Hi, Iīm reading the amazing tuts made by BAILOPAN to decompile a plugin
Iīve take a random .amxx from my plugins folder, but I need some help, there are some things that I donīt understand well
Hereīs a portion of code:
PHP Code:
0x140 PROC ; SV_ConnectClient
0x144 BREAK
0x148 BREAK
0x14C STACK -0x190
0x154 ZERO.pri
0x158 ADDR.alt -0x190
0x160 FILL 0x190
0x168 STACK -0x190
0x170 ZERO.pri
0x174 ADDR.alt -0x320
0x17C FILL 0x190
0x184 BREAK
0x188 PUSH.C 0x63
0x190 PUSHADDR -0x190
0x198 PUSH.C 0x4
0x1A0 PUSH.C 0xC
0x1A8 SYSREQ.C read_argv
0x1B0 STACK 0x10
0x1B8 BREAK
0x1BC PUSH.C 0x63
0x1C4 PUSHADDR -0x320
0x1CC PUSH.C 0x3
0x1D4 PUSH.C 0xC
0x1DC SYSREQ.C read_argv
0x1E4 STACK 0x10
0x1EC BREAK
0x1F0 PUSH.C 0x6
0x1F8 PUSH.C 0xDB8 ; str_008 ("\name\")
0x200 PUSHADDR -0x190
0x208 PUSH.C 0xC
0x210 SYSREQ.C equal
0x218 STACK 0x10
0x220 JNZ jump_0001
0x228 PUSH.C 0x1
0x230 PUSH.C 0xDD4 ; str_009 ("0")
0x238 ADDR.pri -0x320
0x240 ADD.C 0x3C
0x248 PUSH.pri
0x24C PUSH.C 0xC
0x254 SYSREQ.C equal
0x25C STACK 0x10
0x264 JNZ jump_0001
0x26C PUSH.C 0x1
0x274 PUSH.C 0xDDC ; str_010 ("4")
0x27C ADDR.pri -0x320
0x284 ADD.C 0x18
0x28C PUSH.pri
0x290 PUSH.C 0xC
0x298 SYSREQ.C equal
0x2A0 STACK 0x10
0x2A8 JNZ jump_0001
0x2B0 ZERO.pri
0x2B4 JUMP jump_0004
0x2BC CONST.pri 0x1 ; target:jump_0001
0x2C4 JZER jump_0005 ; target:jump_0004
0x2CC BREAK
0x2D0 CONST.pri 0x2
0x2D8 STACK 0x320
0x2E0 RETN
0x2E4 BREAK ; target:jump_0005
0x2E8 ZERO.pri
0x2EC STACK 0x320
0x2F4 RETN
Iīve already reconstructed something:
1) First, the plugin creates two arrays(iīve named it variable_1 and variable_2) with 100 cells each one
PHP Code:
0x14C STACK -0x190
0x154 ZERO.pri
0x158 ADDR.alt -0x190
0x160 FILL 0x190
0x168 STACK -0x190
0x170 ZERO.pri
0x174 ADDR.alt -0x320
0x17C FILL 0x190
0x184 BREAK
PHP Code:
new variable_1[100]
new variable_2[100]
I think that this part is well decompiled
2)The next part of code makes two read_argv native calls to parse the first two params and store it in variable_1 and variable_2
PHP Code:
0x188 PUSH.C 0x63
0x190 PUSHADDR -0x190
0x198 PUSH.C 0x4
0x1A0 PUSH.C 0xC
0x1A8 SYSREQ.C read_argv
0x1B0 STACK 0x10
0x1B8 BREAK
0x1BC PUSH.C 0x63
0x1C4 PUSHADDR -0x320
0x1CC PUSH.C 0x3
0x1D4 PUSH.C 0xC
0x1DC SYSREQ.C read_argv
0x1E4 STACK 0x10
0x1EC BREAK
PHP Code:
read_argv(1,variable_1, 99)
read_argv(2,variable_2, 99)
I think thath the first parameter is bad but I couldnīt get anything else :/
3) In this part, I have my principal problems, there are a conditional structure with 3 equal native calls:
-First: Iīm not sure with the if, else if structure
-Second: I donīt know what I should put in the first parameter of the equals
-Third: I donīt know how mean this =( :
PHP Code:
0x2B0 ZERO.pri
0x2B4 JUMP jump_0004
0x2BC CONST.pri 0x1 ; target:jump_0001
0x2C4 JZER jump_0005 ; target:jump_0004
0x2CC BREAK
So, I have:
PHP Code:
0x1F0 PUSH.C 0x6
0x1F8 PUSH.C 0xDB8 ; str_008 ("\name\")
0x200 PUSHADDR -0x190
0x208 PUSH.C 0xC
0x210 SYSREQ.C equal
0x218 STACK 0x10
0x220 JNZ jump_0001
0x228 PUSH.C 0x1
0x230 PUSH.C 0xDD4 ; str_009 ("0")
0x238 ADDR.pri -0x320
0x240 ADD.C 0x3C
0x248 PUSH.pri
0x24C PUSH.C 0xC
0x254 SYSREQ.C equal
0x25C STACK 0x10
0x264 JNZ jump_0001
0x26C PUSH.C 0x1
0x274 PUSH.C 0xDDC ; str_010 ("4")
0x27C ADDR.pri -0x320
0x284 ADD.C 0x18
0x28C PUSH.pri
0x290 PUSH.C 0xC
0x298 SYSREQ.C equal
0x2A0 STACK 0x10
0x2A8 JNZ jump_0001
0x2B0 ZERO.pri
0x2B4 JUMP jump_0004
0x2BC CONST.pri 0x1 ; target:jump_0001
0x2C4 JZER jump_0005 ; target:jump_0004
0x2CC BREAK
PHP Code:
if (equal( ,"\name\", variable_1))
{
}
//jump_0001
//2š equal
else if (equal( ,"0", variable_2))
//3š equal
else if (equal( ,"4", variable_2))
I hope thath someone help me to understand this, I have a little mess in my head
__________________