wolf9228 Posted August 25, 2015 Share Posted August 25, 2015 Project to search for binary data in three different ways using assembly languageThree ways- Search for a binary- Search for a binary using the callback function- Search for a binary using the data structureFind very fast .. GreetingsProject Files ASM_BinarySearch.zip ASM_BinarySearch.au3expandcollapse popup#include <WinAPI.au3> Global $MsvcrtDll = _WinAPI_LoadLibrary( "msvcrt.dll" ) Global $Mmove = _WinAPI_GetProcAddress($MsvcrtDll,"memmove") Global $Malloc = _WinAPI_GetProcAddress($MsvcrtDll,"malloc") Global $FreeMemy = _WinAPI_GetProcAddress($MsvcrtDll,"free") Global $DwordSize=DllStructGetSize(DllStructCreate("DWORD")) Global $PointerSize=DllStructGetSize(DllStructCreate("PTR")) Global $AddressBinarySearch = LoadBinarySearch() Global $AddressBinarySearchPtr = DllStructGetPtr($AddressBinarySearch) Global $AddressCallbackBinarySearch = LoadCallbackBinarySearch() Global $AddressCallbackBinarySearchPtr = DllStructGetPtr($AddressCallbackBinarySearch) Global $AddressXBinarySearch = LoadXBinarySearch() Global $AddressXBinarySearchPtr = DllStructGetPtr($AddressXBinarySearch) Func BinarySearch($DataPtr,$SubDataPtr,$DataPtrSize,$SubDataPtrSize,$Step = 1) ; $Step Loop Step if ($SubDataPtrSize < 1) Or ($DataPtrSize < 1) Or ($SubDataPtrSize > $DataPtrSize) Then Return SetError(1,0,0) Local $MaxPosition = ($DataPtrSize - $SubDataPtrSize) $Return = DllCallAddress("DWORD",$AddressBinarySearchPtr,"DWORD",$MaxPosition, _ "DWORD",$DataPtrSize,"DWORD",$SubDataPtrSize,"PTR",$DataPtr,"PTR",$SubDataPtr,"DWORD",$Step) if @error Then Return SetError(2,0,0) Return $Return[0] ; Return FindPosition // OffSetPosition = FindPosition - 1 EndFunc Func CallbackBinarySearch($DataPtr,$SubDataPtr,$CbFuncName,$DataPtrSize,$SubDataPtrSize,$Step = 1) ; $Step Loop Step ;$CbFuncName ;Func CallbackFunc($FindPosition,$OffSetPosition,$DataPtr,$SubDataPtr,$DataPtrSize,$SubDataPtrSize) ;MsgBox(0,"OffSetPosition = " & $OffSetPosition ,"FindPosition = " & $FindPosition) ;Return 1 ;return ;0 ; Stop ;Other Ways : Continue ;EndFunc if ($SubDataPtrSize < 1) Or ($DataPtrSize < 1) Or ($SubDataPtrSize > $DataPtrSize) Then Return SetError(1,0,False) Local $RegCallbackFunc = DllCallbackRegister($CbFuncName,"DWORD","DWORD;DWORD;PTR;PTR;DWORD;DWORD") if @error Then Return SetError(2,0,False) Local $CkFuncPtr = DllCallbackGetPtr($RegCallbackFunc) Local $MaxPosition = ($DataPtrSize - $SubDataPtrSize) Local $StepTest = $Step >= $SubDataPtrSize $Return = DllCallAddress("DWORD",$AddressCallbackBinarySearchPtr,"DWORD",$MaxPosition,"DWORD", _ $DataPtrSize,"DWORD",$SubDataPtrSize,"PTR",$DataPtr,"PTR",$SubDataPtr,"PTR",$CkFuncPtr,"DWORD",$Step,"DWORD",$StepTest) if @error Then DllCallbackFree($RegCallbackFunc) Return SetError(3,0,False) EndIf DllCallbackFree($RegCallbackFunc) Return True ; Return BOOL EndFunc Func XBinarySearch($DataPtr,$SubDataPtr,$DataPtrSize,$SubDataPtrSize,$Step = 1) ; $Step Loop Step if ($SubDataPtrSize < 1) Or ($DataPtrSize < 1) Or ($SubDataPtrSize > $DataPtrSize) Then Return SetError(1,0,False) Local $tagReturnStruct = "DWORD ArrayCount;PTR PositionArray" Local $ReturnStruct = DllStructCreate($tagReturnStruct) Local $RtStructPtr = DllStructGetPtr($ReturnStruct) Local $MaxPosition = ($DataPtrSize - $SubDataPtrSize) Local $StepTest = $Step >= $SubDataPtrSize Local $Return = DllCallAddress("DWORD",$AddressXBinarySearchPtr,"DWORD",$MaxPosition,"DWORD",$DataPtrSize, _ "DWORD",$SubDataPtrSize,"PTR",$DataPtr,"PTR",$SubDataPtr,"PTR",$RtStructPtr,"DWORD",$Step,"DWORD",$StepTest) if @error Then Return SetError(2,0,0) Local $ArrayCount = DllStructGetData($ReturnStruct,1) Local $PosonArray = DllStructGetData($ReturnStruct,2) if ($ArrayCount = 0) Then Return SetError(3,0,0) Local $tagReturnStruct = "DWORD ArrayCount;DWORD PositionArray[" & $ArrayCount & "]" Local $ReturnStruct = DllStructCreate($tagReturnStruct) Local $NewPosonArray = DllStructGetPtr($ReturnStruct,2) DllStructSetData($ReturnStruct,1,$ArrayCount) DllCallAddress("ptr:cdecl",$Mmove,"ptr",$NewPosonArray,"ptr",$PosonArray,"int",($ArrayCount * $DwordSize)) DllCallAddress("none:cdecl",$FreeMemy,"ptr",$PosonArray) Return $ReturnStruct ; Return Struct of FindPosition // tagStruct = "DWORD ArrayCount;DWORD PositionArray[" & ArrayCount & "]" EndFunc Func LoadBinarySearch() Local $TA,$TB,$TC,$Start,$JGEnd,$JZTC,$TBJNZ,$JMPTA,$JMPStart,$End Local $OffSetMaxPosition = $PointerSize Local $OffSetDataPtrSize = ($OffSetMaxPosition + $DwordSize) Local $OffSetSubDataPtrSize = ($OffSetDataPtrSize + $DwordSize) Local $OffSetDataPtr = ($OffSetSubDataPtrSize + $DwordSize) Local $OffSetSubDataPtr = ($OffSetDataPtr + $PointerSize) Local $OffSetStep = ($OffSetSubDataPtr + $PointerSize) For $i = 1 To 2 $_ASMCode = "0x" $_ASMCode &= "BF" & HexBinary(0) ;mov edi,0 $_ASMCode &= "8B7424" & Hex($OffSetSubDataPtrSize,2) ;mov esi,[esp + $OffSetSubDataPtrSize] $_ASMCode &= "8B5C24" & Hex($OffSetDataPtr,2) ;mov ebx,[esp + $OffSetDataPtr] $_ASMCode &= "8B4424" & Hex($OffSetSubDataPtr,2) ;mov eax,[esp + $OffSetSubDataPtr] ; $Start: // $Start = BinaryLen($_ASMCode) $_ASMCode &= "BA" & HexBinary(0) ;mov edx,0 ; TA: // $TA = BinaryLen($_ASMCode) $_ASMCode &= "3BF2";CMP esi,edx $_ASMCode &= "74" & Hex(($TC - $JZTC),2) ;JZ $TC; $JZTC = BinaryLen($_ASMCode) $_ASMCode &= "8A2C10" ;mov CH,[eax + edx]; $_ASMCode &= "3A2C13" ;CMP CH,[ebx + edx] $_ASMCode &= "75" & Hex(($TB - $TBJNZ),2) ;JNZ TB $TBJNZ = BinaryLen($_ASMCode) $_ASMCode &= "83C2" & Hex(1,2) ;add edx,1 $JMPTA = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPTA - $TA) + 5)) ;JMP TA ; TB: // $TB = BinaryLen($_ASMCode) $_ASMCode &= "037C24" & Hex($OffSetStep,2) ;add edi,[esp + $OffSetStep] $_ASMCode &= "3B7C24" & Hex($OffSetMaxPosition,2) ;CMP edi,[esp + $OffSetMaxPosition] $_ASMCode &= "7F" & Hex(($End - $JGEnd),2) ;JG End $JGEnd = BinaryLen($_ASMCode) $_ASMCode &= "035C24" & Hex($OffSetStep,2) ;add ebx,[esp + $OffSetStep] $JMPStart = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPStart - $Start) + 5)) ;JMP Start ; TC: // $TC = BinaryLen($_ASMCode) $_ASMCode &= "83C7" & Hex(1,2) ;add edi,1 $_ASMCode &= "8BC7" ;mov eax,edi $_ASMCode &= "C2" & Hex((($PointerSize * 2) + ($DwordSize * 4)),2) & Hex(0,2) ;ret (($PointerSize * 2) + ($DwordSize * 3)) & "00" // Args Size ; End: // $End = BinaryLen($_ASMCode) $_ASMCode &= "B8" & HexBinary(0) ;mov eax,0 $_ASMCode &= "C2" & Hex((($PointerSize * 2) + ($DwordSize * 4)),2) & Hex(0,2) ;ret (($PointerSize * 2) + ($DwordSize * 3)) & "00" // Args Size Next $Address = DllStructCreate("byte[" & BinaryLen($_ASMCode) & "]") DllStructSetData($Address,1,$_ASMCode) Return $Address EndFunc Func LoadCallbackBinarySearch() Local $TA,$TB,$TC,$Start,$JGEnd,$JZTC,$TBJNZ,$JMPTA,$JMPStartA,$JMPStartB,$End,$JZEnd,$JGEnd2,$JZTD,$TD,$JGEnd3,$JMPStartC Local $OffSetMaxPosition = $PointerSize Local $OffSetDataPtrSize = ($OffSetMaxPosition + $DwordSize) Local $OffSetSubDataPtrSize = ($OffSetDataPtrSize + $DwordSize) Local $OffSetDataPtr = ($OffSetSubDataPtrSize + $DwordSize) Local $OffSetSubDataPtr = ($OffSetDataPtr + $PointerSize) Local $OffSetCkFuncPtr = ($OffSetSubDataPtr + $PointerSize) Local $OffSetStep = ($OffSetCkFuncPtr + $PointerSize) Local $OffSetStepTest = ($OffSetStep + $DwordSize) For $i = 1 To 2 $_ASMCode = "0x" $_ASMCode &= "BF" & HexBinary(0) ;mov edi,0 $_ASMCode &= "8B7424" & Hex($OffSetMaxPosition,2) ;mov esi,[esp + $OffSetMaxPosition] $_ASMCode &= "8B5C24" & Hex($OffSetDataPtr,2) ;mov ebx,[esp + $OffSetDataPtr] $_ASMCode &= "8B4C24" & Hex($OffSetSubDataPtr,2) ;mov ecx,[esp + $OffSetSubDataPtr] ; $Start: // $Start = BinaryLen($_ASMCode) $_ASMCode &= "BA" & HexBinary(0) ;mov edx,0 ; TA: // $TA = BinaryLen($_ASMCode) $_ASMCode &= "3B5424" & Hex($OffSetSubDataPtrSize,2) ;CMP edx,[esp + $OffSetSubDataPtrSize] $_ASMCode &= "74" & Hex(($TC - $JZTC),2) ;JZ $TC; $JZTC = BinaryLen($_ASMCode) $_ASMCode &= "8A2413" ;mov AH,[ebx + edx] $_ASMCode &= "3A2411" ;CMP AH,[ecx + edx] $_ASMCode &= "75" & Hex(($TB - $TBJNZ),2) ;JNZ TB $TBJNZ = BinaryLen($_ASMCode) $_ASMCode &= "83C2" & Hex(1,2) ;add edx,1 $JMPTA = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPTA - $TA) + 5)) ;JMP TA ; TB: // $TB = BinaryLen($_ASMCode) $_ASMCode &= "037C24" & Hex($OffSetStep,2) ;add edi,[esp + $OffSetStep] $_ASMCode &= "3BFE" ;CMP edi,esi $_ASMCode &= "7F" & Hex(($End - $JGEnd),2) ;JG End $JGEnd = BinaryLen($_ASMCode) $_ASMCode &= "035C24" & Hex($OffSetStep,2) ;add ebx,[esp + $OffSetStep] $JMPStartA = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPStartA - $Start) + 5)) ;JMP Start ; TC: // $TC = BinaryLen($_ASMCode) $_ASMCode &= "8B4424" & Hex($OffSetCkFuncPtr,2) ;mov eax,[esp + $OffSetCkFuncPtr] $_ASMCode &= "FF7424" & Hex($OffSetSubDataPtrSize,2) ;push [esp + $OffSetSubDataPtrSize] $_ASMCode &= "FF7424" & Hex($OffSetDataPtrSize,2) ;push [esp + $OffSetDataPtrSize] $_ASMCode &= "FF7424" & Hex($OffSetSubDataPtr,2) ;push [esp + $OffSetSubDataPtr] $_ASMCode &= "FF7424" & Hex($OffSetDataPtr,2) ;push [esp + $OffSetDataPtr] $_ASMCode &= "57" ;push edi; $_ASMCode &= "83C7" & Hex(1,2) ;add edi,1 $_ASMCode &= "57" ;push edi; $_ASMCode &= "83EF" & Hex(1,2) ;sub edi,1 $_ASMCode &= "FFD0" ;call eax $_ASMCode &= "83F8" & Hex(0,2);CMP eax,0 $_ASMCode &= "74" & Hex(($End - $JZEnd),2) ;JZ $End; $JZEnd = BinaryLen($_ASMCode) $_ASMCode &= "8B4424" & Hex($OffSetStepTest,2) ;mov eax,[esp + $OffSetStepTest] $_ASMCode &= "83F8" & Hex(1,2);CMP eax,1 $_ASMCode &= "74" & Hex(($TD - $JZTD),2) ;JZ $TD; $JZTD = BinaryLen($_ASMCode) $_ASMCode &= "037C24" & Hex($OffSetSubDataPtrSize,2) ;add edi,[esp + $OffSetSubDataPtrSize] $_ASMCode &= "3BFE" ;CMP edi,esi $_ASMCode &= "7F" & Hex(($End - $JGEnd3),2) ;JG End $JGEnd3 = BinaryLen($_ASMCode) $_ASMCode &= "035C24" & Hex($OffSetSubDataPtrSize,2) ;add ebx,[esp + $OffSetSubDataPtrSize] $_ASMCode &= "8B4C24" & Hex($OffSetSubDataPtr,2) ;mov ecx,[esp + $OffSetSubDataPtr] $JMPStartC = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPStartC - $Start) + 5)) ;JMP Start ; TD: // $TD = BinaryLen($_ASMCode) $_ASMCode &= "037C24" & Hex($OffSetStep,2) ;add edi,[esp + $OffSetStep] $_ASMCode &= "3BFE" ;CMP edi,esi $_ASMCode &= "7F" & Hex(($End - $JGEnd2),2) ;JG End $JGEnd2 = BinaryLen($_ASMCode) $_ASMCode &= "035C24" & Hex($OffSetStep,2) ;add ebx,[esp + $OffSetStep] $_ASMCode &= "8B4C24" & Hex($OffSetSubDataPtr,2) ;mov ecx,[esp + $OffSetSubDataPtr] $JMPStartB = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPStartB - $Start) + 5)) ;JMP Start ; End: // $End = BinaryLen($_ASMCode) $_ASMCode &= "B8" & HexBinary(0) ;mov eax,0 $_ASMCode &= "C2" & Hex((($PointerSize * 3) + ($DwordSize * 5)),2) & Hex(0,2) ;ret (($PointerSize * 3) + ($DwordSize * 5)) & "00" // Args Size Next $Address = DllStructCreate("byte[" & BinaryLen($_ASMCode) & "]") DllStructSetData($Address,1,$_ASMCode) Return $Address EndFunc Func LoadXBinarySearch() Local $TA,$TB,$TC,$TD,$Start,$JGEnd,$JZTC,$TBJNZ,$JMPTA,$JMPStartA,$JMPStartB Local $JMPStartC ,$End,$JZEnd,$JZTD,$TE,$JZTE,$JMPStartD,$TF,$JZTF,$JMPStartE Local $OffSetMaxPosition = $PointerSize Local $OffSetDataPtrSize = ($OffSetMaxPosition + $DwordSize) Local $OffSetSubDataPtrSize = ($OffSetDataPtrSize + $DwordSize) Local $OffSetDataPtr = ($OffSetSubDataPtrSize + $DwordSize) Local $OffSetSubDataPtr = ($OffSetDataPtr + $PointerSize) Local $OffSetRtStPtr = ($OffSetSubDataPtr + $PointerSize) Local $OffSetStep = ($OffSetRtStPtr + $PointerSize) Local $OffSetStepTest = ($OffSetStep + $DwordSize) For $i = 1 To 2 $_ASMCode = "0x" $_ASMCode &= "BF" & HexBinary(0) ;mov edi,0 ;$Start: // $Start = BinaryLen($_ASMCode) $_ASMCode &= "8B4424" & Hex($OffSetMaxPosition,2) ;mov eax,[esp + $OffSetMaxPosition] $_ASMCode &= "3BF8" ;CMP edi,eax $_ASMCode &= "0F8F" & HexBinary(($End - $JGEnd)) ;JG End $JGEnd = BinaryLen($_ASMCode) $_ASMCode &= "BE" & HexBinary(0) ;mov esi,0 ; TA: // $TA = BinaryLen($_ASMCode) $_ASMCode &= "8B4424" & Hex($OffSetSubDataPtrSize,2) ;mov eax,[esp + $OffSetSubDataPtrSize] $_ASMCode &= "3BF0" ;CMP esi,eax $_ASMCode &= "74" & Hex(($TC - $JZTC),2) ;JZ $TC; $JZTC = BinaryLen($_ASMCode) $_ASMCode &= "8B5C24" & Hex($OffSetDataPtr,2) ;mov ebx,[esp + $OffSetDataPtr] $_ASMCode &= "03DF" ;add ebx,edi $_ASMCode &= "03DE" ;add ebx,esi $_ASMCode &= "8A0B" ;mov CL,[ebx]; $_ASMCode &= "8B5C24" & Hex($OffSetSubDataPtr,2) ;mov ebx,[esp + $OffSetSubDataPtr] $_ASMCode &= "03DE" ;add ebx,esi $_ASMCode &= "8A2B" ;mov CH,[ebx]; $_ASMCode &= "3ACD" ;CMP CL,CH $_ASMCode &= "75" & Hex(($TB - $TBJNZ),2) ;JNZ TE $TBJNZ = BinaryLen($_ASMCode) $_ASMCode &= "83C6" & Hex(1,2) ;add esi,1 $JMPTA = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPTA - $TA) + 5)) ;JMP TA ; TB: // $TB = BinaryLen($_ASMCode) $_ASMCode &= "037C24" & Hex($OffSetStep,2) ;add edi,[esp + $OffSetStep] $JMPStartA = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPStartA - $Start) + 5)) ;JMP Start ; TC: // $TC = BinaryLen($_ASMCode) $_ASMCode &= "8B4424" & Hex($OffSetRtStPtr,2) ;mov eax,[esp + $OffSetRtStPtr] $_ASMCode &= "8B00" ;mov eax,[eax] $_ASMCode &= "83F8" & Hex(0,2);CMP eax,0 $_ASMCode &= "74" & Hex(($TD - $JZTD),2) ;JZ $TD $JZTG = BinaryLen($_ASMCode) $_ASMCode &= "83C7" & Hex(1,2) ;add edi,1 $_ASMCode &= "8B4424" & Hex($OffSetRtStPtr,2) ;mov eax,[esp + $OffSetRtStPtr] $_ASMCode &= "8B00" ;mov eax,[eax] $_ASMCode &= "83C0" & Hex(1,2) ;add eax,1 $_ASMCode &= "B9" & HexBinary($DwordSize) ;mov ecx,$DwordSize $_ASMCode &= "F7E1" ;MUL ecx; $_ASMCode &= "50" ;push eax $_ASMCode &= "B8" & HexBinary($Malloc) ;mov eax,$Malloc $_ASMCode &= "FFD0" ;call eax $_ASMCode &= "83C4" & Hex($DwordSize,2) ;add esp,$DwordSize $_ASMCode &= "8BD8" ;mov ebx,eax $_ASMCode &= "8B4424" & Hex($OffSetRtStPtr,2) ;mov eax,[esp + $OffSetRtStPtr] $_ASMCode &= "8B00" ;mov eax,[eax] $_ASMCode &= "B9" & HexBinary($DwordSize) ;mov ecx,$DwordSize $_ASMCode &= "F7E1" ;MUL ecx; $_ASMCode &= "50" ;push eax $_ASMCode &= "8B4424" & Hex(($OffSetRtStPtr + $DwordSize),2) ;mov eax,[esp + ($OffSetRtStPtr + $DwordSize)] $_ASMCode &= "83C0" & Hex($DwordSize,2) ;add eax,$DwordSize $_ASMCode &= "8B00" ;mov eax,[eax] $_ASMCode &= "50" ;push eax $_ASMCode &= "53" ;push ebx $_ASMCode &= "B8" & HexBinary($Mmove) ;mov eax,$Mmove $_ASMCode &= "FFD0" ;call eax $_ASMCode &= "83C4" & Hex((($PointerSize * 2) + $DwordSize),2) ;add esp,(($PointerSize * 2) + $DwordSize) $_ASMCode &= "8B4424" & Hex($OffSetRtStPtr,2) ;mov eax,[esp + $OffSetRtStPtr] $_ASMCode &= "83C0" & Hex($DwordSize,2) ;add eax,$DwordSize $_ASMCode &= "8B00" ;mov eax,[eax] $_ASMCode &= "50" ;push eax $_ASMCode &= "B8" & HexBinary($FreeMemy) ;mov eax,$FreeMemy $_ASMCode &= "FFD0" ;call eax $_ASMCode &= "83C4" & Hex($PointerSize,2) ;add esp,$PointerSize $_ASMCode &= "8B4424" & Hex($OffSetRtStPtr,2) ;mov eax,[esp + $OffSetRtStPtr] $_ASMCode &= "8B00" ;mov eax,[eax] $_ASMCode &= "B9" & HexBinary($DwordSize) ;mov ecx,$DwordSize $_ASMCode &= "F7E1" ;MUL ecx; $_ASMCode &= "893C03" ;mov [ebx + eax],edi $_ASMCode &= "8B4424" & Hex($OffSetRtStPtr,2) ;mov eax,[esp + $OffSetRtStPtr] $_ASMCode &= "8000" & Hex(1,2) ;add [eax],1 $_ASMCode &= "83C0" & Hex($DwordSize,2) ;add eax,$DwordSize $_ASMCode &= "8918" ;mov [eax],ebx $_ASMCode &= "83EF" & Hex(1,2) ;sub edi,1 $_ASMCode &= "8B4424" & Hex($OffSetStepTest,2) ;mov eax,[esp + $OffSetStepTest] $_ASMCode &= "83F8" & Hex(1,2);CMP eax,1 $_ASMCode &= "74" & Hex(($TF - $JZTF),2) ;JZ $TF; $JZTF = BinaryLen($_ASMCode) $_ASMCode &= "037C24" & Hex($OffSetSubDataPtrSize,2) ;add edi,[esp + $OffSetSubDataPtrSize] $JMPStartE = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPStartE - $Start) + 5)) ;JMP Start ; TF: // $TF = BinaryLen($_ASMCode) $_ASMCode &= "037C24" & Hex($OffSetStep,2) ;add edi,[esp + $OffSetStep] $JMPStartB = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPStartB - $Start) + 5)) ;JMP Start ; $TD: // $TD = BinaryLen($_ASMCode) $_ASMCode &= "83C7" & Hex(1,2) ;add edi,1 $_ASMCode &= "BB" & HexBinary($DwordSize) ;mov ebx,$DwordSize $_ASMCode &= "53" ;push ebx $_ASMCode &= "B8" & HexBinary($Malloc) ;mov eax,$Malloc $_ASMCode &= "FFD0" ;call eax $_ASMCode &= "83C4" & Hex($DwordSize,2) ;add esp,$DwordSize $_ASMCode &= "8938" ;mov [eax],edi $_ASMCode &= "8B5C24" & Hex($OffSetRtStPtr,2) ;mov ebx,[esp + $OffSetRtStPtr] $_ASMCode &= "C603" & Hex(1,2) ;mov [ebx],1 $_ASMCode &= "83C3" & Hex($DwordSize,2) ;add ebx,$DwordSize $_ASMCode &= "8903" ;mov [ebx],eax $_ASMCode &= "83EF" & Hex(1,2) ;sub edi,1 $_ASMCode &= "8B4424" & Hex($OffSetStepTest,2) ;mov eax,[esp + $OffSetStepTest] $_ASMCode &= "83F8" & Hex(1,2);CMP eax,1 $_ASMCode &= "74" & Hex(($TE - $JZTE),2) ;JZ $TE; $JZTE = BinaryLen($_ASMCode) $_ASMCode &= "037C24" & Hex($OffSetSubDataPtrSize,2) ;add edi,[esp + $OffSetSubDataPtrSize] $JMPStartD = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPStartD - $Start) + 5)) ;JMP Start ; $TE: // $TE = BinaryLen($_ASMCode) $_ASMCode &= "037C24" & Hex($OffSetStep,2) ;add edi,[esp + $OffSetStep] $JMPStartC = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPStartC - $Start) + 5)) ;JMP Start ; End: // $End = BinaryLen($_ASMCode) $_ASMCode &= "B8" & HexBinary(0) ;mov eax,0 $_ASMCode &= "C2" & Hex((($PointerSize * 3) + ($DwordSize * 5)),2) & Hex(0,2) ;ret (($PointerSize * 3) + ($DwordSize * 3)) & "00" // Args Size Next $Address = DllStructCreate("byte[" & BinaryLen($_ASMCode) & "]") DllStructSetData($Address,1,$_ASMCode) Return $Address EndFunc Func HexBinary($Value) Return Hex(Binary($Value)) EndFunc ColorSearch.au3expandcollapse popup#include <WinAPI.au3> #include <Memory.au3> #include <Color.au3> #include <ScreenCapture.au3> #include "ASM_BinarySearch.au3" Global $itagRGBQUAD = "BYTE rgbBlue;BYTE rgbGreen;BYTE rgbRed;BYTE rgbReserved" Global $RgbSize = DllStructGetSize(DllStructCreate($itagRGBQUAD)) $hGUI = GUICreate("Color Gui",20,20,@DesktopWidth - 20,@DesktopHeight - 100) GUISetBkColor(0xFF80FF, $hGUI) GUISetState(@SW_SHOW, $hGUI) MsgBox(0,"PixelSearch","PixelSearch") $hTimer = TimerInit() $Pos1 = PixelSearch(0 , 0, @DesktopWidth, @DesktopHeight,0xFF80FF) ;0xFFFFFF $iDiff1 = TimerDiff($hTimer) MsgBox(0,"nPixelSearch","nPixelSearch") $hTimer = TimerInit() $Pos2 = nPixelSearch(0, 0, @DesktopWidth, @DesktopHeight,0xFF80FF) ;0xFFFFFF $iDiff2 = TimerDiff($hTimer) if IsArray($Pos1) And IsArray($Pos2) Then $Text1 = String($Pos1[0] & " " & $Pos1[1] & " PixelSearch Time ==> " & $iDiff1) $Text2 = String($Pos2[0] & " " & $Pos2[1] & " nPixelSearch Time ==> " & $iDiff2) MsgBox(0,"PixelSearch",$Text1 & @CRLF & $Text2) EndIf MsgBox(0,"nPixelSearch","nPixelSearch") $hTimer = TimerInit() $Pos2 = nPixelSearch(0, 0, @DesktopWidth, @DesktopHeight,0xFF80FF) ;0xFFFFFF $iDiff2 = TimerDiff($hTimer) MsgBox(0,"PixelSearch","PixelSearch") $hTimer = TimerInit() $Pos1 = PixelSearch(0 , 0, @DesktopWidth, @DesktopHeight,0xFF80FF) ;0xFFFFFF $iDiff1 = TimerDiff($hTimer) if IsArray($Pos1) And IsArray($Pos2) Then $Text1 = String($Pos1[0] & " " & $Pos1[1] & " PixelSearch Time ==> " & $iDiff1) $Text2 = String($Pos2[0] & " " & $Pos2[1] & " nPixelSearch Time ==> " & $iDiff2) MsgBox(0,"PixelSearch",$Text1 & @CRLF & $Text2) EndIf Func nPixelSearch($left = 0,$top = 0,$right = -1,$bottom = -1,$Color = 0,$bCursor = False) Local $hBmp = _ScreenCapture_Capture("",$left,$top,$right,$bottom,$bCursor) if Not($hBmp) Then Return SetError(1,0,0) Local $aCoord = BmpSearchColor($hBmp,$Color) _WinAPI_DeleteObject($hBmp) if Not IsArray($aCoord) Then Return SetError(2,0,0) Return $aCoord EndFunc Func BmpSearchColor($hBmp,$Color) Local $BitsStruct = GetBitsStruct($hBmp) if @error Then Return SetError(1,0,0) Local $BitsStringPtr = DllStructGetPtr($BitsStruct,"RGBQUAD") Local $BitsSize = DllStructGetData($BitsStruct,"SIZE") Local $biWidth = DllStructGetData($BitsStruct,"WIDTH") Local $biHeight = DllStructGetData($BitsStruct,"HEIGHT") Local $iColor = DllStructCreate("BYTE RGB[3]") DllStructSetData($iColor,1,$Color) $iColorPtr = DllStructGetPtr($iColor) $FindPosition = BinarySearch($BitsStringPtr,$iColorPtr,$BitsSize,3,4) ;$SubDataPtrSize = 3 // $Step = $RgbSize = 4 // ; $Step Is Loop Step if @error Then Return SetError(2,0,0) Local $OffSetPosition = $FindPosition - 1 $OffSetPosition /= $RgbSize ; $RgbSize = 4 /// 4byte = 1pixel $X = Mod($OffSetPosition,$biWidth) ; Get left $Y = (($OffSetPosition - $X) / $biWidth) ; Get top Local $aCoord[2] $aCoord[0] = $X $aCoord[1] = $Y Return $aCoord EndFunc Func GetBitsStruct( $hBmp , $L = -1 , $T = -1 , $W = -1 , $H = -1 ) Local $SizeArray = GetImageSize($hBmp) if @error Then Return SetError(1,0,0) Local $biWidth = $SizeArray[0] Local $biHeight = $SizeArray[1] if ($L < 0) Then $L = 0 if ($T < 0) Then $T = 0 if ($W < 0) Then $W = ($biWidth - $L) if ($H < 0) Then $H = ($biHeight - $T) if ($L >= $biWidth Or (($L + $W) > $biWidth)) Then $L = 0 if ($T >= $biHeight Or (($T + $H) > $biHeight)) Then $T = 0 Local $vRgbSize = ($RgbSize * ($biWidth * $biHeight)) Local $vStBits = DllStructCreate("INT WIDTH;INT HEIGHT;INT SIZE;BYTE RGBQUAD[" & ($vRgbSize) & "]") DllStructSetData($vStBits ,"WIDTH",$biWidth) DllStructSetData($vStBits,"HEIGHT",$biHeight) DllStructSetData($vStBits,"SIZE",$vRgbSize) GetBitmapBits($hBmp,DllStructGetPtr($vStBits,"RGBQUAD"),$vRgbSize) if @error Then Return SetError(2,0,0) if ($L = 0 And $T = 0 And $W = $biWidth And $H = $biHeight) Then Return $vStBits Local $nRgbSize = ($RgbSize * ($W * $H)) , $ColusCount = $W Local $nStBits = DllStructCreate("INT WIDTH;INT HEIGHT;INT SIZE;BYTE RGBQUAD[" & ($nRgbSize) & "]") DllStructSetData($nStBits ,"WIDTH",$W) DllStructSetData($nStBits,"HEIGHT",$H) DllStructSetData($nStBits,"SIZE",$nRgbSize) For $RowIndex = 0 To ($H - 1) Local $nStBPtr = GetPointerAtRowPos($nStBits,$RowIndex) ; Move Ptr To First BYTE Of Row => $RowIndex Local $vStBPtr = GetPointerAtRowPos($vStBits,($RowIndex + $T)) + ($L * $RgbSize) ; Move Ptr To First BYTE Of Row => ($RowIndex + $T) ; + ($L * $RgbSize) Move PointerAtRowPos From left to right + ($L * $RgbSize) _MemMoveMemory($vStBPtr,$nStBPtr,($RgbSize * ($ColusCount - 1))) ;Size Of One Row In $nStBPtr Next Return $nStBits EndFunc Func GetBitmapBits($hbmp,$lpvBits,$cbBuffer) $BytesNu = DllCall("Gdi32.dll","LONG","GetBitmapBits","ptr" _ ,$hbmp,"LONG",$cbBuffer,"ptr",$lpvBits) if @error Or Not($BytesNu[0]) Then SetError(1,0,0) Return SetError(0,0,$BytesNu[0]) EndFunc Func GetPointerAtRowPos($StBits,$RowIndex) if Not IsDllStruct($StBits) Then Return SetError(1,0,0) Local $ColusCount = DllStructGetData($StBits,"WIDTH") Local $RowsCount = DllStructGetData($StBits,"HEIGHT") If ($RowIndex < 0 Or $RowIndex > ($RowsCount -1)) Then Return SetError(2,0,0) Local $StBitsPtr = DllStructGetPtr($StBits,"RGBQUAD") Local $PointerAtRowPos = ($StBitsPtr + (($RowIndex * $ColusCount) * $RgbSize)) Return $PointerAtRowPos EndFunc Func GetImageSize($hBmp) Local $ntagBITMAPINFO = "DWORD biSize;LONG biWidth;LONG biHeight;USHORT biPlanes;" & _ "USHORT biBitCount;DWORD biCompression;DWORD biSizeImage;LONG biXPelsPerMeter;" & _ "LONG biYPelsPerMeter;DWORD biClrUsed;DWORD biClrImportant;BYTE RGBQUAD[4]" Local $vBITMAPINFO = DllStructCreate($ntagBITMAPINFO) DllStructSetData($vBITMAPINFO,"biSize",(DllStructGetSize($vBITMAPINFO) - $RgbSize)) Local $hDC = _WinAPI_CreateCompatibleDC(0) if Not($hDC) Then _WinAPI_DeleteDC($hDC) Return SetError(1,0,0) EndIf $Return = _WinAPI_GetDIBits($hDC,$hBmp,0,0,0,DllStructGetPtr($vBITMAPINFO),0) if Not($Return) Then _WinAPI_DeleteDC($hDC) Return SetError(2,0,0) EndIf _WinAPI_DeleteDC($hDC) Local $biWidth = DllStructGetData($vBITMAPINFO,"biWidth") Local $biHeight = DllStructGetData($vBITMAPINFO,"biHeight") Local $SizeArray[2] $SizeArray[0] = $biWidth $SizeArray[1] = $biHeight Return $SizeArray EndFuncCallbackBinarySearch.au3expandcollapse popup#include <WinAPI.au3> #include <Memory.au3> #include <Color.au3> #include <ScreenCapture.au3> #include "ASM_BinarySearch.au3" $Text = "" $SubText = "Autoit" For $i = 1 To 10000 $Text &= "1" Next $Text &= "Autoit" & "Autoit" & "Autoit" $Len1 = StringLen($Text) $Len2 = StringLen($SubText) $St1 = DllStructCreate("CHAR[" & $Len1 & "]") DllStructSetData($St1,1,$Text) $Ptr1 = DllStructGetPtr($St1) $St2 = DllStructCreate("CHAR[" & $Len2 & "]") DllStructSetData($St2,1,$SubText) $Ptr2 = DllStructGetPtr($St2) $Return = CallbackBinarySearch($Ptr1,$Ptr2,"CallbackFunc",$Len1,$Len2) MsgBox(0,"Return",$Return) Func CallbackFunc($FindPosition,$OffSetPosition,$DataPtr,$SubDataPtr,$DataPtrSize,$SubDataPtrSize) MsgBox(0,"OffSetPosition = " & $OffSetPosition ,"FindPosition = " & $FindPosition) Return 1 ;return ;0 ; Stop ;Other Ways : Continue EndFuncXBinarySearch.au3#include <WinAPI.au3> #include <Memory.au3> #include <Color.au3> #include <ScreenCapture.au3> #include "ASM_BinarySearch.au3" $Text = "" $SubText = "Autoit" For $i = 1 To 10000 $Text &= "1" Next $Text &= "Autoit" & "Autoit" & "Autoit" $Len1 = StringLen($Text) $Len2 = StringLen($SubText) $St1 = DllStructCreate("CHAR[" & $Len1 & "]") DllStructSetData($St1,1,$Text) $Ptr1 = DllStructGetPtr($St1) $St2 = DllStructCreate("CHAR[" & $Len2 & "]") DllStructSetData($St2,1,$SubText) $Ptr2 = DllStructGetPtr($St2) $ReturnStruct = XBinarySearch($Ptr1,$Ptr2,$Len1,$Len2) For $i = 1 To DllStructGetData($ReturnStruct,"ArrayCount") $FindPosition = DllStructGetData($ReturnStruct,"PositionArray",$i) MsgBox(0,"Msg","FindPosition = " & $FindPosition) Next KaFu, Biatu and wakillon 3 صرح السماء كان هنا Link to comment Share on other sites More sharing options...
wakillon Posted August 25, 2015 Share Posted August 25, 2015 (edited) Looks interesting !I have made some basic tests with the CallbackBinarySearch func and it seems to be case sensitive.Is there a way to add a flag for this ?Thanks. Edited August 25, 2015 by wakillon AutoIt 3.3.14.2 X86 - SciTE 3.6.0 - WIN 8.1 X64 - Other Example Scripts Link to comment Share on other sites More sharing options...
wolf9228 Posted August 26, 2015 Author Share Posted August 26, 2015 Looks interesting !I have made some basic tests with the CallbackBinarySearch func and it seems to be case sensitive.Is there a way to add a flag for this ?Thanks. The project to search for binary and not for the string but I can do a function for the string but will be slow work ... Later I will publish string function ... Thank you. صرح السماء كان هنا Link to comment Share on other sites More sharing options...
jchd Posted August 26, 2015 Share Posted August 26, 2015 (edited) Maybe you should consider dealing with native AutoIt strings, i.e. UTF16-LE strings made of wchars and not their ANSI reduction to chars. This would make the baby reliably useable to everyone. Granted that then case insensivity is much different. Edited August 26, 2015 by jchd This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe hereRegExp tutorial: enough to get startedPCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta. SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt) Link to comment Share on other sites More sharing options...
UEZ Posted August 26, 2015 Share Posted August 26, 2015 (edited) You converted a lot of C/C++ to AutoIt and now you use ASM and AutoIt is the wrapper.Cool. If you want to share some ASM snippets feel free to post it here: https://www.autoitscript.com/forum/topic/173919-inline-assembler-snippets/ Edited August 26, 2015 by UEZ Please don't send me any personal message and ask for support! I will not reply! Selection of finest graphical examples at Codepen.io The own fart smells best! ✌Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!¯\_(ツ)_/¯ ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ Link to comment Share on other sites More sharing options...
wolf9228 Posted August 27, 2015 Author Share Posted August 27, 2015 (edited) Looks interesting !I have made some basic tests with the CallbackBinarySearch func and it seems to be case sensitive.Is there a way to add a flag for this ?Thanks. ASM_StringSearch.au3Thanks wakillon Code after amendmentexpandcollapse popup#include <WinAPI.au3> Global $MsvcrtDll = _WinAPI_LoadLibrary( "msvcrt.dll" ) Global $towupper = _WinAPI_GetProcAddress($MsvcrtDll,"towupper") Global $toupper = _WinAPI_GetProcAddress( $MsvcrtDll,"toupper") Global $wcslen = _WinAPI_GetProcAddress( $MsvcrtDll,"wcslen") Global $strlen = _WinAPI_GetProcAddress( $MsvcrtDll ,"strlen") Global $DwordSize = DllStructGetSize(DllStructCreate("DWORD")) Global $PointerSize = DllStructGetSize(DllStructCreate("PTR")) Global $WcharSize = DllStructGetSize(DllStructCreate("WCHAR")) Global $CharSize = DllStructGetSize( DllStructCreate("CHAR")) Global $AddressStringSearchW = LoadStringSearchW() Global $AddressStringSearchPtrW = DllStructGetPtr($AddressStringSearchW) Global $AddressStringSearchA = LoadStringSearchA() Global $AddressStringSearchPtrA = DllStructGetPtr($AddressStringSearchA) $TextA = "jjjjjjjjAutoitjjjjjjjjj" $TextB = "aUtoIt" MsgBox(0,"StringInStr",StringInStr($TextA,$TextB,0)) ;$CaseSense 0 MsgBox(0,"StringSearchW FindPosition",StringSearchW($TextA,$TextB,0,False)) ;$CaseSense False MsgBox(0,"StringSearchA FindPosition",StringSearchA($TextA,$TextB,0,0,False)) ;$CaseSense False $TextA = "jjjjjjjjAutoitjjjjjjjjj" $TextB = "Autoit" MsgBox(0,"StringInStr",StringInStr($TextA,$TextB,1)) ;$CaseSense 1 MsgBox(0,"StringSearchW FindPosition",StringSearchW($TextA,$TextB,0,0,True)) ;$CaseSense True MsgBox(0,"StringSearchA FindPosition",StringSearchA($TextA,$TextB,0,0,True)) ;$CaseSense True Func StringSearchW($StringPtr,$SubStringPtr,$StringPtrSize = 0,$SubStringPtrSize = 0,$CaseSense = False) Local $DataTypeA,$DataTypeB Select Case IsString($StringPtr) $DataTypeA = "WSTR" if $StringPtrSize = 0 Then _ $StringPtrSize = StringLen($StringPtr) * $WcharSize Case Else $DataTypeA = "PTR" if $StringPtrSize = 0 Then $StringPtrSize = DllCallAddress("LONG:CDECL",$wcslen,"PTR",$StringPtr) $StringPtrSize = $StringPtrSize[0] * $WcharSize EndIf EndSelect Select Case IsString($SubStringPtr) $DataTypeB = "WSTR" if $SubStringPtrSize = 0 Then _ $SubStringPtrSize = StringLen($SubStringPtr) * $WcharSize Case Else $DataTypeB = "PTR" if $SubStringPtrSize = 0 Then $SubStringPtrSize = DllCallAddress("LONG:CDECL",$wcslen,"PTR",$SubStringPtr) $SubStringPtrSize = $SubStringPtrSize[0] * $WcharSize EndIf EndSelect Local $MaxPosition = ($StringPtrSize - $SubStringPtrSize) $Return = DllCallAddress("DWORD",$AddressStringSearchPtrW,"DWORD",$MaxPosition, _ "DWORD",$StringPtrSize,"DWORD",$SubStringPtrSize,$DataTypeA,$StringPtr,$DataTypeB,$SubStringPtr,"DWORD", $CaseSense) if @error Then Return SetError(2,0,0) Return $Return[0] ; Return FindPosition // OffSetPosition = FindPosition - 1 EndFunc Func StringSearchA($StringPtr,$SubStringPtr,$StringPtrSize = 0,$SubStringPtrSize = 0,$CaseSense = False) Local $DataTypeA,$DataTypeB Select Case IsString($StringPtr) $DataTypeA = "STR" if $StringPtrSize = 0 Then _ $StringPtrSize = StringLen($StringPtr) Case Else $DataTypeA = "PTR" if $StringPtrSize = 0 Then $StringPtrSize = DllCallAddress("LONG:CDECL",$strlen,"PTR",$StringPtr) $StringPtrSize = $StringPtrSize[0] EndIf EndSelect Select Case IsString($SubStringPtr) $DataTypeB = "STR" if $SubStringPtrSize = 0 Then _ $SubStringPtrSize = StringLen($SubStringPtr) Case Else $DataTypeB = "PTR" if $SubStringPtrSize = 0 Then $SubStringPtrSize = DllCallAddress("LONG:CDECL",$strlen,"PTR",$SubStringPtr) $SubStringPtrSize = $SubStringPtrSize[0] EndIf EndSelect Local $MaxPosition = ($StringPtrSize - $SubStringPtrSize) $Return = DllCallAddress("DWORD",$AddressStringSearchPtrA,"DWORD",$MaxPosition, _ "DWORD",$StringPtrSize,"DWORD",$SubStringPtrSize,$DataTypeA,$StringPtr,$DataTypeB,$SubStringPtr,"DWORD", $CaseSense) if @error Then Return SetError(2,0,0) Return $Return[0] ; Return FindPosition // OffSetPosition = FindPosition - 1 EndFunc Func LoadStringSearchA() Local $TA ,$TB ,$TC ,$Start ,$JGEnd ,$JZTC ,$TBJNZ , $JMPTA ,$JMPStart ,$End , $NotCaseSense Local $TAi,$TBi,$TCi,$Starti,$JGEndi,$JZTCi,$TBJNZi,$JMPTAi,$JMPStarti,$Endi,$JZNotCaseSense Local $OffSetMaxPosition = $PointerSize Local $OffSetDataPtrSize = ($OffSetMaxPosition + $DwordSize) Local $OffSetSubDataPtrSize = ($OffSetDataPtrSize + $DwordSize) Local $OffSetDataPtr = ($OffSetSubDataPtrSize + $DwordSize) Local $OffSetSubDataPtr = ($OffSetDataPtr + $PointerSize) Local $OffSetCaseSense = ($OffSetSubDataPtr + $PointerSize) For $i = 1 To 2 $_ASMCode = "0x" $_ASMCode &= "8B4424" & Hex($OffSetCaseSense,2) ;mov eax,[esp + $OffSetCaseSense] $_ASMCode &= "83F8" & Hex(1,2);CMP eax,1 $_ASMCode &= "74" & Hex(($NotCaseSense - $JZNotCaseSense),2) ;JZ $NotCaseSense; $JZNotCaseSense = BinaryLen($_ASMCode) $_ASMCode &= "BF" & HexBinary(0) ;mov edi,0 ; $Start: // $Start = BinaryLen($_ASMCode) $_ASMCode &= "3B7C24" & Hex($OffSetMaxPosition,2) ;CMP edi,[esp + $OffSetMaxPosition] $_ASMCode &= "7F" & Hex(($End - $JGEnd),2) ;JG End $JGEnd = BinaryLen($_ASMCode) $_ASMCode &= "BE" & HexBinary(0) ;mov esi,0 ; TA: // $TA = BinaryLen($_ASMCode) $_ASMCode &= "3B7424" & Hex($OffSetSubDataPtrSize,2) ;CMP esi,[esp + $OffSetSubDataPtrSize] $_ASMCode &= "74" & Hex(($TC - $JZTC),2) ;JZ $TC; $JZTC = BinaryLen($_ASMCode) $_ASMCode &= "8B4424" & Hex($OffSetSubDataPtr,2) ;mov eax,[esp + $OffSetSubDataPtr] $_ASMCode &= "B9" & HexBinary(0) ; mov ecx,0 $_ASMCode &= "8A0C30" ;mov CL,[eax + esi] $_ASMCode &= "51" ;push ecx $_ASMCode &= "B8" & HexBinary($toupper) ;mov eax,$towupper $_ASMCode &= "FFD0" ;call eax $_ASMCode &= "83C4" & Hex($DwordSize,2) ;add esp,$DwordSize $_ASMCode &= "8BD8" ;mov ebx,eax $_ASMCode &= "8B4424" & Hex($OffSetDataPtr,2) ;mov eax,[esp + $OffSetDataPtr] $_ASMCode &= "03C7" ;add eax,edi $_ASMCode &= "B9" & HexBinary(0) ; mov ecx,0 $_ASMCode &= "8A0C30" ;mov CL,[eax + esi] $_ASMCode &= "51" ;push ecx $_ASMCode &= "B8" & HexBinary($toupper) ;mov eax,$towupper $_ASMCode &= "FFD0" ;call eax $_ASMCode &= "83C4" & Hex($DwordSize,2) ;add esp,$DwordSize $_ASMCode &= "3BD8" ;CMP ebx,eax $_ASMCode &= "75" & Hex(($TB - $TBJNZ),2) ;JNZ TB $TBJNZ = BinaryLen($_ASMCode) $_ASMCode &= "83C6" & Hex($CharSize,2) ;add esi,$CharSize $JMPTA = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPTA - $TA) + 5)) ;JMP TA ; TB: // $TB = BinaryLen($_ASMCode) $_ASMCode &= "83C7" & Hex($CharSize,2) ;add edi,$CharSize $JMPStart = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPStart - $Start) + 5)) ;JMP Start ; TC: // $TC = BinaryLen($_ASMCode) $_ASMCode &= "83C7" & Hex($CharSize,2) ;add edi,$CharSize // OffSetPosition To FindPosition $_ASMCode &= "8BC7" ;mov eax,edi $_ASMCode &= "C2" & Hex((($PointerSize * 2) + ($DwordSize * 4)),2) & Hex(0,2) ;ret (($PointerSize * 2) + ($DwordSize * 4)) & "00" // Args Size ; End: // $End = BinaryLen($_ASMCode) $_ASMCode &= "B8" & HexBinary(0) ;mov eax,0 $_ASMCode &= "C2" & Hex((($PointerSize * 2) + ($DwordSize * 4)),2) & Hex(0,2) ;ret (($PointerSize * 2) + ($DwordSize * 4) & "00" // Args Size ; $NotCaseSense: // $NotCaseSense = BinaryLen($_ASMCode) $_ASMCode &= "8B4424" & Hex($OffSetSubDataPtr,2) ;mov eax,[esp + $OffSetSubDataPtr] $_ASMCode &= "8B5C24" & Hex($OffSetDataPtr,2) ;mov ebx,[esp + $OffSetDataPtr] $_ASMCode &= "BF" & HexBinary(0) ;mov edi,0 ; $Start:i // $Starti = BinaryLen($_ASMCode) $_ASMCode &= "3B7C24" & Hex($OffSetMaxPosition,2) ;CMP edi,[esp + $OffSetMaxPosition] $_ASMCode &= "7F" & Hex(($Endi - $JGEndi),2) ;JG Endi $JGEndi = BinaryLen($_ASMCode) $_ASMCode &= "BE" & HexBinary(0) ;mov esi,0 ; TAi: // $TAi = BinaryLen($_ASMCode) $_ASMCode &= "3B7424" & Hex($OffSetSubDataPtrSize,2) ;CMP esi,[esp + $OffSetSubDataPtrSize] $_ASMCode &= "74" & Hex(($TCi - $JZTCi),2) ;JZ $TCi; $JZTCi = BinaryLen($_ASMCode) $_ASMCode &= "8A0C33" ;mov CL,[ebx + esi] $_ASMCode &= "8A2C30" ;mov CH,[eax + esi] $_ASMCode &= "3ACD" ;CMP CL,CH $_ASMCode &= "75" & Hex(($TBi - $TBJNZi),2) ;JNZ TBi $TBJNZi = BinaryLen($_ASMCode) $_ASMCode &= "83C6" & Hex($CharSize,2) ;add esi,$CharSize $JMPTAi = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPTAi - $TAi) + 5)) ;JMP TAi ; TBi: // $TBi = BinaryLen($_ASMCode) $_ASMCode &= "83C7" & Hex($CharSize,2) ;add edi,$CharSize $_ASMCode &= "83C3" & Hex($CharSize,2) ;add ebx,$CharSize $JMPStarti = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPStarti - $Starti) + 5)) ;JMP Starti ; TCi: // $TCi = BinaryLen($_ASMCode) $_ASMCode &= "83C7" & Hex($CharSize,2) ;add edi,$CharSize // OffSetPosition To FindPosition $_ASMCode &= "8BC7" ;mov eax,edi $_ASMCode &= "C2" & Hex((($PointerSize * 2) + ($DwordSize * 4)),2) & Hex(0,2) ;ret (($PointerSize * 2) + ($DwordSize * 4)) & "00" // Args Size ; Endi: // $Endi = BinaryLen($_ASMCode) $_ASMCode &= "B8" & HexBinary(0) ;mov eax,0 $_ASMCode &= "C2" & Hex((($PointerSize * 2) + ($DwordSize * 4)),2) & Hex(0,2) ;ret (($PointerSize * 2) + ($DwordSize * 4) & "00" // Args Size Next $Address = DllStructCreate("byte[" & BinaryLen($_ASMCode) & "]") DllStructSetData($Address,1,$_ASMCode) Return $Address EndFunc Func LoadStringSearchW() Local $TA ,$TB ,$TC ,$Start ,$JGEnd ,$JZTC ,$TBJNZ , $JMPTA ,$JMPStart ,$End , $NotCaseSense Local $TAi,$TBi,$TCi,$Starti,$JGEndi,$JZTCi,$TBJNZi,$JMPTAi,$JMPStarti,$Endi,$JZNotCaseSense Local $OffSetMaxPosition = $PointerSize Local $OffSetDataPtrSize = ($OffSetMaxPosition + $DwordSize) Local $OffSetSubDataPtrSize = ($OffSetDataPtrSize + $DwordSize) Local $OffSetDataPtr = ($OffSetSubDataPtrSize + $DwordSize) Local $OffSetSubDataPtr = ($OffSetDataPtr + $PointerSize) Local $OffSetCaseSense = ($OffSetSubDataPtr + $PointerSize) For $i = 1 To 2 $_ASMCode = "0x" $_ASMCode &= "8B4424" & Hex($OffSetCaseSense,2) ;mov eax,[esp + $OffSetCaseSense] $_ASMCode &= "83F8" & Hex(1,2);CMP eax,1 $_ASMCode &= "74" & Hex(($NotCaseSense - $JZNotCaseSense),2) ;JZ $NotCaseSense; $JZNotCaseSense = BinaryLen($_ASMCode) $_ASMCode &= "BF" & HexBinary(0) ;mov edi,0 ; $Start: // $Start = BinaryLen($_ASMCode) $_ASMCode &= "3B7C24" & Hex($OffSetMaxPosition,2) ;CMP edi,[esp + $OffSetMaxPosition] $_ASMCode &= "7F" & Hex(($End - $JGEnd),2) ;JG End $JGEnd = BinaryLen($_ASMCode) $_ASMCode &= "BE" & HexBinary(0) ;mov esi,0 ; TA: // $TA = BinaryLen($_ASMCode) $_ASMCode &= "3B7424" & Hex($OffSetSubDataPtrSize,2) ;CMP esi,[esp + $OffSetSubDataPtrSize] $_ASMCode &= "74" & Hex(($TC - $JZTC),2) ;JZ $TC; $JZTC = BinaryLen($_ASMCode) $_ASMCode &= "8B4424" & Hex($OffSetSubDataPtr,2) ;mov eax,[esp + $OffSetSubDataPtr] $_ASMCode &= "668B0C30" ;mov cx,[eax + esi] $_ASMCode &= "6651" ;push cx $_ASMCode &= "B8" & HexBinary($towupper) ;mov eax,$towupper $_ASMCode &= "FFD0" ;call eax $_ASMCode &= "83C4" & Hex($WcharSize,2) ;add esp,$WcharSize $_ASMCode &= "8BD8" ;mov ebx,eax $_ASMCode &= "8B4424" & Hex($OffSetDataPtr,2) ;mov eax,[esp + $OffSetDataPtr] $_ASMCode &= "03C7" ;add eax,edi $_ASMCode &= "668B0C30" ;mov cx,[eax + esi] $_ASMCode &= "6651" ;push cx $_ASMCode &= "B8" & HexBinary($towupper) ;mov eax,$towupper $_ASMCode &= "FFD0" ;call eax $_ASMCode &= "83C4" & Hex($WcharSize,2) ;add esp,$WcharSize $_ASMCode &= "3BD8" ;CMP ebx,eax $_ASMCode &= "75" & Hex(($TB - $TBJNZ),2) ;JNZ TB $TBJNZ = BinaryLen($_ASMCode) $_ASMCode &= "83C6" & Hex($WcharSize,2) ;add esi,$WcharSize $JMPTA = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPTA - $TA) + 5)) ;JMP TA ; TB: // $TB = BinaryLen($_ASMCode) $_ASMCode &= "83C7" & Hex($WcharSize,2) ;add edi,$WcharSize $JMPStart = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPStart - $Start) + 5)) ;JMP Start ; TC: // $TC = BinaryLen($_ASMCode) $_ASMCode &= "83C7" & Hex($WcharSize,2) ;add edi,$WcharSize // OffSetPosition To FindPosition $_ASMCode &= "BA" & HexBinary(0) ;mov edx,0 $_ASMCode &= "8BC7" ;mov eax,edi $_ASMCode &= "B9" & HexBinary(2) ;mov ecx,$WcharSize $_ASMCode &= "F7F1" ;div ecx $_ASMCode &= "C2" & Hex((($PointerSize * 2) + ($DwordSize * 4)),2) & Hex(0,2) ;ret (($PointerSize * 2) + ($DwordSize * 4)) & "00" // Args Size ; End: // $End = BinaryLen($_ASMCode) $_ASMCode &= "B8" & HexBinary(0) ;mov eax,0 $_ASMCode &= "C2" & Hex((($PointerSize * 2) + ($DwordSize * 4)),2) & Hex(0,2) ;ret (($PointerSize * 2) + ($DwordSize * 4) & "00" // Args Size ; $NotCaseSense: // $NotCaseSense = BinaryLen($_ASMCode) $_ASMCode &= "8B4424" & Hex($OffSetSubDataPtr,2) ;mov eax,[esp + $OffSetSubDataPtr] $_ASMCode &= "8B5C24" & Hex($OffSetDataPtr,2) ;mov ebx,[esp + $OffSetDataPtr] $_ASMCode &= "BF" & HexBinary(0) ;mov edi,0 ; $Start:i // $Starti = BinaryLen($_ASMCode) $_ASMCode &= "3B7C24" & Hex($OffSetMaxPosition,2) ;CMP edi,[esp + $OffSetMaxPosition] $_ASMCode &= "7F" & Hex(($Endi - $JGEndi),2) ;JG Endi $JGEndi = BinaryLen($_ASMCode) $_ASMCode &= "BE" & HexBinary(0) ;mov esi,0 ; TAi: // $TAi = BinaryLen($_ASMCode) $_ASMCode &= "3B7424" & Hex($OffSetSubDataPtrSize,2) ;CMP esi,[esp + $OffSetSubDataPtrSize] $_ASMCode &= "74" & Hex(($TCi - $JZTCi),2) ;JZ $TCi; $JZTCi = BinaryLen($_ASMCode) $_ASMCode &= "668B1433" ;mov dx,[ebx + esi] $_ASMCode &= "668B0C30" ;mov cx,[eax + esi] $_ASMCode &= "663BCA" ;CMP cx,dx $_ASMCode &= "75" & Hex(($TBi - $TBJNZi),2) ;JNZ TBi $TBJNZi = BinaryLen($_ASMCode) $_ASMCode &= "83C6" & Hex($WcharSize,2) ;add esi,$WcharSize $JMPTAi = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPTAi - $TAi) + 5)) ;JMP TAi ; TBi: // $TBi = BinaryLen($_ASMCode) $_ASMCode &= "83C7" & Hex($WcharSize,2) ;add edi,$WcharSize $_ASMCode &= "83C3" & Hex($WcharSize,2) ;add ebx,$WcharSize $JMPStarti = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPStarti - $Starti) + 5)) ;JMP Starti ; TCi: // $TCi = BinaryLen($_ASMCode) $_ASMCode &= "83C7" & Hex($WcharSize,2) ;add edi,$WcharSize // OffSetPosition To FindPosition $_ASMCode &= "BA" & HexBinary(0) ;mov edx,0 $_ASMCode &= "8BC7" ;mov eax,edi $_ASMCode &= "B9" & HexBinary($WcharSize) ;mov ecx,$WcharSize $_ASMCode &= "F7F1" ;div ecx $_ASMCode &= "C2" & Hex((($PointerSize * 2) + ($DwordSize * 4)),2) & Hex(0,2) ;ret (($PointerSize * 2) + ($DwordSize * 4)) & "00" // Args Size ; Endi: // $Endi = BinaryLen($_ASMCode) $_ASMCode &= "B8" & HexBinary(0) ;mov eax,0 $_ASMCode &= "C2" & Hex((($PointerSize * 2) + ($DwordSize * 4)),2) & Hex(0,2) ;ret (($PointerSize * 2) + ($DwordSize * 4) & "00" // Args Size Next $Address = DllStructCreate("byte[" & BinaryLen($_ASMCode) & "]") DllStructSetData($Address,1,$_ASMCode) Return $Address EndFunc Func HexBinary($Value) Return Hex(Binary($Value)) EndFunc Edited August 28, 2015 by wolf9228 صرح السماء كان هنا Link to comment Share on other sites More sharing options...
wolf9228 Posted August 27, 2015 Author Share Posted August 27, 2015 You converted a lot of C/C++ to AutoIt and now you use ASM and AutoIt is the wrapper.Cool. If you want to share some ASM snippets feel free to post it here: https://www.autoitscript.com/forum/topic/173919-inline-assembler-snippets/ I did not converted from the C++ to Autoit to never .... Thank you . صرح السماء كان هنا Link to comment Share on other sites More sharing options...
wolf9228 Posted August 27, 2015 Author Share Posted August 27, 2015 Maybe you should consider dealing with native AutoIt strings, i.e. UTF16-LE strings made of wchars and not their ANSI reduction to chars. This would make the baby reliably useable to everyone. Granted that then case insensivity is much different.Thank you . صرح السماء كان هنا Link to comment Share on other sites More sharing options...
wakillon Posted August 28, 2015 Share Posted August 28, 2015 (edited) $TextA = "jjjjjjjjAutoitjjjjjjjjj" $TextB = "aUtoIt" MsgBox(0,"StringSearchW FindPosition",StringSearchW($TextA,$TextB,0,0,True)) MsgBox(0,"StringSearchA FindPosition",StringSearchA($TextA,$TextB,0,0,True)) Func StringSearchW($StringPtr,$SubStringPtr,$StringPtrSize = 0,$SubStringPtrSize = 0,$CaseSense = False)Thanks wolf9228 for ASM_StringSearch.au3 But this function return 9 with a "CaseSense" parameter set to true and 0 with a "CaseSense" parameter set to False...May be parameter should be named "$CaseInSensitive" ? Edited August 28, 2015 by wakillon AutoIt 3.3.14.2 X86 - SciTE 3.6.0 - WIN 8.1 X64 - Other Example Scripts Link to comment Share on other sites More sharing options...
wolf9228 Posted August 28, 2015 Author Share Posted August 28, 2015 $TextA = "jjjjjjjjAutoitjjjjjjjjj" $TextB = "aUtoIt" MsgBox(0,"StringSearchW FindPosition",StringSearchW($TextA,$TextB,0,0,True)) MsgBox(0,"StringSearchA FindPosition",StringSearchA($TextA,$TextB,0,0,True)) Func StringSearchW($StringPtr,$SubStringPtr,$StringPtrSize = 0,$SubStringPtrSize = 0,$CaseSense = False)Thanks wolf9228 for ASM_StringSearch.au3 But this function return 9 with a "CaseSense" parameter set to true and 0 with a "CaseSense" parameter set to False...May be parameter should be named "$CaseInSensitive" ? Thank you .ASM_StringSearch.au3expandcollapse popup#include <WinAPI.au3> Global $MsvcrtDll = _WinAPI_LoadLibrary( "msvcrt.dll" ) Global $towupper = _WinAPI_GetProcAddress($MsvcrtDll,"towupper") Global $toupper = _WinAPI_GetProcAddress( $MsvcrtDll,"toupper") Global $wcslen = _WinAPI_GetProcAddress( $MsvcrtDll,"wcslen") Global $strlen = _WinAPI_GetProcAddress( $MsvcrtDll ,"strlen") Global $DwordSize = DllStructGetSize(DllStructCreate("DWORD")) Global $PointerSize = DllStructGetSize(DllStructCreate("PTR")) Global $WcharSize = DllStructGetSize(DllStructCreate("WCHAR")) Global $CharSize = DllStructGetSize( DllStructCreate("CHAR")) Global $AddressStringSearchW = LoadStringSearchW() Global $AddressStringSearchPtrW = DllStructGetPtr($AddressStringSearchW) Global $AddressStringSearchA = LoadStringSearchA() Global $AddressStringSearchPtrA = DllStructGetPtr($AddressStringSearchA) $TextA = "jjjjjjjjAutoitjjjjjjjjj" $TextB = "aUtoIt" MsgBox(0,"StringInStr",StringInStr($TextA,$TextB,0)) ;$CaseSense 0 MsgBox(0,"StringSearchW FindPosition",StringSearchW($TextA,$TextB,0,False)) ;$CaseSense False MsgBox(0,"StringSearchA FindPosition",StringSearchA($TextA,$TextB,0,0,False)) ;$CaseSense False $TextA = "jjjjjjjjAutoitjjjjjjjjj" $TextB = "Autoit" MsgBox(0,"StringInStr",StringInStr($TextA,$TextB,1)) ;$CaseSense 1 MsgBox(0,"StringSearchW FindPosition",StringSearchW($TextA,$TextB,0,0,True)) ;$CaseSense True MsgBox(0,"StringSearchA FindPosition",StringSearchA($TextA,$TextB,0,0,True)) ;$CaseSense True Func StringSearchW($StringPtr,$SubStringPtr,$StringPtrSize = 0,$SubStringPtrSize = 0,$CaseSense = False) Local $DataTypeA,$DataTypeB Select Case IsString($StringPtr) $DataTypeA = "WSTR" if $StringPtrSize = 0 Then _ $StringPtrSize = StringLen($StringPtr) * $WcharSize Case Else $DataTypeA = "PTR" if $StringPtrSize = 0 Then $StringPtrSize = DllCallAddress("LONG:CDECL",$wcslen,"PTR",$StringPtr) $StringPtrSize = $StringPtrSize[0] * $WcharSize EndIf EndSelect Select Case IsString($SubStringPtr) $DataTypeB = "WSTR" if $SubStringPtrSize = 0 Then _ $SubStringPtrSize = StringLen($SubStringPtr) * $WcharSize Case Else $DataTypeB = "PTR" if $SubStringPtrSize = 0 Then $SubStringPtrSize = DllCallAddress("LONG:CDECL",$wcslen,"PTR",$SubStringPtr) $SubStringPtrSize = $SubStringPtrSize[0] * $WcharSize EndIf EndSelect Local $MaxPosition = ($StringPtrSize - $SubStringPtrSize) $Return = DllCallAddress("DWORD",$AddressStringSearchPtrW,"DWORD",$MaxPosition, _ "DWORD",$StringPtrSize,"DWORD",$SubStringPtrSize,$DataTypeA,$StringPtr,$DataTypeB,$SubStringPtr,"DWORD", $CaseSense) if @error Then Return SetError(2,0,0) Return $Return[0] ; Return FindPosition // OffSetPosition = FindPosition - 1 EndFunc Func StringSearchA($StringPtr,$SubStringPtr,$StringPtrSize = 0,$SubStringPtrSize = 0,$CaseSense = False) Local $DataTypeA,$DataTypeB Select Case IsString($StringPtr) $DataTypeA = "STR" if $StringPtrSize = 0 Then _ $StringPtrSize = StringLen($StringPtr) Case Else $DataTypeA = "PTR" if $StringPtrSize = 0 Then $StringPtrSize = DllCallAddress("LONG:CDECL",$strlen,"PTR",$StringPtr) $StringPtrSize = $StringPtrSize[0] EndIf EndSelect Select Case IsString($SubStringPtr) $DataTypeB = "STR" if $SubStringPtrSize = 0 Then _ $SubStringPtrSize = StringLen($SubStringPtr) Case Else $DataTypeB = "PTR" if $SubStringPtrSize = 0 Then $SubStringPtrSize = DllCallAddress("LONG:CDECL",$strlen,"PTR",$SubStringPtr) $SubStringPtrSize = $SubStringPtrSize[0] EndIf EndSelect Local $MaxPosition = ($StringPtrSize - $SubStringPtrSize) $Return = DllCallAddress("DWORD",$AddressStringSearchPtrA,"DWORD",$MaxPosition, _ "DWORD",$StringPtrSize,"DWORD",$SubStringPtrSize,$DataTypeA,$StringPtr,$DataTypeB,$SubStringPtr,"DWORD", $CaseSense) if @error Then Return SetError(2,0,0) Return $Return[0] ; Return FindPosition // OffSetPosition = FindPosition - 1 EndFunc Func LoadStringSearchA() Local $TA ,$TB ,$TC ,$Start ,$JGEnd ,$JZTC ,$TBJNZ , $JMPTA ,$JMPStart ,$End , $NotCaseSense Local $TAi,$TBi,$TCi,$Starti,$JGEndi,$JZTCi,$TBJNZi,$JMPTAi,$JMPStarti,$Endi,$JZNotCaseSense Local $OffSetMaxPosition = $PointerSize Local $OffSetDataPtrSize = ($OffSetMaxPosition + $DwordSize) Local $OffSetSubDataPtrSize = ($OffSetDataPtrSize + $DwordSize) Local $OffSetDataPtr = ($OffSetSubDataPtrSize + $DwordSize) Local $OffSetSubDataPtr = ($OffSetDataPtr + $PointerSize) Local $OffSetCaseSense = ($OffSetSubDataPtr + $PointerSize) For $i = 1 To 2 $_ASMCode = "0x" $_ASMCode &= "8B4424" & Hex($OffSetCaseSense,2) ;mov eax,[esp + $OffSetCaseSense] $_ASMCode &= "83F8" & Hex(1,2);CMP eax,1 $_ASMCode &= "74" & Hex(($NotCaseSense - $JZNotCaseSense),2) ;JZ $NotCaseSense; $JZNotCaseSense = BinaryLen($_ASMCode) $_ASMCode &= "BF" & HexBinary(0) ;mov edi,0 ; $Start: // $Start = BinaryLen($_ASMCode) $_ASMCode &= "3B7C24" & Hex($OffSetMaxPosition,2) ;CMP edi,[esp + $OffSetMaxPosition] $_ASMCode &= "7F" & Hex(($End - $JGEnd),2) ;JG End $JGEnd = BinaryLen($_ASMCode) $_ASMCode &= "BE" & HexBinary(0) ;mov esi,0 ; TA: // $TA = BinaryLen($_ASMCode) $_ASMCode &= "3B7424" & Hex($OffSetSubDataPtrSize,2) ;CMP esi,[esp + $OffSetSubDataPtrSize] $_ASMCode &= "74" & Hex(($TC - $JZTC),2) ;JZ $TC; $JZTC = BinaryLen($_ASMCode) $_ASMCode &= "8B4424" & Hex($OffSetSubDataPtr,2) ;mov eax,[esp + $OffSetSubDataPtr] $_ASMCode &= "B9" & HexBinary(0) ; mov ecx,0 $_ASMCode &= "8A0C30" ;mov CL,[eax + esi] $_ASMCode &= "51" ;push ecx $_ASMCode &= "B8" & HexBinary($toupper) ;mov eax,$towupper $_ASMCode &= "FFD0" ;call eax $_ASMCode &= "83C4" & Hex($DwordSize,2) ;add esp,$DwordSize $_ASMCode &= "8BD8" ;mov ebx,eax $_ASMCode &= "8B4424" & Hex($OffSetDataPtr,2) ;mov eax,[esp + $OffSetDataPtr] $_ASMCode &= "03C7" ;add eax,edi $_ASMCode &= "B9" & HexBinary(0) ; mov ecx,0 $_ASMCode &= "8A0C30" ;mov CL,[eax + esi] $_ASMCode &= "51" ;push ecx $_ASMCode &= "B8" & HexBinary($toupper) ;mov eax,$towupper $_ASMCode &= "FFD0" ;call eax $_ASMCode &= "83C4" & Hex($DwordSize,2) ;add esp,$DwordSize $_ASMCode &= "3BD8" ;CMP ebx,eax $_ASMCode &= "75" & Hex(($TB - $TBJNZ),2) ;JNZ TB $TBJNZ = BinaryLen($_ASMCode) $_ASMCode &= "83C6" & Hex($CharSize,2) ;add esi,$CharSize $JMPTA = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPTA - $TA) + 5)) ;JMP TA ; TB: // $TB = BinaryLen($_ASMCode) $_ASMCode &= "83C7" & Hex($CharSize,2) ;add edi,$CharSize $JMPStart = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPStart - $Start) + 5)) ;JMP Start ; TC: // $TC = BinaryLen($_ASMCode) $_ASMCode &= "83C7" & Hex($CharSize,2) ;add edi,$CharSize // OffSetPosition To FindPosition $_ASMCode &= "8BC7" ;mov eax,edi $_ASMCode &= "C2" & Hex((($PointerSize * 2) + ($DwordSize * 4)),2) & Hex(0,2) ;ret (($PointerSize * 2) + ($DwordSize * 4)) & "00" // Args Size ; End: // $End = BinaryLen($_ASMCode) $_ASMCode &= "B8" & HexBinary(0) ;mov eax,0 $_ASMCode &= "C2" & Hex((($PointerSize * 2) + ($DwordSize * 4)),2) & Hex(0,2) ;ret (($PointerSize * 2) + ($DwordSize * 4) & "00" // Args Size ; $NotCaseSense: // $NotCaseSense = BinaryLen($_ASMCode) $_ASMCode &= "8B4424" & Hex($OffSetSubDataPtr,2) ;mov eax,[esp + $OffSetSubDataPtr] $_ASMCode &= "8B5C24" & Hex($OffSetDataPtr,2) ;mov ebx,[esp + $OffSetDataPtr] $_ASMCode &= "BF" & HexBinary(0) ;mov edi,0 ; $Start:i // $Starti = BinaryLen($_ASMCode) $_ASMCode &= "3B7C24" & Hex($OffSetMaxPosition,2) ;CMP edi,[esp + $OffSetMaxPosition] $_ASMCode &= "7F" & Hex(($Endi - $JGEndi),2) ;JG Endi $JGEndi = BinaryLen($_ASMCode) $_ASMCode &= "BE" & HexBinary(0) ;mov esi,0 ; TAi: // $TAi = BinaryLen($_ASMCode) $_ASMCode &= "3B7424" & Hex($OffSetSubDataPtrSize,2) ;CMP esi,[esp + $OffSetSubDataPtrSize] $_ASMCode &= "74" & Hex(($TCi - $JZTCi),2) ;JZ $TCi; $JZTCi = BinaryLen($_ASMCode) $_ASMCode &= "8A0C33" ;mov CL,[ebx + esi] $_ASMCode &= "8A2C30" ;mov CH,[eax + esi] $_ASMCode &= "3ACD" ;CMP CL,CH $_ASMCode &= "75" & Hex(($TBi - $TBJNZi),2) ;JNZ TBi $TBJNZi = BinaryLen($_ASMCode) $_ASMCode &= "83C6" & Hex($CharSize,2) ;add esi,$CharSize $JMPTAi = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPTAi - $TAi) + 5)) ;JMP TAi ; TBi: // $TBi = BinaryLen($_ASMCode) $_ASMCode &= "83C7" & Hex($CharSize,2) ;add edi,$CharSize $_ASMCode &= "83C3" & Hex($CharSize,2) ;add ebx,$CharSize $JMPStarti = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPStarti - $Starti) + 5)) ;JMP Starti ; TCi: // $TCi = BinaryLen($_ASMCode) $_ASMCode &= "83C7" & Hex($CharSize,2) ;add edi,$CharSize // OffSetPosition To FindPosition $_ASMCode &= "8BC7" ;mov eax,edi $_ASMCode &= "C2" & Hex((($PointerSize * 2) + ($DwordSize * 4)),2) & Hex(0,2) ;ret (($PointerSize * 2) + ($DwordSize * 4)) & "00" // Args Size ; Endi: // $Endi = BinaryLen($_ASMCode) $_ASMCode &= "B8" & HexBinary(0) ;mov eax,0 $_ASMCode &= "C2" & Hex((($PointerSize * 2) + ($DwordSize * 4)),2) & Hex(0,2) ;ret (($PointerSize * 2) + ($DwordSize * 4) & "00" // Args Size Next $Address = DllStructCreate("byte[" & BinaryLen($_ASMCode) & "]") DllStructSetData($Address,1,$_ASMCode) Return $Address EndFunc Func LoadStringSearchW() Local $TA ,$TB ,$TC ,$Start ,$JGEnd ,$JZTC ,$TBJNZ , $JMPTA ,$JMPStart ,$End , $NotCaseSense Local $TAi,$TBi,$TCi,$Starti,$JGEndi,$JZTCi,$TBJNZi,$JMPTAi,$JMPStarti,$Endi,$JZNotCaseSense Local $OffSetMaxPosition = $PointerSize Local $OffSetDataPtrSize = ($OffSetMaxPosition + $DwordSize) Local $OffSetSubDataPtrSize = ($OffSetDataPtrSize + $DwordSize) Local $OffSetDataPtr = ($OffSetSubDataPtrSize + $DwordSize) Local $OffSetSubDataPtr = ($OffSetDataPtr + $PointerSize) Local $OffSetCaseSense = ($OffSetSubDataPtr + $PointerSize) For $i = 1 To 2 $_ASMCode = "0x" $_ASMCode &= "8B4424" & Hex($OffSetCaseSense,2) ;mov eax,[esp + $OffSetCaseSense] $_ASMCode &= "83F8" & Hex(1,2);CMP eax,1 $_ASMCode &= "74" & Hex(($NotCaseSense - $JZNotCaseSense),2) ;JZ $NotCaseSense; $JZNotCaseSense = BinaryLen($_ASMCode) $_ASMCode &= "BF" & HexBinary(0) ;mov edi,0 ; $Start: // $Start = BinaryLen($_ASMCode) $_ASMCode &= "3B7C24" & Hex($OffSetMaxPosition,2) ;CMP edi,[esp + $OffSetMaxPosition] $_ASMCode &= "7F" & Hex(($End - $JGEnd),2) ;JG End $JGEnd = BinaryLen($_ASMCode) $_ASMCode &= "BE" & HexBinary(0) ;mov esi,0 ; TA: // $TA = BinaryLen($_ASMCode) $_ASMCode &= "3B7424" & Hex($OffSetSubDataPtrSize,2) ;CMP esi,[esp + $OffSetSubDataPtrSize] $_ASMCode &= "74" & Hex(($TC - $JZTC),2) ;JZ $TC; $JZTC = BinaryLen($_ASMCode) $_ASMCode &= "8B4424" & Hex($OffSetSubDataPtr,2) ;mov eax,[esp + $OffSetSubDataPtr] $_ASMCode &= "668B0C30" ;mov cx,[eax + esi] $_ASMCode &= "6651" ;push cx $_ASMCode &= "B8" & HexBinary($towupper) ;mov eax,$towupper $_ASMCode &= "FFD0" ;call eax $_ASMCode &= "83C4" & Hex($WcharSize,2) ;add esp,$WcharSize $_ASMCode &= "8BD8" ;mov ebx,eax $_ASMCode &= "8B4424" & Hex($OffSetDataPtr,2) ;mov eax,[esp + $OffSetDataPtr] $_ASMCode &= "03C7" ;add eax,edi $_ASMCode &= "668B0C30" ;mov cx,[eax + esi] $_ASMCode &= "6651" ;push cx $_ASMCode &= "B8" & HexBinary($towupper) ;mov eax,$towupper $_ASMCode &= "FFD0" ;call eax $_ASMCode &= "83C4" & Hex($WcharSize,2) ;add esp,$WcharSize $_ASMCode &= "3BD8" ;CMP ebx,eax $_ASMCode &= "75" & Hex(($TB - $TBJNZ),2) ;JNZ TB $TBJNZ = BinaryLen($_ASMCode) $_ASMCode &= "83C6" & Hex($WcharSize,2) ;add esi,$WcharSize $JMPTA = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPTA - $TA) + 5)) ;JMP TA ; TB: // $TB = BinaryLen($_ASMCode) $_ASMCode &= "83C7" & Hex($WcharSize,2) ;add edi,$WcharSize $JMPStart = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPStart - $Start) + 5)) ;JMP Start ; TC: // $TC = BinaryLen($_ASMCode) $_ASMCode &= "83C7" & Hex($WcharSize,2) ;add edi,$WcharSize // OffSetPosition To FindPosition $_ASMCode &= "BA" & HexBinary(0) ;mov edx,0 $_ASMCode &= "8BC7" ;mov eax,edi $_ASMCode &= "B9" & HexBinary(2) ;mov ecx,$WcharSize $_ASMCode &= "F7F1" ;div ecx $_ASMCode &= "C2" & Hex((($PointerSize * 2) + ($DwordSize * 4)),2) & Hex(0,2) ;ret (($PointerSize * 2) + ($DwordSize * 4)) & "00" // Args Size ; End: // $End = BinaryLen($_ASMCode) $_ASMCode &= "B8" & HexBinary(0) ;mov eax,0 $_ASMCode &= "C2" & Hex((($PointerSize * 2) + ($DwordSize * 4)),2) & Hex(0,2) ;ret (($PointerSize * 2) + ($DwordSize * 4) & "00" // Args Size ; $NotCaseSense: // $NotCaseSense = BinaryLen($_ASMCode) $_ASMCode &= "8B4424" & Hex($OffSetSubDataPtr,2) ;mov eax,[esp + $OffSetSubDataPtr] $_ASMCode &= "8B5C24" & Hex($OffSetDataPtr,2) ;mov ebx,[esp + $OffSetDataPtr] $_ASMCode &= "BF" & HexBinary(0) ;mov edi,0 ; $Start:i // $Starti = BinaryLen($_ASMCode) $_ASMCode &= "3B7C24" & Hex($OffSetMaxPosition,2) ;CMP edi,[esp + $OffSetMaxPosition] $_ASMCode &= "7F" & Hex(($Endi - $JGEndi),2) ;JG Endi $JGEndi = BinaryLen($_ASMCode) $_ASMCode &= "BE" & HexBinary(0) ;mov esi,0 ; TAi: // $TAi = BinaryLen($_ASMCode) $_ASMCode &= "3B7424" & Hex($OffSetSubDataPtrSize,2) ;CMP esi,[esp + $OffSetSubDataPtrSize] $_ASMCode &= "74" & Hex(($TCi - $JZTCi),2) ;JZ $TCi; $JZTCi = BinaryLen($_ASMCode) $_ASMCode &= "668B1433" ;mov dx,[ebx + esi] $_ASMCode &= "668B0C30" ;mov cx,[eax + esi] $_ASMCode &= "663BCA" ;CMP cx,dx $_ASMCode &= "75" & Hex(($TBi - $TBJNZi),2) ;JNZ TBi $TBJNZi = BinaryLen($_ASMCode) $_ASMCode &= "83C6" & Hex($WcharSize,2) ;add esi,$WcharSize $JMPTAi = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPTAi - $TAi) + 5)) ;JMP TAi ; TBi: // $TBi = BinaryLen($_ASMCode) $_ASMCode &= "83C7" & Hex($WcharSize,2) ;add edi,$WcharSize $_ASMCode &= "83C3" & Hex($WcharSize,2) ;add ebx,$WcharSize $JMPStarti = BinaryLen($_ASMCode) $_ASMCode &= "E9" & HexBinary(-(($JMPStarti - $Starti) + 5)) ;JMP Starti ; TCi: // $TCi = BinaryLen($_ASMCode) $_ASMCode &= "83C7" & Hex($WcharSize,2) ;add edi,$WcharSize // OffSetPosition To FindPosition $_ASMCode &= "BA" & HexBinary(0) ;mov edx,0 $_ASMCode &= "8BC7" ;mov eax,edi $_ASMCode &= "B9" & HexBinary($WcharSize) ;mov ecx,$WcharSize $_ASMCode &= "F7F1" ;div ecx $_ASMCode &= "C2" & Hex((($PointerSize * 2) + ($DwordSize * 4)),2) & Hex(0,2) ;ret (($PointerSize * 2) + ($DwordSize * 4)) & "00" // Args Size ; Endi: // $Endi = BinaryLen($_ASMCode) $_ASMCode &= "B8" & HexBinary(0) ;mov eax,0 $_ASMCode &= "C2" & Hex((($PointerSize * 2) + ($DwordSize * 4)),2) & Hex(0,2) ;ret (($PointerSize * 2) + ($DwordSize * 4) & "00" // Args Size Next $Address = DllStructCreate("byte[" & BinaryLen($_ASMCode) & "]") DllStructSetData($Address,1,$_ASMCode) Return $Address EndFunc Func HexBinary($Value) Return Hex(Binary($Value)) EndFunc صرح السماء كان هنا Link to comment Share on other sites More sharing options...
wakillon Posted August 28, 2015 Share Posted August 28, 2015 (edited) Thank you, it's OK now ! Edited October 16, 2015 by wakillon AutoIt 3.3.14.2 X86 - SciTE 3.6.0 - WIN 8.1 X64 - Other Example Scripts Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now