Junior Spellweaver
- Joined
- Aug 16, 2009
- Messages
- 148
- Reaction score
- 8
Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!
Join Today!0044361C push eax ; Arg1 => [LOCAL.6]
0044361D call [<&KERNEL32.SuspendThread>] ; kernel32.Wow64SuspendThread
00443623 inc ebp
00443624 push offset 0073D568 ; pCriticalSection = 0073D568
00443629 call [<&KERNEL32.EnterCriticalSection>] ; NTDLL.RtlEnterCriticalSection
0044362F mov edx,[hWndMain]
00443635 lea ecx,[esp+20]
00443639 push ecx ; Rect => offset LOCAL.3
0044363A push edx ; hWnd => [73DA1C] = NULL
0044363B call [<&USER32.GetClientRect>] ; USER32.GetClientRect
00443641 mov ecx,[hWndMain]
00443647 lea eax,[esp+18]
0044364B push eax ; pPoint => offset LOCAL.5
0044364C push ecx ; hWnd => [73DA1C] = NULL
0044364D mov [esp+24],edi ;
00443651 mov [esp+20],edi ;
00443655 call [<&USER32.ClientToScreen>] ; USER32.ClientToScreen
0044365B mov edx,[esp+1C]
0044365F mov eax,[esp+18]
00443663 push edx ; dY
00443664 push eax ; dX
00443665 lea ecx,[esp+28] ;
00443669 push ecx ; pRect => offset LOCAL.3
0044366A call [<&USER32.OffsetRect>] ; USER32.OffsetRect
00443670 mov eax,[1F38620]
00443675 mov edx,[eax]
00443677 lea ecx,[esp+10]
0044367B push ecx
0044367C push eax
[COLOR=Red]0044367D call [edx+44][/COLOR]
00443680 cmp ebp,2
00443683 push offset 00CC0020
0044361C push eax ; Arg1 => [LOCAL.6]
0044361D call [<&KERNEL32.SuspendThread>] ; kernel32.Wow64SuspendThread
00443623 inc ebp
00443624 push offset 0073D568 ; pCriticalSection = 0073D568
00443629 call [<&KERNEL32.EnterCriticalSection>] ; NTDLL.RtlEnterCriticalSection
0044362F mov edx,[hWndMain]
00443635 lea ecx,[esp+20]
00443639 push ecx ; Rect => offset LOCAL.3
0044363A push edx ; hWnd => [73DA1C] = NULL
0044363B call [<&USER32.GetClientRect>] ; USER32.GetClientRect
00443641 mov ecx,[hWndMain]
00443647 lea eax,[esp+18]
0044364B push eax ; pPoint => offset LOCAL.5
0044364C push ecx ; hWnd => [73DA1C] = NULL
0044364D mov [esp+24],edi ;
00443651 mov [esp+20],edi ;
00443655 call [<&USER32.ClientToScreen>] ; USER32.ClientToScreen
0044365B mov edx,[esp+1C]
0044365F mov eax,[esp+18]
00443663 push edx ; dY
00443664 push eax ; dX
00443665 lea ecx,[esp+28] ;
00443669 push ecx ; pRect => offset LOCAL.3
0044366A call [<&USER32.OffsetRect>] ; USER32.OffsetRect
00443670 mov eax,[1F38620]
00443675 mov edx,[eax]
00443677 lea ecx,[esp+10]
0044367B push ecx
0044367C push eax
[COLOR=Red]BREAK_DWM jmp short 00443680 ; Call [edx+44h]
0044367F nop[/COLOR]
00443680 cmp ebp,2
00443683 push offset 00CC0020
CPU Disasm
Address Hex dump Command Comments
00442292 /0F85 54010000 JNE 004423EC
CPU Disasm
Address Hex dump Command Comments
00442292 /0F85 54010000 [COLOR="Red"]JMP[/COLOR] 004423EC
CPU Disasm
Address Hex dump Command Comments
0044228A cmp ebx,7
0044228D ja 0044234E
00442293 jmp [ebx*4+4423B8]
0044229A mov eax,[esp+264] ; Case 1 of switch KPT1977NoXTrap3.442289
004422A1 imul eax,eax,0D
004422A4 add eax,esi
004422A6 mov ecx,[eax*4+5FB4C8] ; ASCII "8�\\"
CPU Disasm
Address Hex >Command Comments
0044227C mov eax,[9110A0]
00442281 mov ecx,[eax+154]
00442287 mov edx,[eax+150]
0044228D mov eax,[eax+14C]
00442293 push 0 ; Arg5 = 0
00442295 push ecx ; Arg4
00442296 push edx ; Arg3
00442297 push eax ; Arg2
00442298 push 1000 ; Arg1 = 1000
0044229D call 004E6330 ; game.exe.004E6330
CPU Disasm
Address Hex dump Command Comments
00442291 99 cdq
00442292 2BC2 sub eax,edx
00442294 D1F8 sar eax,1
CPU Disasm
Address Hex >Command Comments
00442291 cdq
00442292 sub eax,edx
00442294 sar eax,1
CPU Disasm
Address Hex >Command Comments
00442292 jne 004423EC
00442298 push esi
00442299 mov esi,[<&GDI32.BitBlt>]
...
...
...
004423EC push 1
004423EE call [<&KERNEL32.ExitThread>]
004423F4 pop edi
004423F5 pop ebp
004423F6 pop ebx
CPU Disasm
Address Hex dump Command Comments
00442292 /0F85 54010000 [U]JNE 004423EC[/U]
00442298 |. |56 PUSH ESI
00442299 |. |8B35 40A05B00 MOV ESI,DWORD PTR DS:[<&GDI32.BitBlt>] ; Entry point
0044229F |. |90 NOP
004422A0 |> |393D D8BBBC01 /CMP DWORD PTR DS:[1BCBBD8],EDI
004422A6 |. |75 0C |JNE SHORT 004422B4
004422A8 |. |8B4424 14 |MOV EAX,DWORD PTR SS:[ESP+14]
004422AC |. |50 |PUSH EAX
004422AD |. |FF15 A0A05B00 |CALL DWORD PTR DS:[<&KERNEL32.SuspendThread>]
004422B3 |. |45 |INC EBP
004422B4 |> |68 C8BF7000 |PUSH OFFSET lunarpt_3260_beta_GM_unpacked.0070BFC8
004422B9 |. |FF15 FCA15B00 |CALL DWORD PTR DS:[<&KERNEL32.EnterCriticalSection>]
004422BF |. |8B15 7CC47000 |MOV EDX,DWORD PTR DS:[70C47C]
004422C5 |. |8D4C24 20 |LEA ECX,[ESP+20]
004422C9 |. |51 |PUSH ECX
004422CA |. |52 |PUSH EDX
004422CB |. |FF15 E8A25B00 |CALL DWORD PTR DS:[<&USER32.GetClientRect>]
004422D1 |. |8B0D 7CC47000 |MOV ECX,DWORD PTR DS:[70C47C]
004422D7 |. |8D4424 18 |LEA EAX,[ESP+18]
004422DB |. |50 |PUSH EAX
004422DC |. |51 |PUSH ECX
004422DD |. |897C24 24 |MOV DWORD PTR SS:[ESP+24],EDI
004422E1 |. |897C24 20 |MOV DWORD PTR SS:[ESP+20],EDI
004422E5 |. |FF15 E4A25B00 |CALL DWORD PTR DS:[<&USER32.ClientToScreen>]
004422EB |. |8B5424 1C |MOV EDX,DWORD PTR SS:[ESP+1C]
004422EF |. |8B4424 18 |MOV EAX,DWORD PTR SS:[ESP+18]
004422F3 |. |52 |PUSH EDX
004422F4 |. |50 |PUSH EAX
004422F5 |. |8D4C24 28 |LEA ECX,[ESP+28]
004422F9 |. |51 |PUSH ECX
004422FA |. |FF15 E0A25B00 |CALL DWORD PTR DS:[<&USER32.OffsetRect>]
00442300 |. |A1 B4AFEF01 |MOV EAX,DWORD PTR DS:[1EFAFB4]
00442305 |. |8B10 |MOV EDX,DWORD PTR DS:[EAX]
00442307 |. |8D4C24 10 |LEA ECX,[ESP+10]
0044230B |. |51 |PUSH ECX
0044230C |. |50 |PUSH EAX
0044230D |. |FF52 44 |CALL DWORD PTR DS:[EDX+44]
00442310 |. |83FD 02 |CMP EBP,2
00442313 |. |68 2000CC00 |PUSH OFFSET 00CC0020
CPU Disasm
Address Hex >Command Comments
00443610 cmp [1C09210],edi
00443616 jne short [COLOR=Blue]00443624[/COLOR]
00443618 mov eax,[esp+14]
0044361C push eax ; Arg1 => [LOCAL.6]
0044361D call [<&KERNEL32.SuspendThread>] ; kernel32.Wow64SuspendThread
00443623 inc ebp
[COLOR=Blue]00443624[/COLOR] push offset KPT1977NoXTrap3.0073D568 ; pCriticalSection = 0073D568
CPU Disasm
Address Hex >Command Comments
0044230B push ecx
0044230C push eax
0044230D call [edx+44]