📄 windows.inc
字号:
invoke MASM特有的用来组装函数 例:invoke OpenProcess,PROCESS_ALL_ACCESS,FALSE,ProcessID
addr MASM特有的 invoke专用
aaa 加法后的ASCII码调整AL 机器码37 设置 AF CF 例:aaa
aad 除法前的ASCII码调整AX 机器码D5 0A 或 D5 0B 设置 SF ZF PF 例:aad
aam 乘法后的ASCII码调整AX 机器码D4 0A 或 D4 0B 设置 PF SF ZF 例:aam
aas 减法后的ASCII码调整AL 机器码3F 设置 AF CF 例:aas
adc 带进位加法 机器码 设置 AF CF OF SF PF ZF 例:adc eax,1
add 加法 设置 AF CF OF SF PF ZF 例:add eax,1
and 逻辑与 设置 CF OF PF SF ZF 例:and eax,08fh
arpl 调整请求特权级(286+ PM) 机器码63 /r 设置 ZF 例:ARPL AX, BX ;如果AX的RPL小于BX的RPL,则改为BX的RPL,且ZF置1,否则ZF清0
bound 越界检查 (80188+) 机器码62 /r 例:BOUND EAX, [006387EA] ;如果EAX不在[006387EA]及[006387EA+4]的值中间,则产生异常5
call 子程序调用
cld 清除方向位(DF)标志 机器码FC 设置 DF
cli 清除中断允许位(IF)标志 机器码FA 设置 IF
cmp 比较大小,然后设置标志位 设置 AF CF OF PF SF ZF 例:cmp eax,-1
daa 加法后的10进制调整AL 机器码27 设置 AF CF PF SF ZF 例:daa
das 减法后的10进制调整AL 机器码27 设置 AF CF PF SF ZF 例:das
dec 目标减1 设置 AF OF PF SF ZF 例:dec DWORD ptr [33333333]
div 无符号除法 例:DIV EBX;EDX:EAX除以BX,商在EAX中,余数在EDX中
hlt 系统进入暂停状态 机器码F4 不影响标志位
idiv 有符号除法 例:IDIV EBX;EDX:EAX除以BX,商在EAX中,余数在EDX中
imul 有符号乘法 设置CF OF 例:IMUL EAX, EBX, 39
in 从指定的端口读到寄存器 例: IN EAX,E0
inc 目标加1 设置 OF SF ZF AF PF 例:INC DWORD PTR [00459AF0]
int 中断 例:int 3
jmp 无条件转移指令 不影响标志位 例:jmp 23348384
lea 将源操作数的有效地址送寄存器
mul 无符号乘法 设置CF OF 例:MUL ECX
neg 取负 设置CF OF SF ZF AF PF 例:neg ecx
nop 空操作 例:nop
not 按位取反 设置CF OF SF ZF AF PF 例:not ecx
or 逻辑或 设置 CF OF PF SF ZF 例:or al,3 or al,al
out 将寄存器输出到指定的端口 例:out 71,eax
pop 出栈 例:pop eax
popa 从堆栈中弹出全部16位通用寄存器:DI, SI, BP, BX, DX, CX, AX 机器码61 例:popa
popad 从堆栈中弹出全部32位通用寄存器:EDI, ESI, EBP, EBX, EDX, ECX, EAX 机器码61 例:popad
popf 从堆栈中弹出16位标志寄存器 机器码9D 设置所有标志位 例:popf
popfd 从堆栈中弹出32位标志寄存器 机器码9D 设置所有标志位 例:popfd
push 入栈 例:push eax
pusha 压栈全部16位通用寄存器:AX, CX, DX, BX, SP, BP, SI, DI 机器码60 例:pusha
pushad 压栈全部32位通用寄存器:EAX, ECX, EDX, EBX, ESP, EBP, ESI, EDI 机器码60 例:pusha
pushf 压栈16位标志寄存器 机器码9C 设置所有标志位 例:pushf
pushfd 压栈32位标志寄存器 机器码9C 设置所有标志位 例:pushfd
ret 子过程返回 恢复压栈的标志位 例:ret ret 8
sub 减法 设置 AF CF OF SF PF ZF 例:sub eax,ebx sub ebx,[343434]
xor 逻辑异或 设置 CF OF PF SF ZF 例:xor eax,eax xor eax,ecx
mov 传送指令 例:mov eax,1
TRUE equ 1
FALSE equ 0
NULL equ 0
Normal equ 000000h
ReadOnly equ 000001h
Hidden equ 000010h
System equ 000100h
vLabel equ 001000h
SubDir equ 010000h
Archive equ 100000h
Black equ 000000h
Blue equ 0FF0000h
Green equ 00FF00h
Cyan equ 0FFFF00h
Red equ 0000FFh
Magenta equ 0FF00FFh
Yellow equ 00FFFFh
White equ 0FFFFFFh
Gray equ 080808h
MAXIMUM_SUPPORTED_EXTENSION equ 512
ANYSIZE_ARRAY equ 1
INVALID_HANDLE_VALUE equ -1
DELETE equ 10000h
READ_CONTROL equ 20000h
WRITE_DAC equ 40000h
WRITE_OWNER equ 80000h
SYNCHRONIZE equ 100000h
STANDARD_RIGHTS_READ equ READ_CONTROL
STANDARD_RIGHTS_WRITE equ READ_CONTROL
STANDARD_RIGHTS_EXECUTE equ READ_CONTROL
STANDARD_RIGHTS_REQUIRED equ 0F0000h
STANDARD_RIGHTS_ALL equ 1F0000h
SPECIFIC_RIGHTS_ALL equ 0FFFFh
SID_REVISION equ 1
SID_MAX_SUB_AUTHORITIES equ 15
SID_RECOMMENDED_SUB_AUTHORITIES equ 1
SidTypeUser equ 1
SidTypeGroup equ 2
SidTypeDomain equ 3
SidTypeAlias equ 4
SidTypeWellKnownGroup equ 5
SidTypeDeletedAccount equ 6
SidTypeInvalid equ 7
SidTypeUnknown equ 8
SECURITY_NULL_RID equ 0h
SECURITY_WORLD_RID equ 0h
SECURITY_LOCAL_RID equ 0h
SECURITY_CREATOR_OWNER_RID equ 0h
SECURITY_CREATOR_GROUP_RID equ 1h
SECURITY_DIALUP_RID equ 1h
SECURITY_NETWORK_RID equ 2h
SECURITY_BATCH_RID equ 3h
SECURITY_INTERACTIVE_RID equ 4h
SECURITY_SERVICE_RID equ 6h
SECURITY_ANONYMOUS_LOGON_RID equ 7h
SECURITY_LOGON_IDS_RID equ 5h
SECURITY_LOCAL_SYSTEM_RID equ 12h
SECURITY_NT_NON_UNIQUE equ 15h
SECURITY_BUILTIN_DOMAIN_RID equ 20h
DOMAIN_USER_RID_ADMIN equ 1F4h
DOMAIN_USER_RID_GUEST equ 1F5h
DOMAIN_GROUP_RID_ADMINS equ 200h
DOMAIN_GROUP_RID_USERS equ 201h
DOMAIN_GROUP_RID_GUESTS equ 202h
DOMAIN_ALIAS_RID_ADMINS equ 220h
DOMAIN_ALIAS_RID_USERS equ 221h
DOMAIN_ALIAS_RID_GUESTS equ 222h
DOMAIN_ALIAS_RID_POWER_USERS equ 223h
DOMAIN_ALIAS_RID_ACCOUNT_OPS equ 224h
DOMAIN_ALIAS_RID_SYSTEM_OPS equ 225h
DOMAIN_ALIAS_RID_PRINT_OPS equ 226h
DOMAIN_ALIAS_RID_BACKUP_OPS equ 227h
DOMAIN_ALIAS_RID_REPLICATOR equ 228h
SE_GROUP_MANDATORY equ 1h
SE_GROUP_ENABLED_BY_DEFAULT equ 2h
SE_GROUP_ENABLED equ 4h
SE_GROUP_OWNER equ 8h
SE_GROUP_LOGON_ID equ 0C0000000h
FILE_BEGIN equ 0
FILE_CURRENT equ 1
FILE_END equ 2
FILE_FLAG_WRITE_THROUGH equ 80000000h
FILE_FLAG_OVERLAPPED equ 40000000h
FILE_FLAG_NO_BUFFERING equ 20000000h
FILE_FLAG_RANDOM_ACCESS equ 10000000h
FILE_FLAG_SEQUENTIAL_SCAN equ 8000000h
FILE_FLAG_DELETE_ON_CLOSE equ 4000000h
FILE_FLAG_BACKUP_SEMANTICS equ 2000000h
FILE_FLAG_POSIX_SEMANTICS equ 1000000h
CREATE_NEW equ 1
CREATE_ALWAYS equ 2
OPEN_EXISTING equ 3
OPEN_ALWAYS equ 4
TRUNCATE_EXISTING equ 5
PIPE_ACCESS_INBOUND equ 1h
PIPE_ACCESS_OUTBOUND equ 2h
PIPE_ACCESS_DUPLEX equ 3h
PIPE_CLIENT_END equ 0h
PIPE_SERVER_END equ 1h
PIPE_WAIT equ 0h
PIPE_NOWAIT equ 1h
PIPE_READMODE_BYTE equ 0h
PIPE_READMODE_MESSAGE equ 2h
PIPE_TYPE_BYTE equ 0h
PIPE_TYPE_MESSAGE equ 4h
PIPE_UNLIMITED_INSTANCES equ 255
SECURITY_CONTEXT_TRACKING equ 40000h
SECURITY_EFFECTIVE_ONLY equ 80000h
SECURITY_SQOS_PRESENT equ 100000h
SECURITY_VALID_SQOS_FLAGS equ 1F0000h
SP_SERIALCOMM equ 1h
PST_UNSPECIFIED equ 0h
PST_RS232 equ 1h
PST_PARALLELPORT equ 2h
PST_RS422 equ 3h
PST_RS423 equ 4h
PST_RS449 equ 5h
PST_FAX equ 21h
PST_SCANNER equ 22h
PST_NETWORK_BRIDGE equ 100h
PST_LAT equ 101h
PST_TCPIP_TELNET equ 102h
PST_X25 equ 103h
PCF_DTRDSR equ 1h
PCF_RTSCTS equ 2h
PCF_RLSD equ 4h
PCF_PARITY_CHECK equ 8h
PCF_XONXOFF equ 10h
PCF_SETXCHAR equ 20h
PCF_TOTALTIMEOUTS equ 40h
PCF_INTTIMEOUTS equ 80h
PCF_SPECIALCHARS equ 100h
PCF_16BITMODE equ 200h
DLL_PROCESS_DETACH equ 0
DLL_PROCESS_ATTACH equ 1
DLL_THREAD_ATTACH equ 2
DLL_THREAD_DETACH equ 3
SP_PARITY equ 1h
SP_BAUD equ 2h
SP_DATABITS equ 4h
SP_STOPBITS equ 8h
SP_HANDSHAKING equ 10h
SP_PARITY_CHECK equ 20h
SP_RLSD equ 40h
BAUD_075 equ 1h
BAUD_110 equ 2h
BAUD_134_5 equ 4h
BAUD_150 equ 8h
BAUD_300 equ 10h
BAUD_600 equ 20h
BAUD_1200 equ 40h
BAUD_1800 equ 80h
BAUD_2400 equ 100h
BAUD_4800 equ 200h
BAUD_7200 equ 400h
BAUD_9600 equ 800h
BAUD_14400 equ 1000h
BAUD_19200 equ 2000h
BAUD_38400 equ 4000h
BAUD_56K equ 8000h
BAUD_128K equ 10000h
BAUD_115200 equ 20000h
BAUD_57600 equ 40000h
BAUD_USER equ 10000000h
DATABITS_5 equ 1h
DATABITS_6 equ 2h
DATABITS_7 equ 4h
DATABITS_8 equ 8h
DATABITS_16 equ 10h
DATABITS_16X equ 20h
STOPBITS_10 equ 1h
STOPBITS_15 equ 2h
STOPBITS_20 equ 4h
PARITY_NONE equ 100h
PARITY_ODD equ 200h
PARITY_EVEN equ 400h
PARITY_MARK equ 800h
PARITY_SPACE equ 1000h
DTR_CONTROL_DISABLE equ 0h
DTR_CONTROL_ENABLE equ 1h
DTR_CONTROL_HANDSHAKE equ 2h
RTS_CONTROL_DISABLE equ 0h
RTS_CONTROL_ENABLE equ 1h
RTS_CONTROL_HANDSHAKE equ 2h
RTS_CONTROL_TOGGLE equ 3h
GMEM_FIXED equ 0h
GMEM_MOVEABLE equ 2h
GMEM_NOCOMPACT equ 10h
GMEM_NODISCARD equ 20h
GMEM_ZEROINIT equ 40h
GMEM_MODIFY equ 80h
GMEM_DISCARDABLE equ 100h
GMEM_NOT_BANKED equ 1000h
GMEM_SHARE equ 2000h
GMEM_DDESHARE equ 2000h
GMEM_NOTIFY equ 4000h
GMEM_LOWER equ GMEM_NOT_BANKED
GMEM_VALID_FLAGS equ 7F72h
GMEM_INVALID_HANDLE equ 8000h
GMEM_DISCARDED equ 4000h
GMEM_LOCKCOUNT equ 0FFh
GHND equ GMEM_MOVEABLE OR GMEM_ZEROINIT
GPTR equ GMEM_FIXED OR GMEM_ZEROINIT
LMEM_FIXED equ 0h
LMEM_MOVEABLE equ 2h
LMEM_NOCOMPACT equ 10h
LMEM_NODISCARD equ 20h
LMEM_ZEROINIT equ 40h
LMEM_MODIFY equ 80h
LMEM_DISCARDABLE equ 0F00h
LMEM_VALID_FLAGS equ 0F72h
LMEM_INVALID_HANDLE equ 8000h
LHND equ LMEM_MOVEABLE + LMEM_ZEROINIT
LPTR equ LMEM_FIXED + LMEM_ZEROINIT
NONZEROLHND equ LMEM_MOVEABLE
NONZEROLPTR equ LMEM_FIXED
LMEM_DISCARDED equ 4000h
LMEM_LOCKCOUNT equ 0FFh
DEBUG_PROCESS equ 1h
DEBUG_ONLY_THIS_PROCESS equ 2h
CREATE_SUSPENDED equ 4h
CREATE_SEPARATE_WOW_VDM equ 800h
DETACHED_PROCESS equ 8h
CREATE_NEW_CONSOLE equ 10h
NORMAL_PRIORITY_CLASS equ 20h
IDLE_PRIORITY_CLASS equ 40h
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -