📄 disas.asm
字号:
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
LodsSegw proc near
mov eaMode,2
jmp LodsSeg
LodsSegw endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
LodsSegd proc near
mov eaMode,4
jmp LodsSeg
LodsSegd endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
LodsSeg proc near
or eaMode,128
mov eaReg,6+1 ;SI
mov eaSeg,0
test Use32Bit,2
jz @@16_0
or eaReg,128
@@16_0: call ea2Real
mov dTargetEIP,eax ;setup for execution.
mov dTargetCS,cx
;
cmp SegOver_T,0
jz @@0
pushm eax,esi
mov esi,SegOver_T
@@2: movsb
cmp b[esi-1],0
jnz @@2
dec edi
mov al,':'
stosb
mov es:b[edi],0
popm eax,esi
@@0: ret
LodsSeg endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
stosSegb proc near
mov eaMode,1
jmp stosSeg
stosSegb endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
stosSegw proc near
mov eaMode,2
jmp stosSeg
stosSegw endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
stosSegd proc near
mov eaMode,4
jmp stosSeg
stosSegd endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
stosSeg proc near
or eaMode,128
mov eaReg,7+1 ;DI
mov eaSeg,0+1
test Use32Bit,2
jz @@16_0
or eaReg,128
@@16_0: call ea2Real
mov dTargetEIP,eax ;setup for execution.
mov dTargetCS,cx
ret
stosSeg endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
movsSegb proc near
mov eaMode,1
jmp movsSeg
movsSegb endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
movsSegw proc near
mov eaMode,2
jmp movsSeg
movsSegw endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
movsSegd proc near
mov eaMode,4
jmp movsSeg
movsSegd endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
movsSeg proc near
mov ReturnCode,RetCode_MOVS
;
or eaMode,128
mov al,eaSeg
push eax
mov eaSeg,1
mov eaReg,7+1 ;DI
test Use32Bit,2
jz @@16_0
or eaReg,128
@@16_0: call ea2Real
mov dTargetEIP2,eax ;setup for execution.
mov dTargetCS2,cx
pop eax
mov eaSeg,al
;
cmp eaSeg,0
jnz @@16_2
mov eaSeg,1
@@16_2: mov eaReg,6+1 ;SI
test Use32Bit,2
jz @@16_1
or eaReg,128
@@16_1: call ea2Real
mov dTargetEIP,eax ;setup for execution.
mov dTargetCS,cx
;
cmp SegOver_T,0
jz @@0
pushm eax,esi
mov esi,SegOver_T
@@2: movsb
cmp b[esi-1],0
jnz @@2
dec edi
mov al,':'
stosb
mov es:b[edi],0
popm eax,esi
@@0: ret
movsSeg endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
IMMWORD proc near
jmp out_immword
IMMWORD endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
out_immword proc near
mov al,','
stosb
jmp immword2
out_immword endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
W_RETFnn proc near
call immword2
mov ReturnCode,RetCode_RETFnn
ret
W_RETFnn endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
W_RETnn proc near
call immword2
mov ReturnCode,RetCode_RETnn
ret
W_RETnn endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
immword2 proc near
movzx eax,fs:w[esi]
mov eaOffset,eax
add esi,2
mov ecx,4
mov dx,0
call SymbolBin2Hex
mov es:b[edi],0
ret
immword2 endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
IMMDWORD proc near
jmp out_immdword
IMMDWORD endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
out_immdword proc near
mov al,','
stosb
jmp immdword2
out_immdword endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
D_RETnn proc near
call immword2
mov ReturnCode,RetCode_RETnn32
ret
D_RETnn endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
D_RETFnn proc near
call immword2
mov ReturnCode,RetCode_RETFnn32
ret
D_RETFnn endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
F_RETFnn proc near
call immword2
mov ReturnCode,RetCode_RETFnn32
ret
F_RETFnn endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
immdword2 proc near
mov eax,fs:[esi]
mov eaOffset,eax
add esi,4
mov ecx,8
mov dx,0
call SymbolBin2Hex
mov es:b[edi],0
ret
immdword2 endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
IMMWORDBYTE proc near
mov ax,fs:[esi]
add esi,2
mov ecx,4
mov dx,0
call SymbolBin2Hex
mov al,','
stosb
mov al,fs:[esi]
inc esi
mov ecx,2
mov dx,0
call SymbolBin2Hex
mov es:b[edi],0
ret
IMMWORDBYTE endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
NONE proc near
ret
NONE endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
SEGOVER proc near
push esi
movzx esi,fs:b[esi-1]
shr esi,3
and esi,3
push ax
mov ax,si
mov eaSeg,al
inc eaSeg
pop ax
shl esi,2
add esi,offset T_SegRegs
mov esi,[esi]
mov SegOver_T,esi
pop esi
mov AnotherOpCode,1
ret
SEGOVER endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
SegOverFS proc near
mov eax,offset T_FS
mov SegOver_T,eax
mov eaSeg,4+1
mov AnotherOpCode,1
ret
SegOverFS endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
SegOverGS proc near
mov eax,offset T_GS
mov SegOver_T,eax
mov eaSeg,5+1
mov AnotherOpCode,1
ret
SegOverGS endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
DoOpsize proc near
mov ah,In32Bit
and ah,255-1
mov al,Use32Bit
and al,1
xor al,1
or al,ah
mov In32Bit,al
mov AnotherOpCode,1
ret
DoOpsize endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
DoAddsize proc near
mov ah,In32Bit
and ah,255-2
mov al,Use32Bit
and al,2
xor al,2
or al,ah
mov In32Bit,al
mov AnotherOpCode,1
ret
DoAddsize endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
DODISPB_C proc near
call DODISPB
mov ReturnCode,RetCode_CALL
ret
DODISPB_C endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
DODISPB_J proc near
call DODISPB
mov ReturnCode,RetCode_JMP
ret
DODISPB_J endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
DODISPB proc near
movsx eax,fs:b[esi]
inc esi
add eax,esi
mov ReturnCode,RetCode_Jcc
mov dTargetEIP,eax
mov ecx,4
test In32Bit,1
jz @@0
mov ecx,8
@@0: mov dx,RealFS
mov dTargetCS,dx
call SymbolBin2Hex
mov es:b[edi],0
ret
DODISPB endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
DODISPW_C proc near
call DODISPW
mov ReturnCode,RetCode_CALL
ret
DODISPW_C endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
DODISPW_J proc near
call DODISPW
mov ReturnCode,RetCode_JMP
ret
DODISPW_J endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
DODISPW proc near
mov eax,esi
mov ax,fs:w[esi]
add esi,2
add ax,si
mov dTargetEIP,eax
mov ReturnCode,RetCode_Jcc
mov ecx,4
mov dx,RealFS
mov dTargetCS,dx
call SymbolBin2Hex
mov es:b[edi],0
ret
DODISPW endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
DODISPD_C proc near
call DODISPD
mov ReturnCode,RetCode_CALL
ret
DODISPD_C endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
DODISPD_J proc near
call DODISPD
mov ReturnCode,RetCode_JMP
ret
DODISPD_J endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
DODISPD proc near
mov eax,fs:d[esi]
add esi,4
add eax,esi
mov dTargetEIP,eax
mov ReturnCode,RetCode_Jcc
mov ecx,8
mov dx,RealFS
mov dTargetCS,dx
call SymbolBin2Hex
mov es:b[edi],0
ret
DODISPD endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
EXTINST proc near
mov ebp,ds:xxh_extended[ebp] ;get other table address.
movzx eax,fs:b[esi]
mov ch,al
mov bl,al
mov cl,6
shr ch,cl
and ch,3
and bl,7
xor ah,ah
and al,38h
shr eax,3
mov AnotherTable,1
ret
EXTINST endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
LoseByte proc near
inc esi
ret
LoseByte endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
Invalid proc near
mov ReturnCode,Retcode_INV
ret
Invalid endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
ExtInst0F proc near
mov ebp,ds:xxh_extended[ebp] ;get other table address.
movzx eax,fs:b[esi]
shr eax,4 ;lose low nibble.
mov ebp,ds:[ebp+eax*4] ;get new table address.
or ebp,ebp ;anything there?
jnz @@0
;
push esi
mov esi,offset T_INV ;better do something.
@@1: movsb
cmp b[esi-1],0
jnz @@1
mov es:b[edi],0
pop esi
inc esi ;skip this byte.
mov ReturnCode,Retcode_INV
ret
;
@@0: movzx eax,fs:b[esi]
and eax,0fh ;make sure only lower nibble counts.
inc esi
mov AnotherTable,1
ret
ExtInst0F endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
SEGRM proc near
mov eaMode,2
call get_modregrm
push esi
and bh,7
movzx esi,bh
cmp bh,2 ;SS?
jnz @@NotSS
mov ReturnCode,RetCode_SS ;Flag skip next as well.
@@NotSS: shl esi,2
add esi,offset T_SegRegs
mov esi,[esi]
@@0: movsb
cmp b[esi-1],0
jnz @@0
mov es:b[edi-1],','
mov es:b[edi],0
pop esi
mov al,1
call out_ea
ret
SEGRM endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
INTERAD_J proc near
call do_interseg
mov ReturnCode,RetCode_JMP
ret
interad_J endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
INTERAD_C proc near
call do_interseg
mov ReturnCode,RetCode_CALL
ret
interad_C endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
do_interseg proc near
test In32Bit,1
jnz @@Use32_0
movzx eax,fs:w[esi] ;Get segment.
mov bx,fs:[esi+2]
add esi,4
jmp @@0
@@Use32_0: mov eax,fs:[esi+0]
mov bx,fs:[esi+4]
add esi,6
@@0: ;
mov dTargetEIP,eax
mov dTargetCS,bx
;
pushm eax,ebx
mov ax,bx
mov ecx,4
call Bin2Hex
mov al,':'
stosb
popm eax,ebx
mov ecx,4
test In32Bit,1
jz @@Use32_1
mov ecx,8
@@Use32_1: mov dx,bx
call SymbolBin2Hex
mov es:b[edi],0
ret
do_interseg endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
MEMACB proc near
mov eaMode,1
mov al,','
stosb
call outmem
ret
MEMACB endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
MEMACW proc near
mov eaMode,2
mov al,','
stosb
call outmem
ret
MEMACW endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
MEMACD proc near
mov eaMode,4
mov al,','
stosb
call outmem
ret
MEMACD endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
ACMEMB proc near
mov eaMode,1
call outmem
mov al,','
stosb
push esi
lea esi,T_AL
@@0: movsb
cmp b[esi-1],0
jnz @@0
dec edi
pop esi
ret
ACMEMB endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
ACMEMW proc near
mov eaMode,2
call outmem
mov al,','
stosb
push esi
lea esi,T_AX
@@0: movsb
cmp b[esi-1],0
jnz @@0
dec edi
pop esi
ret
ACMEMW endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
ACMEMD proc near
mov eaMode,4
call outmem
mov al,','
stosb
push esi
lea esi,T_EAX
@@0: movsb
cmp b[esi-1],0
jnz @@0
dec edi
pop esi
ret
ACMEMD endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
PORTIN proc near
call SetInOut
call IMMBYTE
ret
PORTIN endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
PORTOUTB proc near
call SetInOut
lea eax,T_AL
call pow2
ret
PORTOUTB endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
PORTOUTW proc near
call SetInOut
lea eax,T_AX
test In32Bit,1
jz pow2
mov eax,offset T_EAX
jmp pow2
PORTOUTW endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
pow2 proc near
push eax
call immbyte2
mov al,','
stosb
pop eax
push esi
mov esi,eax
@@0: movsb
cmp b[esi-1],0
jnz @@0
dec edi
pop esi
ret
pow2 endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
ANOTHER proc near
mov AnotherOpCode,1
ret
ANOTHER endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
UmREP proc near
mov al,'e'
mov ebx,esi
cmp fs:b[esi],66h
jz @@1
cmp fs:b[esi],67h
jnz @@2
@@1: inc ebx
@@2: cmp fs:b[ebx],0a6h
jz @@0
cmp fs:b[ebx],0a7h
jz @@0
cmp fs:b[ebx],0aeh
jz @@0
cmp fs:b[ebx],0afh
jz @@0
mov al,' '
@@0: stosb
mov al,' '
stosb
stosb
mov es:b[edi],0
mov AnotherOpCode,1
ret
UmREP endp
;==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==
RMIMMBN proc near
mov eaMode,1
call get_modregrm
mov al,0
call out_ea
mov al,0
call out_imm
ret
RMIMMBN endp
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -