Article Index |
---|
POPROXY Antivirus Project |
Code Modifications |
All Pages |
Code Modifications
These are the few bytes that need to be modified and their explanation.
POPROXY_O.EXE Original File bundled with NAV 2001
POPROXY_B.EXE Patched version for Gateway and Server Side.
Values:
Bind to 0.0.0.0
Default Server IP 127.0.0.1
Default Server Port 8110
17/05/2002 03:00
===================================================================================
Constants:
-----------
Address Hex ASCII Description
0000BCD0-0000BCD1 AE1F 8110 Remote Port sin / (Hex Inv)
0000BCDC-0000BCDD 6E00 110 Default Remote Port con / (Hex Inv)
00004BB0 2B + OK Return Character
00004F68 2F / Mail Separator Character
00004F7B 5C \ Mail Alternative Separator Character
00004FD2 3A : Port Separator Character
00010400-0001040F 0.0.0.0 IP Local Bind (End with 0x00)
00010410-0001011F 127.0.0.1 Default Remote IP (End with 0x00)
===================================================================================
Patches:
--------
===================================================================================
Bind IP:
00409C2A 6800044100 push 00410400
===================================================================================
No char "/" requirement for USER:
00404820 83BDECFDFFFF00 cmp dword[ebp+FFFFFDEC], 00000000
00404827 E982000000 jmp 004048AE JUMP Always
===================================================================================
Host Management:
00404A30 51 push ecx
00404A31=E94A720000 jmp 0000BC80
00404A36=EB00 jmp 00404A38
00404A38 8B85FCFDFFFF mov eax, dword[ebp+FFFFFDFC]
-----------------------------------------------------------------------------------
0040BC80 83BDECFDFFFF00 cmp dword[ebp+FFFFFDEC], 00000000
0040BC87 0F8513000000 jne 0040BCA0
0040BC8D 6810044100 push 00410410 (StringData)"127.0.0.1" Default IP
0040BC92 E9A18DFFFF jmp 00404A38
0040BC97
--------
0040BCA0 8B95B8FDFFFF mov edx, dword[ebp+FFFFFDB8] Hostname after /
0040BCA6 52 push edx
0040BCA7 E98C8DFFFF jmp 00404A38
0040BCAC
===================================================================================
Remote Port Management:
004049DA=E9E1720000 jmp 0000BCC0
004049DF=EB00
004049E1
-----------------------------------------------------------------------------------
0040BCC0 83BDECFDFFFF00 cmp dword[ebp+FFFFFDEC], 00000000
0040BCC7 0F850C000000 jne 0040BCA0
0040BCCD C745E4AE1F0000 mov dword[ebp-1C], 00001FAE (8110) Port of Def IP
0040BCD4 E9088DFFFF jmp 004049E1
0040BCD9 C745E46E000000 mov dword[ebp-1C], 0000006E (110) Def General Port
0040BCE0 E9FC8CFFFF jmp 004049E1
0040BCE5
===================================================================================
USER command Management:
00404C07 C645FC0D mov byte[ebp-04], 0D
00404C0B=E920710000 jmp 0040BD30
00404C10=.. Relleno
00404C11=EB00 jmp 00404C13
00404C13=EB00 jmp 00404C15
00404C15 68ACF54000 push 0040F5AC (StringData)"USER %s <cr><lf>"
-----------------------------------------------------------------------------------
0040BD30 83BDECFDFFFF00 cmp dword[ebp+FFFFFDEC], 00000000
0040BD37 0F8513000000 jne 0040BD50
0040BD3D 8B8DF0FDFFFF mov ecx, dword[ebp+FFFFFDF0] ebp-210 Print FULL str
0040BD43 51 push ecx
0040BD44 E9CC8EFFFF jmp 00404C15
0040BD49
--------
0040BD50 8B8DFCFDFFFF mov ecx, dword[ebp+FFFFFDFC] Print User before /
0040BD56 8B5148 mov edx, dword[ecx+48]
0040BD59 52 push edx
0040BD5A E9B68EFFFF jmp 00404C15
0040BD5F
===================================================================================
< Prev | Next > |
---|