So the "data" function is hit here:
Code: Select all
MK11.exe+40F4B0 - 48 89 4C 24 08 - mov [rsp+08],rcx
MK11.exe+40F4B5 - 57 - push rdi
MK11.exe+40F4B6 - 48 83 EC 30 - sub rsp,30 { 48 }
MK11.exe+40F4BA - 48 C7 44 24 28 FEFFFFFF - mov qword ptr [rsp+28],FFFFFFFE { (166) }
MK11.exe+40F4C3 - 48 89 5C 24 50 - mov [rsp+50],rbx
MK11.exe+40F4C8 - 48 8B DA - mov rbx,rdx
MK11.exe+40F4CB - 48 8B F9 - mov rdi,rcx
MK11.exe+40F4CE - C7 44 24 20 00000000 - mov [rsp+20],00000000 { 0 }
MK11.exe+40F4D6 - E8 7598AD00 - call MK11.exe+EE8D50
MK11.exe+40F4DB - C7 44 24 20 01000000 - mov [rsp+20],00000001 { 1 }
MK11.exe+40F4E3 - 48 89 7C 24 48 - mov [rsp+48],rdi
MK11.exe+40F4E8 - 48 8D 53 08 - lea rdx,[rbx+08]
MK11.exe+40F4EC - 4C 8D 05 45F3F001 - lea r8,[MK11.exe+231E838] { ("data") }
MK11.exe+40F4F3 - 48 8D 4C 24 48 - lea rcx,[rsp+48]
MK11.exe+40F4F8 - E8 83180000 - call MK11.exe+410D80 <--
MK11.exe+40F4FD - 48 8B C7 - mov rax,rdi
MK11.exe+40F500 - 48 8B 5C 24 50 - mov rbx,[rsp+50]
MK11.exe+40F505 - 48 83 C4 30 - add rsp,30 { 48 }
MK11.exe+40F509 - 5F - pop rdi
MK11.exe+40F50A - C3 - ret
And writing the stuff (contacting MK11 server) happens in that CALL:
Code: Select all
MK11.exe+410D80 - 4C 89 44 24 18 - mov [rsp+18],r8
MK11.exe+410D85 - 48 89 4C 24 08 - mov [rsp+08],rcx
MK11.exe+410D8A - 55 - push rbp
MK11.exe+410D8B - 53 - push rbx
MK11.exe+410D8C - 56 - push rsi
MK11.exe+410D8D - 57 - push rdi
MK11.exe+410D8E - 41 54 - push r12
MK11.exe+410D90 - 41 55 - push r13
MK11.exe+410D92 - 41 56 - push r14
MK11.exe+410D94 - 41 57 - push r15
MK11.exe+410D96 - 48 8D 6C 24 E1 - lea rbp,[rsp-1F]
MK11.exe+410D9B - 48 81 EC F8000000 - sub rsp,000000F8 { 248 }
MK11.exe+410DA2 - 48 C7 45 9F FEFFFFFF - mov qword ptr [rbp-61],FFFFFFFE { (166) }
..
MK11.exe+410F05 - 4C 8D 05 54E5F001 - lea r8,[MK11.exe+231F460] { ("items") }
Then goes inside this call:
Code: Select all
MK11.exe+411BB0 - 40 55 - push rbp
MK11.exe+411BB2 - 56 - push rsi
MK11.exe+411BB3 - 57 - push rdi
MK11.exe+411BB4 - 41 54 - push r12
MK11.exe+411BB6 - 41 55 - push r13
MK11.exe+411BB8 - 41 56 - push r14
MK11.exe+411BBA - 41 57 - push r15
MK11.exe+411BBC - 48 8B EC - mov rbp,rsp
MK11.exe+411BBF - 48 83 EC 60 - sub rsp,60 { 96 }
MK11.exe+411BC3 - 48 C7 45 D0 FEFFFFFF - mov qword ptr [rbp-30],FFFFFFFE { (166) }
MK11.exe+411BCB - 48 89 9C 24 B0000000 - mov [rsp+000000B0],rbx
..
MK11.exe+411CED - 4C 8D 05 44D7F001 - lea r8,[MK11.exe+231F438] { ("itemType") }
MK11.exe+411CF4 - 48 8D 4D 58 - lea rcx,[rbp+58]
MK11.exe+411CF8 - E8 33090000 - call MK11.exe+412630
MK11.exe+411CFD - 48 8D 53 18 - lea rdx,[rbx+18]
MK11.exe+411D01 - 4C 8D 05 3CCBF001 - lea r8,[MK11.exe+231E844] { ("slug") }
MK11.exe+411D08 - 48 8D 4D 58 - lea rcx,[rbp+58]
MK11.exe+411D0C - E8 1F090000 - call MK11.exe+412630
MK11.exe+411D11 - 48 8D 53 28 - lea rdx,[rbx+28]
MK11.exe+411D15 - 4C 8D 05 8445EF01 - lea r8,[MK11.exe+23062A0] { ("amount") }
MK11.exe+411D1C - 48 8D 4D 58 - lea rcx,[rbp+58]
MK11.exe+411D20 - E8 EBE4FFFF - call MK11.exe+410210
MK11.exe+411D25 - 48 8D 53 30 - lea rdx,[rbx+30]
MK11.exe+411D29 - 4C 8D 05 14D7F001 - lea r8,[MK11.exe+231F444] { ("source") }
MK11.exe+411D30 - 48 8D 4D 58 - lea rcx,[rbp+58]
MK11.exe+411D34 - E8 F7080000 - call MK11.exe+412630
MK11.exe+411D39 - 48 8D 53 40 - lea rdx,[rbx+40]
MK11.exe+411D3D - 4C 8D 05 0CD7F001 - lea r8,[MK11.exe+231F450] { ("source_detail") }
MK11.exe+411D44 - 48 8D 4D 58 - lea rcx,[rbp+58]
MK11.exe+411D48 - E8 E3080000 - call MK11.exe+412630
MK11.exe+411D4D - 48 8D 4D C8 - lea rcx,[rbp-38]
MK11.exe+411D51 - E8 1AB81E00 - call MK11.exe+5FD570
MK11.exe+411D56 - 4C 8B 00 - mov r8,[rax]
MK11.exe+411D59 - 48 8D 55 C0 - lea rdx,[rbp-40]
MK11.exe+411D5D - 48 8B C8 - mov rcx,rax
MK11.exe+411D60 - 41 FF 90 D0000000 - call qword ptr [r8+000000D0]