
[*] ----------------------------------------------------
[*] funcmatch matching instr [nopw %ax, (%rax,%rax,1)]..
[*] not a call instruction
debug: 0x1884: instr nopw %ax, (%rax,%rax,1)
debug: 0x1884: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1884: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1884: match nopw %ax, (%rax,%rax,1)
[*] ----------------------------------------------------
[*] funcmatch matching instr [nop]..
[*] not a call instruction
debug: 0x188e: instr nop
debug: 0x188e: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x188e: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x188e: match nop
[*] ----------------------------------------------------
[*] funcmatch matching instr [endbr64]..
[*] not a call instruction
debug: 0x1890: instr endbr64
debug: 0x1890: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1890: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1890: match endbr64
[*] ----------------------------------------------------
[*] funcmatch matching instr [push %r15]..
[*] not a call instruction
debug: 0x1894: instr push %r15
debug: 0x1894: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1894: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1894: match push %r15
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0x2493(%rip), %r15]..
[*] not a call instruction
debug: 0x1896: instr lea 0x2493(%rip), %r15
debug: 0x1896: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1896: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1896: match lea 0x2493(%rip), %r15
[*] ----------------------------------------------------
[*] funcmatch matching instr [push %r14]..
[*] not a call instruction
debug: 0x189d: instr push %r14
debug: 0x189d: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x189d: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x189d: match push %r14
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rdx, %r14]..
[*] not a call instruction
debug: 0x189f: instr mov %rdx, %r14
debug: 0x189f: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x189f: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x189f: match mov %rdx, %r14
[*] ----------------------------------------------------
[*] funcmatch matching instr [push %r13]..
[*] not a call instruction
debug: 0x18a2: instr push %r13
debug: 0x18a2: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18a2: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18a2: match push %r13
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %rsi, %r13]..
[*] not a call instruction
debug: 0x18a4: instr mov %rsi, %r13
debug: 0x18a4: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18a4: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18a4: match mov %rsi, %r13
[*] ----------------------------------------------------
[*] funcmatch matching instr [push %r12]..
[*] not a call instruction
debug: 0x18a7: instr push %r12
debug: 0x18a7: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18a7: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18a7: match push %r12
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %edi, %r12d]..
[*] not a call instruction
debug: 0x18a9: instr mov %edi, %r12d
debug: 0x18a9: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18a9: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18a9: match mov %edi, %r12d
[*] ----------------------------------------------------
[*] funcmatch matching instr [push %rbp]..
[*] not a call instruction
debug: 0x18ac: instr push %rbp
debug: 0x18ac: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18ac: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18ac: match push %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [lea 0x2484(%rip), %rbp]..
[*] not a call instruction
debug: 0x18ad: instr lea 0x2484(%rip), %rbp
debug: 0x18ad: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18ad: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18ad: match lea 0x2484(%rip), %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [push %rbx]..
[*] not a call instruction
debug: 0x18b4: instr push %rbx
debug: 0x18b4: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18b4: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18b4: match push %rbx
[*] ----------------------------------------------------
[*] funcmatch matching instr [sub %r15, %rbp]..
[*] not a call instruction
debug: 0x18b5: instr sub %r15, %rbp
debug: 0x18b5: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18b5: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18b5: match sub %r15, %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [sub $0x8, %rsp]..
[*] not a call instruction
debug: 0x18b8: instr sub $0x8, %rsp
debug: 0x18b8: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18b8: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18b8: match sub $0x8, %rsp
[*] ----------------------------------------------------
[*] funcmatch matching instr [call 0x1000]..
[*] call instruction not match any function
debug: 0x18bc: instr call 0x1000
debug: 0x18bc: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18bc: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18bc: match call 0x1000
[*] ----------------------------------------------------
[*] funcmatch matching instr [sar $0x3, %rbp]..
[*] not a call instruction
debug: 0x18c1: instr sar $0x3, %rbp
debug: 0x18c1: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18c1: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18c1: match sar $0x3, %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [jz 0x18e6]..
[*] not a call instruction
debug: 0x18c5: instr jz 0x18e6
debug: 0x18c5: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18c5: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18c5: match jz 0x18e6
[*] ----------------------------------------------------
[*] funcmatch matching instr [xor %ebx, %ebx]..
[*] not a call instruction
debug: 0x18c7: instr xor %ebx, %ebx
debug: 0x18c7: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18c7: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18c7: match xor %ebx, %ebx
[*] ----------------------------------------------------
[*] funcmatch matching instr [nopl %eax, (%rax)]..
[*] not a call instruction
debug: 0x18c9: instr nopl %eax, (%rax)
debug: 0x18c9: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18c9: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18c9: match nopl %eax, (%rax)
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %r14, %rdx]..
[*] not a call instruction
debug: 0x18d0: instr mov %r14, %rdx
debug: 0x18d0: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18d0: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18d0: match mov %r14, %rdx
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %r13, %rsi]..
[*] not a call instruction
debug: 0x18d3: instr mov %r13, %rsi
debug: 0x18d3: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18d3: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18d3: match mov %r13, %rsi
[*] ----------------------------------------------------
[*] funcmatch matching instr [mov %r12d, %edi]..
[*] not a call instruction
debug: 0x18d6: instr mov %r12d, %edi
debug: 0x18d6: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18d6: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18d6: match mov %r12d, %edi
[*] ----------------------------------------------------
[*] funcmatch matching instr [callq *(%r15,%rbx,8)]..
[*] undefine address..
debug: 0x18d9: instr callq *(%r15,%rbx,8)
debug: 0x18d9: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18d9: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18d9: match callq *(%r15,%rbx,8)
[*] ----------------------------------------------------
[*] funcmatch matching instr [add $0x1, %rbx]..
[*] not a call instruction
debug: 0x18dd: instr add $0x1, %rbx
debug: 0x18dd: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18dd: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18dd: match add $0x1, %rbx
[*] ----------------------------------------------------
[*] funcmatch matching instr [cmp %rbx, %rbp]..
[*] not a call instruction
debug: 0x18e1: instr cmp %rbx, %rbp
debug: 0x18e1: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18e1: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18e1: match cmp %rbx, %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [jnz 0x18d0]..
[*] not a call instruction
debug: 0x18e4: instr jnz 0x18d0
debug: 0x18e4: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18e4: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18e4: match jnz 0x18d0
[*] ----------------------------------------------------
[*] funcmatch matching instr [add $0x8, %rsp]..
[*] not a call instruction
debug: 0x18e6: instr add $0x8, %rsp
debug: 0x18e6: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18e6: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18e6: match add $0x8, %rsp
[*] ----------------------------------------------------
[*] funcmatch matching instr [pop %rbx]..
[*] not a call instruction
debug: 0x18ea: instr pop %rbx
debug: 0x18ea: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18ea: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18ea: match pop %rbx
[*] ----------------------------------------------------
[*] funcmatch matching instr [pop %rbp]..
[*] not a call instruction
debug: 0x18eb: instr pop %rbp
debug: 0x18eb: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18eb: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18eb: match pop %rbp
[*] ----------------------------------------------------
[*] funcmatch matching instr [pop %r12]..
[*] not a call instruction
debug: 0x18ec: instr pop %r12
debug: 0x18ec: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18ec: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18ec: match pop %r12
[*] ----------------------------------------------------
[*] funcmatch matching instr [pop %r13]..
[*] not a call instruction
debug: 0x18ee: instr pop %r13
debug: 0x18ee: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18ee: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18ee: match pop %r13
[*] ----------------------------------------------------
[*] funcmatch matching instr [pop %r14]..
[*] not a call instruction
debug: 0x18f0: instr pop %r14
debug: 0x18f0: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18f0: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18f0: match pop %r14
[*] ----------------------------------------------------
[*] funcmatch matching instr [pop %r15]..
[*] not a call instruction
debug: 0x18f2: instr pop %r15
debug: 0x18f2: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18f2: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18f2: match pop %r15
[*] ----------------------------------------------------
[*] funcmatch matching instr [ret]..
debug: 0x18f4: instr ret
debug: 0x18f4: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18f4: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18f4: match ret
[*] ----------------------------------------------------
[*] funcmatch matching instr [nopw %ax, (%rax,%rax,1)]..
[*] not a call instruction
debug: 0x18f5: instr nopw %ax, (%rax,%rax,1)
debug: 0x18f5: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x18f5: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x18f5: match nopw %ax, (%rax,%rax,1)
[*] ----------------------------------------------------
[*] funcmatch matching instr [endbr64]..
[*] not a call instruction
debug: 0x1900: instr endbr64
debug: 0x1900: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1900: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1900: match endbr64
[*] ----------------------------------------------------
[*] funcmatch matching instr [ret]..
debug: 0x1904: instr ret
debug: 0x1904: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1904: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1904: match ret
[*] ----------------------------------------------------
[*] funcmatch matching instr [endbr64]..
[*] not a call instruction
debug: 0x1908: instr endbr64
debug: 0x1908: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1908: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1908: match endbr64
[*] ----------------------------------------------------
[*] funcmatch matching instr [sub $0x8, %rsp]..
[*] not a call instruction
debug: 0x190c: instr sub $0x8, %rsp
debug: 0x190c: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x190c: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x190c: match sub $0x8, %rsp
[*] ----------------------------------------------------
[*] funcmatch matching instr [add $0x8, %rsp]..
[*] not a call instruction
debug: 0x1910: instr add $0x8, %rsp
debug: 0x1910: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1910: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1910: match add $0x8, %rsp
[*] ----------------------------------------------------
[*] funcmatch matching instr [ret]..
debug: 0x1914: instr ret
debug: 0x1914: var plugin("/home/echo/e9patch/funcMatch.so").match() = 0
debug: 0x1914: expr plugin("/home/echo/e9patch/funcMatch.so").match() = FALSE
debug: 0x1914: match ret
debug: --------------------------------------
debug: 0x1883: patch ret [$call_1] #0
debug: 0x1864: patch call 0x1160 [$call_1] #0
debug: 0x1836: patch call 0x1160 [$call_1] #0
debug: 0x1818: patch call 0x1381 [$call_1] #0
debug: 0x17f0: patch call 0x1369 [$call_1] #0
debug: 0x176e: patch movq %rax, -0x118(%rbp) [$call_1] #0
debug: 0x1769: patch call 0x1210 [$call_1] #0
debug: 0x164d: patch movq %rax, -0x120(%rbp) [$call_1] #0
debug: 0x1648: patch call 0x11e0 [$call_1] #0
debug: 0x1637: patch movq %rax, -0x128(%rbp) [$call_1] #0
debug: 0x1632: patch call 0x1220 [$call_1] #0
debug: 0x160b: patch movq %rax, -0x130(%rbp) [$call_1] #0
debug: 0x1606: patch call 0x1210 [$call_1] #0
debug: 0x15b6: patch mov $0x0, %eax [$call_1] #0
debug: 0x15b1: patch call 0x1190 [$call_1] #0
debug: 0x15a2: patch call 0x1260 [$call_1] #0
debug: 0x1542: patch endbr64 [$call_1] #0
debug: 0x1541: patch ret [$call_1] #0
debug: 0x152c: patch movq -0x8(%rbp), %rcx [$call_1] #0
debug: 0x1527: patch call 0x1190 [$call_1] #0
debug: 0x151d: patch movq -0x3f8(%rbp), %rax [$call_1] #0
debug: 0x1518: patch call 0x11f0 [$call_1] #0
debug: 0x14a5: patch call 0x11d0 [$call_1] #0
debug: 0x140d: patch endbr64 [$call_1] #0