Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 004D7960 - push -01
- 004D7962 - push 00D28ED0
- 004D7967 - mov eax,fs:[00000000]
- 004D796D - push eax
- 004D796E - sub esp,14
- 004D7971 - push esi
- 004D7972 - push edi
- 004D7973 - mov eax,[0107DCB0]
- 004D7978 - xor eax,esp
- 004D797A - push eax
- 004D797B - lea eax,[esp+20]
- 004D797F - mov fs:[00000000],eax
- 004D7985 - mov edi,ecx//edi = ecx = pointer
- 004D7987 - lea eax,[edi+00000084]//offset 1
- 004D798D - push eax
- 004D798E - lea ecx,[esp+10]
- 004D7992 - call 00402090//call 1
- 004D7997 - mov eax,[edi+0C]//offset 2
- 004D799A - mov [esp+28],00000000
- 004D79A2 - test eax,eax
- 004D79A4 - je 004D7A69
- 004D79AA - cmp eax,-01
- 004D79AD - je 004D7A69
- 004D79B3 - cmp dword ptr [edi+18],00//offset 3
- 004D79B7 - jne 004D7A69
- 004D79BD - lea ecx,[esp+10]
- 004D79C1 - call 0077E010//call 2
- 004D79C6 - mov ecx,[010844C8]//pointer 1
- 004D79CC - mov byte ptr [esp+28],01
- 004D79D1 - test ecx,ecx
- 004D79D3 - je 004D7A23
- 004D79D5 - lea esi,[edi+0000008C]//offset 3
- 004D79DB - jmp 004D79E0
- 004D79DD - lea ecx,[ecx+00]
- 004D79E0 - movzx eax,word ptr [esi]//offset3
- 004D79E3 - lea edx,[esp+10]
- 004D79E7 - push edx
- 004D79E8 - push eax
- 004D79E9 - call 00CE5360//call 3
- 004D79EE - test eax,eax
- 004D79F0 - je 004D7A23
- 004D79F2 - mov ecx,[esi]//offset 3
- 004D79F4 - push ecx
- 004D79F5 - push 01
- 004D79F7 - push esi//offset3
- 004D79F8 - push 000000D3//client version
- 004D79FD - lea edx,[edi+58]//offset 4
- 004D7A00 - push edx
- 004D7A01 - lea ecx,[esp+24]
- 004D7A05 - call 0077E100//call 4
- 004D7A0A - push 00
- 004D7A0C - push 04
- 004D7A0E - push esi
- 004D7A0F - call 00CE6800//call 5
- 004D7A14 - mov [esi],eax
- 004D7A16 - mov ecx,[010844C8]//pointer 1
- 004D7A1C - add esp,0C
- 004D7A1F - test ecx,ecx
- 004D7A21 - jne 004D79E0
- 004D7A23 - mov eax,[edi+0000008C]//offset 3
- 004D7A29 - lea esi,[edi+0000008C]//offset 3
- 004D7A2F - push eax
- 004D7A30 - push 01
- 004D7A32 - push esi
- 004D7A33 - push 000000D3//client version
- 004D7A38 - lea ecx,[edi+58]//offset 4
- 004D7A3B - push ecx
- 004D7A3C - mov ecx,[esp+44]
- 004D7A40 - call 0077E100//call 4
- 004D7A45 - push 00
- 004D7A47 - push 04
- 004D7A49 - push esi
- 004D7A4A - call 00CE6800//call 5
- 004D7A4F - add esp,0C
- 004D7A52 - mov ecx,edi
- 004D7A54 - mov [esi],eax
- 004D7A56 - call 004D7640//call 6 "encrypted packet send function this calls ws2_32!send"
- 004D7A5B - lea ecx,[esp+10]
- 004D7A5F - mov byte ptr [esp+28],00
- 004D7A64 - call 004370C0//call 7
- 004D7A69 - mov eax,[esp+0C]
- 004D7A6D - add dword ptr [eax+04],-01
- 004D7A71 - jne 004D7A79
- 004D7A73 - mov [eax],00000000
- 004D7A79 - mov ecx,[esp+20]
- 004D7A7D - mov fs:[00000000],ecx
- 004D7A84 - pop ecx
- 004D7A85 - pop edi
- 004D7A86 - pop esi
- 004D7A87 - add esp,20
- 004D7A8A - ret 0004
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement