📄 common.asm
字号:
mov [.ESP],esp
mov esi,.EHS
VMMCall Install_Exception_Handler
jnc @F
debug_start sdata+DebugFlags, ICEDUMP_DEBUG_COMMON
Trace_Out "ICEDUMP: Byte2Hex: failed to install exception handler"
debug_end
@@
movzx eax, byte [ebp+08h]
mov edi, [ebp+0Ch]
push eax
shr eax, 4
push eax
mov al, [HTable+eax]
cmp al, 30h
jz .NoWriteStore
.protect_start:
stosb
.NoWriteStore:
pop eax
pop ebx
shl eax, 4
sub ebx, eax
mov al, [HTable+ebx]
stosw
.protect_end:
jmp short .free_eh
.EH:
mov esp,[.ESP]
debug_start sdata+DebugFlags, ICEDUMP_DEBUG_COMMON
Trace_Out "ICEDUMP: Byte2Hex: exception, EDI: #edi"
debug_end
.free_eh:
mov esi,.EHS
cmp dword [esi+EHS_Reserved],byte 0
jz @F
VMMCall Remove_Exception_Handler
jnc @F
debug_start sdata+DebugFlags, ICEDUMP_DEBUG_COMMON
Trace_Out "ICEDUMP: Byte2Hex: failed to uninstall exception handler"
debug_end
@@
popad
pop ebp
retn 08h
segment _LDATA
align 4
.ESP: dd 0
.EHS:
istruc Exception_Handler_Struc
at EHS_Reserved, dd 0
at EHS_Start_EIP, dd Byte2Hex.protect_start
at EHS_End_EIP, dd Byte2Hex.protect_end
at EHS_Handler, dd Byte2Hex.EH
iend
segment _LTEXT
;北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北
; Convert an hexstring to dword value.
;北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北
;鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍
;ebp+8 : String hex To convert
;
;eax=HEX value
;鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍
Hex2Dec:
push ebp
mov ebp, esp
push esi
push edx
mov esi,.EHS
VMMCall Install_Exception_Handler
jnc @F
debug_start sdata+DebugFlags, ICEDUMP_DEBUG_COMMON
Trace_Out "ICEDUMP: Hex2Dec: failed to install exception handler"
debug_end
@@
mov esi, [ebp+08h]
xor edx, edx
.HexConvert:
xor eax, eax
.protect_start:
lodsb
.protect_end:
test eax, eax
jz .free_eh
sub al, '0'
cmp al, 9h
jle .WasDigit
sub al, 'A'-('0'+0Ah)
.WasDigit:
shl edx, 4
add edx, eax
jmp short .HexConvert
.EH:
debug_start sdata+DebugFlags, ICEDUMP_DEBUG_COMMON
Trace_Out "ICEDUMP: Hex2Dec: exception, ESI: #esi"
debug_end
.free_eh:
mov esi,.EHS
cmp dword [esi+EHS_Reserved],byte 0
jz @F
VMMCall Remove_Exception_Handler
jnc @F
debug_start sdata+DebugFlags, ICEDUMP_DEBUG_COMMON
Trace_Out "ICEDUMP: Hex2Dec: failed to uninstall exception handler"
debug_end
@@
mov eax, edx
pop edx
pop esi
pop ebp
retn 04h
segment _LDATA
align 4
.EHS:
istruc Exception_Handler_Struc
at EHS_Reserved, dd 0
at EHS_Start_EIP, dd Hex2Dec.protect_start
at EHS_End_EIP, dd Hex2Dec.protect_end
at EHS_Handler, dd Hex2Dec.EH
iend
segment _LTEXT
;北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北
; Compare Two String.
;北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北
;鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍
;ebp+8 : String 1
;ebp+C : String 2
;
;eax=0 on success, 1 otherwise.
;鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍
strcmp:
push ebp
mov ebp, esp
push esi
push edi
mov esi,.EHS
VMMCall Install_Exception_Handler
jnc @F
debug_start sdata+DebugFlags, ICEDUMP_DEBUG_COMMON
Trace_Out "ICEDUMP: strcmp: failed to install exception handler"
debug_end
@@
mov esi, [ebp+08h]
mov edi, [ebp+0Ch]
xor eax, eax
.CmpStr:
.protect_start:
lodsb
scasb
.protect_end:
jnz .notequal
test eax, eax
jnz .CmpStr
jmp short .free_eh
.notequal:
xor eax, eax
inc eax
jmp short .free_eh
.EH:
debug_start sdata+DebugFlags, ICEDUMP_DEBUG_COMMON
Trace_Out "ICEDUMP: strcmp: exception, ESI: #esi, EDI: #edi"
debug_end
.free_eh:
mov esi,.EHS
cmp dword [esi+EHS_Reserved],byte 0
jz @F
VMMCall Remove_Exception_Handler
jnc @F
debug_start sdata+DebugFlags, ICEDUMP_DEBUG_COMMON
Trace_Out "ICEDUMP: strcmp: failed to uninstall exception handler"
debug_end
@@
pop edi
pop esi
pop ebp
retn 08h
segment _LDATA
align 4
.EHS:
istruc Exception_Handler_Struc
at EHS_Reserved, dd 0
at EHS_Start_EIP, dd strcmp.protect_start
at EHS_End_EIP, dd strcmp.protect_end
at EHS_Handler, dd strcmp.EH
iend
segment _LTEXT
;北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北
; Compute string length.
;北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北
;鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍
;ebp+8 : String
;
;eax=size on success, 0 otherwise.
;鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍
strlen:
push ebp
mov ebp, esp
push esi
push edi
push ecx
mov esi,.EHS
VMMCall Install_Exception_Handler
jnc @F
debug_start sdata+DebugFlags, ICEDUMP_DEBUG_COMMON
Trace_Out "ICEDUMP: strlen: failed to install exception handler"
debug_end
@@
mov edi,[ebp+08h]
xor ecx, ecx
dec ecx
mov al,0
cld
.protect_start:
repnz scasb
.protect_end:
not ecx
mov eax, ecx
jmp short .free_eh
.EH:
debug_start sdata+DebugFlags, ICEDUMP_DEBUG_COMMON
Trace_Out "ICEDUMP: strlen: exception, EDI: #edi"
debug_end
.free_eh:
mov esi,.EHS
cmp dword [esi+EHS_Reserved],byte 0
jz @F
VMMCall Remove_Exception_Handler
jnc @F
debug_start sdata+DebugFlags, ICEDUMP_DEBUG_COMMON
Trace_Out "ICEDUMP: strlen: failed to uninstall exception handler"
debug_end
@@
pop ecx
pop edi
pop esi
pop ebp
retn 04h
segment _LDATA
align 4
.EHS:
istruc Exception_Handler_Struc
at EHS_Reserved, dd 0
at EHS_Start_EIP, dd strlen.protect_start
at EHS_End_EIP, dd strlen.protect_end
at EHS_Handler, dd strlen.EH
iend
segment _LTEXT
strcopy:
push ebp
mov ebp, esp
push edi
push esi
push eax
mov esi,.EHS
VMMCall Install_Exception_Handler
jnc @F
debug_start sdata+DebugFlags, ICEDUMP_DEBUG_COMMON
Trace_Out "ICEDUMP: strcopy: failed to install exception handler"
debug_end
@@
mov esi, [ebp+08h]
mov edi, [ebp+0Ch]
xor eax, eax
.LoopCopy:
.protect_start:
lodsb
stosb
.protect_end:
test eax, eax
jnz .LoopCopy
jmp short .free_eh
.EH:
debug_start sdata+DebugFlags, ICEDUMP_DEBUG_COMMON
Trace_Out "ICEDUMP: strcopy: exception, ESI: #esi, EDI: #edi"
debug_end
.free_eh:
mov esi,.EHS
cmp dword [esi+EHS_Reserved],byte 0
jz @F
VMMCall Remove_Exception_Handler
jnc @F
debug_start sdata+DebugFlags, ICEDUMP_DEBUG_COMMON
Trace_Out "ICEDUMP: strcopy: failed to uninstall exception handler"
debug_end
@@
pop eax
pop esi
pop edi
pop ebp
retn 08
segment _LDATA
align 4
.EHS:
istruc Exception_Handler_Struc
at EHS_Reserved, dd 0
at EHS_Start_EIP, dd strcopy.protect_start
at EHS_End_EIP, dd strcopy.protect_end
at EHS_Handler, dd strcopy.EH
iend
segment _LTEXT
;北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北
; Scan for a given string.
;北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北北
;鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍
;ebp+8 : String
;ebp+c : Length
;ebp+10: Pattern AZT
;
;eax=Position on success, 0 otherwise.
;鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍鞍
ScanForIt:
push ebp
mov ebp, esp
sub esp, 4
push esi
push edi
push ecx
mov [.ESP],esp
mov esi,.EHS
VMMCall Install_Exception_Handler
jnc @F
debug_start sdata+DebugFlags, ICEDUMP_DEBUG_COMMON
Trace_Out "ICEDUMP: ScanForIt: failed to install exception handler"
debug_end
@@
mov esi, [ebp+10h]
xor eax, eax
mov [ebp-4], eax
.LoopCount:
.protect_start:
lodsb
inc dword [ebp-4]
test eax, eax
jnz .LoopCount
mov ecx, [ebp+0Ch]
mov esi, [ebp+08h]
mov edi, [ebp+10h]
push esi
push ecx
.LoopCmp:
lodsb
scasb
jnz .IncBuff
cmp byte [edi], 0
.protect_end:
jnz .LoopCmp
pop ecx
pop esi
mov eax, esi
jmp short .free_eh
.IncBuff:
pop ecx
pop esi
inc esi
dec ecx
xor eax, eax
cmp ecx, [ebp-4] ; jecxz EndScanForIt
jl .free_eh
mov edi, [ebp+10h]
push esi
push ecx
jmp short .LoopCmp
.EH:
mov esp,[.ESP]
debug_start sdata+DebugFlags, ICEDUMP_DEBUG_COMMON
Trace_Out "ICEDUMP: ScanForIt: exception, ESI: #esi, EDI: #edi"
debug_end
.free_eh:
mov esi,.EHS
cmp dword [esi+EHS_Reserved],byte 0
jz @F
VMMCall Remove_Exception_Handler
jnc @F
debug_start sdata+DebugFlags, ICEDUMP_DEBUG_COMMON
Trace_Out "ICEDUMP: ScanForIt: failed to uninstall exception handler"
debug_end
@@
pop ecx
pop edi
pop esi
add esp, byte 4
leave
retn 0ch
segment _LDATA
align 4
.ESP: dd 0
.EHS:
istruc Exception_Handler_Struc
at EHS_Reserved, dd 0
at EHS_Start_EIP, dd ScanForIt.protect_start
at EHS_End_EIP, dd ScanForIt.protect_end
at EHS_Handler, dd ScanForIt.EH
iend
%endif
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -