- 注册时间
- 2011-8-8
- 最后登录
- 1970-1-1
该用户从未签到
|
push 0
push addr//内容
push 0c//标志
mov ecx,xxxx
call 发包
定位--8B 4C 24 18 8B 06 8B 50 04
00723900 56 push esi
00723901 8BF1 mov esi,ecx
00723903 83BE 98BC0A00 0>cmp dword ptr ds:[esi+0xABC98],0x0
0072390A 75 58 jnz short Asura.00723964
0072390C A1 D8F8A801 mov eax,dword ptr ds:[0x1A8F8D8]
00723911 8B0D E001A201 mov ecx,dword ptr ds:[0x1A201E0]
00723917 8B30 mov esi,dword ptr ds:[eax]
00723919 68 1A3F7D01 push Asura.017D3F1A
0072391E 68 1A3F7D01 push Asura.017D3F1A
00723923 68 1A3F7D01 push Asura.017D3F1A
00723928 68 1A3F7D01 push Asura.017D3F1A
0072392D 68 1A3F7D01 push Asura.017D3F1A
00723932 68 1A3F7D01 push Asura.017D3F1A
00723937 68 ECC80000 push 0xC8EC
0072393C E8 EFD46900 call Asura.00DC0E30
00723941 8B0D D8F8A801 mov ecx,dword ptr ds:[0x1A8F8D8] ; Asura.01A26F40
00723947 8B56 60 mov edx,dword ptr ds:[esi+0x60]
0072394A 50 push eax
0072394B 68 81070000 push 0x781
00723950 68 781A8001 push Asura.01801A78
00723955 68 88198001 push Asura.01801988
0072395A 51 push ecx
0072395B FFD2 call edx
0072395D 83C4 2C add esp,0x2C
00723960 5E pop esi
00723961 C2 0C00 retn 0xC
00723964 53 push ebx
00723965 8B5C24 0C mov ebx,dword ptr ss:[esp+0xC]
00723969 57 push edi
0072396A 8B7C24 14 mov edi,dword ptr ss:[esp+0x14]
0072396E 83FB 05 cmp ebx,0x5
00723971 75 26 jnz short Asura.00723999
00723973 0FBE87 15010000 movsx eax,byte ptr ds:[edi+0x115]
0072397A 69C0 0C380000 imul eax,eax,0x380C
00723980 57 push edi
00723981 8D4C30 5C lea ecx,dword ptr ds:[eax+esi+0x5C]
00723985 E8 EF06CFFF call Asura.00414079
0072398A 84C0 test al,al
0072398C 74 21 je short Asura.007239AF
0072398E 5F pop edi
0072398F 5B pop ebx
00723990 B8 01000000 mov eax,0x1
00723995 5E pop esi
00723996 C2 0C00 retn 0xC
00723999 83FB 0A cmp ebx,0xA
0072399C 75 11 jnz short Asura.007239AF
0072399E 8B0F mov ecx,dword ptr ds:[edi]
007239A0 898E 48570C00 mov dword ptr ds:[esi+0xC5748],ecx
007239A6 8B57 04 mov edx,dword ptr ds:[edi+0x4]
007239A9 8996 4C570C00 mov dword ptr ds:[esi+0xC574C],edx
007239AF 8B4C24 18 mov ecx,dword ptr ss:[esp+0x18]
007239B3 8B06 mov eax,dword ptr ds:[esi] //ce 搜索 esi
007239B5 8B50 04 mov edx,dword ptr ds:[eax+0x4]
007239B8 51 push ecx
007239B9 57 push edi
007239BA 53 push ebx
007239BB 8BCE mov ecx,esi
007239BD FFD2 call edx ; 发包call
007239BF 5F pop edi
007239C0 5B pop ebx
007239C1 5E pop esi
007239C2 C2 0C00 retn 0xC |
|