Jump to content
Sign in to follow this  
Followers 0
E1M1

How to convert following C to autoit?

By E1M1, in AutoIt General Help and Support

Recommended Posts

E1M1    4

E1M1
Posted 

byte szCode[] = {
        0x60,                           //pushad
        0x68, 0x00, 0x00, 0x00, 0x00,   //push 0h
        0x68, 0x00, 0x00, 0x00, 0x00,   //push 0h
        0x68, 0x00, 0x00, 0x00, 0x00,   //push 0h
        0xB8, 0x00, 0x00, 0x00, 0x00,   //mov eax, 0h
        0xFF, 0xD0,                     //call eax
        0x61,                           //popad
        0xC3                            //ret
    };
    *(DWORD*)&szCode[2] = (DWORD)pRemotePacket;
    *(DWORD*)&szCode[7] = 0;
    *(DWORD*)&szCode[12] = aLen;
    *(DWORD*)&szCode[17] = dwOffset;

I have converter szCode like follows:

dim $szCode[25] = [ 0x60, 0x68, 0x00, 0x00, 0x00, 0x00, 0x68, 0x00, 0x00, 0x00, 0x00, 0x68, 0x00, 0x00, 0x00, 0x00, 0xB8, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xD0, 0x61, 0xC3 ]

But how to convert

*(DWORD*)&szCode[2] = (DWORD)pRemotePacket;

I guess it's not just $szCode[2] = $pRemotePacket

edited

Share this post

Link to post
Share on other sites

Ascend4nt    119

Ascend4nt
Posted

You can't combine array elements to 'cast' to a wider type. In AutoIt, the only way to do what you want is to use a DLLStruct or a Hex string ("0x6068000000006800000000B800000000FFD061C3").

The latter is easiest in replacing values. You just need to make sure the values are hexadecimal (strip the '0x' with StringTrimLeft() or Hex() if you need to), then do a StringReplace() on the main hex string. You might even replace the 00's you want to replace with special characters so you can do a replace much easier. Afterwards, the whole thing can be written as binary to a DLLStruct (of type 'byte[xx]').

My contributions:

Performance Counters in Windows - Measure CPU, Disk, Network etc Performance | Network Interface Info, Statistics, and Traffic | CPU Multi-Processor Usage w/o Performance Counters | Disk and Device Read/Write Statistics | Atom Table Functions | Process, Thread, & DLL Functions UDFsProcess CPU Usage Trackers | PE File Overlay Extraction | A3X Script Extract | File + Process Imports/Exports Information | Windows Desktop Dimmer Shade | Spotlight + Focus GUI - Highlight and Dim for Eyestrain Relief | CrossHairs (FullScreen)Rubber-Band Boxes using GUI's (_GUIBox) | GUI Fun! | IE Embedded Control Versioning (use IE9+ and HTML5 in a GUI) | Magnifier (Vista+) Functions UDF | _DLLStructDisplay (Debug!) | _EnumChildWindows (controls etc) | _FileFindEx | _ClipGetHTML | _ClipPutHTML + ClipPutHyperlink | _FileGetShortcutEx | _FilePropertiesDialog | I/O Port Functions | File(s) Drag & Drop | _RunWithReducedPrivileges | _ShellExecuteWithReducedPrivileges | _WinAPI_GetSystemInfo | dotNETGetVersions | Drive(s) Power Status | _WinGetDesktopHandle | _StringParseParameters | Screensaver, Sleep, Desktop Lock Disable | Full-Screen Crash Recovery

Wrappers/Modifications of others' contributions:

_DOSWildcardsToPCRegEx (original code: RobSaunder's) | WinGetAltTabWinList (original: Authenticity)

UDF's added support/programming to:

_ExplorerWinGetSelectedItems | MIDIEx UDF (original code: eynstyne)

(All personal code/wrappers centrally located at Ascend4nt's AutoIT Code)

Share this post

Link to post
Share on other sites

E1M1    4

E1M1
Posted

but why

$szCode[2] = $pRemotePacket

$szCode[7] = 0

$szCode[12] = $dwALen

$szCode[17] = $dwOffset

wouldn't work?

With strings it would be bit hard because I would have to convert something to hex and variables might have diferent size so I would have to recalculate offsets. but replacing array elements would be with out calculating. Then I could use for loop to put it back to string.

edited

Share this post

Link to post
Share on other sites

Ascend4nt    119

Ascend4nt
Posted

Each array element is a separate entity in AutoIt. They aren't connected in a long sequence in memory. If you are that determined to keep it like the C code, then by all means, use an array - but you will need to go through those array elements one-by-one when putting them in a DLLStruct.

If you are worried about width, there is such a thing as padding. [$sPaddedNumber=StringRight('00000000'&$iNumber,8)]

But it seems like you don't really know C, AutoIt, or Assembly at all from your posts. I'd say it looks like you are copying and pasting bits of code from others and kludging it together to try and make it work for you.

One other thing: endianness is important. You'll need to rearrange pointers if adding them in a binary sequence.

My contributions:

Performance Counters in Windows - Measure CPU, Disk, Network etc Performance | Network Interface Info, Statistics, and Traffic | CPU Multi-Processor Usage w/o Performance Counters | Disk and Device Read/Write Statistics | Atom Table Functions | Process, Thread, & DLL Functions UDFsProcess CPU Usage Trackers | PE File Overlay Extraction | A3X Script Extract | File + Process Imports/Exports Information | Windows Desktop Dimmer Shade | Spotlight + Focus GUI - Highlight and Dim for Eyestrain Relief | CrossHairs (FullScreen)Rubber-Band Boxes using GUI's (_GUIBox) | GUI Fun! | IE Embedded Control Versioning (use IE9+ and HTML5 in a GUI) | Magnifier (Vista+) Functions UDF | _DLLStructDisplay (Debug!) | _EnumChildWindows (controls etc) | _FileFindEx | _ClipGetHTML | _ClipPutHTML + ClipPutHyperlink | _FileGetShortcutEx | _FilePropertiesDialog | I/O Port Functions | File(s) Drag & Drop | _RunWithReducedPrivileges | _ShellExecuteWithReducedPrivileges | _WinAPI_GetSystemInfo | dotNETGetVersions | Drive(s) Power Status | _WinGetDesktopHandle | _StringParseParameters | Screensaver, Sleep, Desktop Lock Disable | Full-Screen Crash Recovery

Wrappers/Modifications of others' contributions:

_DOSWildcardsToPCRegEx (original code: RobSaunder's) | WinGetAltTabWinList (original: Authenticity)

UDF's added support/programming to:

_ExplorerWinGetSelectedItems | MIDIEx UDF (original code: eynstyne)

(All personal code/wrappers centrally located at Ascend4nt's AutoIT Code)

Share this post

Link to post
Share on other sites

E1M1    4

E1M1
Posted

What I don't know is asm and C.

What do you think of 

$string = ""
for $i = 0 to 24    
$string &= $szCode[$i]
Next

wouldn't that work. Sorry if I asked stupid thing.

edited

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing AutoIt General Help and Support
×