analyse.c - andrewg@felinemenace.org
- Opening test
	[*] 3 program headers
[*] Scanning through program headers
	[*] Entry 0: load entry
	[*] Entry 1: load entry
	[*] Entry 2: non-load entry
	- Entry point: 0x80480a0
0x80480ba	jnz	0xB4
insn.flags_tested: 00000200
0 - relative offset
	- single byte offset
	- modified ptr: 0x80480b4
src: 0x080480ba, dst: 0x080480b4
0x80480ba	jnz	0xB4
	I've reached this piece of code, heading backwards..
0x80480c0	jz	0xD3
insn.flags_tested: 00000002
0 - relative offset
	- single byte offset
	- modified ptr: 0x80480d3
src: 0x080480c0, dst: 0x080480d3
0x80480d3	call	0x080480FB
insn.flags_tested: 00000000
0 - relative offset
	- long offset
	- modified ptr: 0x80480fb
src: 0x080480d3, dst: 0x080480fb
0x8048116	call	0x080480E0
insn.flags_tested: 00000000
0 - relative offset
	- long offset
	- modified ptr: 0x80480e0
src: 0x08048116, dst: 0x080480e0
0x80480f4	call	0x08048168
insn.flags_tested: 00000000
0 - relative offset
	- long offset
	- modified ptr: 0x8048168
src: 0x080480f4, dst: 0x08048168
0x8048171	call	0x0804819A
insn.flags_tested: 00000000
0 - relative offset
	- long offset
	- modified ptr: 0x804819a
src: 0x08048171, dst: 0x0804819a
0x80481b8	call	0x080481CC
insn.flags_tested: 00000000
0 - relative offset
	- long offset
	- modified ptr: 0x80481cc
src: 0x080481b8, dst: 0x080481cc
0x80481e8	jz	0x08048AC2
insn.flags_tested: 00000002
0 - relative offset
	- long offset
	- modified ptr: 0x8048ac2
src: 0x080481e8, dst: 0x08048ac2
0x8048ad0	ret	
	Return: eip currently 0x8048ad0
	EIP now: 0x80481ee
0x80481fc	jz	0x18
insn.flags_tested: 00000002
0 - relative offset
	- single byte offset
	- modified ptr: 0x8048218
src: 0x080481fc, dst: 0x08048218
0x804821c	jz	0x47
insn.flags_tested: 00000002
0 - relative offset
	- single byte offset
	- modified ptr: 0x8048247
src: 0x0804821c, dst: 0x08048247
0x8048251	jnz	0x08048AB2
insn.flags_tested: 00000200
0 - relative offset
	- long offset
	- modified ptr: 0x8048ab2
src: 0x08048251, dst: 0x08048ab2
0x8048abc	jnz	0x080481EE
insn.flags_tested: 00000200
0 - relative offset
	- long offset
	- modified ptr: 0x80481ee
src: 0x08048abc, dst: 0x080481ee
0x80481fc	jz	0x18
	I've reached this piece of code, heading backwards..
0x8048ad0	ret	
	I've reached this piece of code, heading backwards..
0x80482be	ja	0x08048AB2
insn.flags_tested: 00000300
0 - relative offset
	- long offset
	- modified ptr: 0x8048ab2
src: 0x080482be, dst: 0x08048ab2
0x8048abc	jnz	0x080481EE
	I've reached this piece of code, heading backwards..
0x80482c4	jmp	[eax*4+0x80496A0]
insn.flags_tested: 00000000
	Jumping to an expression
	returning to previous way of getting here
0x8048236	call	[edx+4]
insn.flags_tested: 00000000
	Jumping to an expression
	contining afterwards
0x8048251	jnz	0x08048AB2
	I've reached this piece of code, heading backwards..
0x8048251	jnz	0x08048AB2
	I've reached this piece of code, heading backwards..
0x8048201	jz	0x18
insn.flags_tested: 00000002
0 - relative offset
	- single byte offset
	- modified ptr: 0x8048218
src: 0x08048201, dst: 0x08048218
0x804821c	jz	0x47
	I've reached this piece of code, heading backwards..
0x8048211	jz	0x18
insn.flags_tested: 00000002
0 - relative offset
	- single byte offset
	- modified ptr: 0x8048218
src: 0x08048211, dst: 0x08048218
0x804821c	jz	0x47
	I've reached this piece of code, heading backwards..
0x8048216	jnz	0x03
insn.flags_tested: 00000200
0 - relative offset
	- single byte offset
	- modified ptr: 0x8048203
src: 0x08048216, dst: 0x08048203
0x8048211	jz	0x18
	I've reached this piece of code, heading backwards..
0x804821c	jz	0x47
	I've reached this piece of code, heading backwards..
0x80481c0	ret	
	Return: eip currently 0x80481c0
	EIP now: 0x8048176
0x8048178	ret	
	Return: eip currently 0x8048178
	EIP now: 0x80480f9
0x80480fa	ret	
	Return: eip currently 0x80480fa
	EIP now: 0x804811b
0x804811c	ret	
	Return: eip currently 0x804811c
	EIP now: 0x80480d8
0x80480d9	call	0x08048125
insn.flags_tested: 00000000
0 - relative offset
	- long offset
	- modified ptr: 0x8048125
src: 0x080480d9, dst: 0x08048125
0x804813e	call	[0x804A8C4]
insn.flags_tested: 00000000
	Jumping to an expression
	contining afterwards
0x8048147	jc	0x57
insn.flags_tested: 00000001
0 - relative offset
	- single byte offset
	- modified ptr: 0x8048157
src: 0x08048147, dst: 0x08048157
0x804815a	ret	
	Return: eip currently 0x804815a
	EIP now: 0x8048149
0x804814d	call	0x08048160
insn.flags_tested: 00000000
0 - relative offset
	- long offset
	- modified ptr: 0x8048160
src: 0x0804814d, dst: 0x08048160
0x8048165	ret	
	Return: eip currently 0x8048165
	EIP now: 0x8048152
0x804815a	ret	
	I've reached this piece of code, heading backwards..
0x8048147	jc	0x57
	I've reached this piece of code, heading backwards..
Got halt statement, this usually means we've reached the end..


struct entries{
	unsigned long src;
	unsigned long dst;
	unsigned int len;
	unsigned int type;
	unsigned int flags;
} jumpme[] = {
	{ 0x80480bb, 0x80480b4, 0x00000001, 0x00001002, 0x00000200 },
	{ 0x80480c1, 0x80480d3, 0x00000001, 0x00001002, 0x00000002 },
	{ 0x80480d4, 0x80480fb, 0x00000004, 0x00001003, 0x00000000 },
	{ 0x8048117, 0x80480e0, 0x00000004, 0x00001003, 0x00000000 },
	{ 0x80480f5, 0x8048168, 0x00000004, 0x00001003, 0x00000000 },
	{ 0x8048172, 0x804819a, 0x00000004, 0x00001003, 0x00000000 },
	{ 0x80481b9, 0x80481cc, 0x00000004, 0x00001003, 0x00000000 },
	{ 0x80481e9, 0x8048ac2, 0x00000005, 0x00001002, 0x00000002 },
	{ 0x80481fd, 0x8048218, 0x00000001, 0x00001002, 0x00000002 },
	{ 0x804821d, 0x8048247, 0x00000001, 0x00001002, 0x00000002 },
	{ 0x8048252, 0x8048ab2, 0x00000005, 0x00001002, 0x00000200 },
	{ 0x8048abd, 0x80481ee, 0x00000005, 0x00001002, 0x00000200 },
	{ 0x80482bf, 0x8048ab2, 0x00000005, 0x00001002, 0x00000300 },
	{ 0x8048202, 0x8048218, 0x00000001, 0x00001002, 0x00000002 },
	{ 0x8048212, 0x8048218, 0x00000001, 0x00001002, 0x00000002 },
	{ 0x8048217, 0x8048203, 0x00000001, 0x00001002, 0x00000200 },
	{ 0x80480da, 0x8048125, 0x00000004, 0x00001003, 0x00000000 },
	{ 0x8048148, 0x8048157, 0x00000001, 0x00001002, 0x00000001 },
	{ 0x804814e, 0x8048160, 0x00000004, 0x00001003, 0x00000000 }
};
