Jump to content

Assembly Code

Shanheavel
 Share

Recommended Posts

Shanheavel Wayfarer

Shanheavel

Posted
Posted (edited)

Hi,

I've function using Asm code.

; by trancexx
#include <GUIConstantsEx.au3>
#include <Memory.au3>
#include <WinAPI.au3>
Opt("GUIOnEventMode", 1)
Global Const $STM_SETIMAGE = 370
Global Const $iWidth = 810
Global Const $iHeight = 470
GUICreate("", $iWidth, $iHeight)
GUISetOnEvent(-3, "_Quit")
GUISetBkColor(0)
Global $hPic = GUICtrlCreatePic("", 0, 0, $iWidth, $iHeight)
Global $iSize = $iWidth * $iHeight
Global $tBits = DllStructCreate("int[" & $iSize & "]")
Global $pBits = DllStructGetPtr($tBits)
 
Global $hBitmap, $aCall, $iHMsg
Global $hPicHandle = GUICtrlGetHandle($hPic)
Global $tRandom = DllStructCreate("dword")
Global $pRandom = DllStructGetPtr($tRandom)
GUISetState()
 
Global $aRtlRandomEx = DllCall("kernel32.dll", "ptr", "GetProcAddress", "ptr", _WinAPI_GetModuleHandle("ntdll.dll"), "str", "RtlRandomEx")
Global $pRtlRandomEx = $aRtlRandomEx[0]
Global $aRtlMoveMemory = DllCall("kernel32.dll", "ptr", "GetProcAddress", "ptr", _WinAPI_GetModuleHandle("kernel32.dll"), "str", "RtlMoveMemory")
Global $pRtlMoveMemory = $aRtlMoveMemory[0]
Global $aSendMessageW = DllCall("kernel32.dll", "ptr", "GetProcAddress", "ptr", _WinAPI_GetModuleHandle("user32.dll"), "str", "SendMessageW")
Global $pSendMessageW = $aSendMessageW[0]
Global $aDeleteObject = DllCall("kernel32.dll", "ptr", "GetProcAddress", "ptr", _WinAPI_GetModuleHandle("gdi32.dll"), "str", "DeleteObject")
Global $pDeleteObject = $aDeleteObject[0]
Global $aCreateBitmap = DllCall("kernel32.dll", "ptr", "GetProcAddress", "ptr", _WinAPI_GetModuleHandle("gdi32.dll"), "str", "CreateBitmap")
Global $pCreateBitmap = $aCreateBitmap[0]
Global $pRemoteCode = _MemVirtualAlloc(0, 512, $MEM_COMMIT, $PAGE_EXECUTE_READWRITE)
Local $tCodeBuffer = DllStructCreate("byte[512]", $pRemoteCode)
#Region Assemply
DllStructSetData($tCodeBuffer, 1, _
            "0x" & _
            "33DB" & _                                          ; xor ebx, ebx
            "68" & SwapEndian($pRandom) & _                         ; push $pRandom
            "B8" & SwapEndian($pRtlRandomEx) & _                    ; mov eax, RtlRandomEx
            "FFD0" & _                                          ; call eax
            "8BCB" & _                                          ; mov ecx, ebx
            "69C9" & SwapEndian(4) & _                          ; imul ecx, 4
            "81C1" & SwapEndian($pBits) & _                         ; add ecx, $pBits
            "68" & SwapEndian(3) & _                                ; push 3 bytes
            "68" & SwapEndian($pRandom) & _                         ; push $pRandom
            "51" & _                                                ; push ecx
            "B8" & SwapEndian($pRtlMoveMemory) & _              ; mov eax, RtlMoveMemory
            "FFD0" & _                                          ; call eax
            "43" & _                                                ; inc ebx
            "81FB" & SwapEndian($iSize) & _                         ; cmp ebx, $iSize; <- compare ebx with $iSize
            "75" & Hex(256 - 53, 2) & _                             ; jne -53 bytes; <- this is saying go back and do it again if not equal
            "68" & SwapEndian($pBits) & _                           ; push $pBits
            "68" & SwapEndian(32) & _                               ; push BitsPerPel
            "68" & SwapEndian(1) & _                                ; push Planes
            "68" & SwapEndian($iHeight) & _                         ; push $iHeight
            "68" & SwapEndian($iWidth) & _                      ; push $iWidth
            "B8" & SwapEndian($pCreateBitmap) & _                   ; mov eax, CreateBitmap
            "FFD0" & _                                          ; call eax
            "50" & _                                                ; push eax
            "68" & SwapEndian(0) & _                                ; push IMAGE_BITMAP
            "68" & SwapEndian($STM_SETIMAGE) & _                    ; push STM_SETIMAGE
            "68" & SwapEndian($hPicHandle) & _                  ; push $hPicHandle
            "B8" & SwapEndian($pSendMessageW) & _                   ; mov eax, SendMessageW
            "FFD0" & _                                          ; call eax
            "50" & _                                                ; push eax
            "B8" & SwapEndian($pDeleteObject) & _                   ; mov eax, DeleteObject
            "FFD0" & _                                          ; call eax
            "C3" _                                              ; ret
            )
#EndRegion Assembly
While 1
    #region Assembly
  
    DllCall("user32.dll", "int", "CallWindowProcW", _
            "ptr", $pRemoteCode, _
            "int", 0, _
            "int", 0, _
            "int", 0, _
            "int", 0)
    #endregion Assembly
    Sleep(10)
WEnd
 
Func SwapEndian($iValue)
    Return Hex(Binary($iValue))
EndFunc ;==>SwapEndian
 
Func _Quit()
    Exit
EndFunc ;==>_Quit

Pixels are random (look RtlRandomEx). I'm trying to replace it to get pixels' colors from some string (not random).

Global $tColor = DllStructCreate("int[" & $iSize & "]")
DllStructSetData($tColor, 1, 0xFFFF00)

I need help someone who is experienced.

I'm waiting for your replies

/Shanheavel

Edited by Shanheavel
Shanheavel Wayfarer

Shanheavel

Posted
  • Author
Posted (edited)

@Shaggi

$tPixel = DllStructCreate("dword")
DllStructSetData($tPixel, 1, 0xFF00AA)
$pPixel = DllStructGetPtr($tPixel)

And replace:

"68" & SwapEndian($pRandom) & _ ; push $pRandom
"B8" & SwapEndian($pRtlRandomEx) & _ ; mov eax, RtlRandomEx
"FFD0" & _

With:

B8" & SwapEndian($pPixel)
? Edited by Shanheavel
Shaggi Universalist

Shaggi

Posted
Posted

@Shaggi

$tPixel = DllStructCreate("dword")
DllStructSetData($tPixel, 1, 0xFF00AA)
$pPixel = DllStructGetPtr($tPixel)

And replace:

"68" & SwapEndian($pRandom) & _ ; push $pRandom
"B8" & SwapEndian($pRtlRandomEx) & _ ; mov eax, RtlRandomEx
"FFD0" & _

With:

B8" & SwapEndian($pPixel)
?

Well that depends on how you want to implement it. You can do it so the pixel is a constant, as i showed you, or you can operate with pointers, so you can change it.

"B8" & SwapEndian($pPixel)
<- This stands for MOV EAX, $pPixel.

Ever wanted to call functions in another process? ProcessCall UDFConsole stuff: Console UDFC Preprocessor for AutoIt OMG

MvGulik Universalist

MvGulik

Posted
Posted

I did that and my program crashed. I don't understand why...

:mellow: Asm-code tend to do that when you don't know what your doing.

Suggest:

- You stay away from modifying Asm-code until you have readup on it ... A lot.

- Find a forum that's more targeted in helping beginners in ASM. (as that part falls outside this forum general targets in my view.)

"Straight_and_Crooked_Thinking" : A "classic guide to ferreting out untruths, half-truths, and other distortions of facts in political and social discussions."
"The Secrets of Quantum Physics" : New and excellent 2 part documentary on Quantum Physics by Jim Al-Khalili. (Dec 2014)

"Believing what you know ain't so" ...

Knock Knock ...
 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...