📄 disas.asm
字号:
.code
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
;
;Initialise disasembly stuff.
;
InitDisas proc near
mov SymbolList,ebx
sys GetSel
mov DisasTempSel,bx
ret
InitDisas endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
;
;Generate text disasembly of data.
;
;On Entry:
;
;FS:ESI Instruction buffer to disasemble.
;ES:EDI Buffer to produce text in.
;
;On Exit:
;
;FS:ESI Points to next instruction.
;
;AX - Instruction type. Types in disas.inc
;
Disasemble proc near
push fs
mov RealFS,fs
mov dTargetCS2,0
;
pushm esi,edi,es,fs
mov bx,fs
sys GetSelDet
mov bx,DisasTempSel
mov si,-1
mov di,si
sys SetSelDet
popm esi,edi,es,fs
;
mov fs,DisasTempSel
mov Use32Bit,0
xor eax,eax
mov ax,RealFS
lar eax,eax
test eax,00400000h
jz @@Use32It
mov Use32Bit,3
@@Use32It: ;
push edi
mov _D_Source,esi
mov al,' '
mov ecx,24
rep stosb
pop edi
;
;Print the address (as an offset).
;
push edi
mov eax,esi
mov ecx,8
test Use32Bit,1
jnz @@BigAddr
mov ecx,4
@@BigAddr: call Bin2Hex
mov es:b[edi],' '
inc edi
mov _D_Destination,edi
pop edi
add edi,24
mov _D_Destination+4,edi
dec _D_Destination+4
;
pushm esi,edi
push esi
mov bx,DisasTempSel
sys GetSelDet
shl ecx,16
mov cx,dx
pop esi
add esi,ecx
mov ax,0fffch
int 31h
jc @@BadAddr
add esi,14
int 31h
jnc @@AddrOK
@@BadAddr: popm esi,edi
inc esi
push esi
mov esi,offset BadAddrText
@@BadCopy: movsb
cmp b[esi-1],0
jnz @@BadCopy
pop esi
mov ReturnCode,RetCode_INV
jmp @@DisDone
@@AddrOK: popm esi,edi
;
mov eaMode,0
mov eaOffset,0
mov eaSeg,0
mov eaReg,0
mov eaIndex,0
mov eaScale,0
;
mov ReturnCode,0
mov SegOver_T,0
mov al,Use32Bit
mov In32Bit,al
mov FWait_Waiting,0
@@OpCodeLoop: mov AnotherOpCode,0
;
mov ebp,offset InstTab
movzx eax,fs:b[esi] ;Get op-code.
inc esi
;
@@NewTable: mov AnotherTable,0
mov PointType,0
mov bx,size xxh_struc
mul bx
shl eax,1 ;2 entries per table.
add ebp,eax ;index into the table.
;
test In32Bit,1
jz @@no32
add ebp,size xxh_struc ;assume 32 bit for now.
@@no32: push esi
mov esi,ds:xxh_text1[ebp] ;point to first text string.
@@0: movsb
cmp b[esi-1],0 ;end of string?
jnz @@0
dec edi
pop esi
;
push esi
mov esi,ds:xxh_text2[ebp] ;point to second text string.
@@1: movsb
cmp b[esi-1],0 ;end of string?
jnz @@1
dec edi
pop esi
;
mov eax,ds:xxh_extended[ebp]
mov PointType,eax
;
call ds:xxh_routine[ebp]
;
cmp AnotherTable,0
jnz @@NewTable
cmp AnotherOpCode,0
jnz @@OpCodeLoop ;fetch next one.
;
pushm esi,edi
mov ecx,esi
sub ecx,_D_Source
mov esi,_D_Source
mov edi,_D_Destination
@@2: mov al,fs:[esi]
inc esi
cmp edi,_D_Destination+4
jnc @@3
push ecx
mov ecx,2
call Bin2Hex
pop ecx
loop @@2
mov es:b[edi],' '
@@3: popm esi,edi
;
@@DisDone: mov ax,ReturnCode
movzx ebx,eaMode
mov cx,dTargetCS
mov edx,dTargetEIP
mov gs,dTargetCS2
mov ebp,dTargetEIP2
;
@@9: pop fs
ret
Disasemble endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
;
;Look for value as a symbol, outputting symbol text if found or hex value if not.
;
;On Entry:-
;
;EAX - Value.
;DX - Segment (0=none)
;ECX - Digits.
;ES:EDI - Output buffer.
;
SymbolBin2Hex proc near
pushm eax,ebx,ecx,edx,esi,ebp
push esi
call Bin2Symbol
jc @@9
rep movsb
pop esi
jmp @@8
;
@@9: pop esi
call Bin2Hex
@@8: popm eax,ebx,ecx,edx,esi,ebp
ret
SymbolBin2Hex endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
Bin2Symbol proc near
cmp SymbolTranslate,0
jz @@9
;
mov esi,SymbolList
@@0: cmp d[esi],-1 ;end of the list?
jz @@9
push esi
cmp SymbolType[esi],255
jz @@1
cmp eax,SymbolDWord[esi] ;right value?
jnz @@1
or dx,dx
jz @@2
cmp dx,SymbolSeg[esi]
jnz @@1
@@2: add esi,SymbolTLen
movzx ecx,b[esi] ;get text length.
inc esi
pop eax
clc
ret
;
@@1: pop esi
add esi,SymbolNext[esi]
jmp @@0
;
@@9: stc
ret
Bin2Symbol endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
Bin2Hex proc near
;
;Convert number into ASCII Hex version.
;
;On Entry:-
;
;EAX - Number to convert.
;ECX - Digits to do.
;ES:EDI - Buffer to put string in.
;
pushm edi,ecx,ebx,edx
lea ebx,HexTable
add edi,ecx
dec edi
mov edx,eax
@@0: mov al,dl
shr edx,4
and al,15
xlat
mov es:[edi],al
dec edi
loop @@0
popm edi,ecx,ebx,edx
add edi,ecx
ret
Bin2Hex endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
RETWORD proc near
mov ReturnCode,RetCode_RET
ret
RETWORD endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
RETDWORD proc near
mov ReturnCode,RetCode_RET32
ret
RETDWORD endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
RETDWORD2 proc near
mov ReturnCode,RetCode_RETF
ret
RETDWORD2 endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
W_IRET proc near
mov ReturnCode,RetCode_IRET
ret
W_IRET endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
D_IRET proc near
mov ReturnCode,RetCode_IRET32
ret
D_IRET endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
RETFWORD proc near
mov ReturnCode,RetCode_RETF32
ret
RETFWORD endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
RMREGB proc near
mov eaMode,1
call get_modregrm
lea edx,T_ByteRegs
mov al,0
call outrm2
ret
RMREGB endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
RMREGW proc near
mov eaMode,2
call get_modregrm
lea edx,T_WordRegs
mov al,1
call outrm2
ret
RMREGW endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
RMREGD proc near
mov eaMode,4
call get_modregrm
lea edx,T_DWordRegs
mov al,2
call outrm2
ret
RMREGD endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
CRMREGD proc near
call get_modregrm
lea edx,T_CDWordRegs
mov al,2
call outrm2
ret
CRMREGD endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
DRMREGD proc near
call get_modregrm
lea edx,T_DDWordRegs
mov al,2
call outrm2
ret
DRMREGD endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
TRMREGD proc near
call get_modregrm
lea edx,T_TDWordRegs
mov al,2
call outrm2
ret
TRMREGD endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
REGRMB proc near
mov eaMode,1
call get_modregrm
lea edx,T_ByteRegs
mov al,0
call outrb2
ret
REGRMB endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
REGRMW proc near
mov eaMode,2
call get_modregrm
lea edx,T_WordRegs
mov al,1
call outrb2
ret
REGRMW endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
REGRMSW proc near
mov eaMode,5
call get_modregrm
lea edx,T_WordRegs
mov al,1
call outrb2
ret
REGRMSW endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
MOVZXDW proc near
mov eaMode,2
call get_modregrm
lea edx,T_DWordRegs
mov al,1
call outrb2
ret
MOVZXDW endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
MOVZXDB proc near
mov eaMode,1
call get_modregrm
lea edx,T_DWordRegs
mov al,0
call outrb2
ret
MOVZXDB endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
MOVZXWB proc near
mov eaMode,1
call get_modregrm
lea edx,T_WordRegs
mov al,0
call outrb2
ret
MOVZXWB endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
REGRMD proc near
mov eaMode,4
call get_modregrm
lea edx,T_DWordRegs
mov al,2
call outrb2
ret
REGRMD endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
REGRMSF proc near
mov eaMode,6
call get_modregrm
lea edx,T_DWordRegs
mov al,2
call outrb2
ret
REGRMSF endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
CREGRMD proc near
call get_modregrm
lea edx,T_CDWordRegs
mov al,2
call outrb2
ret
CREGRMD endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
DREGRMD proc near
call get_modregrm
lea edx,T_DDWordRegs
mov al,2
call outrb2
ret
DREGRMD endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
TREGRMD proc near
call get_modregrm
lea edx,T_TDWordRegs
mov al,2
call outrb2
ret
TREGRMD endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
RMB proc near
mov eaMode,1
call get_modregrm
lea edx,T_ByteRegs
mov al,0
call out_ea
ret
RMB endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
RMW proc near
mov eaMode,2
call get_modregrm
lea edx,T_WordRegs
mov al,1
call out_ea
ret
RMW endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
RMWF proc near
mov eaMode,6
call get_modregrm
lea edx,T_ByteRegs
mov al,0
call out_ea
ret
RMWF endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
RMD proc near
mov eaMode,4
call get_modregrm
lea edx,T_ByteRegs
mov al,2
call out_ea
ret
RMD endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
SHLDIMBW proc near
call get_modregrm
lea edx,T_WordRegs
mov al,1
call outrm2
mov al,0
call out_imm
ret
SHLDIMBW endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
SHLDIMBD proc near
call get_modregrm
lea edx,T_DWordRegs
mov al,2
call outrm2
mov al,0
call out_imm
ret
SHLDIMBD endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
SHLDCLW proc near
call get_modregrm
lea edx,T_WordRegs
mov al,1
call outrm2
mov es:b[edi],','
inc edi
push esi
lea esi,T_CL
@@0: movsb
cmp b[esi-1],0
jnz @@0
dec edi
pop esi
ret
SHLDCLW endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
SHLDCLD proc near
call get_modregrm
lea edx,T_DWordRegs
mov al,2
call outrm2
mov es:b[edi],','
inc edi
push esi
lea esi,T_CL
@@0: movsb
cmp b[esi-1],0
jnz @@0
dec edi
pop esi
ret
SHLDCLD endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
GvEvIvW proc near
call get_modregrm
lea edx,T_WordRegs
mov al,1
call outrm2
mov al,1
call out_imm
ret
GvEvIvW endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
GvEvIbW proc near
call get_modregrm
lea edx,T_WordRegs
mov al,1
call outrm3
mov al,0
call out_imm
ret
GvEvIbW endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
GvEvIvD proc near
call get_modregrm
lea edx,T_DWordRegs
mov al,2
call outrm2
mov al,2
call out_imm
ret
GvEvIvD endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
GvEvIbD proc near
call get_modregrm
lea edx,T_DWordRegs
mov al,2
call outrm3
mov al,0
call out_imm
ret
GvEvIbD endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
out_imm proc near
cmp al,2
jz out_immdword
cmp al,0
jnz out_immword
jmp immbyte
out_imm endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
out_imms proc near
cmp al,2
jz out_immdword
cmp al,0
jnz out_immword
jmp out_immbytes
out_imms endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
immbyte proc near
jmp out_immbyte
immbyte endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
out_immbyte proc near
mov al,','
stosb
jmp immbyte2
out_immbyte endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
out_immbytes proc near
mov al,','
stosb
jmp immbyte2s
out_immbytes endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
SetInt proc near
mov ReturnCode,RetCode_INT
ret
SetInt endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
SetInt2 proc near
call immbyte2
call SetInt
ret
SetInt2 endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
immbyte2 proc near
mov al,fs:[esi]
inc esi
mov ecx,2
mov dx,0
call SymbolBin2Hex
mov es:b[edi],0
ret
immbyte2 endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
immbyte2s proc near
movsx eax,fs:b[esi]
inc esi
mov ecx,8
mov dx,0
call SymbolBin2Hex
mov es:b[edi],0
ret
immbyte2s endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
LodsSegb proc near
mov eaMode,1
jmp LodsSeg
LodsSegb endp
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -