|
发表于 2023-10-1 00:42:19
|
查看: 2406 |
回复: 0
68??0000005668FC030000FF12 明文组包CALL
0065BBEC | 3BF7 | cmp esi, edi |
0065BBEE | 75 EF | jne qqsg.65BBDF |
0065BBF0 | E9 8F000000 | jmp qqsg.65BC84 |
0065BBF5 | B9 20000000 | mov ecx, 20 | ecx:"\\v?", 20:' '
0065BBFA | 33C0 | xor eax, eax |
0065BBFC | 8DBC24 18020000 | lea edi, dword ptr ss:[esp+218] |
0065BC03 | 68 280AEE00 | push qqsg.EE0A28 | EE0A28:"/C25消息内容有误,请确认后再输入."
0065BC08 | 8D9424 1C020000 | lea edx, dword ptr ss:[esp+21C] |
0065BC0F | 6A 7F | push 7F |
0065BC11 | F3:AB | rep stosd |
0065BC13 | 52 | push edx |
0065BC14 | FF15 30B8D200 | call dword ptr ds:[<&_snprintf>] |
0065BC1A | 8D8424 24020000 | lea eax, dword ptr ss:[esp+224] |
0065BC21 | 6A 05 | push 5 |
0065BC23 | 50 | push eax |
0065BC24 | 6A 01 | push 1 |
0065BC26 | E8 B54B3A00 | call qqsg.A007E0 |
0065BC2B | 8B4424 5C | mov eax, dword ptr ss:[esp+5C] |
0065BC2F | 83C4 18 | add esp, 18 |
0065BC32 | 3BC5 | cmp eax, ebp |
0065BC34 | 74 1D | je qqsg.65BC53 |
0065BC36 | 8D48 FF | lea ecx, dword ptr ds:[eax-1] | ecx:"\\v?"
0065BC39 | 8A40 FF | mov al, byte ptr ds:[eax-1] |
0065BC3C | 84C0 | test al, al |
0065BC3E | 74 0A | je qqsg.65BC4A |
0065BC40 | 3C FF | cmp al, FF |
0065BC42 | 74 06 | je qqsg.65BC4A |
0065BC44 | FEC8 | dec al |
0065BC46 | 8801 | mov byte ptr ds:[ecx], al | ecx:"\\v?"
0065BC48 | EB 09 | jmp qqsg.65BC53 |
0065BC4A | 51 | push ecx | ecx:"\\v?"
0065BC4B | E8 FE4A6800 | call <JMP.&??3@YAXPAX@Z> |
0065BC50 | 83C4 04 | add esp, 4 |
0065BC53 | 8B7C24 1C | mov edi, dword ptr ss:[esp+1C] |
0065BC57 | 8B7424 18 | mov esi, dword ptr ss:[esp+18] |
0065BC5B | 3BF7 | cmp esi, edi |
0065BC5D | 896C24 44 | mov dword ptr ss:[esp+44], ebp | [esp+44]:"0嘌4"
0065BC61 | 896C24 48 | mov dword ptr ss:[esp+48], ebp |
0065BC65 | 896C24 4C | mov dword ptr ss:[esp+4C], ebp |
0065BC69 | C68424 F80D0000 01 | mov byte ptr ss:[esp+DF8], 1 |
0065BC71 | 74 15 | je qqsg.65BC88 |
0065BC73 | 6A 01 | push 1 |
0065BC75 | 8BCE | mov ecx, esi | ecx:"\\v?"
0065BC77 | FF15 A4B5D200 | call dword ptr ds:[<&?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$al |
0065BC7D | 83C6 10 | add esi, 10 |
0065BC80 | 3BF7 | cmp esi, edi |
0065BC82 | 75 EF | jne qqsg.65BC73 |
0065BC84 | 8B7424 18 | mov esi, dword ptr ss:[esp+18] |
0065BC88 | 56 | push esi |
0065BC89 | E8 C04A6800 | call <JMP.&??3@YAXPAX@Z> |
0065BC8E | 8B4C24 34 | mov ecx, dword ptr ss:[esp+34] |
0065BC92 | 896C24 1C | mov dword ptr ss:[esp+1C], ebp |
0065BC96 | 896C24 20 | mov dword ptr ss:[esp+20], ebp |
0065BC9A | 896C24 24 | mov dword ptr ss:[esp+24], ebp |
0065BC9E | 51 | push ecx | ecx:"\\v?"
0065BC9F | E9 B6000000 | jmp qqsg.65BD5A |
0065BCA4 | 8D8424 28010000 | lea eax, dword ptr ss:[esp+128] | [esp+128]:"33333333"
0065BCAB | 50 | push eax |
0065BCAC | E8 3F53F9FF | call <qqsg.喊话组包CALL02> |
0081441A | 6A 65 | push 65 |
0081441C | 8D8424 A0000000 | lea eax, dword ptr ss:[esp+A0] |
00814423 | EB 1D | jmp qqsg.814442 |
00814425 | 8B13 | mov edx, dword ptr ds:[ebx] |
00814427 | 8BCB | mov ecx, ebx | ecx:"\\v?"
00814429 | FF92 04080000 | call dword ptr ds:[edx+804] |
0081442F | 83F8 1E | cmp eax, 1E |
00814432 | 7C 23 | jl qqsg.814457 |
00814434 | C64424 14 04 | mov byte ptr ss:[esp+14], 4 |
00814439 | 6A 65 | push 65 |
0081443B | 8D8424 A3000000 | lea eax, dword ptr ss:[esp+A3] |
00814442 | 8D4C24 19 | lea ecx, dword ptr ss:[esp+19] |
00814446 | 50 | push eax |
00814447 | 51 | push ecx | ecx:"\\v?"
00814448 | FFD6 | call esi |
0081444A | 83C4 0C | add esp, C |
0081444D | C64424 7A 00 | mov byte ptr ss:[esp+7A], 0 |
00814452 | E9 A0000000 | jmp qqsg.8144F7 |
00814457 | B9 20000000 | mov ecx, 20 | ecx:"\\v?", 20:' '
0081445C | 33C0 | xor eax, eax |
0081445E | 8DBC24 04010000 | lea edi, dword ptr ss:[esp+104] |
00814465 | 68 3C95F800 | push qqsg.F8953C | F8953C:"/C2530级前不能使用国家频道."
0081446A | 8D9424 08010000 | lea edx, dword ptr ss:[esp+108] |
00814471 | 6A 7F | push 7F |
00814473 | F3:AB | rep stosd |
00814475 | 52 | push edx |
00814476 | FF15 30B8D200 | call dword ptr ds:[<&_snprintf>] |
0081447C | 8D8424 10010000 | lea eax, dword ptr ss:[esp+110] |
00814483 | 6A 05 | push 5 |
00814485 | 50 | push eax |
00814486 | EB 65 | jmp qqsg.8144ED |
00814488 | C64424 14 09 | mov byte ptr ss:[esp+14], 9 | 9:'\t'
0081448D | EB 14 | jmp qqsg.8144A3 |
0081448F | 8B03 | mov eax, dword ptr ds:[ebx] |
00814491 | 8BCB | mov ecx, ebx | ecx:"\\v?"
00814493 | FF90 04080000 | call dword ptr ds:[eax+804] |
00814499 | 83F8 14 | cmp eax, 14 |
0081449C | 7C 20 | jl qqsg.8144BE |
0081449E | C64424 14 02 | mov byte ptr ss:[esp+14], 2 |
008144A3 | 8D8C24 9C000000 | lea ecx, dword ptr ss:[esp+9C] |
008144AA | 6A 65 | push 65 |
008144AC | 8D5424 19 | lea edx, dword ptr ss:[esp+19] |
008144B0 | 51 | push ecx | ecx:"\\v?"
008144B1 | 52 | push edx |
008144B2 | FFD6 | call esi |
008144B4 | 83C4 0C | add esp, C |
008144B7 | C64424 7A 00 | mov byte ptr ss:[esp+7A], 0 |
008144BC | EB 39 | jmp qqsg.8144F7 |
008144BE | B9 20000000 | mov ecx, 20 | ecx:"\\v?", 20:' '
008144C3 | 33C0 | xor eax, eax |
008144C5 | 8DBC24 04010000 | lea edi, dword ptr ss:[esp+104] |
008144CC | 68 6095F800 | push qqsg.F89560 | F89560:"/C2520级前不能使用职业频道."
008144D1 | F3:AB | rep stosd |
008144D3 | 8D8424 08010000 | lea eax, dword ptr ss:[esp+108] |
008144DA | 6A 7F | push 7F |
008144DC | 50 | push eax |
008144DD | FF15 30B8D200 | call dword ptr ds:[<&_snprintf>] |
008144E3 | 8D8C24 10010000 | lea ecx, dword ptr ss:[esp+110] |
008144EA | 6A 05 | push 5 |
008144EC | 51 | push ecx | ecx:"\\v?"
008144ED | 6A 01 | push 1 |
008144EF | E8 ECC21E00 | call qqsg.A007E0 |
008144F4 | 83C4 18 | add esp, 18 |
008144F7 | 8D5424 14 | lea edx, dword ptr ss:[esp+14] |
008144FB | 52 | push edx |
008144FC | E8 EFCADDFF | call <qqsg.喊话组包CALL02> |
00814501 | B8 00080000 | mov eax, 800 |
00814506 | 68 FF000000 | push FF |
0081450B | 66:898424 8C010000 | mov word ptr ss:[esp+18C], ax |
00814513 | 66:898424 8E010000 | mov word ptr ss:[esp+18E], ax |
0081451B | 8D8424 90010000 | lea eax, dword ptr ss:[esp+190] |
00814522 | 68 A4BF0501 | push qqsg.105BFA4 |
00814527 | 50 | push eax |
00814528 | FFD6 | call esi |
0081452A | 8B5424 20 | mov edx, dword ptr ss:[esp+20] |
0081452E | 83C4 10 | add esp, 10 |
00814531 | 8D8C24 84010000 | lea ecx, dword ptr ss:[esp+184] |
00814538 | 51 | push ecx | ecx:"\\v?"
00814539 | 68 04010000 | push 104 |
0081453E | 68 01080100 | push 10801 |
00814543 | 8D4A 04 | lea ecx, dword ptr ds:[edx+4] | ecx:"\\v?"
00814546 | E8 25160000 | call qqsg.815B70 |
0081454B | 5F | pop edi |
0081454C | 5E | pop esi |
0081454D | 5D | pop ebp |
0081454E | 5B | pop ebx |
0081454F | 81C4 80060000 | add esp, 680 |
00814555 | C2 0800 | ret 8 |
喊话组包CALL02
005F0FF0 | 8B0D 90B52F01 | mov ecx, dword ptr ds:[12FB590] | 012FB590:&"\\v?"
005F0FF6 | 85C9 | test ecx, ecx |
005F0FF8 | 75 03 | jne qqsg.5F0FFD |
005F0FFA | 32C0 | xor al, al |
005F0FFC | C3 | ret |
005F0FFD | 56 | push esi |
005F0FFE | 8B7424 08 | mov esi, dword ptr ss:[esp+8] |
005F1002 | 803E 01 | cmp byte ptr ds:[esi], 1 |
005F1005 | 75 28 | jne qqsg.5F102F |
005F1007 | A1 D0982E01 | mov eax, dword ptr ds:[12E98D0] |
005F100C | 6A 01 | push 1 |
005F100E | 6A 00 | push 0 |
005F1010 | 8B48 04 | mov ecx, dword ptr ds:[eax+4] |
005F1013 | E8 B84D3100 | call qqsg.905DD0 |
005F1018 | 8B80 200C0000 | mov eax, dword ptr ds:[eax+C20] |
005F101E | 8D4E 67 | lea ecx, dword ptr ds:[esi+67] |
005F1021 | 51 | push ecx |
005F1022 | 8BC8 | mov ecx, eax |
005F1024 | E8 77B21400 | call qqsg.73C2A0 |
005F1029 | 8B0D 90B52F01 | mov ecx, dword ptr ds:[12FB590] | 012FB590:&"\\v?"
005F102F | 8B11 | mov edx, dword ptr ds:[ecx] |
005F1031 | 68 88000000 | push 88 |push 88 push 87 这个包长会变化
005F1036 | 56 | push esi |
005F1037 | 68 FC030000 | push 3FC | 这个类型一般不会变
005F103C | FF12 | call dword ptr ds:[edx] | 明文组包 edx 里边的代码被VMP了
005F103E | 5E | pop esi |
005F103F | C3 | ret |
004C7867 | E8 04918100 | call qqsg.CE0970 |
004C786C | 894424 1C | mov dword ptr ss:[esp+1C], eax |
004C7870 | 8B87 A4000000 | mov eax, dword ptr ds:[edi+A4] | edi+A4:"全民跨服生存战中,不能使用该功能!"
004C7876 | 8BCA | mov ecx, edx | ecx:"\\v?"
004C7878 | 99 | cdq |
004C7879 | 3BCA | cmp ecx, edx | ecx:"\\v?"
004C787B | 7F 18 | jg qqsg.4C7895 |
004C787D | 7C 06 | jl qqsg.4C7885 |
004C787F | 394424 1C | cmp dword ptr ss:[esp+1C], eax |
004C7883 | 77 10 | ja qqsg.4C7895 |
004C7885 | 8B4424 14 | mov eax, dword ptr ss:[esp+14] |
004C7889 | 8B4C24 18 | mov ecx, dword ptr ss:[esp+18] |
004C788D | 0BC1 | or eax, ecx | ecx:"\\v?"
004C788F | 0F85 9D000000 | jne qqsg.4C7932 |
004C7895 | 8B4C24 28 | mov ecx, dword ptr ss:[esp+28] |
004C7899 | 895E 28 | mov dword ptr ds:[esi+28], ebx |
004C789C | 894E 2C | mov dword ptr ds:[esi+2C], ecx | ecx:"\\v?"
004C789F | 8B9F A8000000 | mov ebx, dword ptr ds:[edi+A8] | edi+A8:"跨服生存战中,不能使用该功能!"
004C78A5 | 8BB7 AC000000 | mov esi, dword ptr ds:[edi+AC] | edi+AC:"生存战中,不能使用该功能!"
004C78AB | FF15 00B8D200 | call dword ptr ds:[<&rand>] |
004C78B1 | 2BF3 | sub esi, ebx |
004C78B3 | 99 | cdq |
004C78B4 | 46 | inc esi |
004C78B5 | F7FE | idiv esi |
004C78B7 | 03D3 | add edx, ebx |
004C78B9 | 52 | push edx |
004C78BA | 8D5424 28 | lea edx, dword ptr ss:[esp+28] |
004C78BE | 52 | push edx |
004C78BF | E8 5CC10800 | call qqsg.553A20 |
004C78C4 | 8BC8 | mov ecx, eax | ecx:"\\v?"
004C78C6 | E8 55C70800 | call qqsg.554020 |
004C78CB | B9 21000000 | mov ecx, 21 | ecx:"\\v?", 21:'!'
004C78D0 | 33C0 | xor eax, eax |
004C78D2 | 8D7C24 35 | lea edi, dword ptr ss:[esp+35] |
004C78D6 | C78424 C4000000 00000 | mov dword ptr ss:[esp+C4], 0 |
004C78E1 | F3:AB | rep stosd |
004C78E3 | 66:AB | stosw |
004C78E5 | AA | stosb |
004C78E6 | 8B4424 28 | mov eax, dword ptr ss:[esp+28] |
004C78EA | C64424 34 00 | mov byte ptr ss:[esp+34], 0 |
004C78EF | 85C0 | test eax, eax |
004C78F1 | 75 05 | jne qqsg.4C78F8 |
004C78F3 | A1 2CB5D200 | mov eax, dword ptr ds:[<&?_C@?1??_Nullstr@?$basic_string@DU?$char_trai |
004C78F8 | 6A 65 | push 65 |
004C78FA | 50 | push eax |
004C78FB | 8D4424 3D | lea eax, dword ptr ss:[esp+3D] |
004C78FF | 50 | push eax |
004C7900 | FF15 E0B7D200 | call dword ptr ds:[<&strncpy>] |
004C7906 | 8D4C24 40 | lea ecx, dword ptr ss:[esp+40] |
004C790A | C68424 A6000000 00 | mov byte ptr ss:[esp+A6], 0 |
004C7912 | 51 | push ecx | ecx:"\\v?"
004C7913 | E8 D8961200 | call <qqsg.喊话组包CALL02> |
004C7918 | 83C4 10 | add esp, 10 |
0063189B | 3BFB | cmp edi, ebx |
0063189D | 897424 40 | mov dword ptr ss:[esp+40], esi |
006318A1 | 897424 44 | mov dword ptr ss:[esp+44], esi |
006318A5 | 897424 48 | mov dword ptr ss:[esp+48], esi |
006318A9 | C68424 2C1A0000 01 | mov byte ptr ss:[esp+1A2C], 1 |
006318B1 | 0F84 D9010000 | je qqsg.631A90 |
006318B7 | 6A 01 | push 1 |
006318B9 | 8BCF | mov ecx, edi |
006318BB | FF15 A4B5D200 | call dword ptr ds:[<&?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$al |
006318C1 | 83C7 10 | add edi, 10 |
006318C4 | 3BFB | cmp edi, ebx |
006318C6 | 75 EF | jne qqsg.6318B7 |
006318C8 | E9 BF010000 | jmp qqsg.631A8C |
006318CD | B9 20000000 | mov ecx, 20 |
006318D2 | 33C0 | xor eax, eax |
006318D4 | 8DBC24 B0000000 | lea edi, dword ptr ss:[esp+B0] |
006318DB | 68 280AEE00 | push qqsg.EE0A28 | EE0A28:"/C25消息内容有误,请确认后再输入."
006318E0 | F3:AB | rep stosd |
006318E2 | 8D8424 B4000000 | lea eax, dword ptr ss:[esp+B4] |
006318E9 | 6A 7F | push 7F |
006318EB | 50 | push eax |
006318EC | FF15 30B8D200 | call dword ptr ds:[<&_snprintf>] |
006318F2 | 8D8C24 BC000000 | lea ecx, dword ptr ss:[esp+BC] |
006318F9 | 6A 05 | push 5 |
006318FB | 51 | push ecx |
006318FC | 6A 01 | push 1 |
006318FE | E8 DDEE3C00 | call qqsg.A007E0 |
00631903 | 8B4424 58 | mov eax, dword ptr ss:[esp+58] |
00631907 | 83C4 18 | add esp, 18 |
0063190A | 3BC6 | cmp eax, esi |
0063190C | 74 1D | je qqsg.63192B |
0063190E | 8D48 FF | lea ecx, dword ptr ds:[eax-1] |
00631911 | 8A40 FF | mov al, byte ptr ds:[eax-1] |
00631914 | 84C0 | test al, al |
00631916 | 74 0A | je qqsg.631922 |
00631918 | 3C FF | cmp al, FF |
0063191A | 74 06 | je qqsg.631922 |
0063191C | FEC8 | dec al |
0063191E | 8801 | mov byte ptr ds:[ecx], al |
00631920 | EB 09 | jmp qqsg.63192B |
00631922 | 51 | push ecx |
00631923 | E8 26EE6A00 | call <JMP.&??3@YAXPAX@Z> |
00631928 | 83C4 04 | add esp, 4 |
0063192B | 8B5C24 20 | mov ebx, dword ptr ss:[esp+20] |
0063192F | 8B7C24 1C | mov edi, dword ptr ss:[esp+1C] |
00631933 | 3BFB | cmp edi, ebx |
00631935 | 897424 40 | mov dword ptr ss:[esp+40], esi |
00631939 | 897424 44 | mov dword ptr ss:[esp+44], esi |
0063193D | 897424 48 | mov dword ptr ss:[esp+48], esi |
00631941 | C68424 2C1A0000 01 | mov byte ptr ss:[esp+1A2C], 1 |
00631949 | 0F84 41010000 | je qqsg.631A90 |
0063194F | 6A 01 | push 1 |
00631951 | 8BCF | mov ecx, edi |
00631953 | FF15 A4B5D200 | call dword ptr ds:[<&?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$al |
00631959 | 83C7 10 | add edi, 10 |
0063195C | 3BFB | cmp edi, ebx |
0063195E | 75 EF | jne qqsg.63194F |
00631960 | E9 27010000 | jmp qqsg.631A8C |
00631965 | B9 20000000 | mov ecx, 20 |
0063196A | 33C0 | xor eax, eax |
0063196C | 8DBC24 B0000000 | lea edi, dword ptr ss:[esp+B0] |
00631973 | 68 280AEE00 | push qqsg.EE0A28 | EE0A28:"/C25消息内容有误,请确认后再输入."
00631978 | F3:AB | rep stosd |
0063197A | 8D8424 B4000000 | lea eax, dword ptr ss:[esp+B4] |
00631981 | 6A 7F | push 7F |
00631983 | 50 | push eax |
00631984 | FF15 30B8D200 | call dword ptr ds:[<&_snprintf>] |
0063198A | 8D8C24 BC000000 | lea ecx, dword ptr ss:[esp+BC] |
00631991 | 6A 05 | push 5 |
00631993 | 51 | push ecx |
00631994 | 6A 01 | push 1 |
00631996 | E8 45EE3C00 | call qqsg.A007E0 |
0063199B | 8B4424 58 | mov eax, dword ptr ss:[esp+58] |
0063199F | 83C4 18 | add esp, 18 |
006319A2 | 3BC6 | cmp eax, esi |
006319A4 | 74 1D | je qqsg.6319C3 |
006319A6 | 8D48 FF | lea ecx, dword ptr ds:[eax-1] |
006319A9 | 8A40 FF | mov al, byte ptr ds:[eax-1] |
006319AC | 84C0 | test al, al |
006319AE | 74 0A | je qqsg.6319BA |
006319B0 | 3C FF | cmp al, FF |
006319B2 | 74 06 | je qqsg.6319BA |
006319B4 | FEC8 | dec al |
006319B6 | 8801 | mov byte ptr ds:[ecx], al |
006319B8 | EB 09 | jmp qqsg.6319C3 |
006319BA | 51 | push ecx |
006319BB | E8 8EED6A00 | call <JMP.&??3@YAXPAX@Z> |
006319C0 | 83C4 04 | add esp, 4 |
006319C3 | 8B5C24 20 | mov ebx, dword ptr ss:[esp+20] |
006319C7 | 8B7C24 1C | mov edi, dword ptr ss:[esp+1C] |
006319CB | 3BFB | cmp edi, ebx |
006319CD | 897424 40 | mov dword ptr ss:[esp+40], esi |
006319D1 | 897424 44 | mov dword ptr ss:[esp+44], esi |
006319D5 | 897424 48 | mov dword ptr ss:[esp+48], esi |
006319D9 | C68424 2C1A0000 01 | mov byte ptr ss:[esp+1A2C], 1 |
006319E1 | 0F84 A9000000 | je qqsg.631A90 |
006319E7 | 6A 01 | push 1 |
006319E9 | 8BCF | mov ecx, edi |
006319EB | FF15 A4B5D200 | call dword ptr ds:[<&?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$al |
006319F1 | 83C7 10 | add edi, 10 |
006319F4 | 3BFB | cmp edi, ebx |
006319F6 | 75 EF | jne qqsg.6319E7 |
006319F8 | E9 8F000000 | jmp qqsg.631A8C |
006319FD | B9 20000000 | mov ecx, 20 |
00631A02 | 33C0 | xor eax, eax |
00631A04 | 8DBC24 B0000000 | lea edi, dword ptr ss:[esp+B0] |
00631A0B | 68 280AEE00 | push qqsg.EE0A28 | EE0A28:"/C25消息内容有误,请确认后再输入."
00631A10 | F3:AB | rep stosd |
00631A12 | 8D8424 B4000000 | lea eax, dword ptr ss:[esp+B4] |
00631A19 | 6A 7F | push 7F |
00631A1B | 50 | push eax |
00631A1C | FF15 30B8D200 | call dword ptr ds:[<&_snprintf>] |
00631A22 | 8D8C24 BC000000 | lea ecx, dword ptr ss:[esp+BC] |
00631A29 | 6A 05 | push 5 |
00631A2B | 51 | push ecx |
00631A2C | 6A 01 | push 1 |
00631A2E | E8 ADED3C00 | call qqsg.A007E0 |
00631A33 | 8B4424 58 | mov eax, dword ptr ss:[esp+58] |
00631A37 | 83C4 18 | add esp, 18 |
00631A3A | 3BC6 | cmp eax, esi |
00631A3C | 74 1D | je qqsg.631A5B |
00631A3E | 8D48 FF | lea ecx, dword ptr ds:[eax-1] |
00631A41 | 8A40 FF | mov al, byte ptr ds:[eax-1] |
00631A44 | 84C0 | test al, al |
00631A46 | 74 0A | je qqsg.631A52 |
00631A48 | 3C FF | cmp al, FF |
00631A4A | 74 06 | je qqsg.631A52 |
00631A4C | FEC8 | dec al |
00631A4E | 8801 | mov byte ptr ds:[ecx], al |
00631A50 | EB 09 | jmp qqsg.631A5B |
00631A52 | 51 | push ecx |
00631A53 | E8 F6EC6A00 | call <JMP.&??3@YAXPAX@Z> |
00631A58 | 83C4 04 | add esp, 4 |
00631A5B | 8B5C24 20 | mov ebx, dword ptr ss:[esp+20] |
00631A5F | 8B7C24 1C | mov edi, dword ptr ss:[esp+1C] |
00631A63 | 3BFB | cmp edi, ebx |
00631A65 | 897424 40 | mov dword ptr ss:[esp+40], esi |
00631A69 | 897424 44 | mov dword ptr ss:[esp+44], esi |
00631A6D | 897424 48 | mov dword ptr ss:[esp+48], esi |
00631A71 | C68424 2C1A0000 01 | mov byte ptr ss:[esp+1A2C], 1 |
00631A79 | 74 15 | je qqsg.631A90 |
00631A7B | 6A 01 | push 1 |
00631A7D | 8BCF | mov ecx, edi |
00631A7F | FF15 A4B5D200 | call dword ptr ds:[<&?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$al |
00631A85 | 83C7 10 | add edi, 10 |
00631A88 | 3BFB | cmp edi, ebx |
00631A8A | 75 EF | jne qqsg.631A7B |
00631A8C | 8B7C24 1C | mov edi, dword ptr ss:[esp+1C] |
00631A90 | 57 | push edi |
00631A91 | E8 B8EC6A00 | call <JMP.&??3@YAXPAX@Z> |
00631A96 | 8B5424 34 | mov edx, dword ptr ss:[esp+34] |
00631A9A | 897424 20 | mov dword ptr ss:[esp+20], esi |
00631A9E | 897424 24 | mov dword ptr ss:[esp+24], esi |
00631AA2 | 897424 28 | mov dword ptr ss:[esp+28], esi |
00631AA6 | 52 | push edx |
00631AA7 | E8 A2EC6A00 | call <JMP.&??3@YAXPAX@Z> |
00631AAC | 83C4 08 | add esp, 8 |
00631AAF | 897424 30 | mov dword ptr ss:[esp+30], esi |
00631AB3 | 897424 34 | mov dword ptr ss:[esp+34], esi |
00631AB7 | 897424 38 | mov dword ptr ss:[esp+38], esi |
00631ABB | E9 8E000000 | jmp qqsg.631B4E |
00631AC0 | B9 20000000 | mov ecx, 20 |
00631AC5 | 33C0 | xor eax, eax |
00631AC7 | 8DBC24 F4020000 | lea edi, dword ptr ss:[esp+2F4] |
00631ACE | 68 280AEE00 | push qqsg.EE0A28 | EE0A28:"/C25消息内容有误,请确认后再输入."
00631AD3 | F3:AB | rep stosd |
00631AD5 | 8D8424 F8020000 | lea eax, dword ptr ss:[esp+2F8] |
00631ADC | 6A 7F | push 7F |
00631ADE | 50 | push eax |
00631ADF | FF15 30B8D200 | call dword ptr ds:[<&_snprintf>] |
00631AE5 | 8D8C24 00030000 | lea ecx, dword ptr ss:[esp+300] |
00631AEC | 6A 05 | push 5 |
00631AEE | 51 | push ecx |
00631AEF | 6A 01 | push 1 |
00631AF1 | E8 EAEC3C00 | call qqsg.A007E0 |
00631AF6 | 83C4 18 | add esp, 18 |
00631AF9 | 8D4C24 3C | lea ecx, dword ptr ss:[esp+3C] |
00631AFD | C68424 2C1A0000 02 | mov byte ptr ss:[esp+1A2C], 2 |
00631B05 | FF15 80B5D200 | call dword ptr ds:[<&??1?$basic_string@DU?$char_traits@D@std@@V?$alloca |
00631B0B | EB 1F | jmp qqsg.631B2C |
00631B0D | 8D9424 74030000 | lea edx, dword ptr ss:[esp+374] |
00631B14 | 52 | push edx |
00631B15 | E8 26F5FBFF | call qqsg.5F1040 |
00631B1A | EB 0D | jmp qqsg.631B29 |
00631B1C | 8D8424 34010000 | lea eax, dword ptr ss:[esp+134] |
00631B23 | 50 | push eax |
00631B24 | E8 C7F4FBFF | call qqsg.5F0FF0 | 明文发包上层 喊话CALL
00631B29 | 83C4 04 | add esp, 4 |
00631B2C | 8D4C24 18 | lea ecx, dword ptr ss:[esp+18] |
00631B30 | C68424 2C1A0000 01 | mov byte ptr ss:[esp+1A2C], 1 |
00631B38 | E8 A3FCE2FF | call qqsg.4617E0 |
00631B3D | 8D4C24 2C | lea ecx, dword ptr ss:[esp+2C] |
00631B41 | C68424 2C1A0000 00 | mov byte ptr ss:[esp+1A2C], 0 |
00631B49 | E8 32DB0100 | call qqsg.64F680 |
00631B4E | 8D8C24 88000000 | lea ecx, dword ptr ss:[esp+88] |
00631B55 | C78424 2C1A0000 FFFFF | mov dword ptr ss:[esp+1A2C], FFFFFFFF |
00631B60 | E8 3BBE6700 | call qqsg.CAD9A0 |
00631B65 | 8B8C24 241A0000 | mov ecx, dword ptr ss:[esp+1A24] | [esp+1A24]:"$@9\r\x05"
00631B6C | 5F | pop edi |
00631B6D | 5E | pop esi |
00631B6E | 5D | pop ebp |
00631B6F | 33C0 | xor eax, eax |
00631B71 | 5B | pop ebx |
00631B72 | 64:890D 00000000 | mov dword ptr fs:[0], ecx |
00631B79 | 81C4 201A0000 | add esp, 1A20 |
00631B7F | C3 | ret |
|
游戏安全课程 学员办理咨询联系QQ150330575 手机 139 9636 2600 免费课程 在 www.bilibili.com 搜 郁金香灬老师
|
|