vxdn.inc

Cracker终结者——提供最优秀的软件保护技术

P_WRITEBIT	EQU	1
P_WRITE		EQU	(1 << P_WRITEBIT)
P_USERBIT	EQU	2
P_USER		EQU	(1 << P_USERBIT)
P_ACCBIT	EQU	5
P_ACC		EQU	(1 << P_ACCBIT)
P_DIRTYBIT	EQU	6
P_DIRTY		EQU	(1 << P_DIRTYBIT)
P_AVAIL		EQU	(P_PRES+P_WRITE+P_USER)
PG_VM		EQU	0
PG_SYS		EQU	1
PG_RESERVED1	EQU	2
PG_PRIVATE	EQU	3
PG_RESERVED2	EQU	4
PG_RELOCK	EQU	5
PG_INSTANCE	EQU	6
PG_HOOKED	EQU	7
PG_IGNORE	EQU	0FFFFFFFFH
D_PRES		EQU	080H
D_NOTPRES	EQU	0
D_DPL0		EQU	0
D_DPL1		EQU	020H
D_DPL2		EQU	040H
D_DPL3		EQU	060H
D_SEG		EQU	010H
D_CTRL		EQU	0
D_GRAN_BYTE	EQU	000H
D_GRAN_PAGE	EQU	080H
D_DEF16		EQU	000H
D_DEF32		EQU	040H
D_CODE		EQU	08H
D_DATA		EQU	0
D_X		EQU	0
D_RX		EQU	02H
D_C		EQU	04H
D_R		EQU	0
D_W		EQU	02H
D_ED		EQU	04H
D_ACCESSED	EQU	1
RW_DATA_TYPE	EQU	(D_PRES+D_SEG+D_DATA+D_W)
R_DATA_TYPE	EQU	(D_PRES+D_SEG+D_DATA+D_R)
CODE_TYPE	EQU	(D_PRES+D_SEG+D_CODE+D_RX)
D_PAGE32	EQU	(D_GRAN_PAGE+D_DEF32)
SELECTOR_MASK	EQU	0FFF8H
SEL_LOW_MASK	EQU	0F8H
TABLE_MASK	EQU	04H
RPL_MASK	EQU	03H
RPL_CLR	EQU	(~RPL_MASK)
IVT_ROM_DATA_SIZE	EQU	500H

LMEM_STRING	EQU	00010000H
LMEM_OEM2ANSI	EQU	00020000H
QAAFL_APPYAVAIL	EQU	00000001H
QAAFL_APPYNOW	EQU	00000002H
CAAFL_RING0	EQU	00000001H
CAAFL_TIMEOUT	EQU	00000002H

PAGEOUT_PRIVATE	EQU	00000001H
PAGEOUT_SHARED	EQU	00000002H
PAGEOUT_SYSTEM	EQU	00000004H
PAGEOUT_REGION	EQU	00000008H
PAGEOUT_ALL	EQU	(PAGEOUT_PRIVATE | PAGEOUT_SHARED | PAGEOUT_SYSTEM)

PG_UNCACHED			EQU	00000001H
PG_WRITECOMBINED		EQU	00000002H
FLUSHCACHES_NORMAL		EQU	00000000H
FLUSHCACHES_GET_CACHE_LINE_PTR	EQU	00000001H
FLUSHCACHES_GET_CACHE_SIZE_PTR	EQU	00000002H
FLUSHCACHES_TAKE_OVER		EQU	00000003H
FLUSHCACHES_FORCE_PAGES_OUT	EQU	00000004H
FLUSHCACHES_LOCK_LOCKABLE	EQU	00000005H
FLUSHCACHES_UNLOCK_LOCKABLE	EQU	00000006H

HEAPZEROINIT	EQU	00000001H
HEAPZEROREINIT	EQU	00000002H
HEAPNOCOPY	EQU	00000004H
HEAPALIGN_SHIFT	EQU	16
HEAPALIGN_MASK	EQU	000F0000H
HEAPALIGN_4	EQU	00000000H
HEAPALIGN_8	EQU	00000000H
HEAPALIGN_16	EQU	00000000H
HEAPALIGN_32	EQU	00010000H
HEAPALIGN_64	EQU	00020000H
HEAPALIGN_128	EQU	00030000H
HEAPALIGN_256	EQU	00040000H
HEAPALIGN_512	EQU	00050000H
HEAPALIGN_1K	EQU	00060000H
HEAPALIGN_2K	EQU	00070000H
HEAPALIGN_4K	EQU	00080000H
HEAPALIGN_8K	EQU	00090000H
HEAPALIGN_16K	EQU	000A0000H
HEAPALIGN_32K	EQU	000B0000H
HEAPALIGN_64K	EQU	000C0000H
HEAPALIGN_128K	EQU	000D0000H
HEAPTYPESHIFT	EQU	8
HEAPTYPEMASK	EQU	00000700H
HEAPLOCKEDHIGH	EQU	00000000H
HEAPLOCKEDIFDP	EQU	00000100H
HEAPSWAP	EQU	00000200H
HEAPINIT	EQU	00000400H
HEAPCLEAN	EQU	00000800H
HEAPCONTIG	EQU	00001000H
HEAPFORGET	EQU	00002000H
HEAPLOCKEDLOW	EQU	00000300H
HEAPSYSVM	EQU	00000500H
HEAPPREEMPT	EQU	00000600H

LF_ASYNC_BIT		EQU	0
LF_ASYNC		EQU	(1 << LF_ASYNC_BIT)
LF_USE_HEAP_BIT		EQU	1
LF_USE_HEAP		EQU	(1 << LF_USE_HEAP_BIT)
LF_ALLOC_ERROR_BIT	EQU	2
LF_ALLOC_ERROR		EQU	(1 << LF_ALLOC_ERROR_BIT)
LF_SWAP			EQU	(LF_USE_HEAP+(1 << 3))

ASSERT_RANGE_NULL_BAD		EQU	00000000H
ASSERT_RANGE_NULL_OK		EQU	00000001H
ASSERT_RANGE_IS_ASCIIZ		EQU	00000002H
ASSERT_RANGE_IS_NOT_ASCIIZ	EQU	00000000H
ASSERT_RANGE_NO_DEBUG		EQU	80000000H
ASSERT_RANGE_BITS		EQU	80000003H

VXDLDR_INIT_DEVICE		EQU	000000001H

VXDLDR_ERR_OUT_OF_MEMORY	EQU	1
VXDLDR_ERR_IN_DOS		EQU	2
VXDLDR_ERR_FILE_OPEN_ERROR	EQU	3
VXDLDR_ERR_FILE_READ		EQU	4
VXDLDR_ERR_DUPLICATE_DEVICE	EQU	5
VXDLDR_ERR_BAD_DEVICE_FILE	EQU	6
VXDLDR_ERR_DEVICE_REFUSED	EQU	7
VXDLDR_ERR_NO_SUCH_DEVICE	EQU	8
VXDLDR_ERR_DEVICE_UNLOADABLE	EQU	9
VXDLDR_ERR_ALLOC_V86_AREA	EQU	10
VXDLDR_ERR_BAD_API_FUNCTION	EQU	11
VXDLDR_ERR_MAX			EQU	11

VXDLDR_NOTIFY_OBJECTUNLOAD	EQU	0
VXDLDR_NOTIFY_OBJECTLOAD	EQU	1

VXDLDR_APIFUNC_GETVERSION   EQU 0
VXDLDR_APIFUNC_LOADDEVICE   EQU 1
VXDLDR_APIFUNC_UNLOADDEVICE EQU 2


struc DIOCParams
.Internal1		resd 1
.VMHandle		resd 1
.Internal2		resd 1
.dwIoControlCode	resd 1
.lpvInBuffer		resd 1
.cbInBuffer		resd 1
.lpvOutBuffer		resd 1
.cbOutBuffer		resd 1
.lpcbBytesReturned	resd 1
.lpoOverlapped		resd 1
.hDevice		resd 1
.tagProcess		resd 1
endstruc

VWIN32_DIOC_GETVERSION		EQU	DIOC_GETVERSION
VWIN32_DIOC_DOS_IOCTL		EQU	1
VWIN32_DIOC_DOS_INT25		EQU	2
VWIN32_DIOC_DOS_INT26		EQU	3
VWIN32_DIOC_DOS_INT13		EQU	4
VWIN32_DIOC_SIMCTRLC		EQU	5
VWIN32_DIOC_DOS_DRIVEINFO	EQU	6
VWIN32_DIOC_CLOSEHANDLE		EQU	DIOC_CLOSEHANDLE

struc DIOCRegs
.reg_EBX	resd 1
.reg_EDX	resd 1
.reg_ECX	resd 1
.reg_EAX	resd 1
.reg_EDI	resd 1
.reg_ESI	resd 1
.reg_Flags	resd 1
endstruc

%ifndef FILE_FLAG_OVERLAPPED
struc _OVERLAPPED
.O_Internal	resd 1
.O_InternalHigh	resd 1
.O_Offset	resd 1
.O_OffsetHigh	resd 1
.O_hEvent	resd 1
endstruc
%endif


R0_OPENCREATFILE		equ	0D500h	; Open/Create a file
R0_OPENCREAT_IN_CONTEXT		equ	0D501h	; Open/Create file in current context
R0_READFILE			equ	0D600h	; Read a file, no context
R0_WRITEFILE			equ	0D601h	; Write to a file, no context
R0_READFILE_IN_CONTEXT		equ	0D602h	; Read a file, in thread context
R0_WRITEFILE_IN_CONTEXT		equ	0D603h	; Write to a file, in thread context
R0_CLOSEFILE			equ	0D700h	; Close a file
R0_GETFILESIZE			equ	0D800h	; Get size of a file
R0_FINDFIRSTFILE		equ	04E00h	; Do a LFN FindFirst operation
R0_FINDNEXTFILE			equ	04F00h	; Do a LFN FindNext operation
R0_FINDCLOSEFILE		equ	0DC00h	; Do a LFN FindClose operation
R0_FILEATTRIBUTES		equ	04300h	; Get/Set Attributes of a file
R0_RENAMEFILE			equ	05600h	; Rename a file
R0_DELETEFILE			equ	04100h	; Delete a file
R0_LOCKFILE			equ	05C00h	; Lock/Unlock a region in a file
R0_GETDISKFREESPACE		equ	03600h	; Get disk free space
R0_READABSOLUTEDISK		equ	0DD00h	; Absolute disk read
R0_WRITEABSOLUTEDISK		equ	0DE00h	; Absolute disk write


%macro GetDeviceServiceOrdinal 2
  mov %1, @@%2
%endmacro

%macro VxDCall 1-*
  %rep %0 - 1
    %rotate -1
    push %1
  %endrep
  %rotate -1
  db 0xCD, 0x20
  dd @@%1
  %if %0 > 1
    lea esp, [esp + 4*(%0 - 1)]
  %endif
%endmacro

%define VxDcall VxDCall

%macro VMMCall 1-2+
  %if (@@%1 >> 16) <> VMM_Device_ID
    %error %1 is not a VMM Service
  %endif
  VxDcall %1, %2
%endmacro

%define VMMcall VMMCall

%macro VxDJmp 1
  db 0xCD, 0x20
  dd (@@%1 | 0x80000000)
%endmacro
%define VxDjmp VxDJmp

%macro VMMJmp 1
  %if (@@%1 >> 16) <> VMM_Device_ID
    %error %1 is not a VMM Service
  %endif
  VxDJmp %1
%endmacro

%define VMMjmp VMMJmp

struc VxD_Desc_Block
DDB_Next		resd 1
DDB_SDK_Version		resw 1;   DW  DDK_VERSION
DDB_Req_Device_Number	resw 1;   DW  UNDEFINED_DEVICE_ID
DDB_Dev_Major_Version	resb 1;   DB  0
DDB_Dev_Minor_Version	resb 1;   DB  0
DDB_Flags		resw 1;   DW  0
DDB_Name		resb 8;   DB  "        "
DDB_Init_Order		resd 1;   DD  UNDEFINED_INIT_ORDER
DDB_Control_Proc	resd 1;    DD  ?
DDB_V86_API_Proc	resd 1;    DD  0
DDB_PM_API_Proc		resd 1; DD  0
DDB_V86_API_CSIP	resd 1;    DD  0
DDB_PM_API_CSIP		resd 1; DD  0
DDB_Reference_Data	resd 1;  DD  ?
DDB_Service_Table_Ptr	resd 1;   DD  0
DDB_Service_Table_Size	resd 1;  DD  0
DDB_Win32_Service_Table	resd 1; DD  0
DDB_Prev		resd 1;    DD  'Prev'
DDB_Size		resd 1;    DD  SIZE(VxD_Desc_Block)
DDB_Reserved1		resd 1;   DD  'Rsv1'
DDB_Reserved2		resd 1;   DD  'Rsv2'
DDB_Reserved3		resd 1;   DD  'Rsv3'
endstruc

;
; Params 5-9 are optional, since most of the time they are generic
; params: devname, quoted devname, major, minor, devid, initorder, v86, pm, ref
; Control_Proc must be named devname_Control
;
%macro Declare_Virtual_Device 4-9 UNDEFINED_DEVICE_ID, UNDEFINED_INIT_ORDER, 0, 0, 0
global %1_DDB
%1_DDB:
istruc VxD_Desc_Block
	at DDB_Next,			dd 0
	at DDB_SDK_Version,		dw DDK_VERSION
	at DDB_Req_Device_Number,	dw %5
	at DDB_Dev_Major_Version,	db %3
	at DDB_Dev_Minor_Version,	db %4
	at DDB_Flags,			dw 0
%%start:
	at DDB_Name,			db %2
%%end:
	TIMES 8-(%%end-%%start)		db ' '

	at DDB_Init_Order,		dd %6
	at DDB_Control_Proc,		dd %1_Control
	at DDB_V86_API_Proc,		dd %7
	at DDB_PM_API_Proc,		dd %8
	at DDB_V86_API_CSIP,		dd 0
	at DDB_PM_API_CSIP,		dd 0
	at DDB_Reference_Data,		dd %9

%ifdef Create_Service_Table_%1
	at DDB_Service_Table_Ptr,	dd %1_Service_Table
	at DDB_Service_Table_Size,	dd Num_%1_Services
%else
	at DDB_Service_Table_Ptr,	dd 0
	at DDB_Service_Table_Size,	dd 0
%endif

	at DDB_Win32_Service_Table,	dd 0
	at DDB_Prev,			db 'verP'
	at DDB_Size,			dd VxD_Desc_Block_size
	at DDB_Reserved1,		db '1vsR'
	at DDB_Reserved2,		db '2vsR'
	at DDB_Reserved3,		db '3vsR'
iend
%endmacro

%macro Begin_Control_Dispatch 1
	%push	ControlDispatch
%1_Control:
%endmacro

;Message,Proc
%macro Control_Dispatch 2
%ifctx ControlDispatch
	cmp	eax,byte %1
	je	near %2
%else
	%error no matching Begin_Control_Dispatch for Control_Dispatch
%endif
%endmacro

%macro End_Control_Dispatch 0
%ifctx ControlDispatch
	clc
	retn
%else
	%error no matching Begin_Control_Dispatch for End_Control_Dispatch
%endif
%endmacro

%macro Trace_Out 1
[segment _LDATA]
%%msg: db %1, 13, 10, 0
__SECT__
push	dword %%msg
VMMCall _Trace_Out_Service
%endmacro

%macro Trace_Outcc 2
j%-1	%%cont
Trace_Out %2
%%cont:
%endmacro

%macro Trace_OutE 1
Trace_Outcc e, %1
%endmacro
%define Trace_OutZ Trace_OutE

%macro Trace_OutNE 1
Trace_Outcc ne, %1
%endmacro
%define Trace_OutNZ Trace_OutNE

%macro Trace_OutC 1
Trace_Outcc c, %1
%endmacro

%macro Trace_OutNC 1
Trace_Outcc nc, %1
%endmacro


%endif