Crud, I was hoping you weren't going to say that. Let me do some digging
EDIT:I 'm pretty sure the signature is correct. Even testing with the debugger at that address confirms this ( to the best of my reckoning ).
When I look at the linux version, and then look at the windows version, the strings match up within the same subroutine. Those don't appear anywhere else in either binary.
When I click refresh on my browser window, the breakpoint fires each time, as well as 3 or 4 times on startup.
Here are my sigs:
OB:
Code:
#define NET_SendPacket_Sig "\xB8\x2A\x2A\x2A\x2A\xE8\x76\x2A\x2A\x2A\xA1\x2A\x2A\x2A\x2A\x83\x78\x2A\x2A\x53\x55\x8B"
EP1:
Code:
#define NET_SendPacket_Sig "\xA1\x2A\x2A\x2A\x2A\x83\xEC\x2a\x83\x78\x2A\x2A\x55\x8B\x6C\x2A\x2A\x56\x57\x8B\x7C"
What else can I look at?