IDA - libcook.idb (libcook.so)

.text:00000670 .text:00000670 ; =============== S U B R O U T I N E ======================================= .text:00000670 .text:00000670 .text:00000670 sub_670 proc near ; CODE XREF: sub_5C0+1p .text:00000670 ; .text:00000611p ... .text:00000670 mov ebx, [esp+0] .text:00000673 retn .text:00000673 sub_670 endp .text:00000673 .text:00000673 ; --------------------------------------------------------------------------- .text:00000674 align 10h .text:00000680 .text:00000680 ; =============== S U B R O U T I N E ======================================= .text:00000680 .text:00000680 .text:00000680 sub_680 proc near ; CODE XREF: sub_710+3Bp .text:00000680 ; sub_710+89p ... .text:00000680 .text:00000680 size = dword ptr -2Ch .text:00000680 var_20 = dword ptr -20h .text:00000680 arg_0 = dword ptr 4 .text:00000680 arg_4 = byte ptr 8 .text:00000680 .text:00000680 push ebp .text:00000681 push edi .text:00000682 push esi .text:00000683 push ebx .text:00000684 call sub_670 .text:00000689 add ebx, 392Bh .text:0000068F lea esp, [esp-1Ch] .text:00000693 lea eax, [esp+2Ch+arg_4] .text:00000697 mov [esp+2Ch+var_20], eax .text:0000069B mov eax, [esp+2Ch+arg_0] .text:0000069F add eax, eax .text:000006A1 add eax, 1 .text:000006A4 mov [esp+2Ch+size], eax ; size .text:000006A7 call _malloc .text:000006AC mov ebp, eax .text:000006AE xor ecx, ecx .text:000006B0 mov eax, [esp+2Ch+arg_0] .text:000006B4 test eax, eax .text:000006B6 jle short loc_6F5 .text:000006B8 nop .text:000006B9 lea esi, [esi+0] .text:000006C0 .text:000006C0 loc_6C0: ; CODE XREF: sub_680+73j .text:000006C0 mov eax, [esp+2Ch+var_20] .text:000006C4 mov edx, [eax+ecx*4] .text:000006C7 movzx edi, dh .text:000006CA mov esi, edx .text:000006CC mov eax, edi .text:000006CE not esi .text:000006D0 not eax .text:000006D2 or esi, edi .text:000006D4 or eax, edx .text:000006D6 and eax, esi .text:000006D8 not eax .text:000006DA mov [ebp+ecx*2+0], al .text:000006DE mov eax, edx .text:000006E0 shr eax, 10h .text:000006E3 shr edx, 18h .text:000006E6 xor edx, eax .text:000006E8 mov [ebp+ecx*2+1], dl .text:000006EC add ecx, 1 .text:000006EF cmp ecx, [esp+2Ch+arg_0] .text:000006F3 jnz short loc_6C0 .text:000006F5 .text:000006F5 loc_6F5: ; CODE XREF: sub_680+36j .text:000006F5 mov eax, [esp+2Ch+arg_0] .text:000006F9 mov byte ptr [ebp+eax*2+0], 0 .text:000006FE lea esp, [esp+1Ch] .text:00000702 pop ebx .text:00000703 mov eax, ebp .text:00000705 pop esi .text:00000706 pop edi .text:00000707 pop ebp .text:00000708 retn .text:00000708 sub_680 endp .text:00000708 .text:00000708 ; --------------------------------------------------------------------------- .text:00000709 align 10h .text:00000710 .text:00000710 ; =============== S U B R O U T I N E ======================================= .text:00000710 .text:00000710 .text:00000710 sub_710 proc near ; CODE XREF: JNI_OnLoad+A86p .text:00000710 .text:00000710 filename = dword ptr -1ECh .text:00000710 modes = dword ptr -1E8h .text:00000710 stream = dword ptr -1E4h .text:00000710 var_1E0 = dword ptr -1E0h .text:00000710 var_1DC = dword ptr -1DCh .text:00000710 var_1D8 = dword ptr -1D8h .text:00000710 var_1D4 = dword ptr -1D4h .text:00000710 var_1D0 = dword ptr -1D0h .text:00000710 var_1CC = dword ptr -1CCh .text:00000710 var_1C4 = dword ptr -1C4h .text:00000710 var_1C0 = dword ptr -1C0h .text:00000710 nptr = byte ptr -1B9h .text:00000710 var_1B5 = dword ptr -1B5h .text:00000710 var_1B1 = byte ptr -1B1h .text:00000710 var_1B0 = byte ptr -1B0h .text:00000710 haystack = byte ptr -120h .text:00000710 var_20 = dword ptr -20h .text:00000710 .text:00000710 push ebp .text:00000711 push edi .text:00000712 push esi .text:00000713 push ebx .text:00000714 call sub_670 .text:00000719 add ebx, 389Bh .text:0000071F lea esp, [esp-1DCh] .text:00000726 mov eax, ds:(__stack_chk_guard_ptr - 3FB4h)[ebx] .text:0000072C lea ebp, [esp+1ECh+haystack] .text:00000733 mov eax, [eax] .text:00000735 mov [esp+1ECh+modes], 67670072h .text:0000073D mov [esp+1ECh+filename], 1 .text:00000744 mov [esp+1ECh+var_20], eax .text:0000074B call sub_680 .text:00000750 mov [esp+1ECh+var_1CC], 61611F6Ch .text:00000758 mov esi, eax .text:0000075A mov [esp+1ECh+var_1D0], 50200061h .text:00000762 mov [esp+1ECh+var_1D4], 4D20416Eh .text:0000076A mov [esp+1ECh+var_1D8], 0F694C20h .text:00000772 mov [esp+1ECh+var_1DC], 96C1A69h .text:0000077A mov [esp+1ECh+var_1E0], 406F4320h .text:00000782 mov [esp+1ECh+stream], 1B741361h .text:0000078A mov [esp+1ECh+modes], 15656748h .text:00000792 mov [esp+1ECh+filename], 8 .text:00000799 call sub_680 .text:0000079E mov [esp+1ECh+filename], eax ; filename .text:000007A1 mov [esp+1ECh+modes], esi ; modes .text:000007A5 call _fopen .text:000007AA mov [esp+1ECh+var_1C4], eax .text:000007AE test eax, eax .text:000007B0 mov esi, [esp+1ECh+var_1C4] .text:000007B4 jnz short loc_7F4 .text:000007B6 jmp loc_930 .text:000007B6 ; --------------------------------------------------------------------------- .text:000007BB align 10h .text:000007C0 .text:000007C0 loc_7C0: ; CODE XREF: sub_710+FAj .text:000007C0 mov [esp+1ECh+var_1E0], 1B631075h .text:000007C8 mov [esp+1ECh+stream], 5615D73h .text:000007D0 mov [esp+1ECh+modes], 44204A65h .text:000007D8 mov [esp+1ECh+filename], 3 .text:000007DF call sub_680 .text:000007E4 mov [esp+1ECh+modes], eax ; needle .text:000007E8 mov [esp+1ECh+filename], ebp ; haystack .text:000007EB call _strstr .text:000007F0 test eax, eax .text:000007F2 jnz short loc_840 .text:000007F4 .text:000007F4 loc_7F4: ; CODE XREF: sub_710+A4j .text:000007F4 mov [esp+1ECh+stream], esi ; stream .text:000007F8 mov [esp+1ECh+modes], 100h ; n .text:00000800 mov [esp+1ECh+filename], ebp ; s .text:00000803 call _fgets .text:00000808 test eax, eax .text:0000080A jnz short loc_7C0 .text:0000080C .text:0000080C loc_80C: ; CODE XREF: sub_710+1AEj .text:0000080C ; sub_710+1C0j ... .text:0000080C mov eax, [esp+1ECh+var_1C4] .text:00000810 mov [esp+1ECh+filename], eax ; stream .text:00000813 call _fclose .text:00000818 mov eax, 1 .text:0000081D .text:0000081D loc_81D: ; CODE XREF: sub_710+222j .text:0000081D mov edi, ds:(__stack_chk_guard_ptr - 3FB4h)[ebx] .text:00000823 mov ecx, [esp+1ECh+var_20] .text:0000082A mov edx, [edi] .text:0000082C cmp ecx, edx .text:0000082E jnz loc_937 .text:00000834 lea esp, [esp+1DCh] .text:0000083B pop ebx .text:0000083C pop esi .text:0000083D pop edi .text:0000083E pop ebp .text:0000083F retn .text:00000840 ; --------------------------------------------------------------------------- .text:00000840 .text:00000840 loc_840: ; CODE XREF: sub_710+E2j .text:00000840 mov eax, [ebp+0] .text:00000843 lea edi, [esp+1ECh+nptr] .text:00000847 mov [esp+1ECh+var_1B1], 0 .text:0000084C mov dword ptr [esp+1ECh+nptr], eax .text:00000850 mov eax, [ebp+4] .text:00000853 mov [esp+1ECh+filename], 28h ; name .text:0000085A mov [esp+1ECh+var_1B5], eax .text:0000085E call _sysconf .text:00000863 mov [esp+1ECh+filename], edi ; nptr .text:00000866 mov esi, eax .text:00000868 mov [esp+1ECh+stream], 10h ; base .text:00000870 mov [esp+1ECh+modes], 0 ; endptr .text:00000878 call _strtoul .text:0000087D mov [esp+1ECh+var_1C0], eax .text:00000881 mov edi, eax .text:00000883 mov [esp+1ECh+stream], 7 ; prot .text:0000088B mov eax, 7B0h .text:00000890 mov [esp+1ECh+filename], edi ; addr .text:00000893 mov edx, eax .text:00000895 sar edx, 1Fh .text:00000898 idiv esi .text:0000089A add eax, 8 .text:0000089D imul eax, esi .text:000008A0 mov [esp+1ECh+modes], eax ; len .text:000008A4 call _mprotect .text:000008A9 test eax, eax .text:000008AB jnz loc_930 .text:000008B1 lea ecx, ds:0[esi*8] .text:000008B8 mov edx, edi .text:000008BA test ecx, ecx .text:000008BC jg short loc_8D6 .text:000008BE jmp loc_80C .text:000008BE ; --------------------------------------------------------------------------- .text:000008C3 align 8 .text:000008C8 .text:000008C8 loc_8C8: ; CODE XREF: sub_710+1C9j .text:000008C8 ; sub_710+1CFj ... .text:000008C8 add eax, 1 .text:000008CB add edx, 1 .text:000008CE cmp eax, ecx .text:000008D0 jz loc_80C .text:000008D6 .text:000008D6 loc_8D6: ; CODE XREF: sub_710+1ACj .text:000008D6 cmp byte ptr [edx], 64h .text:000008D9 jnz short loc_8C8 .text:000008DB cmp byte ptr [edx+1], 65h .text:000008DF jnz short loc_8C8 .text:000008E1 cmp byte ptr [edx+2], 78h .text:000008E5 jnz short loc_8C8 .text:000008E7 cmp byte ptr [edx+3], 0Ah .text:000008EB jnz short loc_8C8 .text:000008ED cmp byte ptr [edx+4], 30h .text:000008F1 jnz short loc_8C8 .text:000008F3 lea edi, [esp+1ECh+var_1B0] .text:000008F7 lea esi, (unk_15A0 - 3FB4h)[ebx] .text:000008FD mov ecx, 24h .text:00000902 rep movsd .text:00000904 mov ecx, [esp+1ECh+var_1C0] .text:00000908 lea edi, [esp+1ECh+var_1B0] .text:0000090C sub eax, edi .text:0000090E mov esi, eax .text:00000910 .text:00000910 loc_910: ; CODE XREF: sub_710+215j .text:00000910 movzx eax, byte ptr [edi] .text:00000913 lea edx, [esi+edi] .text:00000916 add edi, 1 .text:00000919 xor eax, 5Ah .text:0000091C cmp edi, ebp .text:0000091E mov [edx+ecx+720h], al .text:00000925 jnz short loc_910 .text:00000927 jmp loc_80C .text:00000927 ; --------------------------------------------------------------------------- .text:0000092C align 10h .text:00000930 .text:00000930 loc_930: ; CODE XREF: sub_710+A6j .text:00000930 ; sub_710+19Bj .text:00000930 xor eax, eax .text:00000932 jmp loc_81D .text:00000937 ; --------------------------------------------------------------------------- .text:00000937 .text:00000937 loc_937: ; CODE XREF: sub_710+11Ej .text:00000937 mov esi, esi .text:00000939 lea edi, [edi+0] .text:00000940 call sub_650 .text:00000940 sub_710 endp .text:00000940 .text:00000940 ; --------------------------------------------------------------------------- .text:00000945 align 10h .text:00000950 .text:00000950 ; =============== S U B R O U T I N E ======================================= .text:00000950 .text:00000950 .text:00000950 sub_950 proc near ; CODE XREF: JNI_OnLoad+706p .text:00000950 .text:00000950 var_4C = dword ptr -4Ch .text:00000950 var_48 = dword ptr -48h .text:00000950 var_44 = dword ptr -44h .text:00000950 var_40 = dword ptr -40h .text:00000950 var_3C = dword ptr -3Ch .text:00000950 var_38 = dword ptr -38h .text:00000950 var_34 = dword ptr -34h .text:00000950 var_30 = dword ptr -30h .text:00000950 var_2C = dword ptr -2Ch .text:00000950 var_28 = dword ptr -28h .text:00000950 var_24 = dword ptr -24h .text:00000950 var_20 = dword ptr -20h .text:00000950 var_1C = dword ptr -1Ch .text:00000950 var_18 = dword ptr -18h .text:00000950 var_10 = dword ptr -10h .text:00000950 arg_0 = dword ptr 4 .text:00000950 .text:00000950 push ebp .text:00000951 push edi .text:00000952 push esi .text:00000953 lea esp, [esp-40h] .text:00000957 mov esi, [esp+4Ch+arg_0] .text:0000095B mov eax, [esi] .text:0000095D mov edi, [eax+18h] .text:00000960 mov [esp+4Ch+var_20], 2E2E0674h .text:00000968 mov [esp+4Ch+var_24], 4610165h .text:00000970 mov [esp+4Ch+var_28], 9684F20h .text:00000978 mov [esp+4Ch+var_2C], 216D0675h .text:00000980 mov [esp+4Ch+var_30], 1A690564h .text:00000988 mov [esp+4Ch+var_34], 9652E6Dh .text:00000990 mov [esp+4Ch+var_38], 0F201572h .text:00000998 mov [esp+4Ch+var_3C], 0B651776h .text:000009A0 mov [esp+4Ch+var_40], 36F0F20h .text:000009A8 mov [esp+4Ch+var_44], 0F6E1761h .text:000009B0 mov [esp+4Ch+var_48], 11700F65h .text:000009B8 mov [esp+4Ch+var_4C], 0Bh .text:000009BF call sub_680 .text:000009C4 mov [esp+4Ch+var_48], eax .text:000009C8 mov [esp+4Ch+var_4C], esi .text:000009CB call edi .text:000009CD mov edi, eax .text:000009CF mov eax, [esi] .text:000009D1 mov ebp, [eax+1C4h] .text:000009D7 mov [esp+4Ch+var_18], 2E2E5F64h .text:000009DF mov [esp+4Ch+var_1C], 17650B6Eh .text:000009E7 mov [esp+4Ch+var_20], 1651574h .text:000009EF mov [esp+4Ch+var_24], 966236Fh .text:000009F7 mov [esp+4Ch+var_28], 735320h .text:000009FF mov [esp+4Ch+var_2C], 0D6C0569h .text:00000A07 mov [esp+4Ch+var_30], 3774416Eh .text:00000A0F mov [esp+4Ch+var_34], 12754E20h .text:00000A17 mov [esp+4Ch+var_38], 4D2C026Eh .text:00000A1F mov [esp+4Ch+var_3C], 406F0869h .text:00000A27 mov [esp+4Ch+var_40], 186E0E6Fh .text:00000A2F mov [esp+4Ch+var_44], 4A202864h .text:00000A37 mov [esp+4Ch+var_48], 476E4961h .text:00000A3F mov [esp+4Ch+var_4C], 0Dh .text:00000A46 call sub_680 .text:00000A4B mov [esp+4Ch+var_24], 5220492Ch .text:00000A53 mov [esp+4Ch+var_28], 16720465h .text:00000A5B mov [esp+4Ch+var_2C], 1F703C70h .text:00000A63 mov [esp+4Ch+var_30], 16650370h .text:00000A6B mov [esp+4Ch+var_34], 4120026Eh .text:00000A73 mov [esp+4Ch+var_38], 26650865h .text:00000A7B mov [esp+4Ch+var_3C], 17721367h .text:00000A83 mov [esp+4Ch+var_40], 5320126Bh .text:00000A8B mov [esp+4Ch+var_44], 3C6F1B6Fh .text:00000A93 mov [esp+4Ch+var_48], 26434720h .text:00000A9B mov [esp+4Ch+var_4C], 0Ah .text:00000AA2 mov [esp+4Ch+var_10], eax .text:00000AA6 call sub_680 .text:00000AAB mov edx, [esp+4Ch+var_10] .text:00000AAF mov [esp+4Ch+var_48], edi .text:00000AB3 mov [esp+4Ch+var_4C], esi .text:00000AB6 mov [esp+4Ch+var_44], eax .text:00000ABA mov [esp+4Ch+var_40], edx .text:00000ABE call ebp .text:00000AC0 mov edx, [esi] .text:00000AC2 mov [esp+4Ch+var_48], edi .text:00000AC6 mov [esp+4Ch+var_4C], esi .text:00000AC9 mov [esp+4Ch+var_44], eax .text:00000ACD call dword ptr [edx+1C8h] .text:00000AD3 lea esp, [esp+40h] .text:00000AD7 pop esi .text:00000AD8 pop edi .text:00000AD9 pop ebp .text:00000ADA retn .text:00000ADA sub_950 endp .text:00000ADA .text:00000ADA ; --------------------------------------------------------------------------- .text:00000ADB align 10h .text:00000AE0 .text:00000AE0 ; =============== S U B R O U T I N E ======================================= .text:00000AE0 .text:00000AE0 .text:00000AE0 public JNI_OnLoad .text:00000AE0 JNI_OnLoad proc near .text:00000AE0 .text:00000AE0 file = dword ptr -0ECh .text:00000AE0 mode = dword ptr -0E8h .text:00000AE0 n = dword ptr -0E4h .text:00000AE0 s = dword ptr -0E0h .text:00000AE0 var_DC = dword ptr -0DCh .text:00000AE0 var_D8 = dword ptr -0D8h .text:00000AE0 var_D4 = dword ptr -0D4h .text:00000AE0 var_D0 = dword ptr -0D0h .text:00000AE0 var_CC = dword ptr -0CCh .text:00000AE0 var_C8 = dword ptr -0C8h .text:00000AE0 var_C4 = dword ptr -0C4h .text:00000AE0 var_C0 = dword ptr -0C0h .text:00000AE0 var_BC = dword ptr -0BCh .text:00000AE0 var_B8 = dword ptr -0B8h .text:00000AE0 var_B4 = dword ptr -0B4h .text:00000AE0 var_B0 = dword ptr -0B0h .text:00000AE0 var_AC = dword ptr -0ACh .text:00000AE0 var_A8 = dword ptr -0A8h .text:00000AE0 var_A4 = dword ptr -0A4h .text:00000AE0 var_A0 = dword ptr -0A0h .text:00000AE0 var_9C = dword ptr -9Ch .text:00000AE0 var_98 = dword ptr -98h .text:00000AE0 var_94 = dword ptr -94h .text:00000AE0 var_90 = dword ptr -90h .text:00000AE0 var_8C = dword ptr -8Ch .text:00000AE0 var_88 = dword ptr -88h .text:00000AE0 var_84 = dword ptr -84h .text:00000AE0 var_80 = dword ptr -80h .text:00000AE0 var_7C = dword ptr -7Ch .text:00000AE0 var_78 = dword ptr -78h .text:00000AE0 var_74 = dword ptr -74h .text:00000AE0 var_70 = dword ptr -70h .text:00000AE0 var_6C = dword ptr -6Ch .text:00000AE0 var_68 = dword ptr -68h .text:00000AE0 var_64 = dword ptr -64h .text:00000AE0 var_60 = dword ptr -60h .text:00000AE0 var_5C = dword ptr -5Ch .text:00000AE0 var_58 = dword ptr -58h .text:00000AE0 var_54 = dword ptr -54h .text:00000AE0 var_50 = dword ptr -50h .text:00000AE0 var_4C = dword ptr -4Ch .text:00000AE0 path = dword ptr -48h .text:00000AE0 filename = dword ptr -44h .text:00000AE0 var_40 = dword ptr -40h .text:00000AE0 var_3C = dword ptr -3Ch .text:00000AE0 var_38 = dword ptr -38h .text:00000AE0 var_34 = dword ptr -34h .text:00000AE0 var_30 = dword ptr -30h .text:00000AE0 var_20 = dword ptr -20h .text:00000AE0 arg_0 = dword ptr 4 .text:00000AE0 .text:00000AE0 push ebp .text:00000AE1 push edi .text:00000AE2 push esi .text:00000AE3 push ebx .text:00000AE4 call sub_670 .text:00000AE9 add ebx, 34CBh .text:00000AEF lea esp, [esp-0DCh] .text:00000AF6 mov [esp+0ECh+var_98], 1D650B6Eh .text:00000AFE mov [esp+0ECh+var_9C], 1377416Fh .text:00000B06 mov [esp+0ECh+var_A0], 16724D62h .text:00000B0E mov [esp+0ECh+var_A4], 5320096Ch .text:00000B16 mov [esp+0ECh+var_A8], 5691D74h .text:00000B1E mov [esp+0ECh+var_AC], 86E5A75h .text:00000B26 mov [esp+0ECh+var_B0], 4420046Bh .text:00000B2E mov [esp+0ECh+var_B4], 6F096Fh .text:00000B36 mov [esp+0ECh+var_B8], 4D634620h .text:00000B3E mov [esp+0ECh+var_BC], 10640D6Eh .text:00000B46 mov [esp+0ECh+var_C0], 4F614520h .text:00000B4E mov [esp+0ECh+var_C4], 0A660265h .text:00000B56 mov [esp+0ECh+var_C8], 0A650D62h .text:00000B5E mov [esp+0ECh+var_CC], 47204A64h .text:00000B66 mov [esp+0ECh+var_D0], 36E1A75h .text:00000B6E mov [esp+0ECh+var_D4], 0C6F5D72h .text:00000B76 mov [esp+0ECh+var_D8], 6675420h .text:00000B7E mov [esp+0ECh+var_DC], 4650C68h .text:00000B86 mov [esp+0ECh+s], 5B744120h .text:00000B8E mov [esp+0ECh+n], 10640564h .text:00000B96 mov [esp+0ECh+mode], 25410F20h .text:00000B9E mov [esp+0ECh+file], 15h .text:00000BA5 mov esi, [esp+0ECh+arg_0] .text:00000BAC call sub_680 .text:00000BB1 mov [esp+0ECh+var_98], 69695820h .text:00000BB9 mov [esp+0ECh+var_9C], 17720D69h .text:00000BC1 mov [esp+0ECh+var_A0], 1B745C73h .text:00000BC9 mov [esp+0ECh+var_A4], 53200164h .text:00000BD1 mov [esp+0ECh+var_A8], 26E0861h .text:00000BD9 mov [esp+0ECh+var_AC], 4620032Ch .text:00000BE1 mov [esp+0ECh+var_B0], 17730A65h .text:00000BE9 mov [esp+0ECh+var_B4], 0D621375h .text:00000BF1 mov [esp+0ECh+var_B8], 4D634620h .text:00000BF9 mov [esp+0ECh+var_BC], 1A6E0C6Fh .text:00000C01 mov [esp+0ECh+var_C0], 426C096Ch .text:00000C09 mov [esp+0ECh+var_C4], 5691275h .text:00000C11 mov [esp+0ECh+var_C8], 6F0D62h .text:00000C19 mov [esp+0ECh+var_CC], 47205C72h .text:00000C21 mov [esp+0ECh+var_D0], 8651976h .text:00000C29 mov [esp+0ECh+var_D4], 0C6F0F20h .text:00000C31 mov [esp+0ECh+var_D8], 465186Ch .text:00000C39 mov [esp+0ECh+var_DC], 362096Dh .text:00000C41 mov [esp+0ECh+s], 5A751372h .text:00000C49 mov [esp+0ECh+n], 37434120h .text:00000C51 mov [esp+0ECh+mode], 4A2E4B64h .text:00000C59 mov [esp+0ECh+file], 15h .text:00000C60 mov [esp+0ECh+filename], eax .text:00000C67 call sub_680 .text:00000C6C mov [esp+0ECh+var_8C], 72721169h .text:00000C74 mov [esp+0ECh+var_90], 11743753h .text:00000C7C mov [esp+0ECh+var_94], 0E204A2Eh .text:00000C84 mov [esp+0ECh+var_98], 5C731D65h .text:00000C8C mov [esp+0ECh+var_9C], 11741175h .text:00000C94 mov [esp+0ECh+var_A0], 16E4669h .text:00000C9C mov [esp+0ECh+var_A4], 1E6D4520h .text:00000CA4 mov [esp+0ECh+var_A8], 1B770C65h .text:00000CAC mov [esp+0ECh+var_AC], 660F20h .text:00000CB4 mov [esp+0ECh+var_B0], 5614F20h .text:00000CBC mov [esp+0ECh+var_B4], 1D72096Fh .text:00000CC4 mov [esp+0ECh+var_B8], 48664620h .text:00000CCC mov [esp+0ECh+var_BC], 1F6B0C6Fh .text:00000CD4 mov [esp+0ECh+var_C0], 416F0663h .text:00000CDC mov [esp+0ECh+var_C4], 4C20086Fh .text:00000CE4 mov [esp+0ECh+var_C8], 1B744F20h .text:00000CEC mov [esp+0ECh+var_CC], 2655B75h .text:00000CF4 mov [esp+0ECh+var_D0], 36E0669h .text:00000CFC mov [esp+0ECh+var_D4], 1774416Eh .text:00000D04 mov [esp+0ECh+var_D8], 0E6F1763h .text:00000D0C mov [esp+0ECh+var_DC], 41205F3Bh .text:00000D14 mov [esp+0ECh+s], 4A650F6Eh .text:00000D1C mov [esp+0ECh+n], 1D691677h .text:00000D24 mov [esp+0ECh+mode], 4420416Eh .text:00000D2C mov [esp+0ECh+file], 18h .text:00000D33 mov [esp+0ECh+path], eax .text:00000D3A call sub_680 .text:00000D3F mov [esp+0ECh+var_C0], 20207F2Ch .text:00000D47 mov [esp+0ECh+var_C4], 5C730165h .text:00000D4F mov [esp+0ECh+var_C8], 6F1B74h .text:00000D57 mov [esp+0ECh+var_CC], 761426Dh .text:00000D5F mov [esp+0ECh+var_D0], 96F0074h .text:00000D67 mov [esp+0ECh+var_D4], 43204B64h .text:00000D6F mov [esp+0ECh+var_D8], 651C70h .text:00000D77 mov [esp+0ECh+var_DC], 1770006Fh .text:00000D7F mov [esp+0ECh+s], 7680463h .text:00000D87 mov [esp+0ECh+n], 0F20036Eh .text:00000D8F mov [esp+0ECh+mode], 6694320h .text:00000D97 mov [esp+0ECh+file], 0Bh .text:00000D9E mov [esp+0ECh+var_3C], eax .text:00000DA5 call sub_680 .text:00000DAA mov [esp+0ECh+var_38], eax .text:00000DB1 lea edx, (dword_4004 - 3FB4h)[ebx] .text:00000DB7 mov eax, [esi] .text:00000DB9 mov [esp+0ECh+n], 10006h .text:00000DC1 mov [esp+0ECh+mode], edx .text:00000DC5 mov [esp+0ECh+file], esi .text:00000DC8 call dword ptr [eax+18h] .text:00000DCB test eax, eax .text:00000DCD jnz loc_1580 .text:00000DD3 mov [esp+0ECh+var_D8], 6E6E0E61h .text:00000DDB mov [esp+0ECh+var_DC], 5320022Ch .text:00000DE3 mov [esp+0ECh+s], 0E631F69h .text:00000DEB mov [esp+0ECh+n], 86C1072h .text:00000DF3 mov [esp+0ECh+mode], 8610B67h .text:00000DFB mov [esp+0ECh+file], 5 .text:00000E02 call sub_680 .text:00000E07 mov [esp+0ECh+file], eax ; file .text:00000E0A mov [esp+0ECh+mode], 0 ; mode .text:00000E12 call _dlopen .text:00000E17 test eax, eax .text:00000E19 jz loc_1580 .text:00000E1F mov eax, [esp+0ECh+path] .text:00000E26 mov [esp+0ECh+mode], 1C0h ; mode .text:00000E2E mov [esp+0ECh+file], eax ; path .text:00000E31 call _mkdir .text:00000E36 mov eax, ds:(dword_4004 - 3FB4h)[ebx] .text:00000E3C mov eax, [eax] .text:00000E3E mov esi, [eax+18h] .text:00000E41 mov [esp+0ECh+var_AC], 0B720470h .text:00000E49 mov [esp+0ECh+var_B0], 8610670h .text:00000E51 mov [esp+0ECh+var_B4], 49201C68h .text:00000E59 mov [esp+0ECh+var_B8], 17742869h .text:00000E61 mov [esp+0ECh+var_BC], 13774F20h .text:00000E69 mov [esp+0ECh+var_C0], 16E296Fh .text:00000E71 mov [esp+0ECh+var_C4], 5C730561h .text:00000E79 mov [esp+0ECh+var_C8], 0A653C53h .text:00000E81 mov [esp+0ECh+var_CC], 4620012Eh .text:00000E89 mov [esp+0ECh+var_D0], 3650074h .text:00000E91 mov [esp+0ECh+var_D4], 10734E61h .text:00000E99 mov [esp+0ECh+var_D8], 15704C20h .text:00000EA1 mov [esp+0ECh+var_DC], 86F1B74h .text:00000EA9 mov [esp+0ECh+s], 0E610A6Dh .text:00000EB1 mov [esp+0ECh+n], 406F1974h .text:00000EB9 mov [esp+0ECh+mode], 4F200764h .text:00000EC1 mov [esp+0ECh+file], 10h .text:00000EC8 call sub_680 .text:00000ECD mov [esp+0ECh+mode], eax .text:00000ED1 mov eax, ds:(dword_4004 - 3FB4h)[ebx] .text:00000ED7 mov [esp+0ECh+file], eax .text:00000EDA call esi .text:00000EDC mov [esp+0ECh+var_40], eax .text:00000EE3 test eax, eax .text:00000EE5 jz loc_1580 .text:00000EEB mov [esp+0ECh+mode], 96B1E69h .text:00000EF3 mov [esp+0ECh+file], 1 .text:00000EFA call sub_680 .text:00000EFF mov ecx, [esp+0ECh+filename] .text:00000F06 mov [esp+0ECh+mode], eax ; modes .text:00000F0A mov [esp+0ECh+file], ecx ; filename .text:00000F0D call _fopen .text:00000F12 test eax, eax .text:00000F14 mov esi, eax .text:00000F16 jz loc_1580 .text:00000F1C mov [esp+0ECh+s], eax ; s .text:00000F20 lea eax, (aDex035 - 3FB4h)[ebx] ; "dex\n035" .text:00000F26 mov [esp+0ECh+n], 1 ; n .text:00000F2E mov [esp+0ECh+mode], 15A8h ; size .text:00000F36 mov [esp+0ECh+file], eax ; ptr .text:00000F39 call _fwrite .text:00000F3E mov [esp+0ECh+file], esi ; stream .text:00000F41 call _fclose .text:00000F46 mov eax, ds:(dword_4004 - 3FB4h)[ebx] .text:00000F4C mov eax, [eax] .text:00000F4E mov esi, [eax+18h] .text:00000F51 mov [esp+0ECh+var_B4], 2700065h .text:00000F59 mov [esp+0ECh+var_B8], 14704120h .text:00000F61 mov [esp+0ECh+var_BC], 0A65226Eh .text:00000F69 mov [esp+0ECh+var_C0], 1D6E1665h .text:00000F71 mov [esp+0ECh+var_C4], 18790D61h .text:00000F79 mov [esp+0ECh+var_C8], 20635820h .text:00000F81 mov [esp+0ECh+var_CC], 492C3672h .text:00000F89 mov [esp+0ECh+var_D0], 4A650964h .text:00000F91 mov [esp+0ECh+var_D4], 12771B6Fh .text:00000F99 mov [esp+0ECh+var_D8], 3705920h .text:00000FA1 mov [esp+0ECh+var_DC], 1A69436Ch .text:00000FA9 mov [esp+0ECh+s], 2690168h .text:00000FB1 mov [esp+0ECh+n], 15634C20h .text:00000FB9 mov [esp+0ECh+mode], 4D2C0561h .text:00000FC1 mov [esp+0ECh+file], 0Eh .text:00000FC8 call sub_680 .text:00000FCD mov [esp+0ECh+mode], eax .text:00000FD1 mov eax, ds:(dword_4004 - 3FB4h)[ebx] .text:00000FD7 mov [esp+0ECh+file], eax .text:00000FDA call esi .text:00000FDC mov esi, eax .text:00000FDE mov eax, ds:(dword_4004 - 3FB4h)[ebx] .text:00000FE4 mov eax, [eax] .text:00000FE6 mov edi, [eax+84h] .text:00000FEC mov [esp+0ECh+var_4C], 3E680920h .text:00000FF7 mov [esp+0ECh+var_50], 53681567h .text:00001002 mov [esp+0ECh+var_54], 0C690C68h .text:0000100D mov [esp+0ECh+var_58], 41201D72h .text:00001018 mov [esp+0ECh+var_5C], 29650576h .text:00001023 mov [esp+0ECh+var_60], 1C6F4120h .text:0000102E mov [esp+0ECh+var_64], 6C2A69h .text:00001039 mov [esp+0ECh+var_68], 406F0562h .text:00001044 mov [esp+0ECh+var_6C], 4E200061h .text:0000104F mov [esp+0ECh+var_70], 4C20406Fh .text:00001057 mov [esp+0ECh+var_74], 15745620h .text:0000105F mov [esp+0ECh+var_78], 667046Eh .text:00001067 mov [esp+0ECh+var_7C], 25694972h .text:0000106F mov [esp+0ECh+var_80], 25424E20h .text:00001077 mov [esp+0ECh+var_84], 472E0072h .text:0000107F mov [esp+0ECh+var_88], 11652370h .text:00001087 mov [esp+0ECh+var_8C], 5F700265h .text:0000108F mov [esp+0ECh+var_90], 1E704120h .text:00001097 mov [esp+0ECh+var_94], 864416Eh .text:0000109F mov [esp+0ECh+var_98], 615620h .text:000010A7 mov [esp+0ECh+var_9C], 1574066Ch .text:000010AF mov [esp+0ECh+var_A0], 2D614873h .text:000010B7 mov [esp+0ECh+var_A4], 4720006Eh .text:000010BF mov [esp+0ECh+var_A8], 695220h .text:000010C7 mov [esp+0ECh+var_AC], 6723A69h .text:000010CF mov [esp+0ECh+var_B0], 5B743453h .text:000010D7 mov [esp+0ECh+var_B4], 4E204F2Eh .text:000010DF mov [esp+0ECh+var_B8], 15794A65h .text:000010E7 mov [esp+0ECh+var_BC], 0D6C0573h .text:000010EF mov [esp+0ECh+var_C0], 13720B61h .text:000010F7 mov [esp+0ECh+var_C4], 3C701B20h .text:000010FF mov [esp+0ECh+var_C8], 364006Eh .text:00001107 mov [esp+0ECh+var_CC], 8615220h .text:0000110F mov [esp+0ECh+var_D0], 582C3C6Fh .text:00001117 mov [esp+0ECh+var_D4], 416E0661h .text:0000111F mov [esp+0ECh+var_D8], 9670465h .text:00001127 mov [esp+0ECh+var_DC], 1E72406Fh .text:0000112F mov [esp+0ECh+s], 41205A2Ch .text:00001137 mov [esp+0ECh+n], 0D6C0369h .text:0000113F mov [esp+0ECh+mode], 3F734961h .text:00001147 mov [esp+0ECh+file], 28h .text:0000114E call sub_680 .text:00001153 mov [esp+0ECh+s], 5C625420h .text:0000115B mov ebp, eax .text:0000115D mov [esp+0ECh+n], 452C1C72h .text:00001165 mov [esp+0ECh+mode], 0C654C70h .text:0000116D mov [esp+0ECh+file], 3 .text:00001174 call sub_680 .text:00001179 mov [esp+0ECh+n], eax .text:0000117D mov eax, ds:(dword_4004 - 3FB4h)[ebx] .text:00001183 mov [esp+0ECh+s], ebp .text:00001187 mov [esp+0ECh+mode], esi .text:0000118B mov [esp+0ECh+file], eax .text:0000118E call edi .text:00001190 mov ecx, [esp+0ECh+filename] .text:00001197 mov ebp, eax .text:00001199 mov eax, ds:(dword_4004 - 3FB4h)[ebx] .text:0000119F mov edx, [eax] .text:000011A1 mov [esp+0ECh+mode], ecx .text:000011A5 mov [esp+0ECh+file], eax .text:000011A8 call dword ptr [edx+29Ch] .text:000011AE mov edi, [esp+0ECh+path] .text:000011B5 mov [esp+0ECh+var_30], eax .text:000011BC mov eax, ds:(dword_4004 - 3FB4h)[ebx] .text:000011C2 mov ecx, [eax] .text:000011C4 mov [esp+0ECh+mode], edi .text:000011C8 mov [esp+0ECh+file], eax .text:000011CB call dword ptr [ecx+29Ch] .text:000011D1 mov [esp+0ECh+var_34], eax .text:000011D8 mov eax, ds:(dword_4004 - 3FB4h)[ebx] .text:000011DE mov edi, [eax] .text:000011E0 mov edi, [edi+70h] .text:000011E3 mov [esp+0ECh+file], eax .text:000011E6 call sub_950 .text:000011EB mov ecx, [esp+0ECh+var_34] .text:000011F2 mov edx, [esp+0ECh+var_30] .text:000011F9 mov [esp+0ECh+var_D4], eax .text:000011FD mov eax, ds:(dword_4004 - 3FB4h)[ebx] .text:00001203 mov [esp+0ECh+var_DC], ecx .text:00001207 mov [esp+0ECh+n], ebp .text:0000120B mov [esp+0ECh+mode], esi .text:0000120F mov [esp+0ECh+var_D8], 0 .text:00001217 mov [esp+0ECh+s], edx .text:0000121B mov [esp+0ECh+file], eax .text:0000121E call edi .text:00001220 mov edi, eax .text:00001222 mov eax, ds:(dword_4004 - 3FB4h)[ebx] .text:00001228 mov eax, [eax] .text:0000122A mov ebp, [eax+84h] .text:00001230 mov [esp+0ECh+var_A0], 6565566Dh .text:00001238 mov [esp+0ECh+var_A4], 1E6D1A69h .text:00001240 mov [esp+0ECh+var_A8], 12734C20h .text:00001248 mov [esp+0ECh+var_AC], 2764416Eh .text:00001250 mov [esp+0ECh+var_B0], 6614E20h .text:00001258 mov [esp+0ECh+var_B4], 4D2C1E72h .text:00001260 mov [esp+0ECh+var_B8], 4A651776h .text:00001268 mov [esp+0ECh+var_BC], 196F2243h .text:00001270 mov [esp+0ECh+var_C0], 4A20622Eh .text:00001278 mov [esp+0ECh+var_C4], 5E77546Fh .text:00001280 mov [esp+0ECh+var_C8], 0B6C4E20h .text:00001288 mov [esp+0ECh+var_CC], 46D0775h .text:00001290 mov [esp+0ECh+var_D0], 1D693764h .text:00001298 mov [esp+0ECh+var_D4], 4A650A6Dh .text:000012A0 mov [esp+0ECh+var_D8], 4E200E6Fh .text:000012A8 mov [esp+0ECh+var_DC], 18740F20h .text:000012B0 mov [esp+0ECh+s], 15741761h .text:000012B8 mov [esp+0ECh+n], 4650268h .text:000012C0 mov [esp+0ECh+mode], 6C204D65h .text:000012C8 mov [esp+0ECh+file], 13h .text:000012CF call sub_680 .text:000012D4 mov [esp+0ECh+var_D8], 63630675h .text:000012DC mov [esp+0ECh+var_DC], 17640465h .text:000012E4 mov [esp+0ECh+s], 3E526320h .text:000012EC mov [esp+0ECh+n], 4A2E1574h .text:000012F4 mov [esp+0ECh+mode], 0E610965h .text:000012FC mov [esp+0ECh+file], 5 .text:00001303 mov [esp+0ECh+var_34], eax .text:0000130A call sub_680 .text:0000130F mov edx, [esp+0ECh+var_34] .text:00001316 mov [esp+0ECh+n], eax .text:0000131A mov eax, ds:(dword_4004 - 3FB4h)[ebx] .text:00001320 mov [esp+0ECh+mode], esi .text:00001324 mov [esp+0ECh+s], edx .text:00001328 mov [esp+0ECh+file], eax .text:0000132B call ebp .text:0000132D mov ebp, [esp+0ECh+var_38] .text:00001334 mov esi, eax .text:00001336 mov eax, ds:(dword_4004 - 3FB4h)[ebx] .text:0000133C mov edx, [eax] .text:0000133E mov [esp+0ECh+mode], ebp .text:00001342 mov [esp+0ECh+file], eax .text:00001345 call dword ptr [edx+29Ch] .text:0000134B mov edx, ds:(dword_4004 - 3FB4h)[ebx] .text:00001351 mov ecx, [edx] .text:00001353 mov [esp+0ECh+file], edx .text:00001356 mov [esp+0ECh+n], esi .text:0000135A mov [esp+0ECh+mode], edi .text:0000135E mov [esp+0ECh+s], eax .text:00001362 call dword ptr [ecx+88h] .text:00001368 mov [esp+0ECh+var_20], eax .text:0000136F mov eax, ds:(dword_4004 - 3FB4h)[ebx] .text:00001375 mov eax, [eax] .text:00001377 mov esi, [eax+84h] .text:0000137D mov [esp+0ECh+var_B8], 73733761h .text:00001385 mov [esp+0ECh+var_BC], 4A635863h .text:0000138D mov [esp+0ECh+var_C0], 166F5420h .text:00001395 mov [esp+0ECh+var_C4], 0E67186Eh .text:0000139D mov [esp+0ECh+var_C8], 690672h .text:000013A5 mov [esp+0ECh+var_CC], 11722869h .text:000013AD mov [esp+0ECh+var_D0], 5B740373h .text:000013B5 mov [esp+0ECh+var_D4], 50204D2Ch .text:000013BD mov [esp+0ECh+var_D8], 5C730165h .text:000013C5 mov [esp+0ECh+var_DC], 1D741A75h .text:000013CD mov [esp+0ECh+s], 1C6E0D69h .text:000013D5 mov [esp+0ECh+n], 36D4120h .text:000013DD mov [esp+0ECh+mode], 7C301139h .text:000013E5 mov [esp+0ECh+file], 0Dh .text:000013EC call sub_680 .text:000013F1 mov [esp+0ECh+s], 5C625420h .text:000013F9 mov edi, eax .text:000013FB mov [esp+0ECh+n], 452C1C72h .text:00001403 mov [esp+0ECh+mode], 0C654C70h .text:0000140B mov [esp+0ECh+file], 3 .text:00001412 call sub_680 .text:00001417 mov [esp+0ECh+n], eax .text:0000141B mov eax, [esp+0ECh+var_20] .text:00001422 mov [esp+0ECh+s], edi .text:00001426 mov [esp+0ECh+mode], eax .text:0000142A mov eax, ds:(dword_4004 - 3FB4h)[ebx] .text:00001430 mov [esp+0ECh+file], eax .text:00001433 call esi .text:00001435 mov ecx, [esp+0ECh+filename] .text:0000143C mov esi, eax .text:0000143E mov [esp+0ECh+file], ecx ; filename .text:00001441 call _remove .text:00001446 mov ecx, [esp+0ECh+var_3C] .text:0000144D mov [esp+0ECh+file], ecx ; filename .text:00001450 call _remove .text:00001455 mov edi, [esp+0ECh+path] .text:0000145C mov [esp+0ECh+file], edi ; path .text:0000145F call _rmdir .text:00001464 mov eax, ds:(dword_4004 - 3FB4h)[ebx] .text:0000146A mov eax, [eax] .text:0000146C mov edi, [eax+240h] .text:00001472 mov [esp+0ECh+var_C0], 172C0A73h .text:0000147A mov [esp+0ECh+var_C4], 1A6E0861h .text:00001482 mov [esp+0ECh+var_C8], 13650B62h .text:0000148A mov [esp+0ECh+var_CC], 54201A79h .text:00001492 mov [esp+0ECh+var_D0], 2465416Eh .text:0000149A mov [esp+0ECh+var_D4], 14641969h .text:000014A2 mov [esp+0ECh+var_D8], 0A6B0F20h .text:000014AA mov [esp+0ECh+var_DC], 0A6E0069h .text:000014B2 mov [esp+0ECh+s], 4F200072h .text:000014BA mov [esp+0ECh+n], 0D691A74h .text:000014C2 mov [esp+0ECh+mode], 32536C20h .text:000014CA mov [esp+0ECh+file], 0Bh .text:000014D1 call sub_680 .text:000014D6 mov [esp+0ECh+var_DC], 572E0D79h .text:000014DE mov ebp, eax .text:000014E0 mov [esp+0ECh+s], 56C1A6Ch .text:000014E8 mov [esp+0ECh+n], 8611A6Eh .text:000014F0 mov [esp+0ECh+mode], 0C6F0869h .text:000014F8 mov [esp+0ECh+file], 4 .text:000014FF call sub_680 .text:00001504 mov [esp+0ECh+n], eax .text:00001508 mov [esp+0ECh+s], ebp .text:0000150C mov eax, ds:(dword_4004 - 3FB4h)[ebx] .text:00001512 mov ebp, [esp+0ECh+var_40] .text:00001519 mov [esp+0ECh+file], eax .text:0000151C mov [esp+0ECh+mode], ebp .text:00001520 call edi .text:00001522 mov edx, ds:(dword_4004 - 3FB4h)[ebx] .text:00001528 mov ecx, [edx] .text:0000152A mov [esp+0ECh+file], edx .text:0000152D mov [esp+0ECh+n], eax .text:00001531 mov [esp+0ECh+mode], ebp .text:00001535 call dword ptr [ecx+244h] .text:0000153B mov edx, ds:(dword_4004 - 3FB4h)[ebx] .text:00001541 mov ecx, [edx] .text:00001543 mov [esp+0ECh+s], eax .text:00001547 mov eax, [esp+0ECh+var_20] .text:0000154E mov [esp+0ECh+file], edx .text:00001551 mov [esp+0ECh+n], esi .text:00001555 mov [esp+0ECh+mode], eax .text:00001559 call dword ptr [ecx+70h] .text:0000155C lea eax, [esp+0ECh+var_20] .text:00001563 mov [esp+0ECh+file], eax .text:00001566 call sub_710 .text:0000156B test eax, eax .text:0000156D jz short loc_1580 .text:0000156F lea esp, [esp+0DCh] .text:00001576 mov eax, 10006h .text:0000157B pop ebx .text:0000157C pop esi .text:0000157D pop edi .text:0000157E pop ebp .text:0000157F retn .text:00001580 ; --------------------------------------------------------------------------- .text:00001580 .text:00001580 loc_1580: ; CODE XREF: JNI_OnLoad+2EDj .text:00001580 ; JNI_OnLoad+339j ... .text:00001580 lea esp, [esp+0DCh] .text:00001587 mov eax, 0FFFFFFFFh .text:0000158C pop ebx .text:0000158D pop esi .text:0000158E pop edi .text:0000158F pop ebp .text:00001590 retn .text:00001590 JNI_OnLoad endp .text:00001590 .text:00001590 _text ends .text:00001590