📄 asmshow.pas
字号:
ProcCB.ItemIndex:=ProcCB.Items.IndexOf('Proc_'+rva);
SelectNode;
End;
End;
End
Else Begin
// Not a call. Test if it is jump
//
// 12345678901234567890123456789012345678901234567890
// 1 2 3 4
// xxxxxxxx yyyyyy jmp zzzzzzzz
// 0044C7AA 0F8C91010000 jl 0044C941
rva:=Trim(Copy(s,35,3));
if IsJumpInstruction(rva) then
begin
wLineNum:=MakeLong(ASMList.ItemIndex,ASMList.TopIndex);
rva:=Copy(s+#32,43,9); if rva[1]='$' then rva:=Copy(rva,2,8);
TruncAll(rva);
if rva='dword ptr' then exit;
if OffsetInSameProc(rva)
then begin _GotoLine(rva); exit; end
else If MessageDlg('The offset '+rva+' is not in this proc. Disassemble ?',mtConfirmation,[mbYes,mbNo],0)=mrNo then Exit;
If (Length(rva)>1) and (rva[1] in ['0'..'9']) Then
Begin
Screen.Cursor:=crHourGlass;
Try
DisAsm(rva, False);
Finally
Screen.Cursor:=crDefault;
End;
If ProcCB.Items.IndexOf('Proc_'+rva)=-1
Then Begin
ProcCB.Items.Add('Proc_'+rva);
ProcRVA.Items.Add(rva);
Caption:='Proc_'+rva;
ProcCB.ItemIndex:=ProcCB.Items.IndexOf('Proc_'+rva);
node:=ProcTree.Items.AddChild(ProcTree.Selected,'Proc_'+rva);
node.ImageIndex:=1;
node.Parent.Expand(False);
node.Data:=Pointer(0);
ProcTree.Selected.Data:=Pointer(wLineNum);
ProcTree.OnChange:=nil;
Try
ProcTree.Selected:=node;
Finally
ProcTree.OnChange:=ProcTreeChange;
End;
End
Else Begin
ProcCB.ItemIndex:=ProcCB.Items.IndexOf('Proc_'+rva);
SelectNode;
End;
End;
end
else CommentBtnClick(self);
End;
end;
procedure TASMShowForm.PrevBtnClick(Sender: TObject);
begin
If ProcTree.Selected=nil Then Exit;
If ProcTree.Selected.Parent=nil Then Exit;
ProcTree.Selected:=ProcTree.Selected.Parent;
end;
procedure TASMShowForm.ProcCBChange(Sender: TObject);
var rva : String;
begin
rva:=ProcRVA.Items[ProcCB.ItemIndex];
Screen.Cursor:=crHourGlass;
Try
DisAsm(rva, True);
Finally
Screen.Cursor:=crDefault;
SelectNode;
End;
end;
procedure TASMShowForm.NextBtnClick(Sender: TObject);
var inst : TTreeNode;
begin
If ProcCB.ItemIndex<ProcCB.Items.Count-1
Then Begin
ProcCB.ItemIndex:=ProcCB.ItemIndex+1;
inst:=GetNodeWithCaption(ProcCB.Items[ProcCB.ItemIndex]);
if inst<>nil then wLineNum:=LongInt(inst.Data)
else wLineNum:=0;
ProcCBChange(self);
End;
end;
procedure TASMShowForm.ProcTreeChange(Sender: TObject; Node: TTreeNode);
var s : String;
begin
If ProcTree.Selected=nil Then Exit;
s:=ProcTree.Selected.Text;
wLineNum:=LongInt(ProcTree.Selected.Data);
ProcCB.ItemIndex:=ProcCB.Items.IndexOf(s);
ProcCBChange(self);
end;
procedure TASMShowForm.FormClose(Sender: TObject;
var Action: TCloseAction);
begin
ProcTree.OnChange:=nil;
ProcTree.OnClick:=nil;
Try
ProcTree.Items.Clear;
ClearDASMListings;
Finally
ProcTree.OnChange:=ProcTreeChange;
ProcTree.OnClick:=ProcTreeClick;
End;
end;
procedure TASMShowForm.ProcTreeClick(Sender: TObject);
var s : String;
begin
If ProcTree.Selected=nil Then Exit;
s:=ProcTree.Selected.Text;
wLineNum:=LongInt(ProcTree.Selected.Data);
ProcCB.ItemIndex:=ProcCB.Items.IndexOf(s);
ProcCBChange(self);
end;
procedure TASMShowForm.FormShow(Sender: TObject);
var inst : TStringList;
iPos : Integer;
begin
ProcTree.OnChange:=nil;
Try
ProcTree.Selected:=ProcTree.TopItem;
inst:=TStringList.Create;
inst.Assign(ASMlist.Items);
if inst.Count=0 then inst.Add('00000666 Blah');
DASMListings.Add(inst);
DASMIndex.Add(Copy(inst[0],1,8));
iPos:=Pos('.',Caption);
DASMInitEmulData.Add('EAX='+Copy(Caption,1,iPos-1)+',ECX=,EDX=,EBX=,ESI=,EDI=');
SetEmulParams('EAX='+Copy(Caption,1,iPos-1)+',ECX=,EDX=,EBX=,ESI=,EDI=');
InitRegGrp.Tag:=DASMInitEmulData.Count-1;
SBar.Panels[0].Text:=' '+DeDeMainForm.ProjectNameLbl.Caption;
Finally
ProcTree.OnChange:=ProcTreeChange;
End;
end;
procedure TASMShowForm.SelectNode;
var i : Integer;
s : String;
begin
ProcTree.OnChange:=nil;
ProcTree.OnClick:=nil;
Try
s:=ProcCB.Items[ProcCB.ItemIndex];
For i:=0 To ProcTree.Items.Count-1 Do
If ProcTree.Items.Item[i].Text=s Then
Begin
ProcTree.Selected:=ProcTree.Items.Item[i];
break;
End;
Finally
ProcTree.OnChange:=ProcTreeChange;
ProcTree.OnClick:=ProcTreeClick;
End;
end;
function TASMShowForm.GetNodeWithCaption(sCap : String) : TTreeNode;
var i : Integer;
begin
Result:=nil;
ProcTree.OnChange:=nil;
ProcTree.OnClick:=nil;
Try
For i:=0 To ProcTree.Items.Count-1 Do
If ProcTree.Items.Item[i].Text=sCap Then
Begin
Result:=ProcTree.Items.Item[i];
break;
End;
Finally
ProcTree.OnChange:=ProcTreeChange;
ProcTree.OnClick:=ProcTreeClick;
End;
end;
procedure TASMShowForm.CopyBtnClick(Sender: TObject);
var i : Integer;
s : String;
begin
s:='';
For i:=0 To ASMList.Items.Count-1 Do
If ASMList.Selected[i] Then s:=s+ASMList.Items[i]+#13#10;
If s<>'' Then ClipBoard.AsText:=s;
end;
procedure TASMShowForm.ASMListDrawItem(Control: TWinControl;
Index: Integer; Rect: TRect; State: TOwnerDrawState);
var C1,C2,C3,C4,C5,C6 : DWORD;
q, r, s : String;
i : integer;
begin
s := ASMList.Items[Index];
i := Length(s) * (Control as TListBox).Canvas.Font.Size;
if i > AsmList.ScrollWidth then AsmList.ScrollWidth := i;
With (Control as TListBox).Canvas Do
Begin
If odSelected in State
Then Begin
C1:=clWhite;
C2:=clGreen xor $00FFFFFF;
C3:=clRed xor $00FFFFFF;
C4:=clBlue xor $00FFFFFF;
C5:=clNavy xor $00FFFFFF;
C6:=clMaroon xor $00FFFFFF;
End
Else Begin
C1:=clBlack;
C2:=clGreen;
C3:=clRed;
C4:=clBlue;
C5:=clNavy;
C6:=clMaroon;
End;
// the normal color is black
(Control as TListBox).Canvas.Font.Color:=C1;
// dark blue stuff
If (Pos(sREF_TEXT_END,s)<>0) Then (Control as TListBox).Canvas.Font.Color:=C5;
If (Pos(sREF_TEXT_EXCEPT,s)<>0) Then (Control as TListBox).Canvas.Font.Color:=C5;
If (Pos(sREF_TEXT_FINALLY,s)<>0) Then (Control as TListBox).Canvas.Font.Color:=C5;
If (Pos(sREF_TEXT_TRY,s)<>0) Then (Control as TListBox).Canvas.Font.Color:=C5;
//------------------
// maroon references
//------------------
// possible DOI references
If Pos(sREF_TEXT_POSSIBLE_TO+' ',s)<>0 then (Control as TListBox).Canvas.Font.Color:=C6;
// DOI references
If Pos(sREF_TEXT_REF_TO+' ',s)<>0 then (Control as TListBox).Canvas.Font.Color:=C6;
// for published methods
If Pos(sREF_TEXT_PUBLISHED,s)<>0 Then (Control as TListBox).Canvas.Font.Color:=C6;
// the blue dsf and import functions
If Pos(sREF_TEXT_REF_DSF,s)<>0 Then (Control as TListBox).Canvas.Font.Color:=C4;
If Pos(sREF_TEXT_REF_DSF_OR,s)<>0 then (Control as TListBox).Canvas.Font.Color:=C4;
// some green string references
If Pos(sREF_TEXT_REF_STRING,s)<>0 then (Control as TListBox).Canvas.Font.Color:=C2;
If Pos(sREF_TEXT_REF_STRING_OR,s)<>0 then (Control as TListBox).Canvas.Font.Color:=C2;
LastColor:=(Control as TListBox).Canvas.Font.Color;
FillRect(Rect);
r := (Control as TListBox).Items[Index];
i := Pos('{', r);
if i > 0 then begin
q := Trim(Copy(r, 1, i - 1));
TextOut(Rect.Left + 2, Rect.Top, q);
Delete(r, 1, i - 1);
r := Trim(r);
i := (Control as TListBox).Canvas.Font.Size * (Length(q) - 1);
(Control as TListBox).Canvas.Font.Color := clTeal;
TextOut(Rect.Left + 2 + i, Rect.Top, r);
end else begin
TextOut(Rect.Left + 2, Rect.Top, r);
end; { if }
End;
end;
procedure TASMShowForm.FormCreate(Sender: TObject);
begin
DASMListings:=TList.Create;
DASMIndex:=TStringList.Create;
DASMInitEmulData:=TStringList.Create;
FP.IniFileName:=DeDeReg.GlobDeDeINIFileName;
// Now it is always visible
//AdvancedEmulatorOption1.Visible:=GlobMORE;
end;
procedure TASMShowForm.FormDestroy(Sender: TObject);
begin
DASMInitEmulData.Free;
DASMListings.Free;
DASMIndex.Free;
end;
procedure TASMShowForm.ClearDASMListings;
var i : Integer;
inst : TStringList;
begin
for i:=DASMListings.Count-1 downto 0 Do
begin
inst:=TStringList(DASMListings[i]);
if inst=nil then inst.Free;
end;
DASMIndex.Clear;
DASMListings.Clear;
DASMInitEmulData.Clear;
end;
procedure TASMShowForm.InitEmulationUsingRegisterString(sRegStr : String; sMoreOptions : String);
var EmulData : TStringList;
FsEAXClass : String;
begin
if not GlobBEmulation then Exit;
EmulData:=TStringList.Create;
Try
Try
EmulData.CommaText:=sRegStr;
// Init DeDeDisASM.ClsDmp according to the EAX custom value
FsEAXClass:=EmulData.Values[REGISTERS__[rgEAX]];
if FsEAXClass='' then FsEAXClass:='TObject';
DeDeDisASM.ClsDmp:=DeDeMainForm.ClassesDumper.GetClass(FsEAXClass);
InitNewEmulation('','','','');
SetRegisters(
EmulData.Values[REGISTERS__[rgEAX]],
EmulData.Values[REGISTERS__[rgEBX]],
EmulData.Values[REGISTERS__[rgECX]],
EmulData.Values[REGISTERS__[rgEDX]],
EmulData.Values[REGISTERS__[rgESI]],
EmulData.Values[REGISTERS__[rgEDI]]
);
EmulData.CommaText:=sMoreOptions;
if EmulData.Values['TTL']='' then EmulData.Values['TTL']:='100';
SetEmulationSettings(
EmulData.Values[REGISTERS__[rgEAX]],
EmulData.Values[REGISTERS__[rgEBX]],
EmulData.Values[REGISTERS__[rgECX]],
EmulData.Values[REGISTERS__[rgEDX]],
EmulData.Values[REGISTERS__[rgESI]],
EmulData.Values[REGISTERS__[rgEDI]],
EmulData.Values['TTL']);
Except
ShowMessage('CustomInitEmulation() Failed!');
End;
Finally
EmulData.Free;
End;
end;
procedure TASMShowForm.InitEmul;
begin
FsAdvMore:='';// NO MORE SUPPORTED addEdit.Text;
FsAdvRegs:=Format('EAX=%s,ECX=%s,EDX=%s,EBX=%s,ESI=%s,EDI=%s',
[eaxEdit.Text,ecxEdit.Text,edxEdit.Text,ebxEdit.Text,esiEdit.Text,ediEdit.Text]);
InitEmulationUsingRegisterString(FsAdvRegs,FsAdvMore);
end;
function TASMShowForm.OffsetInSameProc(sOffs: String): Boolean;
var sf,st : String;
begin
Result:=False;
If ASMList.ItemIndex=-1 then exit;
sf:=GetCurrFirstRVA; sf:=Copy(sf,1,8);
st:=ASMList.Items[ASMList.Items.Count-2]; st:=Copy(st,1,8);
Result:=(sOffs>=sf) and (sOffs<=st);
end;
procedure TASMShowForm._GotoLine(sOffs: String; bSaveJump : Boolean = True);
var wLineNum, delta, bck{, bki} : Word;
begin
delta:=(ASMList.TopIndex);
For wLineNum:=0 to ASMList.Items.Count-1 Do
if Copy(ASMList.Items[wLineNum],1,8)=sOffs then
begin
SendMessage(ASMShowForm.ASMList.Handle,
WM_VSCROLL,MakeLong(SB_THUMBPOSITION,wLineNum div MaxWord),0);
With ASMList Do
Begin
bck:=ItemIndex;
ItemIndex:=Word(wLineNum);
Selected[Word(wLineNum)]:=True;
Selected[Word(bck)]:=False;
if bSaveJump then sLastJumpRva:=MakeLong(bck,delta)
else sLastJumpRva:=0;
break;
End;
end;
ASMListClick(self);
end;
procedure TASMShowForm.FindTxtBtnClick(Sender: TObject);
begin
sLastJumpRva:=MakeLong(ASMList.ItemIndex, ASMList.TopIndex);
FindDlg.Execute;
End;
procedure TASMShowForm.ASMListMouseDown(Sender: TObject;
Button: TMouseButton; Shift: TShiftState; X, Y: Integer);
begin
FbShowDSFPattern:=[ssShift,ssCtrl,ssAlt] * Shift = [ssShift,ssCtrl,ssAlt];
if Button=mbRight then
if not FbDRCH then
begin
FbDRCH:=True;
DoubleRightClickTimer.Enabled:=True;
end
else begin
HandleDoubleRightClick;
end;
end;
procedure TASMShowForm.DoubleRightClickTimerTimer(Sender: TObject);
begin
FbDRCH:=False;
DoubleRightClickTimer.Enabled:=False;
end;
procedure TASMShowForm.HandleDoubleRightClick;
begin
if sLastJumpRva<>0 then _GotoLine(sLastJumpRva,False);
end;
procedure TASMShowForm.Close1Click(Sender: TObject);
begin
Close;
end;
procedure TASMShowForm.SelectAll1Click(Sender: TObject);
var i,j : Integer;
begin
ASMList.Items.BeginUpdate;
Try
j:=ASMList.TopIndex;
For i:=0 to ASMList.Items.Count-1 Do ASMList.Selected[i]:=True;
Finally
ASMList.Items.EndUpdate;
SendMessage(ASMShowForm.ASMList.Handle,WM_VSCROLL,MakeLong(SB_THUMBPOSITION,j),0);
End;
end;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -