API tools faq
paste
Advertisement
Riremito

Untitled

Riremito
Sep 2nd, 2014
581
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.63 KB | None | 0 0
raw download clone embed print report
  1. 004D7960 - push -01
  2. 004D7962 - push 00D28ED0
  3. 004D7967 - mov eax,fs:[00000000]
  4. 004D796D - push eax
  5. 004D796E - sub esp,14
  6. 004D7971 - push esi
  7. 004D7972 - push edi
  8. 004D7973 - mov eax,[0107DCB0]
  9. 004D7978 - xor eax,esp
  10. 004D797A - push eax
  11. 004D797B - lea eax,[esp+20]
  12. 004D797F - mov fs:[00000000],eax
  13. 004D7985 - mov edi,ecx//edi = ecx = pointer
  14. 004D7987 - lea eax,[edi+00000084]//offset 1
  15. 004D798D - push eax
  16. 004D798E - lea ecx,[esp+10]
  17. 004D7992 - call 00402090//call 1
  18. 004D7997 - mov eax,[edi+0C]//offset 2
  19. 004D799A - mov [esp+28],00000000
  20. 004D79A2 - test eax,eax
  21. 004D79A4 - je 004D7A69
  22. 004D79AA - cmp eax,-01
  23. 004D79AD - je 004D7A69
  24. 004D79B3 - cmp dword ptr [edi+18],00//offset 3
  25. 004D79B7 - jne 004D7A69
  26. 004D79BD - lea ecx,[esp+10]
  27. 004D79C1 - call 0077E010//call 2
  28. 004D79C6 - mov ecx,[010844C8]//pointer 1
  29. 004D79CC - mov byte ptr [esp+28],01
  30. 004D79D1 - test ecx,ecx
  31. 004D79D3 - je 004D7A23
  32. 004D79D5 - lea esi,[edi+0000008C]//offset 3
  33. 004D79DB - jmp 004D79E0
  34. 004D79DD - lea ecx,[ecx+00]
  35. 004D79E0 - movzx eax,word ptr [esi]//offset3
  36. 004D79E3 - lea edx,[esp+10]
  37. 004D79E7 - push edx
  38. 004D79E8 - push eax
  39. 004D79E9 - call 00CE5360//call 3
  40. 004D79EE - test eax,eax
  41. 004D79F0 - je 004D7A23
  42. 004D79F2 - mov ecx,[esi]//offset 3
  43. 004D79F4 - push ecx
  44. 004D79F5 - push 01
  45. 004D79F7 - push esi//offset3
  46. 004D79F8 - push 000000D3//client version
  47. 004D79FD - lea edx,[edi+58]//offset 4
  48. 004D7A00 - push edx
  49. 004D7A01 - lea ecx,[esp+24]
  50. 004D7A05 - call 0077E100//call 4
  51. 004D7A0A - push 00
  52. 004D7A0C - push 04
  53. 004D7A0E - push esi
  54. 004D7A0F - call 00CE6800//call 5
  55. 004D7A14 - mov [esi],eax
  56. 004D7A16 - mov ecx,[010844C8]//pointer 1
  57. 004D7A1C - add esp,0C
  58. 004D7A1F - test ecx,ecx
  59. 004D7A21 - jne 004D79E0
  60. 004D7A23 - mov eax,[edi+0000008C]//offset 3
  61. 004D7A29 - lea esi,[edi+0000008C]//offset 3
  62. 004D7A2F - push eax
  63. 004D7A30 - push 01
  64. 004D7A32 - push esi
  65. 004D7A33 - push 000000D3//client version
  66. 004D7A38 - lea ecx,[edi+58]//offset 4
  67. 004D7A3B - push ecx
  68. 004D7A3C - mov ecx,[esp+44]
  69. 004D7A40 - call 0077E100//call 4
  70. 004D7A45 - push 00
  71. 004D7A47 - push 04
  72. 004D7A49 - push esi
  73. 004D7A4A - call 00CE6800//call 5
  74. 004D7A4F - add esp,0C
  75. 004D7A52 - mov ecx,edi
  76. 004D7A54 - mov [esi],eax
  77. 004D7A56 - call 004D7640//call 6 "encrypted packet send function this calls ws2_32!send"
  78. 004D7A5B - lea ecx,[esp+10]
  79. 004D7A5F - mov byte ptr [esp+28],00
  80. 004D7A64 - call 004370C0//call 7
  81. 004D7A69 - mov eax,[esp+0C]
  82. 004D7A6D - add dword ptr [eax+04],-01
  83. 004D7A71 - jne 004D7A79
  84. 004D7A73 - mov [eax],00000000
  85. 004D7A79 - mov ecx,[esp+20]
  86. 004D7A7D - mov fs:[00000000],ecx
  87. 004D7A84 - pop ecx
  88. 004D7A85 - pop edi
  89. 004D7A86 - pop esi
  90. 004D7A87 - add esp,20
  91. 004D7A8A - ret 0004
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!