neverend

How can I view Java code? The source code is compiled, moreover, additionally installed SmartGuard

Hello, dear forum users. I decided to disassemble Lineage 2 "in pieces." To be more precise, I'm interested in the network side of the client: I want to understand how packets are formed for sending / receiving and how they are sent to the server. For these tasks, I downloaded IDA Pro and some client files were disassembled through it ... By simple search method, I found functions with a similar name "SendPacket, ReciewePacket" ... But that's what's going on in them, I have no idea .. . More precisely, I understand the operators of the language of assembler, but I do not understand the meaning of all this. A little background: at the very beginning, I just wanted to understand the principle of packet encryption and used wireshark for these purposes, but I did not understand the encryption algorithm (I do not mean the standard XOR algorithm) and therefore decided to dig deeper In this post I will post the disassembled code of the PostSend function (I note that there are also functions with the same name as PreSend, PostSendMap). I also add that while digging in the wireshark I already learned how to catch the package I needed: for example, sending a message to the chat, and also found this function in the disassembled code (by the way, I disassembled the file engine.dll). There have been many introductory parts, now the question is essentially: how do I understand (to be more honest, to poke my nose) where the packet is sent to the specified ip address and where (how) is the package formed, its encryption and other related with this. I will be glad to any answers in essence. Sorry for my english, I'm a russian man :) .text:10763000 ; =============== S U B R O U T I N E ======================================= .text:10763000 .text:10763000 ; Attributes: bp-based frame .text:10763000 .text:10763000 ; void __thiscall UNetConnection::PostSend(UNetConnection *__hidden this) .text:10763000 ?PostSend@UNetConnection@@QAEXXZ_0 proc near .text:10763000 ; CODE XREF: UNetConnection::PostSend(void)j .text:10763000 .text:10763000 var_10 = dword ptr -10h .text:10763000 var_C = dword ptr -0Ch .text:10763000 var_4 = dword ptr -4 .text:10763000 .text:10763000 push ebp .text:10763001 mov ebp, esp .text:10763003 push 0FFFFFFFFh .text:10763005 push offset ?PostSend@UNetConnection@@QAEXXZ_0_SEH .text:1076300A mov eax, large fs:0 .text:10763010 push eax .text:10763011 mov large fs:0, esp .text:10763018 sub esp, 0Ch .text:1076301B push ebx .text:1076301C push esi .text:1076301D push edi .text:1076301E mov [ebp+var_10], esp .text:10763021 mov esi, ecx .text:10763023 mov [ebp+var_4], 0 .text:1076302A lea edi, [esi+254h] .text:10763030 mov ecx, edi .text:10763032 mov ebx, ds:?GetNumBits@FBitWriter@@QAEHXZ ; FBitWriter::GetNumBits(void) .text:10763038 call ebx ; FBitWriter::GetNumBits(void) ; FBitWriter::GetNumBits(void) .text:1076303A mov ecx, [esi+0C8h] .text:10763040 add ecx, ecx .text:10763042 add ecx, ecx .text:10763044 add ecx, ecx .text:10763046 cmp eax, ecx .text:10763048 jle short loc_10763062 .text:1076304A push 26Eh .text:1076304F push offset a_Unconn_cpp ; ".\\UnConn.cpp" .text:10763054 push offset aOut_getnumbi_0 ; "Out.GetNumBits()<=MaxPacket*8" .text:10763059 call ds:?appFailAssert@@YAXPBD0H@Z ; appFailAssert(char const *,char const *,int) .text:1076305F add esp, 0Ch .text:10763062 .text:10763062 loc_10763062: ; CODE XREF: UNetConnection::PostSend(void)+48j .text:10763062 mov ecx, edi .text:10763064 call ebx ; FBitWriter::GetNumBits(void) ; FBitWriter::GetNumBits(void) .text:10763066 mov edx, [esi+0C8h] .text:1076306C add edx, edx .text:1076306E add edx, edx .text:10763070 add edx, edx .text:10763072 cmp eax, edx .text:10763074 jnz short loc_10763082 .text:10763076 mov eax, [esi] .text:10763078 mov ecx, esi .text:1076307A mov edx, [eax+84h] .text:10763080 call edx .text:10763082 .text:10763082 loc_10763082: ; CODE XREF: UNetConnection::PostSend(void)+74j .text:10763082 mov [ebp+var_4], 0FFFFFFFFh .text:10763089 mov ecx, [ebp+var_C] .text:1076308C mov large fs:0, ecx .text:10763093 pop edi .text:10763094 pop esi .text:10763095 pop ebx .text:10763096 mov esp, ebp .text:10763098 pop ebp .text:10763099 retn .text:10763099 ?PostSend@UNetConnection@@QAEXXZ_0 endp P.S. Just in case, I'll put here a pseudo-code, generated IDA void __thiscall UNetConnection::PostSend(UNetConnection *this) { UNetConnection *v1; // esi@1 FBitWriter *v2; // edi@1 int v3; // [sp+0h] [bp-24h]@1 int *v4; // [sp+14h] [bp-10h]@1 int v5; // [sp+20h] [bp-4h]@1 v4 = &v3; v1 = this; v5 = 0; v2 = (UNetConnection *)((char *)this + 596); if ( FBitWriter::GetNumBits((UNetConnection *)((char *)this + 596)) > 8 * *((_DWORD *)this + 50) ) appFailAssert("Out.GetNumBits()<=MaxPacket*8", ".\\UnConn.cpp", 622); if ( FBitWriter::GetNumBits(v2) == 8 * *((_DWORD *)v1 + 50) ) (*(void (__thiscall **)(UNetConnection *))(*(_DWORD *)v1 + 132))(v1); } P.P.S. Just in case, attach a link to the source and disassembled files. http://rgho.st/92QyYRsvK