Packet Encryption / Decryption Information From Client

Post Reply
User avatar
atom0s
Developer
Posts: 537
Joined: Thu Oct 25, 2012 9:52 am

Packet Encryption / Decryption Information From Client

Post by atom0s » Tue Dec 23, 2014 2:57 am

Figured sharing this may help resort to someone making a better zlib implementation than what we are currently using. Currently the implementation is fairly thrown together and kind of sketchy in some instances, and in a lot of cases can lead to the packet/key issues etc. So if someone is bored and wants to use this information, then perhaps we can get a better implementation going.

Packet Encryption / Compression

Code: Select all

/**
 * @brief Encrypts the given packet.
 *
 * @param a1 The raw packet being encrypted and compressed.
 * @param a2 The raw packet size.
 * @param a3 Unknown - Assumed to be the output buffer.
 * @param a4 Unknown - Assumed to be the output size.
 * @param a5 The compression table to use while compressing the packet. (This matches our compress.dat file.)
 */
int __cdecl Encrypt_Packet(const void *a1, unsigned int a2, int a3, unsigned int a4, int a5)
{
  int v5; // eax@1
  unsigned int v6; // edi@1
  int v7; // ecx@2
  int v8; // ebx@2
  int result; // eax@4
  unsigned int v10; // edi@7
  unsigned int i; // ecx@7

  v5 = 0;
  v6 = 0;
  if ( a2 )
  {
    while ( 1 )
    {
      v7 = *((_BYTE *)a1 + v6);
      v8 = *(_DWORD *)(a5 + 4 * v7 + 1536) + v5;
      if ( v8 >= 8 * (a4 - 1) )
        break;
      Compress_Packet(a3 + 1, a4 - 1, v5, a5 + 4 * v7 + 512, 4u, 0, *(_DWORD *)(a5 + 4 * v7 + 1536));
      ++v6;
      v5 = v8;
      if ( v6 >= a2 )
        goto LABEL_4;
    }
    if ( a4 >= a2 + 1 )
    {
      memset((void *)a3, 0, 4 * (a4 >> 2));
      v10 = a3 + 4 * (a4 >> 2);
      for ( i = a4 & 3; i; --i )
        *(_BYTE *)v10++ = 0;
      memcpy((void *)(a3 + 1), a1, 4 * (a2 >> 2));
      result = 8 * (a2 + 1);
      memcpy((void *)(a3 + 1 + 4 * (a2 >> 2)), (char *)a1 + 4 * (a2 >> 2), a2 & 3);
      *(_BYTE *)a3 = 0;
    }
    else
    {
      result = -1;
    }
  }
  else
  {
LABEL_4:
    *(_BYTE *)a3 = 1;
    result = v5 + 8;
  }
  return result;
}

char __cdecl Compress_Packet(int a1, unsigned int a2, int a3, int a4, unsigned int a5, unsigned int a6, int a7)
{
  unsigned int v7; // edx@2
  int i; // eax@4
  unsigned int v9; // eax@6
  char v10; // bl@6
  char result; // al@7

  if ( (unsigned int)(a3 + a7 + 7) >> 3 > a2 || (v7 = a6, (a6 + a7 + 7) >> 3 > a5) )
  {
    result = -1;
  }
  else
  {
    if ( a6 < a6 + a7 )
    {
      for ( i = a3 - a6; ; i = a3 - a6 )
      {
        v9 = v7 + i;
        v10 = (*(_BYTE *)((v9 >> 3) + a1) & ~(1 << (v9 & 7)))
            + (((*(_BYTE *)((v7 >> 3) + a4) >> (v7 & 7)) & 1) << (v9 & 7));
        ++v7;
        *(_BYTE *)((v9 >> 3) + a1) = v10;
        if ( v7 >= a6 + a7 )
          break;
      }
    }
    result = 0;
  }
  return result;
}

User avatar
atom0s
Developer
Posts: 537
Joined: Thu Oct 25, 2012 9:52 am

Re: Packet Encryption / Decryption Information From Client

Post by atom0s » Tue Dec 23, 2014 3:08 am

Packet Decryption / Decompression

Code: Select all

/**
 * @brief Decrypts and decompresses the incoming packet.
 * 
 * @param a1 The buffer to obtain the decrypted packet.
 * @param a2 The length of the buffer.
 * @param a3 The blowfish decryption table used to decrypt the packet.
 * @param a4 Decompression table. (decompress.dat - Will not match ours as it is based on the base address of FFXiMain.dll when loaded.)
 * @param a5 The raw packet to decrypt and decompress.
 * @param a6 The raw packet size.
 */
int __cdecl Decrypt_Packet(void *a1, unsigned int a2, int a3, int a4, const void *a5, unsigned int a6)
{
  int result; // eax@2
  unsigned int v7; // ebx@7
  unsigned int v8; // eax@10
  char v9; // [sp+10h] [bp-5B8h]@9
  char v10; // [sp+68h] [bp-560h]@9
  char v11[12]; // [sp+78h] [bp-550h]@7
  char v12[12]; // [sp+84h] [bp-544h]@9
  int v13; // [sp+90h] [bp-538h]@10
  char v14; // [sp+94h] [bp-534h]@8

  if ( a2 >= a6 )
  {
    if ( a6 <= 0x550 )
    {
      if ( a6 > 0x2C )
      {
        memcpy(v11, a5, 4 * (a6 >> 2));
        v7 = a6 - 28;
        memcpy(&v11[4 * (a6 >> 2)], (char *)a5 + 4 * (a6 >> 2), a6 & 3);
        if ( a3 )
          sub_100D0280(a3, &v14, v7);
        sub_100D11B0(&v9);
        sub_100D11E0(&v9, &v14, a6 - 44);
        sub_100D1280(&v9);
        result = 0;
        if ( !memcmp(&v10, &v12[v7], 16) )
        {
          memcpy(a1, v11, 0x1Cu);
          v8 = sub_100D28F0((int)&v14, *(int *)((char *)&v13 + a6 - 44), (char *)a1 + 28, a2 - 28, a4);
          if ( (v8 & 0x80000000u) == 0 )
            result = v8 + 28;
          else
            result = -1;
        }
      }
      else
      {
        result = -1;
      }
    }
    else
    {
      result = -1;
    }
  }
  else
  {
    result = -1;
  }
  return result;
}
And the blowfish decryption:

Code: Select all

/**
 * @brief Decrypts the packet via blowfish.
 *
 * @param a1 The blowfish table to use while decrypting the packet. (This matches what is seen as the value of 'P' in blowfish.cpp after the table is initialized.)
 * @param a2 The raw packet to decrypt.
 * @param a3 The raw packet size being decrypted. (Minus the 0x1C FFXI_HEADER from the packet.)
 */
int __cdecl sub_100D0280(int a1, int a2, unsigned int a3)
{
  int result; // eax@1
  unsigned int i; // edi@1
  int v5; // esi@2
  int v6; // esi@2
  int v7; // edx@2
  int v8; // esi@2
  int v9; // edx@2
  int v10; // esi@2
  int v11; // edx@2
  int v12; // esi@2
  int v13; // edx@2
  int v14; // esi@2
  int v15; // edx@2
  int v16; // esi@2
  int v17; // edx@2
  int v18; // esi@2
  int v19; // edx@2
  int v20; // esi@2
  int v21; // edx@2
  int v22; // esi@2
  int v23; // edx@2
  int v24; // esi@2
  int v25; // edx@2
  int v26; // esi@2
  int v27; // edx@2
  int v28; // esi@2
  int v29; // edx@2
  int v30; // esi@2
  int v31; // edx@2
  int v32; // esi@2
  int v33; // edx@2
  int v34; // esi@2
  int v35; // edx@2
  int v36; // esi@2
  int v37; // ebx@2

  result = a2 + 4;
  for ( i = a3 >> 3; i; *(_DWORD *)(result - 12) = *(_DWORD *)a1 ^ v37 )
  {
    v5 = *(_DWORD *)(a1 + 68) ^ *(_DWORD *)(result - 4);
    *(_DWORD *)(result - 4) = v5;
    v6 = (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 4) + 72)
        + *(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 2) + 2120)
        + (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 1) + 3144) & 1 ^ 0x20)
        + (*(_DWORD *)(a1 + 4 * ((unsigned __int16)v5 >> 8) + 1096) & 1 ^ 0x20)) ^ *(_DWORD *)result;
    *(_DWORD *)result = v6;
    v7 = v6 ^ *(_DWORD *)(a1 + 64);
    *(_DWORD *)result = v7;
    v8 = (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result + 2) + 2120)
        + *(_DWORD *)(a1 + 4 * *(_BYTE *)result + 72)
        + (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result + 3) + 3144) & 1 ^ 0x20)
        + (*(_DWORD *)(a1 + 4 * ((unsigned __int16)v7 >> 8) + 1096) & 1 ^ 0x20)) ^ *(_DWORD *)(result - 4);
    *(_DWORD *)(result - 4) = v8;
    v9 = v8 ^ *(_DWORD *)(a1 + 60);
    *(_DWORD *)(result - 4) = v9;
    v10 = (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 4) + 72)
         + *(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 2) + 2120)
         + (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 1) + 3144) & 1 ^ 0x20)
         + (*(_DWORD *)(a1 + 4 * ((unsigned __int16)v9 >> 8) + 1096) & 1 ^ 0x20)) ^ *(_DWORD *)result;
    *(_DWORD *)result = v10;
    v11 = v10 ^ *(_DWORD *)(a1 + 56);
    *(_DWORD *)result = v11;
    v12 = (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result + 2) + 2120)
         + *(_DWORD *)(a1 + 4 * *(_BYTE *)result + 72)
         + (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result + 3) + 3144) & 1 ^ 0x20)
         + (*(_DWORD *)(a1 + 4 * ((unsigned __int16)v11 >> 8) + 1096) & 1 ^ 0x20)) ^ *(_DWORD *)(result - 4);
    *(_DWORD *)(result - 4) = v12;
    v13 = v12 ^ *(_DWORD *)(a1 + 52);
    *(_DWORD *)(result - 4) = v13;
    v14 = (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 4) + 72)
         + *(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 2) + 2120)
         + (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 1) + 3144) & 1 ^ 0x20)
         + (*(_DWORD *)(a1 + 4 * ((unsigned __int16)v13 >> 8) + 1096) & 1 ^ 0x20)) ^ *(_DWORD *)result;
    *(_DWORD *)result = v14;
    v15 = v14 ^ *(_DWORD *)(a1 + 48);
    *(_DWORD *)result = v15;
    v16 = (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result + 2) + 2120)
         + *(_DWORD *)(a1 + 4 * *(_BYTE *)result + 72)
         + (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result + 3) + 3144) & 1 ^ 0x20)
         + (*(_DWORD *)(a1 + 4 * ((unsigned __int16)v15 >> 8) + 1096) & 1 ^ 0x20)) ^ *(_DWORD *)(result - 4);
    *(_DWORD *)(result - 4) = v16;
    v17 = v16 ^ *(_DWORD *)(a1 + 44);
    *(_DWORD *)(result - 4) = v17;
    v18 = (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 4) + 72)
         + *(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 2) + 2120)
         + (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 1) + 3144) & 1 ^ 0x20)
         + (*(_DWORD *)(a1 + 4 * ((unsigned __int16)v17 >> 8) + 1096) & 1 ^ 0x20)) ^ *(_DWORD *)result;
    *(_DWORD *)result = v18;
    v19 = v18 ^ *(_DWORD *)(a1 + 40);
    *(_DWORD *)result = v19;
    v20 = (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result + 2) + 2120)
         + *(_DWORD *)(a1 + 4 * *(_BYTE *)result + 72)
         + (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result + 3) + 3144) & 1 ^ 0x20)
         + (*(_DWORD *)(a1 + 4 * ((unsigned __int16)v19 >> 8) + 1096) & 1 ^ 0x20)) ^ *(_DWORD *)(result - 4);
    *(_DWORD *)(result - 4) = v20;
    v21 = v20 ^ *(_DWORD *)(a1 + 36);
    *(_DWORD *)(result - 4) = v21;
    v22 = (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 4) + 72)
         + *(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 2) + 2120)
         + (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 1) + 3144) & 1 ^ 0x20)
         + (*(_DWORD *)(a1 + 4 * ((unsigned __int16)v21 >> 8) + 1096) & 1 ^ 0x20)) ^ *(_DWORD *)result;
    *(_DWORD *)result = v22;
    v23 = v22 ^ *(_DWORD *)(a1 + 32);
    *(_DWORD *)result = v23;
    v24 = (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result + 2) + 2120)
         + *(_DWORD *)(a1 + 4 * *(_BYTE *)result + 72)
         + (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result + 3) + 3144) & 1 ^ 0x20)
         + (*(_DWORD *)(a1 + 4 * ((unsigned __int16)v23 >> 8) + 1096) & 1 ^ 0x20)) ^ *(_DWORD *)(result - 4);
    *(_DWORD *)(result - 4) = v24;
    v25 = v24 ^ *(_DWORD *)(a1 + 28);
    *(_DWORD *)(result - 4) = v25;
    v26 = (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 4) + 72)
         + *(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 2) + 2120)
         + (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 1) + 3144) & 1 ^ 0x20)
         + (*(_DWORD *)(a1 + 4 * ((unsigned __int16)v25 >> 8) + 1096) & 1 ^ 0x20)) ^ *(_DWORD *)result;
    *(_DWORD *)result = v26;
    v27 = v26 ^ *(_DWORD *)(a1 + 24);
    *(_DWORD *)result = v27;
    v28 = (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result + 2) + 2120)
         + *(_DWORD *)(a1 + 4 * *(_BYTE *)result + 72)
         + (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result + 3) + 3144) & 1 ^ 0x20)
         + (*(_DWORD *)(a1 + 4 * ((unsigned __int16)v27 >> 8) + 1096) & 1 ^ 0x20)) ^ *(_DWORD *)(result - 4);
    *(_DWORD *)(result - 4) = v28;
    v29 = v28 ^ *(_DWORD *)(a1 + 20);
    *(_DWORD *)(result - 4) = v29;
    v30 = (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 4) + 72)
         + *(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 2) + 2120)
         + (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 1) + 3144) & 1 ^ 0x20)
         + (*(_DWORD *)(a1 + 4 * ((unsigned __int16)v29 >> 8) + 1096) & 1 ^ 0x20)) ^ *(_DWORD *)result;
    *(_DWORD *)result = v30;
    v31 = v30 ^ *(_DWORD *)(a1 + 16);
    *(_DWORD *)result = v31;
    v32 = (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result + 2) + 2120)
         + *(_DWORD *)(a1 + 4 * *(_BYTE *)result + 72)
         + (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result + 3) + 3144) & 1 ^ 0x20)
         + (*(_DWORD *)(a1 + 4 * ((unsigned __int16)v31 >> 8) + 1096) & 1 ^ 0x20)) ^ *(_DWORD *)(result - 4);
    *(_DWORD *)(result - 4) = v32;
    v33 = v32 ^ *(_DWORD *)(a1 + 12);
    *(_DWORD *)(result - 4) = v33;
    v34 = (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 4) + 72)
         + *(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 2) + 2120)
         + (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result - 1) + 3144) & 1 ^ 0x20)
         + (*(_DWORD *)(a1 + 4 * ((unsigned __int16)v33 >> 8) + 1096) & 1 ^ 0x20)) ^ *(_DWORD *)result;
    *(_DWORD *)result = v34;
    v35 = v34 ^ *(_DWORD *)(a1 + 8);
    *(_DWORD *)result = v35;
    v36 = (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result + 2) + 2120)
         + *(_DWORD *)(a1 + 4 * *(_BYTE *)result + 72)
         + (*(_DWORD *)(a1 + 4 * *(_BYTE *)(result + 3) + 3144) & 1 ^ 0x20)
         + (*(_DWORD *)(a1 + 4 * ((unsigned __int16)v35 >> 8) + 1096) & 1 ^ 0x20)) ^ *(_DWORD *)(result - 4);
    *(_DWORD *)(result - 4) = v36;
    *(_DWORD *)(result - 4) = *(_DWORD *)result;
    *(_DWORD *)result = v36;
    *(_DWORD *)result = v36 ^ *(_DWORD *)(a1 + 4);
    v37 = *(_DWORD *)(result - 4);
    result += 8;
    --i;
  }
  return result;
}

User avatar
atom0s
Developer
Posts: 537
Joined: Thu Oct 25, 2012 9:52 am

Re: Packet Encryption / Decryption Information From Client

Post by atom0s » Tue Dec 23, 2014 3:43 am

Blowfish Initialization

Code: Select all

char __cdecl sub_100CFA30(int a1, int a2, int a3, int a4)
{
  int v4; // ecx@1
  signed int v5; // eax@1
  int v6; // edx@1
  signed int v7; // esi@2
  int v8; // edi@3
  int v9; // eax@5
  int v10; // esi@5
  int v11; // edx@6
  int v12; // ebp@10
  int v13; // edx@11
  int v14; // eax@11
  signed int v15; // esi@12
  int v16; // edi@13
  int v17; // esi@15
  signed int v18; // esi@17
  int v19; // edi@18
  int v20; // esi@19
  signed int v22; // [sp+10h] [bp-4h]@5
  signed int v23; // [sp+18h] [bp+4h]@6
  signed int v24; // [sp+18h] [bp+4h]@11
  int v25; // [sp+18h] [bp+4h]@16
  signed int v26; // [sp+20h] [bp+Ch]@15
  signed int v27; // [sp+24h] [bp+10h]@16

  v4 = a1;
  v5 = (signed int)&unk_10329DD8;
  v6 = a1 + 72;
  do
  {
    v7 = 256;
    do
    {
      v8 = *(_DWORD *)v5;
      v5 += 4;
      *(_DWORD *)v6 = v8;
      v6 += 4;
      --v7;
    }
    while ( v7 );
  }
  while ( v5 < (signed int)&unk_1032ADD8 );
  v9 = 0;
  v10 = a1;
  v22 = 18;
  do
  {
    v11 = 0;
    v23 = 4;
    do
    {
      v11 = *(_BYTE *)(v9++ + a3) | (v11 << 8);
      if ( v9 >= a4 )
        v9 = 0;
      --v23;
    }
    while ( v23 );
    v12 = *(_DWORD *)((char *)&unk_10329D90 + v10 - v4);
    v10 += 4;
    *(_DWORD *)(v10 - 4) = v11 ^ v12;
    --v22;
  }
  while ( v22 );
  v13 = 0;
  v14 = 0;
  v24 = 0;
  do
  {
    v15 = 0;
    do
    {
      v16 = *(_DWORD *)(v4 + 4 * v15++) ^ v14;
      v14 = v13 ^ (*(_DWORD *)(v4 + 4 * (unsigned __int8)v16 + 72)
                 + *(_DWORD *)(v4 + 4 * (((unsigned int)v16 >> 16) & 0xFF) + 2120)
                 + (*(_DWORD *)(v4 + 4 * ((unsigned __int16)v16 >> 8) + 1096) & 1 ^ 0x20)
                 + (*(_DWORD *)(v4 + 4 * ((unsigned int)v16 >> 24) + 3144) & 1 ^ 0x20));
      v13 = v16;
    }
    while ( v15 < 16 );
    v13 = v14 ^ *(_DWORD *)(v4 + 64);
    v14 = *(_DWORD *)(v4 + 68) ^ v16;
    *(_DWORD *)(v4 + 4 * v24) = v14;
    *(_DWORD *)(v4 + 4 * v24 + 4) = v13;
    v24 += 2;
  }
  while ( v24 < 18 );
  v17 = v4 + 76;
  v26 = 4;
  do
  {
    v25 = v17;
    v27 = 128;
    do
    {
      v18 = 0;
      do
      {
        v19 = *(_DWORD *)(v4 + 4 * v18++) ^ v14;
        v14 = v13 ^ (*(_DWORD *)(v4 + 4 * (unsigned __int8)v19 + 72)
                   + *(_DWORD *)(v4 + 4 * (((unsigned int)v19 >> 16) & 0xFF) + 2120)
                   + (*(_DWORD *)(v4 + 4 * ((unsigned __int16)v19 >> 8) + 1096) & 1 ^ 0x20)
                   + (*(_DWORD *)(v4 + 4 * ((unsigned int)v19 >> 24) + 3144) & 1 ^ 0x20));
        v13 = v19;
      }
      while ( v18 < 16 );
      v20 = v14;
      v14 = *(_DWORD *)(v4 + 68) ^ v19;
      v13 = v20 ^ *(_DWORD *)(v4 + 64);
      *(_DWORD *)(v25 - 4) = v14;
      *(_DWORD *)v25 = v13;
      v17 = v25 + 8;
      v25 += 8;
      --v27;
    }
    while ( v27 );
    --v26;
  }
  while ( v26 );
  return 0;
}
This is how the game initializes the blowfish tables.
- unk_10329D90 is the address of the static blowfish table. This is equal to the current DSP 'subkey' table.
- unk_10329DD8 is the address to the +72 offset data inside of the blowfish table used for the 'S' pointer object table.
- unk_1032ADD8 is equal to 128.

User avatar
atom0s
Developer
Posts: 537
Joined: Thu Oct 25, 2012 9:52 am

Re: Packet Encryption / Decryption Information From Client

Post by atom0s » Tue Dec 23, 2014 5:58 pm

Compression Table Initialization
These are the functions that handle creating the compression table for handling the zlib compression that we mimic in DSP. (zlib.cpp etc.)

This function handles preparing the inventory structure as well as initializes the zlib compression table.

Code: Select all

char __cdecl sub_100EC010(int a1)
{
  char result; // al@2
  unsigned int v2; // eax@3

  *(_DWORD *)&word_10491E80 = 0;
  *(_DWORD *)&byte_10491E84 = 0;
  if ( (unsigned __int8)std::codecvt_base::do_always_noconv() == 1 )
  {
    sub_100E2D70((int)"z");
    dword_104922F4 = (int)dword_10926C00;
    memset(dword_10926C00, 0, sizeof(dword_10926C00));
    dword_104922F8 = 0;
    dword_10926C00[58766] = a1;
    sub_100D2740(dword_104922F4 + 0x3810C, 2048);
    sub_100D27D0(dword_104922F4 + 0x3591C, 10224); // initialize the zlib compression table
    *(_DWORD *)(dword_104922F4 + 219416) = 1;
    *(_DWORD *)dword_104922F4 = 0;
    dword_104922F8 = 0;
    *(_DWORD *)dword_104922F4 = dword_104922F4 + 4;
    dword_104922F8 = *(_DWORD *)dword_104922F4;
    v2 = 0x3890Cu;
    do
    {
      v2 += 4;
      *(_DWORD *)(v2 + dword_104922F4 - 4) = 1000;
    }
    while ( v2 < 0x38D70 );
    sub_100EC1F0();
    sub_10104480();
    result = 1;
  }
  else
  {
    result = 0;
  }
  return result;
}
Here is the function call that we are interested in:

Code: Select all

char __cdecl sub_100D27D0(int a1, int a2)
{
  return sub_100D27F0(a1, a2, (int)&unk_1032AE18, 0x900u);
}

char __cdecl sub_100D27F0(int a1, int a2, int a3, unsigned int a4)
{
  int v5; // edi@3
  signed int v6; // ebp@3
  int v7; // eax@3
  int v8; // esi@4
  unsigned int v9; // ecx@4
  int v10; // edx@4
  bool v11; // zf@4
  int v12; // edi@5
  int v13; // eax@7
  int v14; // ecx@9
  int v15; // [sp+0h] [bp-10h]@3
  signed int v16; // [sp+4h] [bp-Ch]@3
  int v17; // [sp+8h] [bp-8h]@4
  unsigned int v18; // [sp+Ch] [bp-4h]@4
  unsigned int v19; // [sp+1Ch] [bp+Ch]@4
  char v20; // [sp+20h] [bp+10h]@4

  if ( a4 < 0x900 )
    return -1;
  v5 = a1;
  v6 = 1;
  v16 = 256;
  *(_DWORD *)a1 = a1 + 4;
  *(_DWORD *)(a1 + 12) = 0;
  *(_DWORD *)(*(_DWORD *)a1 + 4) = 0;
  v7 = a3 + 5;
  **(_DWORD **)a1 = 0;
  v15 = a3 + 5;
  do
  {
    v8 = *(_DWORD *)v5;
    v20 = *(_BYTE *)(v7 - 5);
    v9 = *(_DWORD *)v7;
    v17 = *(_DWORD *)(v7 - 4);
    v10 = 0;
    v18 = v9;
    v11 = v9 == 0;
    v19 = 0;
    if ( !v9 )
      goto LABEL_14;
    v12 = v5 + 20 * v6 + 4;
    do
    {
      if ( (unsigned __int8)sub_100D29A0(&v17, v10) )
      {
        v13 = v8 + 4;
        v14 = v8;
        v8 = *(_DWORD *)(v8 + 4);
        if ( v8 )
          goto LABEL_12;
        v8 = v12;
        *(_DWORD *)(v12 + 8) = v14;
      }
      else
      {
        v13 = v8;
        v8 = *(_DWORD *)v8;
        if ( v8 )
          goto LABEL_12;
        v8 = v12;
        *(_DWORD *)(v12 + 8) = v13;
      }
      *(_DWORD *)v12 = 0;
      *(_DWORD *)(v12 + 4) = 0;
      ++v6;
      v12 += 20;
      *(_DWORD *)v13 = v8;
LABEL_12:
      v10 = v19++ + 1;
    }
    while ( v19 < v18 );
    v5 = a1;
    v7 = v15;
    v11 = v18 == 0;
LABEL_14:
    if ( !v11 )
      *(_BYTE *)(v8 + 12) = v20;
    v7 += 9;
    v11 = v16 == 1;
    v15 = v7;
    --v16;
  }
  while ( !v11 );
  return 0;
}

int __cdecl sub_100D29A0(int a1, unsigned int a2)
{
  return ((signed int)*(_BYTE *)((a2 >> 3) + a1) >> (a2 & 7)) & 1;
}
Here is the table used to create the compression table:

Code: Select all

unsigned char raw_compression_table[2320] = {
    0x80, 0x16, 0x00, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, 0x81, 0x7E, 0x05, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x82, 0x62,
    0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0x83, 0x9E, 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x84, 0xD8, 0x05, 0x00,
    0x00, 0x0B, 0x00, 0x00, 0x00, 0x85, 0x9E, 0x07, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x86, 0x58, 0x00, 0x00, 0x00, 0x0B,
    0x00, 0x00, 0x00, 0x87, 0xBE, 0x03, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x88, 0x22, 0x01, 0x00, 0x00, 0x0B, 0x00, 0x00,
    0x00, 0x89, 0x08, 0x03, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x8A, 0x40, 0x00, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x8B,
    0x80, 0x02, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x8C, 0x32, 0x01, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x8D, 0x58, 0x02,
    0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x8E, 0xF2, 0x05, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x8F, 0xD0, 0x01, 0x00, 0x00,
    0x0A, 0x00, 0x00, 0x00, 0x90, 0xC6, 0x01, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x91, 0x18, 0x02, 0x00, 0x00, 0x0A, 0x00,
    0x00, 0x00, 0x92, 0x50, 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x93, 0x7E, 0x03, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00,
    0x94, 0x00, 0x00, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x95, 0x72, 0x04, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x96, 0x46,
    0x07, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x97, 0x46, 0x03, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x98, 0x50, 0x02, 0x00,
    0x00, 0x0A, 0x00, 0x00, 0x00, 0x99, 0x50, 0x05, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x9A, 0x3E, 0x04, 0x00, 0x00, 0x0B,
    0x00, 0x00, 0x00, 0x9B, 0x72, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0x9C, 0xA2, 0x02, 0x00, 0x00, 0x0B, 0x00, 0x00,
    0x00, 0x9D, 0x3E, 0x06, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0x9E, 0x0E, 0x06, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x9F,
    0x12, 0x0F, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xA0, 0x32, 0x02, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xA1, 0x7A, 0x0C,
    0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xA2, 0x46, 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xA3, 0x32, 0x06, 0x00, 0x00,
    0x0C, 0x00, 0x00, 0x00, 0xA4, 0x68, 0x06, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xA5, 0x52, 0x07, 0x00, 0x00, 0x0C, 0x00,
    0x00, 0x00, 0xA6, 0x1E, 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xA7, 0x46, 0x0C, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00,
    0xA8, 0xFE, 0x06, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xA9, 0x22, 0x0D, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xAA, 0x12,
    0x04, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xAB, 0xD8, 0x09, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xAC, 0xC6, 0x00, 0x00,
    0x00, 0x09, 0x00, 0x00, 0x00, 0xAD, 0x7A, 0x04, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xAE, 0xD2, 0x07, 0x00, 0x00, 0x0B,
    0x00, 0x00, 0x00, 0xAF, 0xA2, 0x0C, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xB0, 0xD2, 0x04, 0x00, 0x00, 0x0B, 0x00, 0x00,
    0x00, 0xB1, 0xE8, 0x0E, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xB2, 0xC8, 0x06, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xB3,
    0x92, 0x0C, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xB4, 0x92, 0x07, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xB5, 0x32, 0x0E,
    0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xB6, 0x52, 0x05, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xB7, 0xA2, 0x09, 0x00, 0x00,
    0x0C, 0x00, 0x00, 0x00, 0xB8, 0xD2, 0x03, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xB9, 0x98, 0x05, 0x00, 0x00, 0x0C, 0x00,
    0x00, 0x00, 0xBA, 0x18, 0x01, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xBB, 0x52, 0x0F, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00,
    0xBC, 0x92, 0x03, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xBD, 0x58, 0x07, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xBE, 0x72,
    0x02, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xBF, 0x9E, 0x01, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xC0, 0x98, 0x03, 0x00,
    0x00, 0x0A, 0x00, 0x00, 0x00, 0xC1, 0xFA, 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x00, 0xC2, 0x42, 0x00, 0x00, 0x00, 0x07,
    0x00, 0x00, 0x00, 0xC3, 0x1A, 0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0xC4, 0x3E, 0x0E, 0x00, 0x00, 0x0C, 0x00, 0x00,
    0x00, 0xC5, 0xD8, 0x04, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xC6, 0x0E, 0x0A, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xC7,
    0xD8, 0x02, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xC8, 0x52, 0x08, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xC9, 0x18, 0x05,
    0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xCA, 0x0E, 0x02, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xCB, 0x88, 0x01, 0x00, 0x00,
    0x0B, 0x00, 0x00, 0x00, 0xCC, 0x0E, 0x00, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0xCD, 0x72, 0x03, 0x00, 0x00, 0x0B, 0x00,
    0x00, 0x00, 0xCE, 0xA2, 0x03, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xCF, 0xD8, 0x03, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00,
    0xD0, 0x58, 0x0B, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xD1, 0xC8, 0x02, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xD2, 0xD8,
    0x01, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xD3, 0xC8, 0x04, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xD4, 0xA2, 0x04, 0x00,
    0x00, 0x0C, 0x00, 0x00, 0x00, 0xD5, 0x80, 0x04, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xD6, 0xE8, 0x06, 0x00, 0x00, 0x0C,
    0x00, 0x00, 0x00, 0xD7, 0x50, 0x01, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xD8, 0x98, 0x0D, 0x00, 0x00, 0x0C, 0x00, 0x00,
    0x00, 0xD9, 0x98, 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xDA, 0x22, 0x05, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xDB,
    0x68, 0x04, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xDC, 0xC8, 0x01, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xDD, 0x08, 0x02,
    0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xDE, 0xD0, 0x03, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xDF, 0xC8, 0x03, 0x00, 0x00,
    0x0B, 0x00, 0x00, 0x00, 0xE0, 0x98, 0x0C, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xE1, 0x9E, 0x05, 0x00, 0x00, 0x0B, 0x00,
    0x00, 0x00, 0xE2, 0xD8, 0x06, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xE3, 0x52, 0x01, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00,
    0xE4, 0xD0, 0x0B, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xE5, 0xD8, 0x07, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xE6, 0x98,
    0x04, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xE7, 0x58, 0x05, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xE8, 0x52, 0x00, 0x00,
    0x00, 0x0C, 0x00, 0x00, 0x00, 0xE9, 0xA2, 0x07, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xEA, 0xC8, 0x09, 0x00, 0x00, 0x0C,
    0x00, 0x00, 0x00, 0xEB, 0x12, 0x07, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xEC, 0xD0, 0x07, 0x00, 0x00, 0x0B, 0x00, 0x00,
    0x00, 0xED, 0x58, 0x03, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xEE, 0x50, 0x04, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xEF,
    0xF2, 0x01, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xF0, 0x92, 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xF1, 0x92, 0x04,
    0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xF2, 0x98, 0x01, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xF3, 0xF2, 0x09, 0x00, 0x00,
    0x0C, 0x00, 0x00, 0x00, 0xF4, 0xC8, 0x07, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xF5, 0x72, 0x08, 0x00, 0x00, 0x0C, 0x00,
    0x00, 0x00, 0xF6, 0x72, 0x06, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xF7, 0xA2, 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00,
    0xF8, 0x7E, 0x01, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xF9, 0x80, 0x05, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xFA, 0x46,
    0x02, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0xFB, 0x7E, 0x04, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xFC, 0x7A, 0x00, 0x00,
    0x00, 0x0B, 0x00, 0x00, 0x00, 0xFD, 0x9E, 0x09, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0xFE, 0x3E, 0x00, 0x00, 0x00, 0x0B,
    0x00, 0x00, 0x00, 0xFF, 0xA2, 0x01, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00,
    0x00, 0x01, 0x0A, 0x00, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, 0x02, 0x2E, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x03,
    0x4E, 0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0x04, 0x26, 0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0x05, 0xC0, 0x01,
    0x00, 0x00, 0x09, 0x00, 0x00, 0x00, 0x06, 0x5E, 0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0x07, 0x8E, 0x00, 0x00, 0x00,
    0x08, 0x00, 0x00, 0x00, 0x08, 0x48, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x09, 0x68, 0x01, 0x00, 0x00, 0x09, 0x00,
    0x00, 0x00, 0x0A, 0x66, 0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0x0B, 0x46, 0x01, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00,
    0x0C, 0xC0, 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x00, 0x0D, 0xF2, 0x03, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x0E, 0x06,
    0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0x0F, 0x1E, 0x01, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x10, 0x00, 0x01, 0x00,
    0x00, 0x09, 0x00, 0x00, 0x00, 0x11, 0x88, 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x00, 0x12, 0xFE, 0x03, 0x00, 0x00, 0x0A,
    0x00, 0x00, 0x00, 0x13, 0x7E, 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x14, 0xBE, 0x01, 0x00, 0x00, 0x0A, 0x00, 0x00,
    0x00, 0x15, 0x04, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x16, 0x30, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x17,
    0x92, 0x01, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x18, 0x3A, 0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0x19, 0x72, 0x01,
    0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x1A, 0x22, 0x03, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x1B, 0xD0, 0x00, 0x00, 0x00,
    0x0A, 0x00, 0x00, 0x00, 0x1C, 0x0E, 0x05, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x1D, 0x08, 0x01, 0x00, 0x00, 0x0A, 0x00,
    0x00, 0x00, 0x1E, 0xE8, 0x01, 0x00, 0x00, 0x09, 0x00, 0x00, 0x00, 0x1F, 0xFE, 0x04, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00,
    0x20, 0xBE, 0x07, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x21, 0x40, 0x01, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x22, 0x12,
    0x02, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x23, 0x32, 0x00, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x24, 0x0E, 0x01, 0x00,
    0x00, 0x0B, 0x00, 0x00, 0x00, 0x25, 0x50, 0x03, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x26, 0x46, 0x06, 0x00, 0x00, 0x0B,
    0x00, 0x00, 0x00, 0x27, 0x88, 0x03, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x28, 0x7E, 0x06, 0x00, 0x00, 0x0B, 0x00, 0x00,
    0x00, 0x29, 0x20, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x2A, 0xC8, 0x05, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x2B,
    0xFE, 0x02, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x2C, 0xA2, 0x06, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x2D, 0x7A, 0x01,
    0x00, 0x00, 0x09, 0x00, 0x00, 0x00, 0x2E, 0x72, 0x07, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x2F, 0xBE, 0x00, 0x00, 0x00,
    0x0B, 0x00, 0x00, 0x00, 0x30, 0x52, 0x03, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x31, 0x7E, 0x07, 0x00, 0x00, 0x0B, 0x00,
    0x00, 0x00, 0x32, 0x1E, 0x04, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x33, 0x80, 0x03, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00,
    0x34, 0xD0, 0x06, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x35, 0x12, 0x03, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x36, 0x40,
    0x06, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x37, 0xD2, 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x38, 0x7E, 0x0C, 0x00,
    0x00, 0x0C, 0x00, 0x00, 0x00, 0x39, 0xB2, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x3A, 0xD8, 0x0E, 0x00, 0x00, 0x0C,
    0x00, 0x00, 0x00, 0x3B, 0xFA, 0x07, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x3C, 0xD2, 0x02, 0x00, 0x00, 0x0B, 0x00, 0x00,
    0x00, 0x3D, 0x98, 0x02, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x3E, 0xE8, 0x02, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x3F,
    0xF2, 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x00, 0x40, 0x5A, 0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0x41, 0x7A, 0x02,
    0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x42, 0x1E, 0x07, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x43, 0x28, 0x00, 0x00, 0x00,
    0x07, 0x00, 0x00, 0x00, 0x44, 0xD2, 0x01, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x45, 0x08, 0x06, 0x00, 0x00, 0x0B, 0x00,
    0x00, 0x00, 0x46, 0x1E, 0x06, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x47, 0xA2, 0x05, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00,
    0x48, 0xFE, 0x05, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x49, 0x0E, 0x07, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x4A, 0x92,
    0x02, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x4B, 0x12, 0x01, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x4C, 0x02, 0x00, 0x00,
    0x00, 0x07, 0x00, 0x00, 0x00, 0x4D, 0x18, 0x03, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x4E, 0x3E, 0x01, 0x00, 0x00, 0x09,
    0x00, 0x00, 0x00, 0x4F, 0xC6, 0x03, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x50, 0x18, 0x00, 0x00, 0x00, 0x0A, 0x00, 0x00,
    0x00, 0x51, 0x32, 0x07, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x52, 0x9E, 0x06, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x53,
    0x52, 0x04, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x54, 0xFE, 0x01, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x55, 0x68, 0x00,
    0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x56, 0xE8, 0x00, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00, 0x57, 0x40, 0x02, 0x00, 0x00,
    0x0B, 0x00, 0x00, 0x00, 0x58, 0xFA, 0x03, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x59, 0xD0, 0x02, 0x00, 0x00, 0x0B, 0x00,
    0x00, 0x00, 0x5A, 0x7E, 0x02, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x5B, 0xD8, 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00,
    0x5C, 0xC6, 0x05, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x5D, 0x08, 0x04, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x5E, 0xBE,
    0x04, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x5F, 0x10, 0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0x60, 0x9E, 0x04, 0x00,
    0x00, 0x0B, 0x00, 0x00, 0x00, 0x61, 0x08, 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x62, 0x3E, 0x02, 0x00, 0x00, 0x0B,
    0x00, 0x00, 0x00, 0x63, 0x58, 0x01, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x64, 0x38, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00,
    0x00, 0x65, 0xC8, 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x66, 0xBE, 0x06, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x67,
    0x22, 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x00, 0x68, 0x1E, 0x02, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x69, 0x68, 0x02,
    0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x6A, 0x9E, 0x02, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x6B, 0x52, 0x02, 0x00, 0x00,
    0x0B, 0x00, 0x00, 0x00, 0x6C, 0xD2, 0x06, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x6D, 0x0E, 0x03, 0x00, 0x00, 0x0B, 0x00,
    0x00, 0x00, 0x6E, 0x1E, 0x03, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x6F, 0x00, 0x02, 0x00, 0x00, 0x0A, 0x00, 0x00, 0x00,
    0x70, 0x12, 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x71, 0xBE, 0x02, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x72, 0x58,
    0x04, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x73, 0xFA, 0x01, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x74, 0x88, 0x05, 0x00,
    0x00, 0x0B, 0x00, 0x00, 0x00, 0x75, 0x32, 0x03, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x76, 0x80, 0x01, 0x00, 0x00, 0x0B,
    0x00, 0x00, 0x00, 0x77, 0xFA, 0x05, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x78, 0x40, 0x03, 0x00, 0x00, 0x0B, 0x00, 0x00,
    0x00, 0x79, 0xC6, 0x07, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x7A, 0x80, 0x00, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x7B,
    0x52, 0x06, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x7C, 0x46, 0x04, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, 0x7D, 0x9E, 0x03,
    0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x7E, 0x40, 0x07, 0x00, 0x00, 0x0B, 0x00, 0x00, 0x00, 0x7F, 0xFE, 0x00, 0x00, 0x00,
    0x0B, 0x00, 0x00, 0x00, 0x25, 0x64, 0x7D, 0x3B, 0x0A, 0x00, 0x00, 0x00, 0x25, 0x64, 0x2C, 0x0A, 0x00, 0x00, 0x00, 0x00 
};

Post Reply