📄 《加密解密 技术内幕》 完全用vb进行asm编程的示例,加密解密 技术内幕,编释语言_mylove_hack.htm
字号:
href="http://hi.baidu.com/52hack/album">相册</A><SPAN>|</SPAN><A
href="http://hi.baidu.com/52hack/profile">个人档案</A> <SPAN>|</SPAN><A
href="http://hi.baidu.com/52hack/friend">好友</A> </DIV></DIV>
<DIV class=stage>
<DIV class=stagepad>
<DIV style="WIDTH: 100%">
<TABLE class=modth cellSpacing=0 cellPadding=0 width="100%" border=0>
<TBODY>
<TR>
<TD class=modtl width=7> </TD>
<TD class=modtc noWrap>
<DIV class=modhead><SPAN class=modtit>查看文章</SPAN></DIV></TD>
<TD class=modtc noWrap align=right></TD>
<TD class=modtr width=7> </TD></TR></TBODY></TABLE>
<DIV class=modbox id=m_blog>
<DIV class=tit>《加密解密 技术内幕》 完全用VB进行ASM编程的示例,加密解密 技术内幕,编释语言</DIV>
<DIV class=date>2008年06月22日 星期日 下午 08:09</DIV>
<TABLE style="TABLE-LAYOUT: fixed">
<TBODY>
<TR>
<TD>
<DIV class=cnt id=blog_text>下面的例子完全用VB进行ASM编程的示例,本例获得CPU ID.
<BR><BR><BR><BR><BR><BR><BR><BR>工程文件分为一个form1.frm 和一个模块module1.bas
<BR><BR><BR><BR><BR><BR><BR><BR>----------------------form1.frm的源文件---------------------
<BR><BR><BR><BR><BR><BR><BR><BR>VERSION 5.00 <BR><BR><BR><BR>Begin VB.form
form1 <BR><BR><BR><BR>Caption = "form1" <BR><BR><BR><BR>ClientHeight =
1965 <BR><BR><BR><BR>ClientLeft = 60 <BR><BR><BR><BR>ClientTop = 345
<BR><BR><BR><BR>ClientWidth = 3105 <BR><BR><BR><BR>LinkTopic = "form1"
<BR><BR><BR><BR>ScaleHeight = 1965 <BR><BR><BR><BR>ScaleWidth = 3105
<BR><BR><BR><BR>StartUpPosition = 2 ’Bildschirmmitte <BR><BR><BR><BR>Begin
VB.CommandButton Command1 <BR><BR><BR><BR>Caption = "Get CPU Name"
<BR><BR><BR><BR>Height = 495 <BR><BR><BR><BR>Left = 840
<BR><BR><BR><BR>TabIndex = 0 <BR><BR><BR><BR>Top = 315
<BR><BR><BR><BR>Width = 1425 <BR><BR><BR><BR>End <BR><BR><BR><BR>Begin
VB.Label Label2 <BR><BR><BR><BR>Alignment = 2 ’Zentriert
<BR><BR><BR><BR>AutoSize = -1 ’True <BR><BR><BR><BR>BeginProperty Font
<BR><BR><BR><BR>Name = "MS Sans Serif" <BR><BR><BR><BR>Size = 9.75
<BR><BR><BR><BR>Charset = 0 <BR><BR><BR><BR>Weight = 400
<BR><BR><BR><BR>Underline = 0 ’False <BR><BR><BR><BR>Italic = 0 ’False
<BR><BR><BR><BR>Strikethrough = 0 ’False <BR><BR><BR><BR>EndProperty
<BR><BR><BR><BR>Height = 240 <BR><BR><BR><BR>Left = 1515
<BR><BR><BR><BR>TabIndex = 2 <BR><BR><BR><BR>Top = 1065
<BR><BR><BR><BR>Width = 60 <BR><BR><BR><BR>End <BR><BR><BR><BR>Begin
VB.Label Label1 <BR><BR><BR><BR>Alignment = 2 ’Zentriert
<BR><BR><BR><BR>AutoSize = -1 ’True <BR><BR><BR><BR>BeginProperty Font
<BR><BR><BR><BR>Name = "Arial" <BR><BR><BR><BR>Size = 12
<BR><BR><BR><BR>Charset = 0 <BR><BR><BR><BR>Weight = 700
<BR><BR><BR><BR>Underline = 0 ’False <BR><BR><BR><BR>Italic = 0 ’False
<BR><BR><BR><BR>Strikethrough = 0 ’False <BR><BR><BR><BR>EndProperty
<BR><BR><BR><BR>Height = 285 <BR><BR><BR><BR>Left = 1515
<BR><BR><BR><BR>TabIndex = 1 <BR><BR><BR><BR>Top = 1350
<BR><BR><BR><BR>Width = 75 <BR><BR><BR><BR>End <BR><BR><BR><BR>End
<BR><BR><BR><BR>Attribute VB_Name = "form1" <BR><BR><BR><BR>Attribute
VB_GlobalNameSpace = False <BR><BR><BR><BR>Attribute VB_Creatable = False
<BR><BR><BR><BR>Attribute VB_PredeclaredId = True
<BR><BR><BR><BR>Attribute VB_Exposed = False <BR><BR><BR><BR>Option
Explicit <BR><BR><BR><BR><BR><BR><BR><BR>Private Sub
Command1_MouseDown(Button As Integer, Shift As Integer, x As Single, Y As
Single) <BR><BR><BR><BR><BR><BR><BR><BR>Label1 = "" <BR><BR><BR><BR>Label2
= "" <BR><BR><BR><BR><BR><BR><BR><BR>End Sub
<BR><BR><BR><BR><BR><BR><BR><BR>Private Sub Command1_Click()
<BR><BR><BR><BR><BR><BR><BR><BR>Label1 = GetCpuName() & " CPU"
<BR><BR><BR><BR>Label2 = "You have a" & IIf(InStr("AEIOU",
Left$(Label1, 1)), "n", "") <BR><BR><BR><BR><BR><BR><BR><BR>End Sub
<BR><BR><BR><BR>------------------------------end---------------------------------
<BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR>下面是modu1e.bas的源代码
<BR><BR><BR><BR><BR><BR><BR><BR>----------------------module1.bas的源文件--------------------------
<BR><BR><BR><BR>Option Explicit <BR><BR><BR><BR>’ <BR><BR><BR><BR>’This
shows how to incorporate machine code into VB
<BR><BR><BR><BR>’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’
<BR><BR><BR><BR>’The example fills the array with a few machine
instructions and then copies <BR><BR><BR><BR>’them to a procedure address.
The modified procedure is then called thru
<BR><BR><BR><BR>’CallWindowProc. The result of this specific machine code
is your CPU Vendor Name. <BR><BR><BR><BR>’
<BR><BR><BR><BR>’##########################################################################
<BR><BR><BR><BR>’Apparently it gets a Stack Pointer Error, but I don’t
know why; if anybody <BR><BR><BR><BR>’can fix that please let me know...
UMGEDV@AOL.COM <BR><BR><BR><BR>’The Error is not present in the native
compiled version; so I think it got <BR><BR><BR><BR>’something to do with
the P-Code Calling Convention (strange though)...
<BR><BR><BR><BR>’##########################################################################
<BR><BR><BR><BR>’ <BR><BR><BR><BR>’Sub Dummy serves to reserve some space
to copy the machine instructions into. <BR><BR><BR><BR>’ <BR><BR><BR><BR>’
<BR><BR><BR><BR>’Tested on Intel and AMD CPU’s (uncompiled and compiled)
<BR><BR><BR><BR>’ <BR><BR><BR><BR>’ <BR><BR><BR><BR>Private Declare
Function CallWindowProc Lib "user32" Alias "CallWindowProcA" (ByVal
lpPrevWndFunc As Long, ByVal hWnd As Long, ByVal Msg As Long, ByVal wParam
As Long, ByVal lParam As Long) As Long <BR><BR><BR><BR>Private Declare Sub
CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (lpvDest As Any, lpvSource
As Any, ByVal cbCopy As Long) <BR><BR><BR><BR>Private x As Long
<BR><BR><BR><BR><BR><BR><BR><BR>Public Function GetCpuName() As String
<BR><BR><BR><BR><BR><BR><BR><BR>Dim MachineCode(0 To 35) As Byte
<BR><BR><BR><BR>Dim VarAddr As Long <BR><BR><BR><BR>Dim FunctAddr As Long
<BR><BR><BR><BR>Dim EAX As Long <BR><BR><BR><BR>Dim CPUName(1 To 12) As
Byte <BR><BR><BR><BR><BR><BR><BR><BR>’set up machine code
<BR><BR><BR><BR><BR><BR><BR><BR>MachineCode(0) = &H55 ’push ebp
<BR><BR><BR><BR><BR><BR><BR><BR>MachineCode(1) = &H8B ’move ebp,esp
<BR><BR><BR><BR>MachineCode(2) = &HEC
<BR><BR><BR><BR><BR><BR><BR><BR>MachineCode(3) = &H57 ’push edi
<BR><BR><BR><BR><BR><BR><BR><BR>MachineCode(4) = &H52 ’push edx
<BR><BR><BR><BR><BR><BR><BR><BR>MachineCode(5) = &H51 ’push ecx
<BR><BR><BR><BR><BR><BR><BR><BR>MachineCode(6) = &H53 ’push ebx
<BR><BR><BR><BR><BR><BR><BR><BR>MachineCode(7) = &H8B ’move eax,dword
ptr [ebp 8] <BR><BR><BR><BR>MachineCode(8) = &H45
<BR><BR><BR><BR>MachineCode(9) = &H8
<BR><BR><BR><BR><BR><BR><BR><BR>MachineCode(10) = &HF ’cpuid
<BR><BR><BR><BR>MachineCode(11) = &HA2
<BR><BR><BR><BR><BR><BR><BR><BR>MachineCode(12) = &H8B ’mov edi,dword
ptr [ebp 12] <BR><BR><BR><BR>MachineCode(13) = &H7D
<BR><BR><BR><BR>MachineCode(14) = &HC
<BR><BR><BR><BR><BR><BR><BR><BR>MachineCode(15) = &H89 ’move dword ptr
[edi],ebx <BR><BR><BR><BR>MachineCode(16) = &H1F
<BR><BR><BR><BR><BR><BR><BR><BR>MachineCode(17) = &H8B ’mov edi,dword
ptr [ebp 16] <BR><BR><BR><BR>MachineCode(18) = &H7D
<BR><BR><BR><BR>MachineCode(19) = &H10
<BR><BR><BR><BR><BR><BR><BR><BR>MachineCode(20) = &H89 ’move dword ptr
[edi],ecx <BR><BR><BR><BR>MachineCode(21) = &HF
<BR><BR><BR><BR><BR><BR><BR><BR>MachineCode(22) = &H8B ’mov edi,dword
ptr [ebp 20] <BR><BR><BR><BR>MachineCode(23) = &H7D
<BR><BR><BR><BR>MachineCode(24) = &H14
<BR><BR><BR><BR><BR><BR><BR><BR>MachineCode(25) = &H89 ’move dword ptr
[edi],edx <BR><BR><BR><BR>MachineCode(26) = &H17
<BR><BR><BR><BR><BR><BR><BR><BR>MachineCode(27) = &H58 ’pop ebx
<BR><BR><BR><BR><BR><BR><BR><BR>MachineCode(28) = &H59 ’pop ecx
<BR><BR><BR><BR><BR><BR><BR><BR>MachineCode(29) = &H5A ’pop edx
<BR><BR><BR><BR><BR><BR><BR><BR>MachineCode(30) = &H55 ’pop edi
<BR><BR><BR><BR><BR><BR><BR><BR>MachineCode(31) = &HC9 ’leave
<BR><BR><BR><BR><BR><BR><BR><BR>MachineCode(32) = &HC2 ’ret 16 I tried
everything from 0 to 24 <BR><BR><BR><BR>MachineCode(33) = &H10 ’ but
all produce the stack error <BR><BR><BR><BR>MachineCode(34) = &H0
<BR><BR><BR><BR><BR><BR><BR><BR>’tell cpuid what we want
<BR><BR><BR><BR>EAX = 0 <BR><BR><BR><BR><BR><BR><BR><BR>’get address of
Machine Code <BR><BR><BR><BR>VarAddr = VarPtr(MachineCode(0))
<BR><BR><BR><BR><BR><BR><BR><BR>’get address of Sub Dummy
<BR><BR><BR><BR>FunctAddr = GetAddress(AddressOf Dummy)
<BR><BR><BR><BR><BR><BR><BR><BR>’copy the Machine Code to where it can be
called <BR><BR><BR><BR>CopyMemory ByVal FunctAddr, ByVal VarAddr, 35 ’35
bytes machine code <BR><BR><BR><BR><BR><BR><BR><BR>’call it
<BR><BR><BR><BR>On Error Resume Next ’apparently it gets a stack pointer
error when in P-Code but i dont know why <BR><BR><BR><BR>CallWindowProc
FunctAddr, EAX, VarPtr(CPUName(1)), VarPtr(CPUName(9)), VarPtr(CPUName(5))
<BR><BR><BR><BR>’Debug.Print Err; Err.Description <BR><BR><BR><BR>’MsgBox
Err & Err.Description <BR><BR><BR><BR>On Error GoTo 0
<BR><BR><BR><BR><BR><BR><BR><BR>GetCpuName = StrConv(CPUName(), vbUnicode)
’UnicodeName <BR><BR><BR><BR><BR><BR><BR><BR>End Function
<BR><BR><BR><BR><BR><BR><BR><BR>Private Function GetAddress(Address As
Long) As Long <BR><BR><BR><BR><BR><BR><BR><BR>GetAddress = Address
<BR><BR><BR><BR><BR><BR><BR><BR>End Function
<BR><BR><BR><BR><BR><BR><BR><BR>Private Sub Dummy()
<BR><BR><BR><BR><BR><BR><BR><BR>’the code below just reserves some space
to copy the machine code into <BR><BR><BR><BR>’it is never executed
<BR><BR><BR><BR><BR><BR><BR><BR>x = 0 <BR><BR><BR><BR>x = 1
<BR><BR><BR><BR>x = 2 <BR><BR><BR><BR>x = 3 <BR><BR><BR><BR>x = 4
<BR><BR><BR><BR>x = 5 <BR><BR><BR><BR>x = 6 <BR><BR><BR><BR>x = 7
<BR><BR><BR><BR>x = 8 <BR><BR><BR><BR>x = 9 <BR><BR><BR><BR>x = 10
<BR><BR><BR><BR>x = 0 <BR><BR><BR><BR>x = 1 <BR><BR><BR><BR>x = 2
<BR><BR><BR><BR>x = 3 <BR><BR><BR><BR>x = 4 <BR><BR><BR><BR>x = 5
<BR><BR><BR><BR>x = 6 <BR><BR><BR><BR>x = 7 <BR><BR><BR><BR>x = 8
<BR><BR><BR><BR>x = 9 <BR><BR><BR><BR>x = 10
<BR><BR><BR><BR><BR><BR><BR><BR>End Sub
<BR><BR><BR><BR></DIV></TD></TR></TBODY></TABLE><BR>
<DIV class=opt><A title=查看该分类中所有文章
href="http://hi.baidu.com/52hack/blog/category/¼ÓÃܽâÃÜ">类别:加密解密</A> | <A
title=将此文章添加到百度搜藏 onclick="return addToFavor();"
href="http://cang.baidu.com/do/add" target=_blank>添加到搜藏</A> | 浏览(<SPAN
id=result></SPAN>) | <A
href="http://hi.baidu.com/52hack/blog/item/69ffbab75010cef130add151.html#send">评论</A> (0)
<SCRIPT language=javascript>/*<![CDATA[*/var pre = [true,'最有发言权', '最有发言权','/52hack/blog/item/18451730c2967a9ca8018e51.html'];var post = [true,'《加密解密 技术内幕》在Visual C 中使用内联汇编2,加密解密 技术内幕,编释语言','《加密解密 技术内幕》在Visual ...', '/52hack/blog/item/a36eb87ebd33a73d0dd7da52.html'];if(pre[0] || post[0]){ document.write('<div style="height:5px;line-height:5px;"> </div><div id="in_nav">'); if(pre[0]){ document.write('上一篇:<a href="' + pre[3] + '" title="' + pre[1] + '">' + pre[2] + '</a> '); } if(post[0]){ document.write('下一篇:<a href="' + post[3] + '" title="' + post[1] + '">' + post[2] + '</a>'); } document.write('</div>');}/*]]>*/</SCRIPT>
</DIV>
<DIV class=line></DIV>
<SCRIPT language=JavaScript>allkey=allkey+"826c9b138003c2806538db9e_69ffbab75010cef130add151_";</SCRIPT>
<DIV id=in_comment><A name=comment></A>
<DIV class=tit>网友评论:</DIV>
<SCRIPT>function writecmt(type,id,cmtname,cmturl,portraitId){ var html1=""; if(type==1){ html1="<a href='"+cmturl+"' target='_blank' title='"+cmturl+"'><img border='0' src='http://himg.baidu.com/sys/portraitn/item/"+portraitId+".jpg'><br>"+cmtname+"</a>"; }else{ if(cmtname=="" || cmtname=="匿名网友"){ if(cmturl==""){ html1="<a>匿名网友</a>"; }else{ html1="<a href='"+cmturl+"' target='_blank' title='"+cmturl+"'>"+cmtname+"</a>"; } }else{ if(cmturl==""){ html1="<div class='f14' style='display:inline'>网友:<a>"+cmtname+"</a></div>"; }else{ html1="<div class='f14' style='display:inline'>网友:<a href='"+cmturl+"' target='_blank' title='"+cmturl+"'>"+cmtname+"</a></div>"; } } } document.write(html1);}</SCRIPT>
<DIV id=page></DIV></DIV>
<DIV id=in_send><A name=send></A>
<FORM id=popFormSubmit name=form1 onsubmit="return checkcmtform()"
action=/52hack/commit method=post><INPUT type=hidden value=8 name=ct> <INPUT
type=hidden value=1 name=cm> <INPUT type=hidden value=69ffbab75010cef130add151
name=spBlogID>
<SCRIPT language=JavaScript> document.write("<input type='hidden' name='spRefURL' value='"+encodeURI(window.location.href)+"'>");</SCRIPT>
<DIV class=tit>发表评论:</DIV>
<TABLE cellSpacing=5 cellPadding=0 width=620 border=0>
<TBODY>
<TR>
<TD class=f14>姓 名:</TD>
<TD><INPUT id=spBlogCmtor style="WIDTH: 220px" onfocus=hidErr(1);
tabIndex=1 maxLength=49 onchange="checkname('spBlogCmtor')"
name=spBlogCmtor>
<SCRIPT>document.write(" <a href='http://passport.baidu.com/?reg&tpl=sp&return_method=get&skip_ok=1&u=http://hi.baidu.com/sys/reg/' target='_blank'>注册</a>");document.write(" | <a href='http://passport.baidu.com/?login&tpl=sp&tpl_reg=sp&u="+myref+"'>登录</a>");</SCRIPT>
<DIV id=nmerror style="DISPLAY: none">*姓名最长为50字节</DIV></TD></TR>
<TR id=1_err style="DISPLAY: none">
<TD> </TD>
<TD>
<DIV class=error id=1_err_con></DIV></TD></TR>
<TR>
<TD class=f14>网址或邮箱:</TD>
<TD><INPUT id=spBlogCmtURL style="WIDTH: 360px" onfocus=hidErr(2);
tabIndex=2 maxLength=128 onchange="checkeandu('spBlogCmtURL')"
name=spBlogCmtURL> (选填)</TD>
<SCRIPT>G("spBlogCmtor").value="";G("spBlogCmtURL").value="";</SCRIPT>
</TR>
<TR id=2_err style="DISPLAY: none">
<TD> </TD>
<TD>
<DIV class=error id=2_err_con></DIV></TD></TR>
<TR>
<TD class=f14 vAlign=top>内 容:</TD>
<TD><TEXTAREA id=spBlogCmtText style="WIDTH: 520px; HEIGHT: 155px" onfocus=hidErr(3); tabIndex=3 name=spBlogCmtText></TEXTAREA>
<SCRIPT>G("spBlogCmtor").value=G("spBlogCmtor").defaultValue;G("spBlogCmtText").value="";</SCRIPT>
</TD></TR>
<TR id=3_err style="DISPLAY: none">
<TD> </TD>
<TD>
<DIV class=error id=3_err_con></DIV></TD></TR>
<TR id=vercode>
<TD class=f14 vAlign=top>验证码:</TD>
<TD vAlign=top><INPUT type=hidden
value=058DE6C26181AB1481E019FC20EF50C9D911279BA632A4EFCD228E2A03DD8A58DF88199A110E146DB5128FF4D4FD4125868DDB83A045D7CA72D605612EBFCC66
name=spVcode> <INPUT id=spVerifyKey onfocus=f_focus() tabIndex=4
maxLength=4 size=6 name=spVerifyKey autocomplete="off"><BR>
<SCRIPT type=text/javascript>/*<![CDATA[*/var imgsrc="http://hiup.baidu.com/cgi-bin/genimg?058DE6C26181AB1481E019FC20EF50C9D911279BA632A4EFCD228E2A03DD8A58DF88199A110E146DB5128FF4D4FD4125868DDB83A045D7CA72D605612EBFCC66";function f_focus(){ if(G('yanzheng').style.display=="none" ){ G('verifypic').src=imgsrc; G('yanzheng').style.display="block"; }}function newverifypic(){ G("verifypic").src = imgsrc +"&t="+ Math.random(); return false;}/*]]>*/</SCRIPT>
<DIV id=yanzheng style="DISPLAY: none"><IMG id=verifypic height=40
width=120><WBR><A title=看不清左边的字符 onfocus=this.blur();
onclick="return newverifypic();"
href="http://hi.baidu.com/52hack/blog/item/69ffbab75010cef130add151.html#">看不清?</A>
</DIV></TD></TR>
<TR>
<TD class=f14 vAlign=top> </TD>
<TD class=f14 vAlign=top><INPUT id=btn_ok tabIndex=5 type=submit value=发表评论 name=btn_ok></TD></TR></TBODY></TABLE></FORM></DIV><BR></DIV>
<TABLE height=8 cellSpacing=0 cellPadding=0 width="100%" border=0>
<TBODY>
<TR>
<TD class=modbl width=7> </TD>
<TD class=modbc> </TD>
<TD class=modbr width=7> </TD></TR></TBODY></TABLE></DIV></DIV></DIV></DIV>
<SCRIPT language=javascript><!--var hstr="/52hack/brwstat?key1=1";document.write("<script src='"+hstr+"&key2="+allkey+"'><\/script>");//--></SCRIPT>
<BR>
<CENTER>
<DIV id=ft>©2008 Baidu</DIV></CENTER>
<SCRIPT>if(document.getElementById("m_blog")){ var imgarray = document.getElementById("m_blog").getElementsByTagName('img'); var imgw = document.getElementById("m_blog").offsetWidth; imgw =imgw-40; for(var i=0; i<imgarray.length; i++){ if(imgarray[i].className=="blogimg" && imgarray[i].width>=imgw) imgarray[i].width=imgw; }}// Fix ff bugsvar blog_text = document.getElementById('blog_text');blog_text.innerHTML = blog_text.innerHTML.replace(/href\s*=\s*("|')?(\.\.\/\.\.\/)/gi,"href=$1../$2");</SCRIPT>
</CENTER><IMG style="DISPLAY: none" src=""> </BODY></HTML>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -