[1.298, 1.310/1.351] "Countdown" attack patch
Finally dug this patch up again!An attacker can basically fill up all the sockets and crash the server. This patch ensures sockets don't get bugged (causing the crash), so it can withstand attacks better (and like I said, doesn't crash).
1.29800445896 |. EB 38 JMP SHORT 004458D0 // jump to code cave
00445898 | 90 NOP
00445899 | 90 NOP
0044589A | 90 NOP
004458D0 |> 80BE 55800000 >CMP BYTE PTR DS:,1 // code cave starts check if m_State == STATE_CONNECTED
004458D7 |. 74 0B JE SHORT 004458E4 // if its equal go to normal code.
004458D9 |. 80BE 55800000 >CMP BYTE PTR DS:,3 // if m_State == STATE_GAMESTART
004458E0 |. 74 02 JE SHORT 004458E4 // if its equal go to normal code.
004458E2 |.^EB B9 JMP SHORT 0044589D // jump to close_routine
004458E4 |> 66:837E 08 02 CMP WORD PTR DS:,2 // if m_nSocketErr == 2
004458E9 \.^EB B0 JMP SHORT 0044589B // jmp to code cave1.310/1.35100437C25 E9 D1AF0C00 JMP 00502BFB
00502BFB 80BE 55800000 >CMP BYTE PTR DS:,1
00502C02 74 0E JE SHORT 00502C12
00502C04 80BE 55800000 >CMP BYTE PTR DS:,3
00502C0B 74 05 JE SHORT 00502C12
00502C0D ^E9 1A50F3FF JMP 00437C2C
00502C12 66:837E 08 02 CMP WORD PTR DS:,2
00502C17 ^E9 0E50F3FF JMP 00437C2A 这是什么代码? 龙王 发表于 2014-10-19 06:50
这是什么代码?
od反汇编 路过不懂哈哈
页:
[1]