Ward Posted December 26, 2008 Posted December 26, 2008 Thanks to disasm source code by Oleh Yuschuk from http://www.ollydbg.de/.I compiled them into a DLL and use it in this UDF.Loot at the example script first:#include <ASM.au3> ; Initial an asm object Global $Asm = AsmInit() Demo1() Func Demo1() ; Demo 1: Using Parameters AsmReset($Asm) AsmAdd($Asm, "push ebp") AsmAdd($Asm, "mov ebp, esp") AsmAdd($Asm, "mov eax, [ebp + 08]") AsmAdd($Asm, "add eax, [ebp + 0c]") AsmAdd($Asm, "pop ebp") AsmAdd($Asm, "retn 8") ConsoleWrite(String(AsmGetBinary($Asm)) & @CRLF) $Ret = MemoryFuncCall("int", AsmGetPtr($Asm), "int", 1, "int", 2) MsgBox(0, "Demo 1: Using Parameters", "1 + 2 = " & $Ret[0]) EndFunc ; Release the asm object AsmExit($Asm) ExitThere are more examples including read Time-Stamp counter, using label, call AutoIt function from assembly, and a assembly crc32 routine in the archive.Have fun!asm.zip 新版 _ArrayAdd 的白痴作者,不管是誰,去死一死好了。
Lazycat Posted December 26, 2008 Posted December 26, 2008 I have no words... It's time to start learning assembler? It's still need to compare performance (is this faster then calling regular function from dll?), but anyway this a lot more flexible way then preparing machine code! Koda homepage ([s]Outdated Koda homepage[/s]) (Bug Tracker)My Autoit script page ([s]Outdated mirror[/s])
Dampe Posted December 26, 2008 Posted December 26, 2008 (edited) Very nice, Unfortunately: Func Demo1() ; Demo 1: Using Parameters $timer = TimerInit() AsmReset($Asm) AsmAdd($Asm, "push ebp") AsmAdd($Asm, "mov ebp, esp") AsmAdd($Asm, "mov eax, [ebp + 08]") AsmAdd($Asm, "add eax, [ebp + 0c]") AsmAdd($Asm, "pop ebp") AsmAdd($Asm, "retn 8") ConsoleWrite(String(AsmGetBinary($Asm)) & @CRLF) $Ret = MemoryFuncCall("int", AsmGetPtr($Asm), "int", 1, "int", 2) ConsoleWrite (TimerDiff ($timer) & "ms" & @CRLF) $timer = "" MsgBox(0, "Demo 1: Using Parameters", "1 + 2 = " & $Ret[0]) EndFunc Result: 5.0036303630363ms Func Demotwo() $timer = TimerInit() $t = 1 + 2 ConsoleWrite (TimerDiff ($timer) & "ms" & @CRLF) $timer = "" MsgBox (32, "test", $t) EndFunc Result: 0.00672067206720672ms Edited December 26, 2008 by Dampe
Ward Posted December 26, 2008 Author Posted December 26, 2008 (edited) Very nice, Unfortunately:I don't think it is unfortunately.This UDF assemble the code to binary machine code, and then run it. So other machine code UDF must be faster than these. So, it is not for speed, it for powerful, and for fun. Want to get cpu's Time-Stamp Counter ? You will find assembly is the easiest way. If you need speed, see my other post about machine code UDF or MemoryDll UDF. Edited December 26, 2008 by Ward 新版 _ArrayAdd 的白痴作者,不管是誰,去死一死好了。
Lazycat Posted December 26, 2008 Posted December 26, 2008 Unfortunately:This is bad example for compare speed, since Ward's UDF require some time for initializing. It's need time-intensive tasks, like checksums for big files, for which using those techiques are reasonable. Koda homepage ([s]Outdated Koda homepage[/s]) (Bug Tracker)My Autoit script page ([s]Outdated mirror[/s])
Moderators SmOke_N Posted December 26, 2008 Moderators Posted December 26, 2008 Wow... No time this evening to play/test... but this could be huge. Thanks Ward. Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.
Dampe Posted December 26, 2008 Posted December 26, 2008 I don't think it is unfortunately.This UDF assemble the code to binary machine code, and then run it. So other machine code UDF must be faster than these. So, it is not for speed, it for powerful, and for fun. Want to get cpu's Time-Stamp Counter ? You will find assembly is the easiest way. If you need speed, see my other post about machine code UDF or MemoryDll UDF.Yeah, I agree completely on the fact of it's power, I just don't think it would be efficient to use it for basic addition and subtraction / whatever else.Nice UDF none the less
oMBRa Posted December 26, 2008 Posted December 26, 2008 Newbie question: I have found with cheat engine and address ( for example 0x6F000000) and the opcode is ''mov eax, [ebp + 08]'' and ebp + 08 is the address Im searching to read a value... is possible to determine it with this UDF?
James Posted December 26, 2008 Posted December 26, 2008 Wow... No time this evening to play/test... but this could be huge. Thanks Ward.Well you got be stunned. And Smoke too? Wow, this is really good! Blog - Seriously epic web hosting - Twitter - GitHub - Cachet HQ
doudou Posted December 26, 2008 Posted December 26, 2008 LOL Nice toy! I can't imagine any practical use for it in a scripting language but hey, who says programmers are not allowed to play around? Next challenge: write a hardware driver entirely in AutoIt script! UDFS & Apps: Spoiler DDEML.au3 - DDE Client + ServerLocalization.au3 - localize your scriptsTLI.au3 - type information on COM objects (TLBINF emulation)TLBAutoEnum.au3 - auto-import of COM constants (enums)AU3Automation - export AU3 scripts via COM interfacesTypeLibInspector - OleView was yesterday Coder's last words before final release: WE APOLOGIZE FOR INCONVENIENCE
doudou Posted December 26, 2008 Posted December 26, 2008 Newbie question: I have found with cheat engine and address ( for example 0x6F000000) and the opcode is ''mov eax, [ebp + 08]'' and ebp + 08 is the address Im searching to read a value... is possible to determine it with this UDF?If You are talking about reading some other process' memory - bad luck, in protected mode it is ahm... protected Assembler won't help You at all unless Your cheat prog is registered as a debugger. UDFS & Apps: Spoiler DDEML.au3 - DDE Client + ServerLocalization.au3 - localize your scriptsTLI.au3 - type information on COM objects (TLBINF emulation)TLBAutoEnum.au3 - auto-import of COM constants (enums)AU3Automation - export AU3 scripts via COM interfacesTypeLibInspector - OleView was yesterday Coder's last words before final release: WE APOLOGIZE FOR INCONVENIENCE
doudou Posted December 26, 2008 Posted December 26, 2008 u mean SeDebugPrivileges?I mean You need to start the cheatee or attach to it with debugging rights and Your user has to be granted the privilege to debug software in first place. From my perspective it's easier just to fire up Visual Studio (or similar) and do the dirty work from there. UDFS & Apps: Spoiler DDEML.au3 - DDE Client + ServerLocalization.au3 - localize your scriptsTLI.au3 - type information on COM objects (TLBINF emulation)TLBAutoEnum.au3 - auto-import of COM constants (enums)AU3Automation - export AU3 scripts via COM interfacesTypeLibInspector - OleView was yesterday Coder's last words before final release: WE APOLOGIZE FOR INCONVENIENCE
oMBRa Posted December 26, 2008 Posted December 26, 2008 I just have to do ''ebp + 08'', but how to determine ebp? (let's say I have debugging rights etc...)
doudou Posted December 26, 2008 Posted December 26, 2008 I just have to do ''ebp + 08'', but how to determine ebp? (let's say I have debugging rights etc...)I may have misunderstood his UDF but I think all register content is in $Ret array after MemoryFuncCall. We'll have to figure out which one is which or wait for a reply from the author. UDFS & Apps: Spoiler DDEML.au3 - DDE Client + ServerLocalization.au3 - localize your scriptsTLI.au3 - type information on COM objects (TLBINF emulation)TLBAutoEnum.au3 - auto-import of COM constants (enums)AU3Automation - export AU3 scripts via COM interfacesTypeLibInspector - OleView was yesterday Coder's last words before final release: WE APOLOGIZE FOR INCONVENIENCE
Pain Posted December 26, 2008 Posted December 26, 2008 I'm speechless, this is awesome. Thee is so many new opportunities with asm support.
StrategicX Posted March 28, 2009 Posted March 28, 2009 Can this be used to inject ASM into a live process I.E online game like wow, And as for debugging writes all you need is the new NomadMemory.au3 and use the function SETPRIVILEGE("SeDebugPrivilege", 1) and your au3 app has all the rights a debugger has... hackinggggggg If someone has done this please PM me or post it thanks alotttt *WoW Dev Projects: AFK Tele Bot development journalSimple Player Pointer Scanner + Z-Teleport*My Projects: coming soon.Check out my WoW Dev wiki for patch 3.0.9!http://www.wowdev.wikidot.com
Dalord Posted April 2, 2009 Posted April 2, 2009 I too am interested in inject ASM into a live process (Hi StrategicX, nice to see we are both researching the same line)
TheOnlyOne Posted August 4, 2010 Posted August 4, 2010 Hmm how can u use the jmp or je in here ? to a self made asm function ?
AndyG Posted August 4, 2010 Posted August 4, 2010 with Ward´s FASM-Assembly-UDF it is possible to call AutoIt-functions from Assemblercode. Look at the nice examples. With FASM the forward-jumps are also now possible.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now