📄 useful.inc
字号:
struc IMAGE_DOS_HEADER
{
.MZ_magic dw ?
.MZ_cblp dw ?
.MZ_cp dw ?
.MZ_crlc dw ?
.MZ_cparhdr dw ?
.MZ_minalloc dw ?
.MZ_maxalloc dw ?
.MZ_ss dw ?
.MZ_sp dw ?
.MZ_csum dw ?
.MZ_ip dw ?
.MZ_cs dw ?
.MZ_lfarlc dw ?
.MZ_ovno dw ?
.MZ_res: times 4 dw ?
.MZ_oemid dw ?
.MZ_oeminfo dw ?
.MZ_res2: times 10 dw ?
.MZ_lfanew dd ?
.size = $-.MZ_magic
}
virtual at 0
vImageDosHeader IMAGE_DOS_HEADER
end virtual
struc IMAGE_FILE_HEADER
{
.FH_Machine dw ?
.FH_NumberOfSections dw ?
.FH_TimeDateStamp dd ?
.FH_PointerToSymbolTable dd ?
.FH_NumberOfSymbols dd ?
.FH_SizeOfOptionalHeader dw ?
.FH_Characteristics dw ?
.size = $-.FH_Machine
}
virtual at 0
vImageFileHeader IMAGE_FILE_HEADER
end virtual
; FH_Machine valuez...
IMAGE_FILE_MACHINE_UNKNOWN equ 0
IMAGE_FILE_MACHINE_I386 equ 14Ch ; Intel 386
IMAGE_FILE_MACHINE_R3000 equ 162h ; MIPS L-endian, 0160h B-endian
IMAGE_FILE_MACHINE_R4000 equ 166h ; MIPS L-endian
IMAGE_FILE_MACHINE_R10000 equ 168h ; MIPS L-endian
IMAGE_FILE_MACHINE_ALPHA equ 184h ; Alpha_AXP
IMAGE_FILE_MACHINE_POWERPC equ 1F0h ; IBM PowerPC L-Endian
; FH_Characteristics valuez...
IMAGE_FILE_RELOCS_STRIPPED equ 0001h ; Relocation info stripped from file
IMAGE_FILE_EXECUTABLE_IMAGE equ 0002h ; File is executable (i.e. no unresolved external references)
IMAGE_FILE_LINE_NUMS_STRIPPED equ 0004h ; Line numbers stripped from file
IMAGE_FILE_LOCAL_SYMS_STRIPPED equ 0008h ; Local symbols stripped from file
;MAGE_FILE_MINIMAL_OBJECT equ 0010h ; Reserved
;MAGE_FILE_UPDATE_OBJECT equ 0020h ; Reserved
;MAGE_FILE_16BIT_MACHINE equ 0040h ; 16 bit word machine
IMAGE_FILE_BYTES_REVERSED_LO equ 0080h ; Bytes of machine word are reversed
IMAGE_FILE_32BIT_MACHINE equ 0100h ; 32 bit word machine
IMAGE_FILE_DEBUG_STRIPPED equ 0200h ; Debugging info stripped from file in .DBG file
;MAGE_FILE_PATCH equ 0400h ; Reserved
IMAGE_FILE_SYSTEM equ 1000h ; System File
IMAGE_FILE_DLL equ 2000h ; File is a DLL
IMAGE_FILE_BYTES_REVERSED_HI equ 8000h ; Bytes of machine word are reversed
struc IMAGE_DATA_DIRECTORY
{
.DD_VirtualAddress dd ?
.DD_Size dd ?
.size = $-.DD_VirtualAddress
}
virtual at 0
vImageDataDirectory IMAGE_DATA_DIRECTORY
end virtual
struc IMAGE_OPTIONAL_HEADER
{
.OH_Magic dw ?
.OH_MajorLinkerVersion db ?
.OH_MinorLinkerVersion db ?
.OH_SizeOfCode dd ?
.OH_SizeOfInitializedData dd ?
.OH_SizeOfUninitializedData dd ?
.OH_AddressOfEntryPoint dd ?
.OH_BaseOfCode dd ?
.OH_BaseOfData dd ?
.OH_ImageBase dd ?
.OH_SectionAlignment dd ?
.OH_FileAlignment dd ?
.OH_MajorOperatingSystemVersion dw ?
.OH_MinorOperationSystemVersion dw ?
.OH_MajorImageVersion dw ?
.OH_MinorImageVersion dw ?
.OH_MajorSubsystemVersion dw ?
.OH_MinorSubsystemVersion dw ?
.OH_Win32VersionValue dd ?
.OH_SizeOfImage dd ?
.OH_SizeOfHeaders dd ?
.OH_CheckSum dd ?
.OH_Subsystem dw ?
.OH_DllCharacteristics dw ?
.OH_SizeOfStackReserve dd ?
.OH_SizeOfStackCommit dd ?
.OH_SizeOfHeapReserve dd ?
.OH_SizeOfHeapCommit dd ?
.OH_LoaderFlags dd ?
.OH_NumberOfRvaAndSizes dd ?
.OH_DataDirectory: times 32 dd ?
.size = $-.OH_Magic
}
virtual at 0
vImageOptionalHeader IMAGE_OPTIONAL_HEADER
end virtual
; OH_Subsystem valuez...
IMAGE_SUBSYSTEM_UNKNOWN equ 0 ; Unknown subsystem
IMAGE_SUBSYSTEM_NATIVE equ 1 ; Image doesn't require a subsystem
IMAGE_SUBSYSTEM_WINDOWS_GUI equ 2 ; Image runs in the Windows GUI subsystem
IMAGE_SUBSYSTEM_WINDOWS_CUI equ 3 ; Image runs in the Windows character subsystem
IMAGE_SUBSYSTEM_OS2_CUI equ 5 ; Image runs in the OS/2 character subsystem
IMAGE_SUBSYSTEM_POSIX_CUI equ 7 ; Image run in the Posix character subsystem
; OH_DataDirectory index valuez...
IMAGE_DIRECTORY_ENTRY_EXPORT equ 0 ; Export Directory
IMAGE_DIRECTORY_ENTRY_IMPORT equ 1 ; Import Directory
IMAGE_DIRECTORY_ENTRY_RESOURCE equ 2 ; Resource Directory
IMAGE_DIRECTORY_ENTRY_EXCEPTION equ 3 ; Exception Directory
IMAGE_DIRECTORY_ENTRY_SECURITY equ 4 ; Security Directory
IMAGE_DIRECTORY_ENTRY_BASERELOC equ 5 ; Base Relocation Table
IMAGE_DIRECTORY_ENTRY_DEBUG equ 6 ; Debug Directory
IMAGE_DIRECTORY_ENTRY_COPYRIGHT equ 7 ; Description String
IMAGE_DIRECTORY_ENTRY_GLOBALPTR equ 8 ; Machine Value (MIPS GP)
IMAGE_DIRECTORY_ENTRY_TLS equ 9 ; TLS Directory
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG equ 10 ; Load Configuration Directory
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT equ 11 ; Bound Import Directory in headers
IMAGE_DIRECTORY_ENTRY_IAT equ 12 ; Import Address Table
struc IMAGE_DIRECTORY_ENTRIES
{
.DE_Export IMAGE_DATA_DIRECTORY
.DE_Import IMAGE_DATA_DIRECTORY
.DE_Resource IMAGE_DATA_DIRECTORY
.DE_Exception IMAGE_DATA_DIRECTORY
.DE_Security IMAGE_DATA_DIRECTORY
.DE_BaseReloc IMAGE_DATA_DIRECTORY
.DE_Debug IMAGE_DATA_DIRECTORY
.DE_Copyright IMAGE_DATA_DIRECTORY
.DE_GlobalPtr IMAGE_DATA_DIRECTORY
.DE_TLS IMAGE_DATA_DIRECTORY
.DE_LoadConfig IMAGE_DATA_DIRECTORY
.DE_BoundImport IMAGE_DATA_DIRECTORY
.DE_IAT IMAGE_DATA_DIRECTORY
}
virtual at 0
vImageDirectoryEntries IMAGE_DIRECTORY_ENTRIES
end virtual
struc IMAGE_NT_HEADER
{
.NT_Signature dd ?
.NT_FileHeader IMAGE_FILE_HEADER
.NT_OptionalHeader IMAGE_OPTIONAL_HEADER
.size = $-.NT_Signature
}
virtual at 0
vImageNtHeader IMAGE_NT_HEADER
end virtual
struc IMAGE_SECTION_HEADER
{
.SH_Name: times 8 db ?
.SH_VirtualSize dd ?
.SH_VirtualAddress dd ?
.SH_SizeOfRawData dd ?
.SH_PointerToRawData dd ?
.SH_PointerToRelocations dd ?
.SH_PointerToLinenumbers dd ?
.SH_NumberOfRelocations dw ?
.SH_NumberOfLinenumbers dw ?
.SH_Characteristics dd ?
.size = $-.SH_Name
}
virtual at 0
pImageSectionHeader IMAGE_SECTION_HEADER
end virtual
; SH_Characteristics valuez...
;MAGE_SCN_TYPE_REG equ 00000000h ; Reserved
;MAGE_SCN_TYPE_REGULAR equ 00000000h ; Reserved
;MAGE_SCN_TYPE_DSECT equ 00000001h ; Reserved
;MAGE_SCN_TYPE_DUMMY equ 00000001h ; Reserved
;MAGE_SCN_TYPE_NOLOAD equ 00000002h ; Reserved
;MAGE_SCN_TYPE_NO_LOAD equ 00000002h ; Reserved
;MAGE_SCN_TYPE_GROUP equ 00000004h ; Reserved. Used for 16-bit offset code
;MAGE_SCN_TYPE_GROUPED equ 00000004h ; Reserved. Used for 16-bit offset code
IMAGE_SCN_TYPE_NO_PAD equ 00000008h ; Reserved
;MAGE_SCN_TYPE_COPY equ 00000010h ; Reserved
IMAGE_SCN_CNT_CODE equ 00000020h ; Section contains code.
IMAGE_SCN_CNT_INITIALIZED_DATA equ 00000040h ; Section contains initialized data.
IMAGE_SCN_CNT_UNINITIALIZED_DATA equ 00000080h ; Section contains uninitialized data.
IMAGE_SCN_LNK_OTHER equ 00000100h ; Reserved.
IMAGE_SCN_LNK_INFO equ 00000200h ; Section contains comments or some other type of information.
;MAGE_SCN_TYPE_OVER equ 00000400h ; Reserved. Section contains an overlay.
;MAGE_SCN_LNK_OVERLAY equ 00000400h ; Reserved. Section contains an overlay.
IMAGE_SCN_LNK_REMOVE equ 00000800h ; Section contents will not become part of image.
IMAGE_SCN_LNK_COMDAT equ 00001000h ; Section contents comdat.
; equ 00002000h ; Reserved.
;MAGE_SCN_MEM_PROTECTED equ 00004000h ; Obsolete.
IMAGE_SCN_MEM_FARDATA equ 00008000h
;MAGE_SCN_MEM_SYSHEAP equ 00010000h ; Obsolete.
IMAGE_SCN_MEM_PURGEABLE equ 00020000h
IMAGE_SCN_MEM_16BIT equ 00020000h
IMAGE_SCN_MEM_LOCKED equ 00040000h
IMAGE_SCN_MEM_PRELOAD equ 00080000h
IMAGE_SCN_ALIGN_1BYTES equ 00100000h
IMAGE_SCN_ALIGN_2BYTES equ 00200000h
IMAGE_SCN_ALIGN_4BYTES equ 00300000h
IMAGE_SCN_ALIGN_8BYTES equ 00400000h
IMAGE_SCN_ALIGN_16BYTES equ 00500000h ; Default alignment if no others are specified.
IMAGE_SCN_ALIGN_32BYTES equ 00600000h
IMAGE_SCN_ALIGN_64BYTES equ 00700000h
; equ 00800000h ; Unused.
IMAGE_SCN_LNK_NRELOC_OVFL equ 01000000h ; Section contains extended relocations.
IMAGE_SCN_MEM_DISCARDABLE equ 02000000h ; Section can be discarded.
IMAGE_SCN_MEM_NOT_CACHED equ 04000000h ; Section is not cachable.
IMAGE_SCN_MEM_NOT_PAGED equ 08000000h ; Section is not pageable.
IMAGE_SCN_MEM_SHARED equ 10000000h ; Section is shareable.
IMAGE_SCN_MEM_EXECUTE equ 20000000h ; Section is executable.
IMAGE_SCN_MEM_READ equ 40000000h ; Section is readable.
IMAGE_SCN_MEM_WRITE equ 80000000h ; Section is writeable.
struc IMAGE_IMPORT_DESCRIPTOR
{
.ID_OriginalFirstThunk dd ?
.ID_TimeDataStamp dd ?
.ID_ForwarderChain dd ?
.ID_Name dd ?
.ID_FirstThunk dd ?
.size = $-.ID_OriginalFirstThunk
}
virtual at 0
vImageImportDescriptor IMAGE_IMPORT_DESCRIPTOR
end virtual
struc IMAGE_IMPORT_BY_NAME
{
.IBN_Hint dw ?
.IBM_Name db ?
.size = $-.IBN_Hint
}
virtual at 0
vImageImportByName IMAGE_IMPORT_BY_NAME
end virtual
struc IMAGE_EXPORT_DIRECTORY
{
.ED_Characteristics dd ?
.ED_TimeDataStamp dd ?
.ED_MajorVersion dw ?
.ED_MinorVersion dw ?
.ED_Name dd ?
.ED_Base dd ?
.ED_NumberOfFunctions dd ?
.ED_NumberOfNames dd ?
.ED_AddressOfFunctions dd ?
.ED_AddressOfNames dd ?
.ED_AddressOfOrdinanls dd ?
.size = $-.ED_Characteristics
}
virtual at 0
vImageExportDirectory IMAGE_EXPORT_DIRECTORY
end virtual
;
; GetOpenFileName related...
;
; OPENFILENAME structure
struc OPENFILENAME
{
.OFN_lStructSize dd ?
.OFN_hWndOwner dd ?
.OFN_hInstance dd ?
.OFN_lpstrFilter dd ?
.OFN_lpstrCustomFilter dd ?
.OFN_nMaxCustFilter dd ?
.OFN_nFilterIndex dd ?
.OFN_lpstrFile dd ?
.OFN_nMaxFile dd ?
.OFN_lpstrFileTitle dd ?
.OFN_nMaxFileTitle dd ?
.OFN_lpstrInitialDir dd ?
.OFN_lpstrTitle dd ?
.OFN_Flags dd ?
.OFN_nFileOffset dw ?
.OFN_nFileExtension dw ?
.OFN_lpstrDefExt dd ?
.OFN_lCustData dd ?
.OFN_lpfnHook dd ?
.OFN_lpTemplateName dd ?
.size = $-.OFN_lStructSize
}
virtual at 0
vOpenFileName OPENFILENAME
end virtual
; constantz...
OFN_ALLOWMULTISELECT equ 00000200h
OFN_CREATEPROMPT equ 00002000h
OFN_ENABLEHOOK equ 00000020h
OFN_ENABLETEMPLATE equ 00000040h
OFN_ENABLETEMPLATEHANDLE equ 00000080h
OFN_EXPLORER equ 00080000h
OFN_EXTENSIONDIFFERENT equ 00000400h
OFN_FILEMUSTEXIST equ 00001000h
OFN_HIDEREADONLY equ 00000004h
OFN_LONGNAMES equ 00200000h
OFN_NOCHANGEDIR equ 00000008h
OFN_NODEREFERENCELINKS equ 00100000h
OFN_NOLONGNAMES equ 00040000h
OFN_NONETWORKBUTTON equ 00020000h
OFN_NOREADONLYRETURN equ 00008000h
OFN_NOTESTFILECREATE equ 00010000h
OFN_NOVALIDATE equ 00000100h
OFN_OVERWRITEPROMPT equ 00000002h
OFN_PATHMUSTEXIST equ 00000800h
OFN_READONLY equ 00000001h
OFN_SHAREAWARE equ 00004000h
OFN_SHOWHELP equ 00000010h
OFN_SHAREFALLTHROUGH equ 2
OFN_SHARENOWARN equ 1
OFN_SHAREWARN equ 0
;
; constanz for SetFilePointer
;
FILE_BEGIN equ 0
FILE_CURRENT equ 1
FILE_END equ 2
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -