lpk.asm

lpk 源码 用于制作内存补丁

.586
.model flat, stdcall  
option casemap :none  
include windows.inc
include user32.inc
include kernel32.inc
includelib user32.lib
includelib kernel32.lib


                 
.data  
strLpkDllInitialize           db "LpkDllInitialize",0
strLpkDrawTextEx              db "LpkDrawTextEx",0
strLpkEditControl             db "LpkEditControl",0
strLpkExtTextOut              db "LpkExtTextOut",0
strLpkGetCharacterPlacement   db "LpkGetCharacterPlacement",0
strLpkGetTextExtentExPoint    db "LpkGetTextExtentExPoint",0
strLpkInitialize              db "LpkInitialize",0
strLpkPSMTextOut              db "LpkPSMTextOut",0
strLpkTabbedTextOut           db "LpkTabbedTextOut",0
strLpkUseGDIWidthCache        db "LpkUseGDIWidthCache",0
strftsWordBreak               db "ftsWordBreak",0

strBLpkDllInitialize          dd 0
strBLpkDrawTextEx             dd 0
strBLpkEditControl            dd 0
strBLpkExtTextOut             dd 0
strBLpkGetCharacterPlacement  dd 0
strBLpkGetTextExtentExPoint   dd 0
strBLpkInitialize             dd 0
strBLpkPSMTextOut             dd 0
strBLpkTabbedTextOut          dd 0
strBLpkUseGDIWidthCache       dd 0
strBftsWordBreak              dd 0

LpkEditControl Proc
strBLpkEditControl2           dd 40h dup (0) 
LpkEditControl Endp 
           
_tit        db 'www.unpack.cn is warm family! welcome you !',0
_text       db 'David Beckham ,ACmilan need you! i hope you can stay! by y3y3y3',0
_dll        db 'user32.dll',0
_api       db 'DialogBoxIndirectParamA',0
hook        db 0e9h,000h,000h,000h,000h

.data?
LibID       dd ?
hInstance   dd ?   
lpbaseaddr  dd ?
hProcess    dd ?
hDlg        dd ?
apiDialogBoxIndirectParamA   dd ?
apibak      dd ?
.code        
Main proc hinstdll:DWORD , reason:DWORD , reserved1:DWORD
        pushad                                   
.if reason == DLL_PROCESS_ATTACH 
       push hinstdll
       pop  hInstance
       call LoadDebug
       call Process
.elseif reason == DLL_PROCESS_DETACH  && reason == DLL_THREAD_ATTACH
     .endif
       popad
       mov  eax,1
       ret     
Main    endp  
ThreadProc proc
	
	invoke MessageBox,0,offset _text,offset _tit,0
	ret

ThreadProc endp

Process proc
LOCAL mbi:MEMORY_BASIC_INFORMATION
LOCAL msize:DWORD        
        invoke GetCurrentProcess
        mov hProcess,eax
        invoke GetModuleHandle,offset _dll
        invoke GetProcAddress,eax,offset _api
        mov apiDialogBoxIndirectParamA,eax
        mov edx,apihook
        sub edx,eax
        sub edx,5
        mov dword ptr hook[1],edx
        invoke VirtualQueryEx,hProcess,apiDialogBoxIndirectParamA,addr mbi,SIZEOF MEMORY_BASIC_INFORMATION
        invoke VirtualProtectEx,hProcess, mbi.BaseAddress,5h,PAGE_EXECUTE_READWRITE,addr mbi.Protect
        invoke ReadProcessMemory,hProcess,apiDialogBoxIndirectParamA,offset apibak,5h,0
        invoke WriteProcessMemory,hProcess,apiDialogBoxIndirectParamA,offset hook,5h,0
        invoke CreateThread,0,0,offset ThreadProc,0,0,0
        ret
Process endp
apihook proc
        pushad
        invoke WriteProcessMemory,hProcess,apiDialogBoxIndirectParamA,offset apibak,5,0
        popad
	mov eax,232ch
	ret 14h
apihook	endp
LoadDebug PROC
LOCAL LibPath[200h] :BYTE

          pushad          
          invoke GetSystemDirectory , addr LibPath , 100h          
          lea ebx , LibPath
          add eax,ebx
          mov dword ptr [eax], 'KPL\'
          mov dword ptr [eax+4], 'LLD.'
          mov dword ptr [eax+8],0
          invoke LoadLibrary , addr LibPath
.if eax != 0
          mov LibID , EAX
          invoke GetProcAddress , LibID , addr strLpkDllInitialize
          mov strBLpkDllInitialize,EAX
          invoke GetProcAddress , LibID , addr strLpkDrawTextEx
          mov strBLpkDrawTextEx,EAX
          invoke GetProcAddress , LibID , addr strLpkExtTextOut
          mov strBLpkExtTextOut,EAX
          invoke GetProcAddress , LibID , addr strLpkGetCharacterPlacement
          mov strBLpkGetCharacterPlacement,EAX
          invoke GetProcAddress , LibID , addr strLpkGetTextExtentExPoint
          mov strBLpkGetTextExtentExPoint,EAX
          invoke GetProcAddress , LibID , addr strLpkInitialize
          mov strBLpkInitialize,EAX
          invoke GetProcAddress , LibID , addr strLpkPSMTextOut
          mov strBLpkPSMTextOut,EAX
          invoke GetProcAddress , LibID , addr strLpkTabbedTextOut
          mov strBLpkTabbedTextOut,EAX
          invoke GetProcAddress , LibID , addr strLpkUseGDIWidthCache
          mov strBLpkUseGDIWidthCache,EAX
          invoke GetProcAddress , LibID , addr strftsWordBreak
          mov strBftsWordBreak,EAX
          invoke GetProcAddress , LibID , addr strLpkEditControl
          mov strBLpkEditControl,EAX
          mov esi,eax
          mov edi,offset strBLpkEditControl2
          mov ecx,40h
          rep movsb
.endif
          popad
          RET

LoadDebug Endp
LpkInitialize Proc
          jmp strBLpkInitialize
LpkInitialize Endp                 
LpkTabbedTextOut Proc
          jmp strBLpkTabbedTextOut
LpkTabbedTextOut Endp        
LpkDllInitialize Proc
          jmp strBLpkDllInitialize
LpkDllInitialize Endp
LpkDrawTextEx Proc
          jmp strBLpkDrawTextEx
LpkDrawTextEx Endp                 
LpkExtTextOut Proc
          jmp strBLpkExtTextOut
LpkExtTextOut Endp                  
LpkGetCharacterPlacement Proc
          jmp strBLpkGetCharacterPlacement
LpkGetCharacterPlacement Endp                 
LpkGetTextExtentExPoint Proc
          jmp strBLpkGetTextExtentExPoint
LpkGetTextExtentExPoint Endp                   
LpkPSMTextOut Proc
          jmp strBLpkPSMTextOut
LpkPSMTextOut Endp
LpkUseGDIWidthCache Proc
          jmp strBLpkUseGDIWidthCache
LpkUseGDIWidthCache Endp                        
ftsWordBreak Proc
          jmp strBftsWordBreak
ftsWordBreak Endp

END  Main