whatmeans Posted April 12, 2008 Share Posted April 12, 2008 The VB codes:CODEVERSION 1.0 CLASSBEGIN MultiUse = -1 'True Persistable = 0 'NotPersistable DataBindingBehavior = 0 'vbNone DataSourceBehavior = 0 'vbNone MTSTransactionMode = 0 'NotAnMTSObjectENDAttribute VB_Name = "ASM"Attribute VB_GlobalNameSpace = FalseAttribute VB_Creatable = TrueAttribute VB_PredeclaredId = FalseAttribute VB_Exposed = TrueOption ExplicitPrivate Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As LongPrivate Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As LongPrivate Declare Function CreateRemoteThread Lib "kernel32" (ByVal hProcess As Long, lpThreadAttributes As Any, ByVal dwStackSize As Long, lpStartAddress As Long, lpParameter As Any, ByVal dwCreationFlags As Long, lpThreadId As Long) As LongPrivate Declare Function VirtualFreeEx Lib "kernel32" (ByVal hProcess As Long, lpAddress As Any, ByVal dwSize As Long, ByVal dwFreeType As Long) As LongPrivate Declare Function VirtualAllocEx Lib "kernel32" (ByVal hProcess As Long, lpAddress As Any, ByVal dwSize As Long, ByVal flAllocationType As Long, ByVal flProtect As Long) As LongPrivate Declare Function CallWindowProc Lib "user32" Alias "CallWindowProcA" (ByVal lpPrevWndFunc As Long, ByVal hWnd As Long, ByVal Msg As Long, ByVal wParam As Long, ByVal lParam As Long) As LongPrivate Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As LongPrivate Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hWnd As Long, lpdwProcessId As Long) As LongPrivate Declare Function WaitForSingleObject Lib "kernel32" (ByVal hHandle As Long, ByVal dwMilliseconds As Long) As LongPrivate Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (Destination As Any, Source As Any, ByVal Length As Long)Const PAGE_EXECUTE_READWRITE = &H40Const MEM_COMMIT = &H1000Const MEM_RELEASE = &H8000Const MEM_DECOMMIT = &H4000Const PROCESS_ALL_ACCESS = &H1F0FFFConst INFINITE = &HFFFF ' Infinite timeoutConst WAIT_TIMEOUT = &H102Dim AsmCode() As ByteDim OPcode As StringDim InjectProcess As Long '要注入的进程IDDim tmp_Addr As Long '要注入的进程启始地址Dim RThwnd As Long '已经注入的线程句柄Function Get_Result() As StringDim i As LongReDim AsmCode(Len(OPcode) / 2 - 1)For i = 0 To UBound(AsmCode) AsmCode(i) = CByte("&H" & Mid(OPcode, i * 2 + 1, 2))NextGet_Result = CallWindowProc(VarPtr(AsmCode(0)), 0, 0, 0, 0)End FunctionFunction Get_Code() As StringGet_Code = OPcodeEnd Function'Function Run_ASM(ByVal hWnd As Long) As Long' Dim i As Long, tmp_Addr As Long, RThwnd As Long, h As Long, pid As Long' ReDim AsmCode(Len(OPcode) / 2 - 1) As Byte' For i = 0 To UBound(AsmCode)' AsmCode(i) = CByte("&H" & Mid(OPcode, i * 2 + 1, 2))' Next' GetWindowThreadProcessId hWnd, pid' h = OpenProcess(PROCESS_ALL_ACCESS, False, pid)' tmp_Addr = VirtualAllocEx(h, ByVal 0&, UBound(AsmCode) + 1, MEM_COMMIT, PAGE_EXECUTE_READWRITE)' WriteProcessMemory h, ByVal tmp_Addr, ByVal VarPtr(AsmCode(0)), UBound(AsmCode) + 1, ByVal 0&' RThwnd = CreateRemoteThread(h, ByVal 0&, 0, ByVal tmp_Addr, ByVal 0&, ByVal 0&, ByVal 0&)' VirtualFreeEx h, tmp_Addr, UBound(AsmCode) + 1, MEM_RELEASE' CloseHandle RThwnd' CloseHandle h' OPcode = ""'End FunctionSub InjectCode(ByVal hWnd As Long) Dim i As Long, h As Long, pid As Long ReDim AsmCode(Len(OPcode) / 2 - 1) For i = 0 To UBound(AsmCode) AsmCode(i) = CByte("&H" & Mid(OPcode, i * 2 + 1, 2)) Next GetWindowThreadProcessId hWnd, pid '获得进程ID InjectProcess = OpenProcess(PROCESS_ALL_ACCESS, False, pid) '打开进程并获得进程句柄 tmp_Addr = VirtualAllocEx(InjectProcess, ByVal 0&, UBound(AsmCode) + 1, _ MEM_COMMIT, PAGE_EXECUTE_READWRITE) '为汇编代码分配内存 WriteProcessMemory InjectProcess, ByVal tmp_Addr, ByVal VarPtr(AsmCode(0)), _ UBound(AsmCode) + 1, ByVal 0& '把汇编代码注入进程End SubSub Run_ASM() '执行注入的汇编代码 Dim Ret As Long RThwnd = CreateRemoteThread(InjectProcess, ByVal 0&, 0, ByVal tmp_Addr, ByVal 0&, ByVal 0&, ByVal 0&) Do Ret = WaitForSingleObject(RThwnd, 50) '等待50豪秒 DoEvents Loop Until Ret <> WAIT_TIMEOUT CloseHandle RThwndEnd SubSub FreeMem() VirtualFreeEx InjectProcess, tmp_Addr, UBound(AsmCode) + 1, MEM_RELEASE CloseHandle InjectProcess OPcode = "" Erase AsmCodeEnd SubFunction Int2Hex(Value As Long, n As Long) As String '高低位互换 Dim tmp1 As String, tmp2 As String, i As Long tmp1 = Right("0000000" + Hex(Value), n) For i = 0 To Len(tmp1) / 2 - 1 tmp2 = tmp2 + Mid(tmp1, Len(tmp1) - 1 - 2 * i, 2) Next i Int2Hex = tmp2End FunctionFunction Leave() As Long OPcode = OPcode + "C9"End FunctionFunction Pushad() As Long OPcode = OPcode + "60"End FunctionFunction Popad() As Long OPcode = OPcode + "61"End FunctionFunction Nop() As Long OPcode = OPcode + "90"End FunctionFunction Ret() As Long OPcode = OPcode + "C3"End FunctionFunction RetA(ByVal i As Long) As Long OPcode = OPcode + Int2Hex(i, 4)End FunctionFunction IN_AL_DX() As Long OPcode = OPcode + "EC"End FunctionFunction TEST_EAX_EAX() As Long OPcode = OPcode + "85C0"End Function'Add'+++++++++++++++++++++++++++++++++++Function Add_EAX_EDX() As Long OPcode = OPcode + "03C2"End FunctionFunction Add_EBX_EAX() As Long OPcode = OPcode + "03D8"End FunctionFunction Add_EAX_DWORD_Ptr(ByVal i As Long) As Long OPcode = OPcode + "0305" + Int2Hex(i, 8)End FunctionFunction Add_EBX_DWORD_Ptr(ByVal i As Long) As Long OPcode = OPcode + "031D" + Int2Hex(i, 8)End FunctionFunction Add_EBP_DWORD_Ptr(ByVal i As Long) As Long OPcode = OPcode + "032D" + Int2Hex(i, 8)End FunctionFunction Add_EAX(ByVal i As Long) As Long OPcode = OPcode + "05" + Int2Hex(i, 8)End FunctionFunction Add_EBX(ByVal i As Long) As Long OPcode = OPcode + "83C3" + Int2Hex(i, 8)End FunctionFunction Add_ECX(ByVal i As Long) As Long OPcode = OPcode + "83C1" + Int2Hex(i, 8)End FunctionFunction Add_EDX(ByVal i As Long) As Long OPcode = OPcode + "83C2" + Int2Hex(i, 8)End FunctionFunction Add_ESI(ByVal i As Long) As Long OPcode = OPcode + "83C6" + Int2Hex(i, 8)End FunctionFunction Add_ESP(ByVal i As Long) As Long OPcode = OPcode + "83C4" + Int2Hex(i, 8)End Function'Call'+++++++++++++++++++++++++++++++++++Function Call_EAX() As Long OPcode = OPcode + "FFD0"End FunctionFunction Call_EBX() As Long OPcode = OPcode + "FFD3"End FunctionFunction Call_ECX() As Long OPcode = OPcode + "FFD1"End FunctionFunction Call_EDX() As Long OPcode = OPcode + "FFD2"End FunctionFunction Call_ESI() As Long OPcode = OPcode + "FFD2"End FunctionFunction Call_ESP() As Long OPcode = OPcode + "FFD4"End FunctionFunction Call_EBP() As Long OPcode = OPcode + "FFD5"End FunctionFunction Call_EDI() As Long OPcode = OPcode + "FFD7"End FunctionFunction Call_DWORD_Ptr(ByVal i As Long) As Long OPcode = OPcode + "FF15" + Int2Hex(i, 8)End FunctionFunction Call_DWORD_Ptr_EAX() As Long OPcode = OPcode + "FF10"End FunctionFunction Call_DWORD_Ptr_EBX() As Long OPcode = OPcode + "FF13"End Function'Cmp'+++++++++++++++++++++++++++++++++++Function Cmp_EAX(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "83F8" + Int2Hex(i, 2) Else OPcode = OPcode + "3D" + Int2Hex(i, 8) End IfEnd FunctionFunction Cmp_EAX_EDX() As Long OPcode = OPcode + "3BC2"End FunctionFunction Cmp_EAX_DWORD_Ptr(ByVal i As Long) As Long OPcode = OPcode + "3B05" + Int2Hex(i, 8)End FunctionFunction Cmp_DWORD_Ptr_EAX(ByVal i As Long) As Long OPcode = OPcode + "3905" + Int2Hex(i, 8)End Function'DEC'+++++++++++++++++++++++++++++++++++Function Dec_EAX() As Long OPcode = OPcode + "48"End FunctionFunction Dec_EBX() As Long OPcode = OPcode + "4B"End FunctionFunction Dec_ECX() As Long OPcode = OPcode + "49"End FunctionFunction Dec_EDX() As Long OPcode = OPcode + "4A"End Function'Idiv'+++++++++++++++++++++++++++++++++++Function Idiv_EAX() As Long OPcode = OPcode + "F7F8"End FunctionFunction Idiv_EBX() As Long OPcode = OPcode + "F7FB"End FunctionFunction Idiv_ECX() As Long OPcode = OPcode + "F7F9"End FunctionFunction Idiv_EDX() As Long OPcode = OPcode + "F7FA"End Function'Imul'+++++++++++++++++++++++++++++++++++Function Imul_EAX_EDX() As Long OPcode = OPcode + "0FAFC2"End FunctionFunction Imul_EAX(ByVal i As Long) As Long OPcode = OPcode + "6BC0" + Int2Hex(i, 2)End FunctionFunction ImulB_EAX(ByVal i As Long) As Long OPcode = OPcode + "69C0" + Int2Hex(i, 8)End Function'INC'+++++++++++++++++++++++++++++++++++Function Inc_EAX() As Long OPcode = OPcode + "40"End FunctionFunction Inc_EBX() As Long OPcode = OPcode + "43"End FunctionFunction Inc_ECX() As Long OPcode = OPcode + "41"End FunctionFunction Inc_EDX() As Long OPcode = OPcode + "42"End FunctionFunction Inc_EDI() As Long OPcode = OPcode + "47"End FunctionFunction Inc_ESI() As Long OPcode = OPcode + "46"End FunctionFunction Inc_DWORD_Ptr_EAX() As Long OPcode = OPcode + "FF00"End FunctionFunction Inc_DWORD_Ptr_EBX() As Long OPcode = OPcode + "FF03"End FunctionFunction Inc_DWORD_Ptr_ECX() As Long OPcode = OPcode + "FF01"End FunctionFunction Inc_DWORD_Ptr_EDX() As Long OPcode = OPcode + "FF02"End Function'JMP/JE/JNE'+++++++++++++++++++++++++++++++++++Function JMP_EAX() As Long OPcode = OPcode + "FFE0"End Function'MovFunction Mov_DWORD_Ptr_EAX(ByVal i As Long) As Long OPcode = OPcode + "A3" + Int2Hex(i, 8)End FunctionFunction Mov_EAX(ByVal i As Long) As Long OPcode = OPcode + "B8" + Int2Hex(i, 8)End FunctionFunction Mov_EBX(ByVal i As Long) As Long OPcode = OPcode + "BB" + Int2Hex(i, 8)End FunctionFunction Mov_ECX(ByVal i As Long) As Long OPcode = OPcode + "B9" + Int2Hex(i, 8)End FunctionFunction Mov_EDX(ByVal i As Long) As Long OPcode = OPcode + "BA" + Int2Hex(i, 8)End FunctionFunction Mov_ESI(ByVal i As Long) As Long OPcode = OPcode + "BE" + Int2Hex(i, 8)End FunctionFunction Mov_ESP(ByVal i As Long) As Long OPcode = OPcode + "BC" + Int2Hex(i, 8)End FunctionFunction Mov_EBP(ByVal i As Long) As Long OPcode = OPcode + "BD" + Int2Hex(i, 8)End FunctionFunction Mov_EDI(ByVal i As Long) As Long OPcode = OPcode + "BF" + Int2Hex(i, 8)End FunctionFunction Mov_EBX_DWORD_Ptr(ByVal i As Long) As Long OPcode = OPcode + "8B1D" + Int2Hex(i, 8)End FunctionFunction Mov_ECX_DWORD_Ptr(ByVal i As Long) As Long OPcode = OPcode + "8B0D" + Int2Hex(i, 8)End FunctionFunction Mov_EAX_DWORD_Ptr(ByVal i As Long) As Long OPcode = OPcode + "A1" + Int2Hex(i, 8)End FunctionFunction Mov_EDX_DWORD_Ptr(ByVal i As Long) As Long OPcode = OPcode + "8B15" + Int2Hex(i, 8)End FunctionFunction Mov_ESI_DWORD_Ptr(ByVal i As Long) As Long OPcode = OPcode + "8B35" + Int2Hex(i, 8)End FunctionFunction Mov_ESP_DWORD_Ptr(ByVal i As Long) As Long OPcode = OPcode + "8B25" + Int2Hex(i, 8)End FunctionFunction Mov_EBP_DWORD_Ptr(ByVal i As Long) As Long OPcode = OPcode + "8B2D" + Int2Hex(i, 8)End FunctionFunction Mov_EAX_DWORD_Ptr_EAX() As Long OPcode = OPcode + "8B00"End FunctionFunction Mov_EAX_DWORD_Ptr_EBP() As Long OPcode = OPcode + "8B4500"End FunctionFunction Mov_EAX_DWORD_Ptr_EBX() As Long OPcode = OPcode + "8B03"End FunctionFunction Mov_EAX_DWORD_Ptr_ECX() As Long OPcode = OPcode + "8B01"End FunctionFunction Mov_EAX_DWORD_Ptr_EDX() As Long OPcode = OPcode + "8B02"End FunctionFunction Mov_EAX_DWORD_Ptr_EDI() As Long OPcode = OPcode + "8B07"End FunctionFunction Mov_EAX_DWORD_Ptr_ESP() As Long OPcode = OPcode + "8B0424"End FunctionFunction Mov_EAX_DWORD_Ptr_ESI() As Long OPcode = OPcode + "8B06"End FunctionFunction Mov_EAX_DWORD_Ptr_EAX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B40" + Int2Hex(i, 2) Else OPcode = OPcode + "8B80" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EAX_DWORD_Ptr_ESP_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B4424" + Int2Hex(i, 2) Else OPcode = OPcode + "8B8424" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EAX_DWORD_Ptr_EBX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B43" + Int2Hex(i, 2) Else OPcode = OPcode + "8B83" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EAX_DWORD_Ptr_ECX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B41" + Int2Hex(i, 2) Else OPcode = OPcode + "8B81" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EAX_DWORD_Ptr_EDX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B42" + Int2Hex(i, 2) Else OPcode = OPcode + "8B82" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EAX_DWORD_Ptr_EDI_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B47" + Int2Hex(i, 2) Else OPcode = OPcode + "8B87" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EAX_DWORD_Ptr_EBP_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B45" + Int2Hex(i, 2) Else OPcode = OPcode + "8B85" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EAX_DWORD_Ptr_ESI_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B46" + Int2Hex(i, 2) Else OPcode = OPcode + "8B86" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EBX_DWORD_Ptr_EAX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B58" + Int2Hex(i, 2) Else OPcode = OPcode + "8B98" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EBX_DWORD_Ptr_ESP_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B5C24" + Int2Hex(i, 2) Else OPcode = OPcode + "8B9C24" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EBX_DWORD_Ptr_EBX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B5B" + Int2Hex(i, 2) Else OPcode = OPcode + "8B9B" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EBX_DWORD_Ptr_ECX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B59" + Int2Hex(i, 2) Else OPcode = OPcode + "8B99" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EBX_DWORD_Ptr_EDX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B5A" + Int2Hex(i, 2) Else OPcode = OPcode + "8B9A" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EBX_DWORD_Ptr_EDI_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B5F" + Int2Hex(i, 2) Else OPcode = OPcode + "8B9F" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EBX_DWORD_Ptr_EBP_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B5D" + Int2Hex(i, 2) Else OPcode = OPcode + "8B9D" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EBX_DWORD_Ptr_ESI_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B5E" + Int2Hex(i, 2) Else OPcode = OPcode + "8B9E" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_ECX_DWORD_Ptr_EAX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B48" + Int2Hex(i, 2) Else OPcode = OPcode + "8B88" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_ECX_DWORD_Ptr_ESP_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B4C24" + Int2Hex(i, 2) Else OPcode = OPcode + "8B8C24" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_ECX_DWORD_Ptr_EBX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B4B" + Int2Hex(i, 2) Else OPcode = OPcode + "8B8B" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_ECX_DWORD_Ptr_ECX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B49" + Int2Hex(i, 2) Else OPcode = OPcode + "8B89" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_ECX_DWORD_Ptr_EDX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B4A" + Int2Hex(i, 2) Else OPcode = OPcode + "8B8A" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_ECX_DWORD_Ptr_EDI_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B4F" + Int2Hex(i, 2) Else OPcode = OPcode + "8B8F" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_ECX_DWORD_Ptr_EBP_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B4D" + Int2Hex(i, 2) Else OPcode = OPcode + "8B8D" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_ECX_DWORD_Ptr_ESI_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B4E" + Int2Hex(i, 2) Else OPcode = OPcode + "8B8E" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EDX_DWORD_Ptr_EAX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B50" + Int2Hex(i, 2) Else OPcode = OPcode + "8B90" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EDX_DWORD_Ptr_ESP_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B5424" + Int2Hex(i, 2) Else OPcode = OPcode + "8B9424" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EDX_DWORD_Ptr_EBX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B53" + Int2Hex(i, 2) Else OPcode = OPcode + "8B93" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EDX_DWORD_Ptr_ECX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B51" + Int2Hex(i, 2) Else OPcode = OPcode + "8B91" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EDX_DWORD_Ptr_EDX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B52" + Int2Hex(i, 2) Else OPcode = OPcode + "8B92" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EDX_DWORD_Ptr_EDI_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B57" + Int2Hex(i, 2) Else OPcode = OPcode + "8B97" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EDX_DWORD_Ptr_EBP_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B55" + Int2Hex(i, 2) Else OPcode = OPcode + "8B95" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EDX_DWORD_Ptr_ESI_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8B56" + Int2Hex(i, 2) Else OPcode = OPcode + "8B96" + Int2Hex(i, 8) End IfEnd FunctionFunction Mov_EBX_DWORD_Ptr_EAX() As Long OPcode = OPcode + "8B18"End FunctionFunction Mov_EBX_DWORD_Ptr_EBP() As Long OPcode = OPcode + "8B5D00"End FunctionFunction Mov_EBX_DWORD_Ptr_EBX() As Long OPcode = OPcode + "8B1B"End FunctionFunction Mov_EBX_DWORD_Ptr_ECX() As Long OPcode = OPcode + "8B19"End FunctionFunction Mov_EBX_DWORD_Ptr_EDX() As Long OPcode = OPcode + "8B1A"End FunctionFunction Mov_EBX_DWORD_Ptr_EDI() As Long OPcode = OPcode + "8B1F"End FunctionFunction Mov_EBX_DWORD_Ptr_ESP() As Long OPcode = OPcode + "8B1C24"End FunctionFunction Mov_EBX_DWORD_Ptr_ESI() As Long OPcode = OPcode + "8B1E"End FunctionFunction Mov_ECX_DWORD_Ptr_EAX() As Long OPcode = OPcode + "8B08"End FunctionFunction Mov_ECX_DWORD_Ptr_EBP() As Long OPcode = OPcode + "8B4D00"End FunctionFunction Mov_ECX_DWORD_Ptr_EBX() As Long OPcode = OPcode + "8B0B"End FunctionFunction Mov_ECX_DWORD_Ptr_ECX() As Long OPcode = OPcode + "8B09"End FunctionFunction Mov_ECX_DWORD_Ptr_EDX() As Long OPcode = OPcode + "8B0A"End FunctionFunction Mov_ECX_DWORD_Ptr_EDI() As Long OPcode = OPcode + "8B0F"End FunctionFunction Mov_ECX_DWORD_Ptr_ESP() As Long OPcode = OPcode + "8B0C24"End FunctionFunction Mov_ECX_DWORD_Ptr_ESI() As Long OPcode = OPcode + "8B0E"End FunctionFunction Mov_EDX_DWORD_Ptr_EAX() As Long OPcode = OPcode + "8B10"End FunctionFunction Mov_EDX_DWORD_Ptr_EBP() As Long OPcode = OPcode + "8B5500"End FunctionFunction Mov_EDX_DWORD_Ptr_EBX() As Long OPcode = OPcode + "8B13"End FunctionFunction Mov_EDX_DWORD_Ptr_ECX() As Long OPcode = OPcode + "8B11"End FunctionFunction Mov_EDX_DWORD_Ptr_EDX() As Long OPcode = OPcode + "8B12"End FunctionFunction Mov_EDX_DWORD_Ptr_EDI() As Long OPcode = OPcode + "8B17"End FunctionFunction Mov_EDX_DWORD_Ptr_ESI() As Long OPcode = OPcode + "8B16"End FunctionFunction Mov_EDX_DWORD_Ptr_ESP() As Long OPcode = OPcode + "8B1424"End FunctionFunction Mov_EAX_EBP() As Long OPcode = OPcode + "8BC5"End FunctionFunction Mov_EAX_EBX() As Long OPcode = OPcode + "8BC3"End FunctionFunction Mov_EAX_ECX() As Long OPcode = OPcode + "8BC1"End FunctionFunction Mov_EAX_EDI() As Long OPcode = OPcode + "8BC7"End FunctionFunction Mov_EAX_EDX() As Long OPcode = OPcode + "8BC2"End FunctionFunction Mov_EAX_ESI() As Long OPcode = OPcode + "8BC6"End FunctionFunction Mov_EAX_ESP() As Long OPcode = OPcode + "8BC4"End FunctionFunction Mov_EBX_EBP() As Long OPcode = OPcode + "8BDD"End FunctionFunction Mov_EBX_EAX() As Long OPcode = OPcode + "8BD8"End FunctionFunction Mov_EBX_ECX() As Long OPcode = OPcode + "8BD9"End FunctionFunction Mov_EBX_EDI() As Long OPcode = OPcode + "8BDF"End FunctionFunction Mov_EBX_EDX() As Long OPcode = OPcode + "8BDA"End FunctionFunction Mov_EBX_ESI() As Long OPcode = OPcode + "8BDE"End FunctionFunction Mov_EBX_ESP() As Long OPcode = OPcode + "8BDC"End FunctionFunction Mov_ECX_EBP() As Long OPcode = OPcode + "8BCD"End FunctionFunction Mov_ECX_EAX() As Long OPcode = OPcode + "8BC8"End FunctionFunction Mov_ECX_EBX() As Long OPcode = OPcode + "8BCB"End FunctionFunction Mov_ECX_EDI() As Long OPcode = OPcode + "8BCF"End FunctionFunction Mov_ECX_EDX() As Long OPcode = OPcode + "8BCA"End FunctionFunction Mov_ECX_ESI() As Long OPcode = OPcode + "8BCE"End FunctionFunction Mov_ECX_ESP() As Long OPcode = OPcode + "8BCC"End FunctionFunction Mov_EDX_EBP() As Long OPcode = OPcode + "8BD5"End FunctionFunction Mov_EDX_EBX() As Long OPcode = OPcode + "8BD3"End FunctionFunction Mov_EDX_ECX() As Long OPcode = OPcode + "8BD1"End FunctionFunction Mov_EDX_EDI() As Long OPcode = OPcode + "8BD7"End FunctionFunction Mov_EDX_EAX() As Long OPcode = OPcode + "8BD0"End FunctionFunction Mov_EDX_ESI() As Long OPcode = OPcode + "8BD6"End FunctionFunction Mov_EDX_ESP() As Long OPcode = OPcode + "8BD4"End FunctionFunction Mov_ESI_EBP() As Long OPcode = OPcode + "8BF5"End FunctionFunction Mov_ESI_EBX() As Long OPcode = OPcode + "8BF3"End FunctionFunction Mov_ESI_ECX() As Long OPcode = OPcode + "8BF1"End FunctionFunction Mov_ESI_EDI() As Long OPcode = OPcode + "8BF7"End FunctionFunction Mov_ESI_EAX() As Long OPcode = OPcode + "8BF0"End FunctionFunction Mov_ESI_EDX() As Long OPcode = OPcode + "8BF2"End FunctionFunction Mov_ESI_ESP() As Long OPcode = OPcode + "8BF4"End FunctionFunction Mov_ESP_EBP() As Long OPcode = OPcode + "8BE5"End FunctionFunction Mov_ESP_EBX() As Long OPcode = OPcode + "8BE3"End FunctionFunction Mov_ESP_ECX() As Long OPcode = OPcode + "8BE1"End FunctionFunction Mov_ESP_EDI() As Long OPcode = OPcode + "8BE7"End FunctionFunction Mov_ESP_EAX() As Long OPcode = OPcode + "8BE0"End FunctionFunction Mov_ESP_EDX() As Long OPcode = OPcode + "8BE2"End FunctionFunction Mov_ESP_ESI() As Long OPcode = OPcode + "8BE6"End FunctionFunction Mov_EDI_EBP() As Long OPcode = OPcode + "8BFD"End FunctionFunction Mov_EDI_EAX() As Long OPcode = OPcode + "8BF8"End FunctionFunction Mov_EDI_EBX() As Long OPcode = OPcode + "8BFB"End FunctionFunction Mov_EDI_ECX() As Long OPcode = OPcode + "8BF9"End FunctionFunction Mov_EDI_EDX() As Long OPcode = OPcode + "8BFA"End FunctionFunction Mov_EDI_ESI() As Long OPcode = OPcode + "8BFE"End FunctionFunction Mov_EDI_ESP() As Long OPcode = OPcode + "8BFC"End FunctionFunction Mov_EBP_EDI() As Long OPcode = OPcode + "8BDF"End FunctionFunction Mov_EBP_EAX() As Long OPcode = OPcode + "8BE8"End FunctionFunction Mov_EBP_EBX() As Long OPcode = OPcode + "8BEB"End FunctionFunction Mov_EBP_ECX() As Long OPcode = OPcode + "8BE9"End FunctionFunction Mov_EBP_EDX() As Long OPcode = OPcode + "8BEA"End FunctionFunction Mov_EBP_ESI() As Long OPcode = OPcode + "8BEE"End FunctionFunction Mov_EBP_ESP() As Long OPcode = OPcode + "8BEC"End Function'Push'+++++++++++++++++++++++++++++++++++Function Push(ByVal i As Long) As Long'If i <= 255 Then'OPcode = OPcode + "6A" + Int2Hex(i, 2)'Else OPcode = OPcode + "68" + Int2Hex(i, 8)'End IfEnd FunctionFunction Push_DWORD_Ptr(ByVal i As Long) As Long OPcode = OPcode + "FF35" + Int2Hex(i, 8)End FunctionFunction Push_EAX() As Long OPcode = OPcode + "50"End FunctionFunction Push_ECX() As Long OPcode = OPcode + "51"End FunctionFunction Push_EDX() As Long OPcode = OPcode + "52"End FunctionFunction Push_EBX() As Long OPcode = OPcode + "53"End FunctionFunction Push_ESP() As Long OPcode = OPcode + "54"End FunctionFunction Push_EBP() As Long OPcode = OPcode + "55"End FunctionFunction Push_ESI() As Long OPcode = OPcode + "56"End FunctionFunction Push_EDI() As Long OPcode = OPcode + "57"End Function'LEAFunction Lea_EAX_DWORD_Ptr_EAX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D40" + Int2Hex(i, 2) Else OPcode = OPcode + "8D80" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EAX_DWORD_Ptr_EBX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D43" + Int2Hex(i, 2) Else OPcode = OPcode + "8D83" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EAX_DWORD_Ptr_ECX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D41" + Int2Hex(i, 2) Else OPcode = OPcode + "8D81" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EAX_DWORD_Ptr_EDX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D42" + Int2Hex(i, 2) Else OPcode = OPcode + "8D82" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EAX_DWORD_Ptr_ESI_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D46" + Int2Hex(i, 2) Else OPcode = OPcode + "8D86" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EAX_DWORD_Ptr_ESP_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D40" + Int2Hex(i, 2) Else OPcode = OPcode + "8D80" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EAX_DWORD_Ptr_EBP_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D4424" + Int2Hex(i, 2) Else OPcode = OPcode + "8D8424" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EAX_DWORD_Ptr_EDI_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D47" + Int2Hex(i, 2) Else OPcode = OPcode + "8D87" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EBX_DWORD_Ptr_EAX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D58" + Int2Hex(i, 2) Else OPcode = OPcode + "8D98" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EBX_DWORD_Ptr_ESP_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D5C24" + Int2Hex(i, 2) Else OPcode = OPcode + "8D9C24" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EBX_DWORD_Ptr_EBX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D5B" + Int2Hex(i, 2) Else OPcode = OPcode + "8D9B" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EBX_DWORD_Ptr_ECX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D59" + Int2Hex(i, 2) Else OPcode = OPcode + "8D99" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EBX_DWORD_Ptr_EDX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D5A" + Int2Hex(i, 2) Else OPcode = OPcode + "8D9A" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EBX_DWORD_Ptr_EDI_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D5F" + Int2Hex(i, 2) Else OPcode = OPcode + "8D9F" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EBX_DWORD_Ptr_EBP_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D5D" + Int2Hex(i, 2) Else OPcode = OPcode + "8D9D" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EBX_DWORD_Ptr_ESI_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D5E" + Int2Hex(i, 2) Else OPcode = OPcode + "8D9E" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_ECX_DWORD_Ptr_EAX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D48" + Int2Hex(i, 2) Else OPcode = OPcode + "8D88" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_ECX_DWORD_Ptr_ESP_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D4C24" + Int2Hex(i, 2) Else OPcode = OPcode + "8D8C24" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_ECX_DWORD_Ptr_EBX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D4B" + Int2Hex(i, 2) Else OPcode = OPcode + "8D8B" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_ECX_DWORD_Ptr_ECX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D49" + Int2Hex(i, 2) Else OPcode = OPcode + "8D89" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_ECX_DWORD_Ptr_EDX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D4A" + Int2Hex(i, 2) Else OPcode = OPcode + "8D8A" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_ECX_DWORD_Ptr_EDI_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D4F" + Int2Hex(i, 2) Else OPcode = OPcode + "8D8F" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_ECX_DWORD_Ptr_EBP_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D4D" + Int2Hex(i, 2) Else OPcode = OPcode + "8D8D" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_ECX_DWORD_Ptr_ESI_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D4E" + Int2Hex(i, 2) Else OPcode = OPcode + "8D8E" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EDX_DWORD_Ptr_EAX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D50" + Int2Hex(i, 2) Else OPcode = OPcode + "8D90" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EDX_DWORD_Ptr_ESP_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D5424" + Int2Hex(i, 2) Else OPcode = OPcode + "8D9424" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EDX_DWORD_Ptr_EBX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D53" + Int2Hex(i, 2) Else OPcode = OPcode + "8D93" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EDX_DWORD_Ptr_ECX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D51" + Int2Hex(i, 2) Else OPcode = OPcode + "8D91" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EDX_DWORD_Ptr_EDX_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D52" + Int2Hex(i, 2) Else OPcode = OPcode + "8D92" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EDX_DWORD_Ptr_EDI_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D57" + Int2Hex(i, 2) Else OPcode = OPcode + "8D97" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EDX_DWORD_Ptr_EBP_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D55" + Int2Hex(i, 2) Else OPcode = OPcode + "8D95" + Int2Hex(i, 8) End IfEnd FunctionFunction Lea_EDX_DWORD_Ptr_ESI_Add(ByVal i As Long) As Long If i <= 255 Then OPcode = OPcode + "8D56" + Int2Hex(i, 2) Else OPcode = OPcode + "8D96" + Int2Hex(i, 8) End IfEnd Function'POPFunction Pop_EAX() As Long OPcode = OPcode + "58"End FunctionFunction Pop_EBX() As Long OPcode = OPcode + "5B"End FunctionFunction Pop_ECX() As Long OPcode = OPcode + "59"End FunctionFunction Pop_EDX() As Long OPcode = OPcode + "5A"End FunctionFunction Pop_ESI() As Long OPcode = OPcode + "5E"End FunctionFunction Pop_ESP() As Long OPcode = OPcode + "5C"End FunctionFunction Pop_EDI() As Long OPcode = OPcode + "5F"End FunctionFunction Pop_EBP() As Long OPcode = OPcode + "5D"End FunctionPublic Function Ptr(ByRef Add) As Long Ptr = VarPtr(Add)End FunctionPublic Function Float4Int(ByVal Ans As Single) '浮点转整形 Dim AB As Long, a As Single CopyMemory AB, Ans, 4 Float4Int = ABEnd Function'Public Function Float8Int(ByRef Ans) '浮点转整形' Dim AB As Long' CopyMemory AB, Ans, 8' Float8Int = AB'End Function Link to comment Share on other sites More sharing options...
whatmeans Posted April 12, 2008 Author Share Posted April 12, 2008 (edited) The AU3 codesexpandcollapse popup] Func CopyMemory($Destination, $Source, $Length) Local $Return $Return = DllCall("kernel32.dll", "none", "RtlMoveMemory", "ptr", $Destination, "ptr", $Source,"int", $Length) Return $Return[0] EndFunc ;==>CopyMemory Func GetWindowThreadProcessId($hWnd, $lpdwProcessId) Local $Return $Return = DllCall("user32.dll", "int", "GetWindowThreadProcessId", "int", $hWnd, "int", $lpdwProcessId) Return $Return[0] EndFunc ;==>GetWindowThreadProcessId Func CreateRemoteThread($hProcess, $lpThreadAttributes, $dwStackSize, $lpStartAddress, $lpParameter, $dwCreationFlags, $lpThreadId) Local $Return $Return = DllCall("kernel32.dll", "int", "CreateRemoteThread", "int", $hProcess, "ptr", $lpThreadAttributes, "int", $dwStackSize, "int", $lpStartAddress, "ptr", $lpParameter, "int", $dwCreationFlags, "int", $lpThreadId) Return $Return[0] EndFunc ;==>CreateRemoteThread Func WriteProcessMemory($hProcess, $lpBaseAddress, $lpBuffer, $nSize, $lpNumberOfBytesWritten) Global $Return $Return = DllCall ("kernel32.dll", "int", "WriteProcessMemory", "int", $hProcess, "ptr", $lpBaseAddress, "ptr", $lpBuffer, "int", $nSize,"int", $lpNumberOfBytesWritten) Return $Return[0] EndFunc Func CallWindowProc($lpPrevWndFunc, $hWnd, $Msg, $wParam, $lParam) Local $Return $Return = DllCall("user32.dll", "int", "CallWindowProcA", "int", $lpPrevWndFunc, "int", $hWnd, "int", $Msg, "int", $wParam, "int", $lParam) Return $Return[0] EndFunc ;==>CallWindowProc Func VirtualAllocEx($hProcess, $pAddress, $iSize, $iAllocation, $iProtect) Local $aResult = DllCall("Kernel32.dll", "ptr", "VirtualAllocEx", "int", $hProcess, "ptr", $pAddress, "int", $iSize, "int", $iAllocation, "int", $iProtect) If @error Or Not IsArray($aResult) Then Return SetError(-1, -1, 0) Return $aResult[0] EndFunc ;==>VirtualAllocEx Func VirtualFreeEx($hProcess, $pAddress, $iSize, $iFreeType) Local $aResult = DllCall("Kernel32.dll", "ptr", "VirtualFreeEx", "hwnd", $hProcess, "ptr", $pAddress, "int", $iSize, "int", $iFreeType) If @error Or Not IsArray($aResult) Then Return SetError(-1, -1, 0) Return $aResult[0] EndFunc ;==>VirtualFreeEx Func WaitForSingleObject($hHandle, $dwMilliseconds) Local $Return $Return = DllCall("kernel32.dll", "int", "WaitForSingleObject", "int", $hHandle, "int", $dwMilliseconds) Return $Return[0] EndFunc ;==>WaitForSingleObject Func OpenProcess($iAccess, $bInherit, $iProcessID) Local $aResult = DllCall("Kernel32.Dll", "int", "OpenProcess", "int", $iAccess, "int", $bInherit, "int", $iProcessID) If @error Or Not IsArray($aResult) Then Return SetError(-1, -1, 0) Return $aResult[0] EndFunc ;==>OpenProcess Func CloseHandle($hObject) Local $aResult = DllCall("Kernel32.dll", "int", "CloseHandle", "int", $hObject) If @error Or Not IsArray($aResult) Then Return SetError(-1, -1, 0) Return $aResult[0] EndFunc ;==>CloseHandle ;=============================================================================== ;~ Private Declare Function GetAddrOf Lib "KERNEL32" Alias "MulDiv" (nNumber As Any, Optional ByVal nNumerator As Long = 1, Optional ByVal nDenominator As Long = 1) As Long ;~ ' This is the dummy function used to get the addres of a VB variable. Func VarPtr($v_Variable) ;VarPtr ;~ Declare Function VarPtrArray Lib "msvbvm60.dll" Alias "VarPtr" _ ;~ (Var() as Any) As Long Local $pointer ,$debug = True $pointer = DllCall("KERNEL32.dll", "long", "MulDiv", "ptr", $v_Variable[0]) ;$pointer =dllcall("msvbvm60.dll","long","VarPtr","long",$v_Variable[0]) If @error Then If $debug Then MsgBox(0, "Error:", "Error:>" & @error & @CRLF) Return 0 Else Return $pointer EndIf EndFunc ;==>VarPtr ;===================================================================================== ;=============================================================================== Const $PAGE_EXECUTE_READWRITE = 0x40 Const $MEM_COMMIT = 0x1000 Const $MEM_RELEASE = 0x8000 Const $MEM_DECOMMIT = 0x4000 Const $PROCESS_ALL_ACCESS = 0x1F0FFF Const $INFINITE = 0xFFFF ; Infinite timeout Const $WAIT_TIMEOUT = 0x102 Dim $AsmCode[100] Dim $OPcode Dim $InjectProcess ;要注入的进程ID Dim $tmp_Addr ;要注入的进程启始地址 Dim $RThwnd ;已经注入的线程句柄 ;=============================================================================== Func Get_Result() Dim $i ReDim $AsmCode [StringLen($OPcode) / 2 - 1] For $i = 0 To UBound($AsmCode) $AsmCode[$i] = Int("0x" & StringMid($OPcode, $i * 2 + 1, 2)) Next $Get_Result = CallWindowProc(VarPtr($AsmCode[0]), 0, 0, 0, 0) EndFunc ;==>Get_Result Func Get_Code() $Get_Code = $OPcode EndFunc ;==>Get_Code ;================================ Func Run_ASM2($hWnd) Dim $i, $tmp_Addr, $RThwnd, $h, $pid ReDim $AsmCode [StringLen ($OPcode) / 2 - 1] For $i = 0 To UBound($AsmCode) $AsmCode [$i] = Int("0x" & StringMid($OPcode, $i * 2 + 1, 2)) Next GetWindowThreadProcessId($hWnd, $pid) $h = OpenProcess($PROCESS_ALL_ACCESS, False, $pid) $tmp_Addr = VirtualAllocEx($h, 0, UBound($AsmCode) + 1, $MEM_COMMIT, $PAGE_EXECUTE_READWRITE) WriteProcessMemory($h, $tmp_Addr, VarPtr($AsmCode[0]), UBound($AsmCode) + 1, 0) $RThwnd = CreateRemoteThread($h, 0, 0, $tmp_Addr, 0, 0, 0) VirtualFreeEx($h, $tmp_Addr, UBound($AsmCode) + 1, $MEM_RELEASE) CloseHandle($RThwnd) CloseHandle($h) $OPcode = "" EndFunc ;==>Run_ASM2 ;================================= Func InjectCode($hWnd) Dim $i, $h, $pid ReDim $AsmCode [StringLen($OPcode) / 2 - 1] For $i = 0 To UBound($AsmCode) $AsmCode[$i] = Int("0x" & StringMid($OPcode, $i * 2 + 1, 2)) Next GetWindowThreadProcessId($hWnd, $pid) ;获得进程ID $InjectProcess = OpenProcess($PROCESS_ALL_ACCESS, False, $pid) ;打开进程并获得进程句柄 $tmp_Addr = VirtualAllocEx($InjectProcess, 0, UBound($AsmCode) + 1, _ $MEM_COMMIT, $PAGE_EXECUTE_READWRITE) ;为汇编代码分配内存 WriteProcessMemory($InjectProcess, $tmp_Addr, VarPtr($AsmCode[0]), _ UBound($AsmCode) + 1, 0) ;把汇编代码注入进程 EndFunc ;==>InjectCode Func Run_ASM() ;执行注入的汇编代码 Dim $Ret $RThwnd = CreateRemoteThread($InjectProcess, 0, 0, $tmp_Addr, 0, 0, 0) Do $Ret = WaitForSingleObject($RThwnd, 50) ;等待50豪秒 ;DoEvents Until $Ret <> $WAIT_TIMEOUT CloseHandle($RThwnd) EndFunc ;==>Run_ASM Func FreeMem() VirtualFreeEx($InjectProcess, $tmp_Addr, UBound($AsmCode) + 1, $MEM_RELEASE) CloseHandle($InjectProcess) $OPcode = "" $AsmCode = 0 EndFunc ;==>FreeMem ;======================================================== Func Int2Hex($Value, $n) ;高低位互换 Dim $tmp1, $tmp2, $i $tmp1 = StringRight("0000000" + Hex($Value), $n) For $i = 0 To StringLen($tmp1) / 2 - 1 $tmp2 = $tmp2 + StringMid($tmp1, StringLen($tmp1) - 1 - 2 * $i, 2) Next $Int2Hex = $tmp2 EndFunc ;==>Int2Hex Func Leave() $OPcode = $OPcode + "C9" EndFunc ;==>Leave Func Pushad() $OPcode = $OPcode + "60" EndFunc ;==>Pushad Func Popad() $OPcode = $OPcode + "61" EndFunc ;==>Popad Func Nop() $OPcode = $OPcode + "90" EndFunc ;==>Nop Func Ret() $OPcode = $OPcode + "C3" EndFunc ;==>Ret Func RetA($i) $OPcode = $OPcode + Int2Hex($i, 4) EndFunc ;==>RetA Func IN_AL_DX() $OPcode = $OPcode + "EC" EndFunc ;==>IN_AL_DX Func TEST_EAX_EAX() $OPcode = $OPcode + "85C0" EndFunc ;==>TEST_EAX_EAX ;Add ;+++++++++++++++++++++++++++++++++++ Func Add_EAX_EDX() $OPcode = $OPcode + "03C2" EndFunc ;==>Add_EAX_EDX Func Add_EBX_EAX() $OPcode = $OPcode + "03D8" EndFunc ;==>Add_EBX_EAX Func Add_EAX_DWORD_Ptr($i) $OPcode = $OPcode + "0305" + Int2Hex($i, 8) EndFunc ;==>Add_EAX_DWORD_Ptr Func Add_EBX_DWORD_Ptr($i) $OPcode = $OPcode + "031D" + Int2Hex($i, 8) EndFunc ;==>Add_EBX_DWORD_Ptr Func Add_EBP_DWORD_Ptr($i) $OPcode = $OPcode + "032D" + Int2Hex($i, 8) EndFunc ;==>Add_EBP_DWORD_Ptr Func Add_EAX($i) $OPcode = $OPcode + "05" + Int2Hex($i, 8) EndFunc ;==>Add_EAX Func Add_EBX($i) $OPcode = $OPcode + "83C3" + Int2Hex($i, 8) EndFunc ;==>Add_EBX Func Add_ECX($i) $OPcode = $OPcode + "83C1" + Int2Hex($i, 8) EndFunc ;==>Add_ECX Func Add_EDX($i) $OPcode = $OPcode + "83C2" + Int2Hex($i, 8) EndFunc ;==>Add_EDX Func Add_ESI($i) $OPcode = $OPcode + "83C6" + Int2Hex($i, 8) EndFunc ;==>Add_ESI Func Add_ESP($i) $OPcode = $OPcode + "83C4" + Int2Hex($i, 8) EndFunc ;==>Add_ESP ;Call ;+++++++++++++++++++++++++++++++++++ Func Call_EAX() $OPcode = $OPcode + "FFD0" EndFunc ;==>Call_EAX Func Call_EBX() $OPcode = $OPcode + "FFD3" EndFunc ;==>Call_EBX Func Call_ECX() $OPcode = $OPcode + "FFD1" EndFunc ;==>Call_ECX Func Call_EDX() $OPcode = $OPcode + "FFD2" EndFunc ;==>Call_EDX Func Call_ESI() $OPcode = $OPcode + "FFD2" EndFunc ;==>Call_ESI Func Call_ESP() $OPcode = $OPcode + "FFD4" EndFunc ;==>Call_ESP Func Call_EBP() $OPcode = $OPcode + "FFD5" EndFunc ;==>Call_EBP Func Call_EDI() $OPcode = $OPcode + "FFD7" EndFunc ;==>Call_EDI Func Call_DWORD_Ptr($i) $OPcode = $OPcode + "FF15" + Int2Hex($i, 8) EndFunc ;==>Call_DWORD_Ptr Func Call_DWORD_Ptr_EAX() $OPcode = $OPcode + "FF10" EndFunc ;==>Call_DWORD_Ptr_EAX Func Call_DWORD_Ptr_EBX() $OPcode = $OPcode + "FF13" EndFunc ;==>Call_DWORD_Ptr_EBX ;Cmp ;+++++++++++++++++++++++++++++++++++ Func Cmp_EAX($i) If $i <= 255 Then $OPcode = $OPcode + "83F8" + Int2Hex($i, 2) Else $OPcode = $OPcode + "3D" + Int2Hex($i, 8) EndIf EndFunc ;==>Cmp_EAX Func Cmp_EAX_EDX() $OPcode = $OPcode + "3BC2" EndFunc ;==>Cmp_EAX_EDX Func Cmp_EAX_DWORD_Ptr($i) $OPcode = $OPcode + "3B05" + Int2Hex($i, 8) EndFunc ;==>Cmp_EAX_DWORD_Ptr Func Cmp_DWORD_Ptr_EAX($i) $OPcode = $OPcode + "3905" + Int2Hex($i, 8) EndFunc ;==>Cmp_DWORD_Ptr_EAX ;DEC ;+++++++++++++++++++++++++++++++++++ Func Dec_EAX() $OPcode = $OPcode + "48" EndFunc ;==>Dec_EAX Func Dec_EBX() $OPcode = $OPcode + "4B" EndFunc ;==>Dec_EBX Func Dec_ECX() $OPcode = $OPcode + "49" EndFunc ;==>Dec_ECX Func Dec_EDX() $OPcode = $OPcode + "4A" EndFunc ;==>Dec_EDX ;Idiv ;+++++++++++++++++++++++++++++++++++ Func Idiv_EAX() $OPcode = $OPcode + "F7F8" EndFunc ;==>Idiv_EAX Func Idiv_EBX() $OPcode = $OPcode + "F7FB" EndFunc ;==>Idiv_EBX Func Idiv_ECX() $OPcode = $OPcode + "F7F9" EndFunc ;==>Idiv_ECX Func Idiv_EDX() $OPcode = $OPcode + "F7FA" EndFunc ;==>Idiv_EDX ;Imul ;+++++++++++++++++++++++++++++++++++ Func Imul_EAX_EDX() $OPcode = $OPcode + "0FAFC2" EndFunc ;==>Imul_EAX_EDX Func Imul_EAX($i) $OPcode = $OPcode + "6BC0" + Int2Hex($i, 2) EndFunc ;==>Imul_EAX Func ImulB_EAX($i) $OPcode = $OPcode + "69C0" + Int2Hex($i, 8) EndFunc ;==>ImulB_EAX ;INC ;+++++++++++++++++++++++++++++++++++ Func Inc_EAX() $OPcode = $OPcode + "40" EndFunc ;==>Inc_EAX Func Inc_EBX() $OPcode = $OPcode + "43" EndFunc ;==>Inc_EBX Func Inc_ECX() $OPcode = $OPcode + "41" EndFunc ;==>Inc_ECX Func Inc_EDX() $OPcode = $OPcode + "42" EndFunc ;==>Inc_EDX Func Inc_EDI() $OPcode = $OPcode + "47" EndFunc ;==>Inc_EDI Func Inc_ESI() $OPcode = $OPcode + "46" EndFunc ;==>Inc_ESI Func Inc_DWORD_Ptr_EAX() $OPcode = $OPcode + "FF00" EndFunc ;==>Inc_DWORD_Ptr_EAX Func Inc_DWORD_Ptr_EBX() $OPcode = $OPcode + "FF03" EndFunc ;==>Inc_DWORD_Ptr_EBX Func Inc_DWORD_Ptr_ECX() $OPcode = $OPcode + "FF01" EndFunc ;==>Inc_DWORD_Ptr_ECX Func Inc_DWORD_Ptr_EDX() $OPcode = $OPcode + "FF02" EndFunc ;==>Inc_DWORD_Ptr_EDX ;JMP/JE/JNE ;+++++++++++++++++++++++++++++++++++ Func JMP_EAX() $OPcode = $OPcode + "FFE0" EndFunc ;==>JMP_EAX ;Mov Func Mov_DWORD_Ptr_EAX($i) $OPcode = $OPcode + "A3" + Int2Hex($i, 8) EndFunc ;==>Mov_DWORD_Ptr_EAX Func Mov_EAX($i) $OPcode = $OPcode + "B8" + Int2Hex($i, 8) EndFunc ;==>Mov_EAX Func Mov_EBX($i) $OPcode = $OPcode + "BB" + Int2Hex($i, 8) EndFunc ;==>Mov_EBX Func Mov_ECX($i) $OPcode = $OPcode + "B9" + Int2Hex($i, 8) EndFunc ;==>Mov_ECX Func Mov_EDX($i) $OPcode = $OPcode + "BA" + Int2Hex($i, 8) EndFunc ;==>Mov_EDX Func Mov_ESI($i) $OPcode = $OPcode + "BE" + Int2Hex($i, 8) EndFunc ;==>Mov_ESI Func Mov_ESP($i) $OPcode = $OPcode + "BC" + Int2Hex($i, 8) EndFunc ;==>Mov_ESP Func Mov_EBP($i) $OPcode = $OPcode + "BD" + Int2Hex($i, 8) EndFunc ;==>Mov_EBP Func Mov_EDI($i) $OPcode = $OPcode + "BF" + Int2Hex($i, 8) EndFunc ;==>Mov_EDI Func Mov_EBX_DWORD_Ptr($i) $OPcode = $OPcode + "8B1D" + Int2Hex($i, 8) EndFunc ;==>Mov_EBX_DWORD_Ptr Func Mov_ECX_DWORD_Ptr($i) $OPcode = $OPcode + "8B0D" + Int2Hex($i, 8) EndFunc ;==>Mov_ECX_DWORD_Ptr Func Mov_EAX_DWORD_Ptr($i) $OPcode = $OPcode + "A1" + Int2Hex($i, 8) EndFunc ;==>Mov_EAX_DWORD_Ptr Func Mov_EDX_DWORD_Ptr($i) $OPcode = $OPcode + "8B15" + Int2Hex($i, 8) EndFunc ;==>Mov_EDX_DWORD_Ptr Func Mov_ESI_DWORD_Ptr($i) $OPcode = $OPcode + "8B35" + Int2Hex($i, 8) EndFunc ;==>Mov_ESI_DWORD_Ptr Func Mov_ESP_DWORD_Ptr($i) $OPcode = $OPcode + "8B25" + Int2Hex($i, 8) EndFunc ;==>Mov_ESP_DWORD_Ptr Func Mov_EBP_DWORD_Ptr($i) $OPcode = $OPcode + "8B2D" + Int2Hex($i, 8) EndFunc ;==>Mov_EBP_DWORD_Ptr Func Mov_EAX_DWORD_Ptr_EAX() $OPcode = $OPcode + "8B00" EndFunc ;==>Mov_EAX_DWORD_Ptr_EAX Func Mov_EAX_DWORD_Ptr_EBP() $OPcode = $OPcode + "8B4500" EndFunc ;==>Mov_EAX_DWORD_Ptr_EBP Func Mov_EAX_DWORD_Ptr_EBX() $OPcode = $OPcode + "8B03" EndFunc ;==>Mov_EAX_DWORD_Ptr_EBX Func Mov_EAX_DWORD_Ptr_ECX() $OPcode = $OPcode + "8B01" EndFunc ;==>Mov_EAX_DWORD_Ptr_ECX Func Mov_EAX_DWORD_Ptr_EDX() $OPcode = $OPcode + "8B02" EndFunc ;==>Mov_EAX_DWORD_Ptr_EDX Func Mov_EAX_DWORD_Ptr_EDI() $OPcode = $OPcode + "8B07" EndFunc ;==>Mov_EAX_DWORD_Ptr_EDI Func Mov_EAX_DWORD_Ptr_ESP() $OPcode = $OPcode + "8B0424" EndFunc ;==>Mov_EAX_DWORD_Ptr_ESP Func Mov_EAX_DWORD_Ptr_ESI() $OPcode = $OPcode + "8B06" EndFunc ;==>Mov_EAX_DWORD_Ptr_ESI Func Mov_EAX_DWORD_Ptr_EAX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B40" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B80" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EAX_DWORD_Ptr_EAX_Add Func Mov_EAX_DWORD_Ptr_ESP_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B4424" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B8424" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EAX_DWORD_Ptr_ESP_Add Func Mov_EAX_DWORD_Ptr_EBX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B43" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B83" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EAX_DWORD_Ptr_EBX_Add Func Mov_EAX_DWORD_Ptr_ECX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B41" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B81" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EAX_DWORD_Ptr_ECX_Add Func Mov_EAX_DWORD_Ptr_EDX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B42" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B82" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EAX_DWORD_Ptr_EDX_Add Func Mov_EAX_DWORD_Ptr_EDI_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B47" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B87" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EAX_DWORD_Ptr_EDI_Add Func Mov_EAX_DWORD_Ptr_EBP_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B45" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B85" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EAX_DWORD_Ptr_EBP_Add Func Mov_EAX_DWORD_Ptr_ESI_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B46" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B86" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EAX_DWORD_Ptr_ESI_Add Func Mov_EBX_DWORD_Ptr_EAX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B58" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B98" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EBX_DWORD_Ptr_EAX_Add Func Mov_EBX_DWORD_Ptr_ESP_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B5C24" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B9C24" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EBX_DWORD_Ptr_ESP_Add Func Mov_EBX_DWORD_Ptr_EBX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B5B" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B9B" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EBX_DWORD_Ptr_EBX_Add Func Mov_EBX_DWORD_Ptr_ECX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B59" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B99" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EBX_DWORD_Ptr_ECX_Add Func Mov_EBX_DWORD_Ptr_EDX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B5A" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B9A" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EBX_DWORD_Ptr_EDX_Add Func Mov_EBX_DWORD_Ptr_EDI_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B5F" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B9F" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EBX_DWORD_Ptr_EDI_Add Func Mov_EBX_DWORD_Ptr_EBP_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B5D" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B9D" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EBX_DWORD_Ptr_EBP_Add Func Mov_EBX_DWORD_Ptr_ESI_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B5E" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B9E" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EBX_DWORD_Ptr_ESI_Add Func Mov_ECX_DWORD_Ptr_EAX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B48" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B88" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_ECX_DWORD_Ptr_EAX_Add Func Mov_ECX_DWORD_Ptr_ESP_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B4C24" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B8C24" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_ECX_DWORD_Ptr_ESP_Add Func Mov_ECX_DWORD_Ptr_EBX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B4B" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B8B" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_ECX_DWORD_Ptr_EBX_Add Func Mov_ECX_DWORD_Ptr_ECX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B49" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B89" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_ECX_DWORD_Ptr_ECX_Add Func Mov_ECX_DWORD_Ptr_EDX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B4A" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B8A" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_ECX_DWORD_Ptr_EDX_Add Func Mov_ECX_DWORD_Ptr_EDI_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B4F" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B8F" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_ECX_DWORD_Ptr_EDI_Add Func Mov_ECX_DWORD_Ptr_EBP_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B4D" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B8D" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_ECX_DWORD_Ptr_EBP_Add Func Mov_ECX_DWORD_Ptr_ESI_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B4E" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B8E" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_ECX_DWORD_Ptr_ESI_Add Func Mov_EDX_DWORD_Ptr_EAX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B50" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B90" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EDX_DWORD_Ptr_EAX_Add Func Mov_EDX_DWORD_Ptr_ESP_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B5424" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B9424" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EDX_DWORD_Ptr_ESP_Add Func Mov_EDX_DWORD_Ptr_EBX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B53" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B93" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EDX_DWORD_Ptr_EBX_Add Func Mov_EDX_DWORD_Ptr_ECX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B51" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B91" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EDX_DWORD_Ptr_ECX_Add Func Mov_EDX_DWORD_Ptr_EDX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B52" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B92" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EDX_DWORD_Ptr_EDX_Add Func Mov_EDX_DWORD_Ptr_EDI_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B57" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B97" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EDX_DWORD_Ptr_EDI_Add Func Mov_EDX_DWORD_Ptr_EBP_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B55" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B95" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EDX_DWORD_Ptr_EBP_Add Func Mov_EDX_DWORD_Ptr_ESI_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8B56" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8B96" + Int2Hex($i, 8) EndIf EndFunc ;==>Mov_EDX_DWORD_Ptr_ESI_Add Func Mov_EBX_DWORD_Ptr_EAX() $OPcode = $OPcode + "8B18" EndFunc ;==>Mov_EBX_DWORD_Ptr_EAX Func Mov_EBX_DWORD_Ptr_EBP() $OPcode = $OPcode + "8B5D00" EndFunc ;==>Mov_EBX_DWORD_Ptr_EBP Func Mov_EBX_DWORD_Ptr_EBX() $OPcode = $OPcode + "8B1B" EndFunc ;==>Mov_EBX_DWORD_Ptr_EBX Func Mov_EBX_DWORD_Ptr_ECX() $OPcode = $OPcode + "8B19" EndFunc ;==>Mov_EBX_DWORD_Ptr_ECX Func Mov_EBX_DWORD_Ptr_EDX() $OPcode = $OPcode + "8B1A" EndFunc ;==>Mov_EBX_DWORD_Ptr_EDX Func Mov_EBX_DWORD_Ptr_EDI() $OPcode = $OPcode + "8B1F" EndFunc ;==>Mov_EBX_DWORD_Ptr_EDI Func Mov_EBX_DWORD_Ptr_ESP() $OPcode = $OPcode + "8B1C24" EndFunc ;==>Mov_EBX_DWORD_Ptr_ESP Func Mov_EBX_DWORD_Ptr_ESI() $OPcode = $OPcode + "8B1E" EndFunc ;==>Mov_EBX_DWORD_Ptr_ESI Func Mov_ECX_DWORD_Ptr_EAX() $OPcode = $OPcode + "8B08" EndFunc ;==>Mov_ECX_DWORD_Ptr_EAX Func Mov_ECX_DWORD_Ptr_EBP() $OPcode = $OPcode + "8B4D00" EndFunc ;==>Mov_ECX_DWORD_Ptr_EBP Func Mov_ECX_DWORD_Ptr_EBX() $OPcode = $OPcode + "8B0B" EndFunc ;==>Mov_ECX_DWORD_Ptr_EBX Func Mov_ECX_DWORD_Ptr_ECX() $OPcode = $OPcode + "8B09" EndFunc ;==>Mov_ECX_DWORD_Ptr_ECX Func Mov_ECX_DWORD_Ptr_EDX() $OPcode = $OPcode + "8B0A" EndFunc ;==>Mov_ECX_DWORD_Ptr_EDX Func Mov_ECX_DWORD_Ptr_EDI() $OPcode = $OPcode + "8B0F" EndFunc ;==>Mov_ECX_DWORD_Ptr_EDI Func Mov_ECX_DWORD_Ptr_ESP() $OPcode = $OPcode + "8B0C24" EndFunc ;==>Mov_ECX_DWORD_Ptr_ESP Func Mov_ECX_DWORD_Ptr_ESI() $OPcode = $OPcode + "8B0E" EndFunc ;==>Mov_ECX_DWORD_Ptr_ESI Func Mov_EDX_DWORD_Ptr_EAX() $OPcode = $OPcode + "8B10" EndFunc ;==>Mov_EDX_DWORD_Ptr_EAX Func Mov_EDX_DWORD_Ptr_EBP() $OPcode = $OPcode + "8B5500" EndFunc ;==>Mov_EDX_DWORD_Ptr_EBP Func Mov_EDX_DWORD_Ptr_EBX() $OPcode = $OPcode + "8B13" EndFunc ;==>Mov_EDX_DWORD_Ptr_EBX Func Mov_EDX_DWORD_Ptr_ECX() $OPcode = $OPcode + "8B11" EndFunc ;==>Mov_EDX_DWORD_Ptr_ECX Func Mov_EDX_DWORD_Ptr_EDX() $OPcode = $OPcode + "8B12" EndFunc ;==>Mov_EDX_DWORD_Ptr_EDX Func Mov_EDX_DWORD_Ptr_EDI() $OPcode = $OPcode + "8B17" EndFunc ;==>Mov_EDX_DWORD_Ptr_EDI Func Mov_EDX_DWORD_Ptr_ESI() $OPcode = $OPcode + "8B16" EndFunc ;==>Mov_EDX_DWORD_Ptr_ESI Func Mov_EDX_DWORD_Ptr_ESP() $OPcode = $OPcode + "8B1424" EndFunc ;==>Mov_EDX_DWORD_Ptr_ESP Func Mov_EAX_EBP() $OPcode = $OPcode + "8BC5" EndFunc ;==>Mov_EAX_EBP Func Mov_EAX_EBX() $OPcode = $OPcode + "8BC3" EndFunc ;==>Mov_EAX_EBX Func Mov_EAX_ECX() $OPcode = $OPcode + "8BC1" EndFunc ;==>Mov_EAX_ECX Func Mov_EAX_EDI() $OPcode = $OPcode + "8BC7" EndFunc ;==>Mov_EAX_EDI Func Mov_EAX_EDX() $OPcode = $OPcode + "8BC2" EndFunc ;==>Mov_EAX_EDX Func Mov_EAX_ESI() $OPcode = $OPcode + "8BC6" EndFunc ;==>Mov_EAX_ESI Func Mov_EAX_ESP() $OPcode = $OPcode + "8BC4" EndFunc ;==>Mov_EAX_ESP Func Mov_EBX_EBP() $OPcode = $OPcode + "8BDD" EndFunc ;==>Mov_EBX_EBP Func Mov_EBX_EAX() $OPcode = $OPcode + "8BD8" EndFunc ;==>Mov_EBX_EAX Func Mov_EBX_ECX() $OPcode = $OPcode + "8BD9" EndFunc ;==>Mov_EBX_ECX Func Mov_EBX_EDI() $OPcode = $OPcode + "8BDF" EndFunc ;==>Mov_EBX_EDI Func Mov_EBX_EDX() $OPcode = $OPcode + "8BDA" EndFunc ;==>Mov_EBX_EDX Func Mov_EBX_ESI() $OPcode = $OPcode + "8BDE" EndFunc ;==>Mov_EBX_ESI Func Mov_EBX_ESP() $OPcode = $OPcode + "8BDC" EndFunc ;==>Mov_EBX_ESP Func Mov_ECX_EBP() $OPcode = $OPcode + "8BCD" EndFunc ;==>Mov_ECX_EBP Func Mov_ECX_EAX() $OPcode = $OPcode + "8BC8" EndFunc ;==>Mov_ECX_EAX Func Mov_ECX_EBX() $OPcode = $OPcode + "8BCB" EndFunc ;==>Mov_ECX_EBX Func Mov_ECX_EDI() $OPcode = $OPcode + "8BCF" EndFunc ;==>Mov_ECX_EDI Func Mov_ECX_EDX() $OPcode = $OPcode + "8BCA" EndFunc ;==>Mov_ECX_EDX Func Mov_ECX_ESI() $OPcode = $OPcode + "8BCE" EndFunc ;==>Mov_ECX_ESI Func Mov_ECX_ESP() $OPcode = $OPcode + "8BCC" EndFunc ;==>Mov_ECX_ESP Func Mov_EDX_EBP() $OPcode = $OPcode + "8BD5" EndFunc ;==>Mov_EDX_EBP Func Mov_EDX_EBX() $OPcode = $OPcode + "8BD3" EndFunc ;==>Mov_EDX_EBX Func Mov_EDX_ECX() $OPcode = $OPcode + "8BD1" EndFunc ;==>Mov_EDX_ECX Func Mov_EDX_EDI() $OPcode = $OPcode + "8BD7" EndFunc ;==>Mov_EDX_EDI Func Mov_EDX_EAX() $OPcode = $OPcode + "8BD0" EndFunc ;==>Mov_EDX_EAX Func Mov_EDX_ESI() $OPcode = $OPcode + "8BD6" EndFunc ;==>Mov_EDX_ESI Func Mov_EDX_ESP() $OPcode = $OPcode + "8BD4" EndFunc ;==>Mov_EDX_ESP Func Mov_ESI_EBP() $OPcode = $OPcode + "8BF5" EndFunc ;==>Mov_ESI_EBP Func Mov_ESI_EBX() $OPcode = $OPcode + "8BF3" EndFunc ;==>Mov_ESI_EBX Func Mov_ESI_ECX() $OPcode = $OPcode + "8BF1" EndFunc ;==>Mov_ESI_ECX Func Mov_ESI_EDI() $OPcode = $OPcode + "8BF7" EndFunc ;==>Mov_ESI_EDI Func Mov_ESI_EAX() $OPcode = $OPcode + "8BF0" EndFunc ;==>Mov_ESI_EAX Func Mov_ESI_EDX() $OPcode = $OPcode + "8BF2" EndFunc ;==>Mov_ESI_EDX Func Mov_ESI_ESP() $OPcode = $OPcode + "8BF4" EndFunc ;==>Mov_ESI_ESP Func Mov_ESP_EBP() $OPcode = $OPcode + "8BE5" EndFunc ;==>Mov_ESP_EBP Func Mov_ESP_EBX() $OPcode = $OPcode + "8BE3" EndFunc ;==>Mov_ESP_EBX Func Mov_ESP_ECX() $OPcode = $OPcode + "8BE1" EndFunc ;==>Mov_ESP_ECX Func Mov_ESP_EDI() $OPcode = $OPcode + "8BE7" EndFunc ;==>Mov_ESP_EDI Func Mov_ESP_EAX() $OPcode = $OPcode + "8BE0" EndFunc ;==>Mov_ESP_EAX Func Mov_ESP_EDX() $OPcode = $OPcode + "8BE2" EndFunc ;==>Mov_ESP_EDX Func Mov_ESP_ESI() $OPcode = $OPcode + "8BE6" EndFunc ;==>Mov_ESP_ESI Func Mov_EDI_EBP() $OPcode = $OPcode + "8BFD" EndFunc ;==>Mov_EDI_EBP Func Mov_EDI_EAX() $OPcode = $OPcode + "8BF8" EndFunc ;==>Mov_EDI_EAX Func Mov_EDI_EBX() $OPcode = $OPcode + "8BFB" EndFunc ;==>Mov_EDI_EBX Func Mov_EDI_ECX() $OPcode = $OPcode + "8BF9" EndFunc ;==>Mov_EDI_ECX Func Mov_EDI_EDX() $OPcode = $OPcode + "8BFA" EndFunc ;==>Mov_EDI_EDX Func Mov_EDI_ESI() $OPcode = $OPcode + "8BFE" EndFunc ;==>Mov_EDI_ESI Func Mov_EDI_ESP() $OPcode = $OPcode + "8BFC" EndFunc ;==>Mov_EDI_ESP Func Mov_EBP_EDI() $OPcode = $OPcode + "8BDF" EndFunc ;==>Mov_EBP_EDI Func Mov_EBP_EAX() $OPcode = $OPcode + "8BE8" EndFunc ;==>Mov_EBP_EAX Func Mov_EBP_EBX() $OPcode = $OPcode + "8BEB" EndFunc ;==>Mov_EBP_EBX Func Mov_EBP_ECX() $OPcode = $OPcode + "8BE9" EndFunc ;==>Mov_EBP_ECX Func Mov_EBP_EDX() $OPcode = $OPcode + "8BEA" EndFunc ;==>Mov_EBP_EDX Func Mov_EBP_ESI() $OPcode = $OPcode + "8BEE" EndFunc ;==>Mov_EBP_ESI Func Mov_EBP_ESP() $OPcode = $OPcode + "8BEC" EndFunc ;==>Mov_EBP_ESP ;Push ;+++++++++++++++++++++++++++++++++++ Func Push($i) ;If $i <= 255 Then ;$OPcode = $OPcode + "6A" + Int2Hex($i, 2) ;Else $OPcode = $OPcode + "68" + Int2Hex($i, 8) ;EndIf EndFunc ;==>Push Func Push_DWORD_Ptr($i) $OPcode = $OPcode + "FF35" + Int2Hex($i, 8) EndFunc ;==>Push_DWORD_Ptr Func Push_EAX() $OPcode = $OPcode + "50" EndFunc ;==>Push_EAX Func Push_ECX() $OPcode = $OPcode + "51" EndFunc ;==>Push_ECX Func Push_EDX() $OPcode = $OPcode + "52" EndFunc ;==>Push_EDX Func Push_EBX() $OPcode = $OPcode + "53" EndFunc ;==>Push_EBX Func Push_ESP() $OPcode = $OPcode + "54" EndFunc ;==>Push_ESP Func Push_EBP() $OPcode = $OPcode + "55" EndFunc ;==>Push_EBP Func Push_ESI() $OPcode = $OPcode + "56" EndFunc ;==>Push_ESI Func Push_EDI() $OPcode = $OPcode + "57" EndFunc ;==>Push_EDI ;LEA Func Lea_EAX_DWORD_Ptr_EAX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D40" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D80" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EAX_DWORD_Ptr_EAX_Add Func Lea_EAX_DWORD_Ptr_EBX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D43" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D83" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EAX_DWORD_Ptr_EBX_Add Func Lea_EAX_DWORD_Ptr_ECX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D41" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D81" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EAX_DWORD_Ptr_ECX_Add Func Lea_EAX_DWORD_Ptr_EDX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D42" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D82" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EAX_DWORD_Ptr_EDX_Add Func Lea_EAX_DWORD_Ptr_ESI_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D46" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D86" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EAX_DWORD_Ptr_ESI_Add Func Lea_EAX_DWORD_Ptr_ESP_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D40" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D80" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EAX_DWORD_Ptr_ESP_Add Func Lea_EAX_DWORD_Ptr_EBP_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D4424" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D8424" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EAX_DWORD_Ptr_EBP_Add Func Lea_EAX_DWORD_Ptr_EDI_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D47" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D87" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EAX_DWORD_Ptr_EDI_Add Func Lea_EBX_DWORD_Ptr_EAX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D58" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D98" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EBX_DWORD_Ptr_EAX_Add Func Lea_EBX_DWORD_Ptr_ESP_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D5C24" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D9C24" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EBX_DWORD_Ptr_ESP_Add Func Lea_EBX_DWORD_Ptr_EBX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D5B" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D9B" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EBX_DWORD_Ptr_EBX_Add Func Lea_EBX_DWORD_Ptr_ECX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D59" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D99" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EBX_DWORD_Ptr_ECX_Add Func Lea_EBX_DWORD_Ptr_EDX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D5A" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D9A" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EBX_DWORD_Ptr_EDX_Add Func Lea_EBX_DWORD_Ptr_EDI_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D5F" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D9F" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EBX_DWORD_Ptr_EDI_Add Func Lea_EBX_DWORD_Ptr_EBP_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D5D" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D9D" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EBX_DWORD_Ptr_EBP_Add Func Lea_EBX_DWORD_Ptr_ESI_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D5E" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D9E" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EBX_DWORD_Ptr_ESI_Add Func Lea_ECX_DWORD_Ptr_EAX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D48" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D88" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_ECX_DWORD_Ptr_EAX_Add Func Lea_ECX_DWORD_Ptr_ESP_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D4C24" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D8C24" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_ECX_DWORD_Ptr_ESP_Add Func Lea_ECX_DWORD_Ptr_EBX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D4B" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D8B" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_ECX_DWORD_Ptr_EBX_Add Func Lea_ECX_DWORD_Ptr_ECX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D49" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D89" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_ECX_DWORD_Ptr_ECX_Add Func Lea_ECX_DWORD_Ptr_EDX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D4A" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D8A" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_ECX_DWORD_Ptr_EDX_Add Func Lea_ECX_DWORD_Ptr_EDI_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D4F" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D8F" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_ECX_DWORD_Ptr_EDI_Add Func Lea_ECX_DWORD_Ptr_EBP_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D4D" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D8D" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_ECX_DWORD_Ptr_EBP_Add Func Lea_ECX_DWORD_Ptr_ESI_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D4E" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D8E" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_ECX_DWORD_Ptr_ESI_Add Func Lea_EDX_DWORD_Ptr_EAX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D50" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D90" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EDX_DWORD_Ptr_EAX_Add Func Lea_EDX_DWORD_Ptr_ESP_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D5424" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D9424" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EDX_DWORD_Ptr_ESP_Add Func Lea_EDX_DWORD_Ptr_EBX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D53" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D93" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EDX_DWORD_Ptr_EBX_Add Func Lea_EDX_DWORD_Ptr_ECX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D51" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D91" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EDX_DWORD_Ptr_ECX_Add Func Lea_EDX_DWORD_Ptr_EDX_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D52" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D92" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EDX_DWORD_Ptr_EDX_Add Func Lea_EDX_DWORD_Ptr_EDI_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D57" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D97" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EDX_DWORD_Ptr_EDI_Add Func Lea_EDX_DWORD_Ptr_EBP_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D55" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D95" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EDX_DWORD_Ptr_EBP_Add Func Lea_EDX_DWORD_Ptr_ESI_Add($i) If $i <= 255 Then $OPcode = $OPcode + "8D56" + Int2Hex($i, 2) Else $OPcode = $OPcode + "8D96" + Int2Hex($i, 8) EndIf EndFunc ;==>Lea_EDX_DWORD_Ptr_ESI_Add ;POP Func Pop_EAX() $OPcode = $OPcode + "58" EndFunc ;==>Pop_EAX Func Pop_EBX() $OPcode = $OPcode + "5B" EndFunc ;==>Pop_EBX Func Pop_ECX() $OPcode = $OPcode + "59" EndFunc ;==>Pop_ECX Func Pop_EDX() $OPcode = $OPcode + "5A" EndFunc ;==>Pop_EDX Func Pop_ESI() $OPcode = $OPcode + "5E" EndFunc ;==>Pop_ESI Func Pop_ESP() $OPcode = $OPcode + "5C" EndFunc ;==>Pop_ESP Func Pop_EDI() $OPcode = $OPcode + "5F" EndFunc ;==>Pop_EDI Func Pop_EBP() $OPcode = $OPcode + "5D" EndFunc ;==>Pop_EBP Func Ptr(ByRef $Add) $Ptr = VarPtr($Add) EndFunc ;==>Ptr Func Float4Int($Ans) ;浮点转整形 Dim $AB, $a CopyMemory($AB, $Ans, 4) $Float4Int = $AB EndFunc ;==>Float4Int ;Func Float8Int(ByRef Ans) ;浮点转整形 ; Dim AB As Long ; CopyMemory AB, Ans, 8 ; Float8Int = AB ;EndFunc Edited April 12, 2008 by SmOke_N Added autoit tags Link to comment Share on other sites More sharing options...
Moderators SmOke_N Posted April 12, 2008 Moderators Share Posted April 12, 2008 (edited) Seems the [ codebox] [ /codebox] tags are failing, try replacing them with AutoIt ones. (Just replace codebox with AutoIt between the brackets on yours.) You might also explain exactly what you are talking about. Edit: I would fix it for you on the tags, but I'm sure you have some type of syntax spacing that would make it look cleaner if you repasted your work. Edited April 12, 2008 by SmOke_N Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer. Link to comment Share on other sites More sharing options...
Nordwind Posted April 25, 2008 Share Posted April 25, 2008 (edited) "whatmeans" is trying to write an simple, but fast (inline)assembler for AutoIt... I wrote the Inline-Assembler XPIA for Profan, but XPIA use a complete other technic to do that. "whatmeans" is direct generating machinecode, what means several negativ effects, e.g. he could not uses API. My technic is to build a dll from inline-assembler-pieces and generates datas from this dll into the original sourcecode. I use MASM32 to generate this dlls and my inline assembler can use the complete MASM-syntax including all API and macros. Fine work, whatmeans! Edited April 25, 2008 by Nordwind Link to comment Share on other sites More sharing options...
weaponx Posted April 25, 2008 Share Posted April 25, 2008 Looks similar to Lazycat's example script:http://www.autoitscript.com/forum/index.php?showtopic=60890 Link to comment Share on other sites More sharing options...
bhduong Posted May 22, 2008 Share Posted May 22, 2008 It's impress me much. But can you give me an example using asm code and inject function. I have a trouble of using it Link to comment Share on other sites More sharing options...
StrategicX Posted July 9, 2009 Share Posted July 9, 2009 There really is a god... Thank you jesus xD *WoW Dev Projects: AFK Tele Bot development journalSimple Player Pointer Scanner + Z-Teleport*My Projects: coming soon.Check out my WoW Dev wiki for patch 3.0.9!http://www.wowdev.wikidot.com Link to comment Share on other sites More sharing options...
colafrysen Posted July 9, 2009 Share Posted July 9, 2009 Is there something wrong with the code? If Not Then I think this belongs in the Example Scripts forum, easier to find it that way, as it seems to be a lot of work worth revisiting when i know ASM [font="Impact"]Use the helpfile, It´s one of the best exlusive features of Autoit.[/font]http://support.microsoft.com/kb/q555375ALIBI Run - a replacement for the windows run promptPC Controller - an application for controlling other PCs[size="1"]Science flies us to the moon. Religion flies us into buildings.[/size][size="1"]http://bit.ly/cAMPZV[/size] Link to comment Share on other sites More sharing options...
UEZ Posted July 9, 2009 Share Posted July 9, 2009 (edited) An example of the ASM would be very nice :-) UEZ Edit: @whatmeans: forgot to mention that the code looks very interesting! Thanks for sharing Edited July 9, 2009 by UEZ Please don't send me any personal message and ask for support! I will not reply! Selection of finest graphical examples at Codepen.io The own fart smells best! ✌Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!¯\_(ツ)_/¯ ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ Link to comment Share on other sites More sharing options...
Greenhorn Posted July 9, 2009 Share Posted July 9, 2009 Hi, this looks very nice, but I found a little error in a function declaration/definition: Func Ptr(ByRef $Add) $Ptr = VarPtr($Add) EndFunc ;==>Ptr This is alreardy defined by AutoIt, isn't it. And yes, an example would be nice ... Greets Greenhorn Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now