hi have one application, china shop of scripts, after i log i have 15 min to test script, after this i can only buy VIP.
I find 3 functions "dtls1_start_timer" "dtls1_stop_timer" "dtls1_is_timer_expired", how i can mod this to get around the limit of 15 minutes?
EXPORT dtls1_start_timer
dtls1_start_timer ; CODE XREF: j_dtls1_start_timer+8↑j
DATA XREF: LOAD:000139A0↑o ...
PUSH {R4,LR}
EXPORT dtls1_start_timer
dtls1_start_timer ; CODE XREF:
j_dtls1_start_timer+8↑j
; DATA XREF:LOAD:000139A0↑o ...
PUSH {R4,LR}
MOV R4, R0
LDR R3, [R0,#0x5C]
LDR.W R2, [R3,#0x2C0]
CBNZ R2, loc_2B57B4
LDR.W R2, [R3,#0x2C4]
CBNZ R2, loc_2B57B4
MOVS R2, #1
STRH.W R2, [R3,#0x2C8]
loc_2B57B4 ; CODE XREF:dtls1_start_timer+A↑j;dtls1_start_timer+10↑j
LDR R0, [R4,#0x5C]
MOVS R1, #0 ; tz
ADD.W R0, R0, #0x2C0 ; tv
BLX gettimeofday
LDR R3, [R4,#0x5C]
MOV R0, R4
LDRH.W R1, [R3,#0x2C8]
LDR.W R2, [R3,#0x2C0]
ADD R2, R1
STR.W R2, [R3,#0x2C0]
BLX j_SSL_get_rbio
LDR R3, [R4,#0x5C]
MOVS R1, #0x2D ; '-'
MOVS R2, #0
ADD.W R3, R3, #0x2C0
POP.W {R4,LR}
B.W sub_2EBB24
; End of function dtls1_start_timer
----------
EXPORT dtls1_stop_timer
dtls1_stop_timer ; CODE XREF:
j_dtls1_stop_timer+8↑j
- .text:002B58B4 ; DATA XREF:LOAD:00013990↑o ...
PUSH {R4,LR}
MOV R4, R0
LDR R0, [R0,#0x5C]
MOVS R1, #0 ; int
MOVS R2, #0xC ; size_t
ADD.W R0, R0, #0x2B4 ; void*
BLX memset
LDR R0, [R4,#0x5C]
MOVS R1, #0 ; int
MOVS R2, #8 ; size_t
ADD.W R0, R0, #0x2C0 ; void*
BLX memset
LDR R3, [R4,#0x5C]
MOVS R2, #1
MOV R0, R4
STRH.W R2, [R3,#0x2C8]
BLX j_SSL_get_rbio
LDR R3, [R4,#0x5C]
MOVS R1, #0x2D ; '-'
MOVS R2, #0
ADD.W R3, R3, #0x2C0
BLX j_BIO_ctrl
MOV R0, R4
POP.W {R4,LR}
B.W sub_2ECC14
; End of function dtls1_stop_timer
----------
- EXPORT dtls1_is_timer_expired
dtls1_is_timer_expired; CODE XREF:j_dtls1_is_timer_expired+8↑j; DATA XREF:LOAD:00013A50↑o ...
var_10 = -0x10
var_C = -0xC
PUSH {R0-R2,LR}
MOV R1, SP
BLX j_dtls1_get_timeout
CBZ R0, loc_2B588E
LDR R3, [SP,#0x10+var_10]
CMP R3, #0
BGT loc_2B588C
LDR R0, [SP,#0x10+var_C]
CMP R0, #0
ITE GT
MOVGT R0, #0
MOVLE R0, #1
B loc_2B588E
;----------------------------------------------------------------
loc_2B588C ; CODE XREF:dtls1_is_timer_expired+E↑j
MOVS R0, #0
loc_2B588E ; CODE XREF:dtls1_is_timer_expired+8↑j ;dtls1_is_timer_expired+1A↑j
ADD SP, SP, #0xC
POP.W {PC}
; End of function dtls1_is_timer_expired
I find 3 functions "dtls1_start_timer" "dtls1_stop_timer" "dtls1_is_timer_expired", how i can mod this to get around the limit of 15 minutes?
EXPORT dtls1_start_timer
dtls1_start_timer ; CODE XREF: j_dtls1_start_timer+8↑j
DATA XREF: LOAD:000139A0↑o ...
PUSH {R4,LR}
EXPORT dtls1_start_timer
dtls1_start_timer ; CODE XREF:
j_dtls1_start_timer+8↑j
; DATA XREF:LOAD:000139A0↑o ...
PUSH {R4,LR}
MOV R4, R0
LDR R3, [R0,#0x5C]
LDR.W R2, [R3,#0x2C0]
CBNZ R2, loc_2B57B4
LDR.W R2, [R3,#0x2C4]
CBNZ R2, loc_2B57B4
MOVS R2, #1
STRH.W R2, [R3,#0x2C8]
loc_2B57B4 ; CODE XREF:dtls1_start_timer+A↑j;dtls1_start_timer+10↑j
LDR R0, [R4,#0x5C]
MOVS R1, #0 ; tz
ADD.W R0, R0, #0x2C0 ; tv
BLX gettimeofday
LDR R3, [R4,#0x5C]
MOV R0, R4
LDRH.W R1, [R3,#0x2C8]
LDR.W R2, [R3,#0x2C0]
ADD R2, R1
STR.W R2, [R3,#0x2C0]
BLX j_SSL_get_rbio
LDR R3, [R4,#0x5C]
MOVS R1, #0x2D ; '-'
MOVS R2, #0
ADD.W R3, R3, #0x2C0
POP.W {R4,LR}
B.W sub_2EBB24
; End of function dtls1_start_timer
----------
EXPORT dtls1_stop_timer
dtls1_stop_timer ; CODE XREF:
j_dtls1_stop_timer+8↑j
- .text:002B58B4 ; DATA XREF:LOAD:00013990↑o ...
PUSH {R4,LR}
MOV R4, R0
LDR R0, [R0,#0x5C]
MOVS R1, #0 ; int
MOVS R2, #0xC ; size_t
ADD.W R0, R0, #0x2B4 ; void*
BLX memset
LDR R0, [R4,#0x5C]
MOVS R1, #0 ; int
MOVS R2, #8 ; size_t
ADD.W R0, R0, #0x2C0 ; void*
BLX memset
LDR R3, [R4,#0x5C]
MOVS R2, #1
MOV R0, R4
STRH.W R2, [R3,#0x2C8]
BLX j_SSL_get_rbio
LDR R3, [R4,#0x5C]
MOVS R1, #0x2D ; '-'
MOVS R2, #0
ADD.W R3, R3, #0x2C0
BLX j_BIO_ctrl
MOV R0, R4
POP.W {R4,LR}
B.W sub_2ECC14
; End of function dtls1_stop_timer
----------
- EXPORT dtls1_is_timer_expired
dtls1_is_timer_expired; CODE XREF:j_dtls1_is_timer_expired+8↑j; DATA XREF:LOAD:00013A50↑o ...
var_10 = -0x10
var_C = -0xC
PUSH {R0-R2,LR}
MOV R1, SP
BLX j_dtls1_get_timeout
CBZ R0, loc_2B588E
LDR R3, [SP,#0x10+var_10]
CMP R3, #0
BGT loc_2B588C
LDR R0, [SP,#0x10+var_C]
CMP R0, #0
ITE GT
MOVGT R0, #0
MOVLE R0, #1
B loc_2B588E
;----------------------------------------------------------------
loc_2B588C ; CODE XREF:dtls1_is_timer_expired+E↑j
MOVS R0, #0
loc_2B588E ; CODE XREF:dtls1_is_timer_expired+8↑j ;dtls1_is_timer_expired+1A↑j
ADD SP, SP, #0xC
POP.W {PC}
; End of function dtls1_is_timer_expired