[COLOR=#444444][FONT=Microsoft Yahei]================ B E G I N O F P R O C E D U R E ================[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei] ; Basic Block Input Regs: rsi rdi - Killed Regs: rax rbx rbp rsi rdi r12 r14[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei] __ZN23AppleMEClientController5startEP9IOService: // AppleMEClientController::start(IOService*)[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001e922 55 push rbp[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001e923 4889E5 mov rbp, rsp[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001e926 4157 push r15[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001e928 4156 push r14[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001e92a 4154 push r12[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001e92c 53 push rbx[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001e92d 4883EC20 sub rsp, 0x20[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001e931 4989F6 mov r14, rsi[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001e934 4889FB mov rbx, rdi[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001e937 4C8B254A770000 mov r12, qword [ds:0x26088][/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001e93e 498B0424 mov rax, qword [ds:r12][/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001e942 488945D8 mov qword [ss:rbp-0x40+var_24], rax[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001e946 488D0533920000 lea rax, qword [ds:__ZN23AppleIntelSNBGraphicsFB9metaClassE][/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001e94d 488B30 mov rsi, qword [ds:rax][/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001e950 4C89F7 mov rdi, r14[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001e953 E800000000 call 0x1e958[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001e958 48898398000000 mov qword [ds:rbx+0x98], rax ; XREF=0x1e953[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei] ; <---change 4885C0 (test rax, rax) to 4831c0 (xor rax,rax) , so it will jump always[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001e95f 4831C0 xor rax, rax[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001e962 0F8416030000 je 0x1ec7e[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei].....[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei] ; Basic Block Input Regs: rax r14 r15 - Killed Regs: rax rbx rsi rdi r15[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001ec7e 488D3D40520000 lea rdi, qword [ds:0x23ec5] ; "Transcript Offline\\n" XREF=0x1e962, 0x1e9b2, 0x1e9d1, 0x1ea03, 0x1ea22, 0x1ea41, ...[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001ec85 4530FF xor r15L, r15L[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001ec88 30C0 xor al, al[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001ec8a E800000000 call 0x1ec8f[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001ec8f C683D200000000 mov byte [ds:rbx+0xd2], 0x0 ; XREF=0x1ec8a[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001ec96 488B03 mov rax, qword [ds:rbx][/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001ec99 4889DF mov rdi, rbx[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001ec9c 4C89F6 mov rsi, r14[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001ec9f FF90C8050000 call qword [ds:rax+0x5c8][/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei] ; Basic Block Input Regs: rbp r12 - Killed Regs: rax[/FONT][/COLOR]
[COLOR=#444444][FONT=Microsoft Yahei]000000000001eca5 498B0424 mov rax, qword [ds:r12] ;[/FONT][/COLOR]