Sign in to follow this  
Followers 0
whatmeans

let's complete AU3-ASM

10 posts in this topic

The VB codes:

CODE
VERSION 1.0 CLASS

BEGIN

MultiUse = -1 'True

Persistable = 0 'NotPersistable

DataBindingBehavior = 0 'vbNone

DataSourceBehavior = 0 'vbNone

MTSTransactionMode = 0 'NotAnMTSObject

END

Attribute VB_Name = "ASM"

Attribute VB_GlobalNameSpace = False

Attribute VB_Creatable = True

Attribute VB_PredeclaredId = False

Attribute VB_Exposed = True

Option Explicit

Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long

Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long

Private Declare Function CreateRemoteThread Lib "kernel32" (ByVal hProcess As Long, lpThreadAttributes As Any, ByVal dwStackSize As Long, lpStartAddress As Long, lpParameter As Any, ByVal dwCreationFlags As Long, lpThreadId As Long) As Long

Private Declare Function VirtualFreeEx Lib "kernel32" (ByVal hProcess As Long, lpAddress As Any, ByVal dwSize As Long, ByVal dwFreeType As Long) As Long

Private Declare Function VirtualAllocEx Lib "kernel32" (ByVal hProcess As Long, lpAddress As Any, ByVal dwSize As Long, ByVal flAllocationType As Long, ByVal flProtect As Long) As Long

Private Declare Function CallWindowProc Lib "user32" Alias "CallWindowProcA" (ByVal lpPrevWndFunc As Long, ByVal hWnd As Long, ByVal Msg As Long, ByVal wParam As Long, ByVal lParam As Long) As Long

Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long

Private Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hWnd As Long, lpdwProcessId As Long) As Long

Private Declare Function WaitForSingleObject Lib "kernel32" (ByVal hHandle As Long, ByVal dwMilliseconds As Long) As Long

Private Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (Destination As Any, Source As Any, ByVal Length As Long)

Const PAGE_EXECUTE_READWRITE = &H40

Const MEM_COMMIT = &H1000

Const MEM_RELEASE = &H8000

Const MEM_DECOMMIT = &H4000

Const PROCESS_ALL_ACCESS = &H1F0FFF

Const INFINITE = &HFFFF ' Infinite timeout

Const WAIT_TIMEOUT = &H102

Dim AsmCode() As Byte

Dim OPcode As String

Dim InjectProcess As Long '要注入的进程ID

Dim tmp_Addr As Long '要注入的进程启始地址

Dim RThwnd As Long '已经注入的线程句柄

Function Get_Result() As String

Dim i As Long

ReDim AsmCode(Len(OPcode) / 2 - 1)

For i = 0 To UBound(AsmCode)

AsmCode(i) = CByte("&H" & Mid(OPcode, i * 2 + 1, 2))

Next

Get_Result = CallWindowProc(VarPtr(AsmCode(0)), 0, 0, 0, 0)

End Function

Function Get_Code() As String

Get_Code = OPcode

End Function

'Function Run_ASM(ByVal hWnd As Long) As Long

' Dim i As Long, tmp_Addr As Long, RThwnd As Long, h As Long, pid As Long

' ReDim AsmCode(Len(OPcode) / 2 - 1) As Byte

' For i = 0 To UBound(AsmCode)

' AsmCode(i) = CByte("&H" & Mid(OPcode, i * 2 + 1, 2))

' Next

' GetWindowThreadProcessId hWnd, pid

' h = OpenProcess(PROCESS_ALL_ACCESS, False, pid)

' tmp_Addr = VirtualAllocEx(h, ByVal 0&, UBound(AsmCode) + 1, MEM_COMMIT, PAGE_EXECUTE_READWRITE)

' WriteProcessMemory h, ByVal tmp_Addr, ByVal VarPtr(AsmCode(0)), UBound(AsmCode) + 1, ByVal 0&

' RThwnd = CreateRemoteThread(h, ByVal 0&, 0, ByVal tmp_Addr, ByVal 0&, ByVal 0&, ByVal 0&)

' VirtualFreeEx h, tmp_Addr, UBound(AsmCode) + 1, MEM_RELEASE

' CloseHandle RThwnd

' CloseHandle h

' OPcode = ""

'End Function

Sub InjectCode(ByVal hWnd As Long)

Dim i As Long, h As Long, pid As Long

ReDim AsmCode(Len(OPcode) / 2 - 1)

For i = 0 To UBound(AsmCode)

AsmCode(i) = CByte("&H" & Mid(OPcode, i * 2 + 1, 2))

Next

GetWindowThreadProcessId hWnd, pid '获得进程ID

InjectProcess = OpenProcess(PROCESS_ALL_ACCESS, False, pid) '打开进程并获得进程句柄

tmp_Addr = VirtualAllocEx(InjectProcess, ByVal 0&, UBound(AsmCode) + 1, _

MEM_COMMIT, PAGE_EXECUTE_READWRITE) '为汇编代码分配内存

WriteProcessMemory InjectProcess, ByVal tmp_Addr, ByVal VarPtr(AsmCode(0)), _

UBound(AsmCode) + 1, ByVal 0& '把汇编代码注入进程

End Sub

Sub Run_ASM() '执行注入的汇编代码

Dim Ret As Long

RThwnd = CreateRemoteThread(InjectProcess, ByVal 0&, 0, ByVal tmp_Addr, ByVal 0&, ByVal 0&, ByVal 0&)

Do

Ret = WaitForSingleObject(RThwnd, 50) '等待50豪秒

DoEvents

Loop Until Ret <> WAIT_TIMEOUT

CloseHandle RThwnd

End Sub

Sub FreeMem()

VirtualFreeEx InjectProcess, tmp_Addr, UBound(AsmCode) + 1, MEM_RELEASE

CloseHandle InjectProcess

OPcode = ""

Erase AsmCode

End Sub

Function Int2Hex(Value As Long, n As Long) As String '高低位互换

Dim tmp1 As String, tmp2 As String, i As Long

tmp1 = Right("0000000" + Hex(Value), n)

For i = 0 To Len(tmp1) / 2 - 1

tmp2 = tmp2 + Mid(tmp1, Len(tmp1) - 1 - 2 * i, 2)

Next i

Int2Hex = tmp2

End Function

Function Leave() As Long

OPcode = OPcode + "C9"

End Function

Function Pushad() As Long

OPcode = OPcode + "60"

End Function

Function Popad() As Long

OPcode = OPcode + "61"

End Function

Function Nop() As Long

OPcode = OPcode + "90"

End Function

Function Ret() As Long

OPcode = OPcode + "C3"

End Function

Function RetA(ByVal i As Long) As Long

OPcode = OPcode + Int2Hex(i, 4)

End Function

Function IN_AL_DX() As Long

OPcode = OPcode + "EC"

End Function

Function TEST_EAX_EAX() As Long

OPcode = OPcode + "85C0"

End Function

'Add

'+++++++++++++++++++++++++++++++++++

Function Add_EAX_EDX() As Long

OPcode = OPcode + "03C2"

End Function

Function Add_EBX_EAX() As Long

OPcode = OPcode + "03D8"

End Function

Function Add_EAX_DWORD_Ptr(ByVal i As Long) As Long

OPcode = OPcode + "0305" + Int2Hex(i, 8)

End Function

Function Add_EBX_DWORD_Ptr(ByVal i As Long) As Long

OPcode = OPcode + "031D" + Int2Hex(i, 8)

End Function

Function Add_EBP_DWORD_Ptr(ByVal i As Long) As Long

OPcode = OPcode + "032D" + Int2Hex(i, 8)

End Function

Function Add_EAX(ByVal i As Long) As Long

OPcode = OPcode + "05" + Int2Hex(i, 8)

End Function

Function Add_EBX(ByVal i As Long) As Long

OPcode = OPcode + "83C3" + Int2Hex(i, 8)

End Function

Function Add_ECX(ByVal i As Long) As Long

OPcode = OPcode + "83C1" + Int2Hex(i, 8)

End Function

Function Add_EDX(ByVal i As Long) As Long

OPcode = OPcode + "83C2" + Int2Hex(i, 8)

End Function

Function Add_ESI(ByVal i As Long) As Long

OPcode = OPcode + "83C6" + Int2Hex(i, 8)

End Function

Function Add_ESP(ByVal i As Long) As Long

OPcode = OPcode + "83C4" + Int2Hex(i, 8)

End Function

'Call

'+++++++++++++++++++++++++++++++++++

Function Call_EAX() As Long

OPcode = OPcode + "FFD0"

End Function

Function Call_EBX() As Long

OPcode = OPcode + "FFD3"

End Function

Function Call_ECX() As Long

OPcode = OPcode + "FFD1"

End Function

Function Call_EDX() As Long

OPcode = OPcode + "FFD2"

End Function

Function Call_ESI() As Long

OPcode = OPcode + "FFD2"

End Function

Function Call_ESP() As Long

OPcode = OPcode + "FFD4"

End Function

Function Call_EBP() As Long

OPcode = OPcode + "FFD5"

End Function

Function Call_EDI() As Long

OPcode = OPcode + "FFD7"

End Function

Function Call_DWORD_Ptr(ByVal i As Long) As Long

OPcode = OPcode + "FF15" + Int2Hex(i, 8)

End Function

Function Call_DWORD_Ptr_EAX() As Long

OPcode = OPcode + "FF10"

End Function

Function Call_DWORD_Ptr_EBX() As Long

OPcode = OPcode + "FF13"

End Function

'Cmp

'+++++++++++++++++++++++++++++++++++

Function Cmp_EAX(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "83F8" + Int2Hex(i, 2)

Else

OPcode = OPcode + "3D" + Int2Hex(i, 8)

End If

End Function

Function Cmp_EAX_EDX() As Long

OPcode = OPcode + "3BC2"

End Function

Function Cmp_EAX_DWORD_Ptr(ByVal i As Long) As Long

OPcode = OPcode + "3B05" + Int2Hex(i, 8)

End Function

Function Cmp_DWORD_Ptr_EAX(ByVal i As Long) As Long

OPcode = OPcode + "3905" + Int2Hex(i, 8)

End Function

'DEC

'+++++++++++++++++++++++++++++++++++

Function Dec_EAX() As Long

OPcode = OPcode + "48"

End Function

Function Dec_EBX() As Long

OPcode = OPcode + "4B"

End Function

Function Dec_ECX() As Long

OPcode = OPcode + "49"

End Function

Function Dec_EDX() As Long

OPcode = OPcode + "4A"

End Function

'Idiv

'+++++++++++++++++++++++++++++++++++

Function Idiv_EAX() As Long

OPcode = OPcode + "F7F8"

End Function

Function Idiv_EBX() As Long

OPcode = OPcode + "F7FB"

End Function

Function Idiv_ECX() As Long

OPcode = OPcode + "F7F9"

End Function

Function Idiv_EDX() As Long

OPcode = OPcode + "F7FA"

End Function

'Imul

'+++++++++++++++++++++++++++++++++++

Function Imul_EAX_EDX() As Long

OPcode = OPcode + "0FAFC2"

End Function

Function Imul_EAX(ByVal i As Long) As Long

OPcode = OPcode + "6BC0" + Int2Hex(i, 2)

End Function

Function ImulB_EAX(ByVal i As Long) As Long

OPcode = OPcode + "69C0" + Int2Hex(i, 8)

End Function

'INC

'+++++++++++++++++++++++++++++++++++

Function Inc_EAX() As Long

OPcode = OPcode + "40"

End Function

Function Inc_EBX() As Long

OPcode = OPcode + "43"

End Function

Function Inc_ECX() As Long

OPcode = OPcode + "41"

End Function

Function Inc_EDX() As Long

OPcode = OPcode + "42"

End Function

Function Inc_EDI() As Long

OPcode = OPcode + "47"

End Function

Function Inc_ESI() As Long

OPcode = OPcode + "46"

End Function

Function Inc_DWORD_Ptr_EAX() As Long

OPcode = OPcode + "FF00"

End Function

Function Inc_DWORD_Ptr_EBX() As Long

OPcode = OPcode + "FF03"

End Function

Function Inc_DWORD_Ptr_ECX() As Long

OPcode = OPcode + "FF01"

End Function

Function Inc_DWORD_Ptr_EDX() As Long

OPcode = OPcode + "FF02"

End Function

'JMP/JE/JNE

'+++++++++++++++++++++++++++++++++++

Function JMP_EAX() As Long

OPcode = OPcode + "FFE0"

End Function

'Mov

Function Mov_DWORD_Ptr_EAX(ByVal i As Long) As Long

OPcode = OPcode + "A3" + Int2Hex(i, 8)

End Function

Function Mov_EAX(ByVal i As Long) As Long

OPcode = OPcode + "B8" + Int2Hex(i, 8)

End Function

Function Mov_EBX(ByVal i As Long) As Long

OPcode = OPcode + "BB" + Int2Hex(i, 8)

End Function

Function Mov_ECX(ByVal i As Long) As Long

OPcode = OPcode + "B9" + Int2Hex(i, 8)

End Function

Function Mov_EDX(ByVal i As Long) As Long

OPcode = OPcode + "BA" + Int2Hex(i, 8)

End Function

Function Mov_ESI(ByVal i As Long) As Long

OPcode = OPcode + "BE" + Int2Hex(i, 8)

End Function

Function Mov_ESP(ByVal i As Long) As Long

OPcode = OPcode + "BC" + Int2Hex(i, 8)

End Function

Function Mov_EBP(ByVal i As Long) As Long

OPcode = OPcode + "BD" + Int2Hex(i, 8)

End Function

Function Mov_EDI(ByVal i As Long) As Long

OPcode = OPcode + "BF" + Int2Hex(i, 8)

End Function

Function Mov_EBX_DWORD_Ptr(ByVal i As Long) As Long

OPcode = OPcode + "8B1D" + Int2Hex(i, 8)

End Function

Function Mov_ECX_DWORD_Ptr(ByVal i As Long) As Long

OPcode = OPcode + "8B0D" + Int2Hex(i, 8)

End Function

Function Mov_EAX_DWORD_Ptr(ByVal i As Long) As Long

OPcode = OPcode + "A1" + Int2Hex(i, 8)

End Function

Function Mov_EDX_DWORD_Ptr(ByVal i As Long) As Long

OPcode = OPcode + "8B15" + Int2Hex(i, 8)

End Function

Function Mov_ESI_DWORD_Ptr(ByVal i As Long) As Long

OPcode = OPcode + "8B35" + Int2Hex(i, 8)

End Function

Function Mov_ESP_DWORD_Ptr(ByVal i As Long) As Long

OPcode = OPcode + "8B25" + Int2Hex(i, 8)

End Function

Function Mov_EBP_DWORD_Ptr(ByVal i As Long) As Long

OPcode = OPcode + "8B2D" + Int2Hex(i, 8)

End Function

Function Mov_EAX_DWORD_Ptr_EAX() As Long

OPcode = OPcode + "8B00"

End Function

Function Mov_EAX_DWORD_Ptr_EBP() As Long

OPcode = OPcode + "8B4500"

End Function

Function Mov_EAX_DWORD_Ptr_EBX() As Long

OPcode = OPcode + "8B03"

End Function

Function Mov_EAX_DWORD_Ptr_ECX() As Long

OPcode = OPcode + "8B01"

End Function

Function Mov_EAX_DWORD_Ptr_EDX() As Long

OPcode = OPcode + "8B02"

End Function

Function Mov_EAX_DWORD_Ptr_EDI() As Long

OPcode = OPcode + "8B07"

End Function

Function Mov_EAX_DWORD_Ptr_ESP() As Long

OPcode = OPcode + "8B0424"

End Function

Function Mov_EAX_DWORD_Ptr_ESI() As Long

OPcode = OPcode + "8B06"

End Function

Function Mov_EAX_DWORD_Ptr_EAX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B40" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B80" + Int2Hex(i, 8)

End If

End Function

Function Mov_EAX_DWORD_Ptr_ESP_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B4424" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B8424" + Int2Hex(i, 8)

End If

End Function

Function Mov_EAX_DWORD_Ptr_EBX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B43" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B83" + Int2Hex(i, 8)

End If

End Function

Function Mov_EAX_DWORD_Ptr_ECX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B41" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B81" + Int2Hex(i, 8)

End If

End Function

Function Mov_EAX_DWORD_Ptr_EDX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B42" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B82" + Int2Hex(i, 8)

End If

End Function

Function Mov_EAX_DWORD_Ptr_EDI_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B47" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B87" + Int2Hex(i, 8)

End If

End Function

Function Mov_EAX_DWORD_Ptr_EBP_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B45" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B85" + Int2Hex(i, 8)

End If

End Function

Function Mov_EAX_DWORD_Ptr_ESI_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B46" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B86" + Int2Hex(i, 8)

End If

End Function

Function Mov_EBX_DWORD_Ptr_EAX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B58" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B98" + Int2Hex(i, 8)

End If

End Function

Function Mov_EBX_DWORD_Ptr_ESP_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B5C24" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B9C24" + Int2Hex(i, 8)

End If

End Function

Function Mov_EBX_DWORD_Ptr_EBX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B5B" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B9B" + Int2Hex(i, 8)

End If

End Function

Function Mov_EBX_DWORD_Ptr_ECX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B59" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B99" + Int2Hex(i, 8)

End If

End Function

Function Mov_EBX_DWORD_Ptr_EDX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B5A" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B9A" + Int2Hex(i, 8)

End If

End Function

Function Mov_EBX_DWORD_Ptr_EDI_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B5F" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B9F" + Int2Hex(i, 8)

End If

End Function

Function Mov_EBX_DWORD_Ptr_EBP_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B5D" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B9D" + Int2Hex(i, 8)

End If

End Function

Function Mov_EBX_DWORD_Ptr_ESI_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B5E" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B9E" + Int2Hex(i, 8)

End If

End Function

Function Mov_ECX_DWORD_Ptr_EAX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B48" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B88" + Int2Hex(i, 8)

End If

End Function

Function Mov_ECX_DWORD_Ptr_ESP_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B4C24" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B8C24" + Int2Hex(i, 8)

End If

End Function

Function Mov_ECX_DWORD_Ptr_EBX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B4B" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B8B" + Int2Hex(i, 8)

End If

End Function

Function Mov_ECX_DWORD_Ptr_ECX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B49" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B89" + Int2Hex(i, 8)

End If

End Function

Function Mov_ECX_DWORD_Ptr_EDX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B4A" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B8A" + Int2Hex(i, 8)

End If

End Function

Function Mov_ECX_DWORD_Ptr_EDI_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B4F" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B8F" + Int2Hex(i, 8)

End If

End Function

Function Mov_ECX_DWORD_Ptr_EBP_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B4D" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B8D" + Int2Hex(i, 8)

End If

End Function

Function Mov_ECX_DWORD_Ptr_ESI_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B4E" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B8E" + Int2Hex(i, 8)

End If

End Function

Function Mov_EDX_DWORD_Ptr_EAX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B50" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B90" + Int2Hex(i, 8)

End If

End Function

Function Mov_EDX_DWORD_Ptr_ESP_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B5424" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B9424" + Int2Hex(i, 8)

End If

End Function

Function Mov_EDX_DWORD_Ptr_EBX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B53" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B93" + Int2Hex(i, 8)

End If

End Function

Function Mov_EDX_DWORD_Ptr_ECX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B51" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B91" + Int2Hex(i, 8)

End If

End Function

Function Mov_EDX_DWORD_Ptr_EDX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B52" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B92" + Int2Hex(i, 8)

End If

End Function

Function Mov_EDX_DWORD_Ptr_EDI_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B57" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B97" + Int2Hex(i, 8)

End If

End Function

Function Mov_EDX_DWORD_Ptr_EBP_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B55" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B95" + Int2Hex(i, 8)

End If

End Function

Function Mov_EDX_DWORD_Ptr_ESI_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8B56" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8B96" + Int2Hex(i, 8)

End If

End Function

Function Mov_EBX_DWORD_Ptr_EAX() As Long

OPcode = OPcode + "8B18"

End Function

Function Mov_EBX_DWORD_Ptr_EBP() As Long

OPcode = OPcode + "8B5D00"

End Function

Function Mov_EBX_DWORD_Ptr_EBX() As Long

OPcode = OPcode + "8B1B"

End Function

Function Mov_EBX_DWORD_Ptr_ECX() As Long

OPcode = OPcode + "8B19"

End Function

Function Mov_EBX_DWORD_Ptr_EDX() As Long

OPcode = OPcode + "8B1A"

End Function

Function Mov_EBX_DWORD_Ptr_EDI() As Long

OPcode = OPcode + "8B1F"

End Function

Function Mov_EBX_DWORD_Ptr_ESP() As Long

OPcode = OPcode + "8B1C24"

End Function

Function Mov_EBX_DWORD_Ptr_ESI() As Long

OPcode = OPcode + "8B1E"

End Function

Function Mov_ECX_DWORD_Ptr_EAX() As Long

OPcode = OPcode + "8B08"

End Function

Function Mov_ECX_DWORD_Ptr_EBP() As Long

OPcode = OPcode + "8B4D00"

End Function

Function Mov_ECX_DWORD_Ptr_EBX() As Long

OPcode = OPcode + "8B0B"

End Function

Function Mov_ECX_DWORD_Ptr_ECX() As Long

OPcode = OPcode + "8B09"

End Function

Function Mov_ECX_DWORD_Ptr_EDX() As Long

OPcode = OPcode + "8B0A"

End Function

Function Mov_ECX_DWORD_Ptr_EDI() As Long

OPcode = OPcode + "8B0F"

End Function

Function Mov_ECX_DWORD_Ptr_ESP() As Long

OPcode = OPcode + "8B0C24"

End Function

Function Mov_ECX_DWORD_Ptr_ESI() As Long

OPcode = OPcode + "8B0E"

End Function

Function Mov_EDX_DWORD_Ptr_EAX() As Long

OPcode = OPcode + "8B10"

End Function

Function Mov_EDX_DWORD_Ptr_EBP() As Long

OPcode = OPcode + "8B5500"

End Function

Function Mov_EDX_DWORD_Ptr_EBX() As Long

OPcode = OPcode + "8B13"

End Function

Function Mov_EDX_DWORD_Ptr_ECX() As Long

OPcode = OPcode + "8B11"

End Function

Function Mov_EDX_DWORD_Ptr_EDX() As Long

OPcode = OPcode + "8B12"

End Function

Function Mov_EDX_DWORD_Ptr_EDI() As Long

OPcode = OPcode + "8B17"

End Function

Function Mov_EDX_DWORD_Ptr_ESI() As Long

OPcode = OPcode + "8B16"

End Function

Function Mov_EDX_DWORD_Ptr_ESP() As Long

OPcode = OPcode + "8B1424"

End Function

Function Mov_EAX_EBP() As Long

OPcode = OPcode + "8BC5"

End Function

Function Mov_EAX_EBX() As Long

OPcode = OPcode + "8BC3"

End Function

Function Mov_EAX_ECX() As Long

OPcode = OPcode + "8BC1"

End Function

Function Mov_EAX_EDI() As Long

OPcode = OPcode + "8BC7"

End Function

Function Mov_EAX_EDX() As Long

OPcode = OPcode + "8BC2"

End Function

Function Mov_EAX_ESI() As Long

OPcode = OPcode + "8BC6"

End Function

Function Mov_EAX_ESP() As Long

OPcode = OPcode + "8BC4"

End Function

Function Mov_EBX_EBP() As Long

OPcode = OPcode + "8BDD"

End Function

Function Mov_EBX_EAX() As Long

OPcode = OPcode + "8BD8"

End Function

Function Mov_EBX_ECX() As Long

OPcode = OPcode + "8BD9"

End Function

Function Mov_EBX_EDI() As Long

OPcode = OPcode + "8BDF"

End Function

Function Mov_EBX_EDX() As Long

OPcode = OPcode + "8BDA"

End Function

Function Mov_EBX_ESI() As Long

OPcode = OPcode + "8BDE"

End Function

Function Mov_EBX_ESP() As Long

OPcode = OPcode + "8BDC"

End Function

Function Mov_ECX_EBP() As Long

OPcode = OPcode + "8BCD"

End Function

Function Mov_ECX_EAX() As Long

OPcode = OPcode + "8BC8"

End Function

Function Mov_ECX_EBX() As Long

OPcode = OPcode + "8BCB"

End Function

Function Mov_ECX_EDI() As Long

OPcode = OPcode + "8BCF"

End Function

Function Mov_ECX_EDX() As Long

OPcode = OPcode + "8BCA"

End Function

Function Mov_ECX_ESI() As Long

OPcode = OPcode + "8BCE"

End Function

Function Mov_ECX_ESP() As Long

OPcode = OPcode + "8BCC"

End Function

Function Mov_EDX_EBP() As Long

OPcode = OPcode + "8BD5"

End Function

Function Mov_EDX_EBX() As Long

OPcode = OPcode + "8BD3"

End Function

Function Mov_EDX_ECX() As Long

OPcode = OPcode + "8BD1"

End Function

Function Mov_EDX_EDI() As Long

OPcode = OPcode + "8BD7"

End Function

Function Mov_EDX_EAX() As Long

OPcode = OPcode + "8BD0"

End Function

Function Mov_EDX_ESI() As Long

OPcode = OPcode + "8BD6"

End Function

Function Mov_EDX_ESP() As Long

OPcode = OPcode + "8BD4"

End Function

Function Mov_ESI_EBP() As Long

OPcode = OPcode + "8BF5"

End Function

Function Mov_ESI_EBX() As Long

OPcode = OPcode + "8BF3"

End Function

Function Mov_ESI_ECX() As Long

OPcode = OPcode + "8BF1"

End Function

Function Mov_ESI_EDI() As Long

OPcode = OPcode + "8BF7"

End Function

Function Mov_ESI_EAX() As Long

OPcode = OPcode + "8BF0"

End Function

Function Mov_ESI_EDX() As Long

OPcode = OPcode + "8BF2"

End Function

Function Mov_ESI_ESP() As Long

OPcode = OPcode + "8BF4"

End Function

Function Mov_ESP_EBP() As Long

OPcode = OPcode + "8BE5"

End Function

Function Mov_ESP_EBX() As Long

OPcode = OPcode + "8BE3"

End Function

Function Mov_ESP_ECX() As Long

OPcode = OPcode + "8BE1"

End Function

Function Mov_ESP_EDI() As Long

OPcode = OPcode + "8BE7"

End Function

Function Mov_ESP_EAX() As Long

OPcode = OPcode + "8BE0"

End Function

Function Mov_ESP_EDX() As Long

OPcode = OPcode + "8BE2"

End Function

Function Mov_ESP_ESI() As Long

OPcode = OPcode + "8BE6"

End Function

Function Mov_EDI_EBP() As Long

OPcode = OPcode + "8BFD"

End Function

Function Mov_EDI_EAX() As Long

OPcode = OPcode + "8BF8"

End Function

Function Mov_EDI_EBX() As Long

OPcode = OPcode + "8BFB"

End Function

Function Mov_EDI_ECX() As Long

OPcode = OPcode + "8BF9"

End Function

Function Mov_EDI_EDX() As Long

OPcode = OPcode + "8BFA"

End Function

Function Mov_EDI_ESI() As Long

OPcode = OPcode + "8BFE"

End Function

Function Mov_EDI_ESP() As Long

OPcode = OPcode + "8BFC"

End Function

Function Mov_EBP_EDI() As Long

OPcode = OPcode + "8BDF"

End Function

Function Mov_EBP_EAX() As Long

OPcode = OPcode + "8BE8"

End Function

Function Mov_EBP_EBX() As Long

OPcode = OPcode + "8BEB"

End Function

Function Mov_EBP_ECX() As Long

OPcode = OPcode + "8BE9"

End Function

Function Mov_EBP_EDX() As Long

OPcode = OPcode + "8BEA"

End Function

Function Mov_EBP_ESI() As Long

OPcode = OPcode + "8BEE"

End Function

Function Mov_EBP_ESP() As Long

OPcode = OPcode + "8BEC"

End Function

'Push

'+++++++++++++++++++++++++++++++++++

Function Push(ByVal i As Long) As Long

'If i <= 255 Then

'OPcode = OPcode + "6A" + Int2Hex(i, 2)

'Else

OPcode = OPcode + "68" + Int2Hex(i, 8)

'End If

End Function

Function Push_DWORD_Ptr(ByVal i As Long) As Long

OPcode = OPcode + "FF35" + Int2Hex(i, 8)

End Function

Function Push_EAX() As Long

OPcode = OPcode + "50"

End Function

Function Push_ECX() As Long

OPcode = OPcode + "51"

End Function

Function Push_EDX() As Long

OPcode = OPcode + "52"

End Function

Function Push_EBX() As Long

OPcode = OPcode + "53"

End Function

Function Push_ESP() As Long

OPcode = OPcode + "54"

End Function

Function Push_EBP() As Long

OPcode = OPcode + "55"

End Function

Function Push_ESI() As Long

OPcode = OPcode + "56"

End Function

Function Push_EDI() As Long

OPcode = OPcode + "57"

End Function

'LEA

Function Lea_EAX_DWORD_Ptr_EAX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D40" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D80" + Int2Hex(i, 8)

End If

End Function

Function Lea_EAX_DWORD_Ptr_EBX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D43" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D83" + Int2Hex(i, 8)

End If

End Function

Function Lea_EAX_DWORD_Ptr_ECX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D41" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D81" + Int2Hex(i, 8)

End If

End Function

Function Lea_EAX_DWORD_Ptr_EDX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D42" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D82" + Int2Hex(i, 8)

End If

End Function

Function Lea_EAX_DWORD_Ptr_ESI_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D46" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D86" + Int2Hex(i, 8)

End If

End Function

Function Lea_EAX_DWORD_Ptr_ESP_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D40" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D80" + Int2Hex(i, 8)

End If

End Function

Function Lea_EAX_DWORD_Ptr_EBP_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D4424" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D8424" + Int2Hex(i, 8)

End If

End Function

Function Lea_EAX_DWORD_Ptr_EDI_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D47" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D87" + Int2Hex(i, 8)

End If

End Function

Function Lea_EBX_DWORD_Ptr_EAX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D58" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D98" + Int2Hex(i, 8)

End If

End Function

Function Lea_EBX_DWORD_Ptr_ESP_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D5C24" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D9C24" + Int2Hex(i, 8)

End If

End Function

Function Lea_EBX_DWORD_Ptr_EBX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D5B" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D9B" + Int2Hex(i, 8)

End If

End Function

Function Lea_EBX_DWORD_Ptr_ECX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D59" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D99" + Int2Hex(i, 8)

End If

End Function

Function Lea_EBX_DWORD_Ptr_EDX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D5A" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D9A" + Int2Hex(i, 8)

End If

End Function

Function Lea_EBX_DWORD_Ptr_EDI_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D5F" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D9F" + Int2Hex(i, 8)

End If

End Function

Function Lea_EBX_DWORD_Ptr_EBP_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D5D" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D9D" + Int2Hex(i, 8)

End If

End Function

Function Lea_EBX_DWORD_Ptr_ESI_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D5E" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D9E" + Int2Hex(i, 8)

End If

End Function

Function Lea_ECX_DWORD_Ptr_EAX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D48" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D88" + Int2Hex(i, 8)

End If

End Function

Function Lea_ECX_DWORD_Ptr_ESP_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D4C24" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D8C24" + Int2Hex(i, 8)

End If

End Function

Function Lea_ECX_DWORD_Ptr_EBX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D4B" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D8B" + Int2Hex(i, 8)

End If

End Function

Function Lea_ECX_DWORD_Ptr_ECX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D49" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D89" + Int2Hex(i, 8)

End If

End Function

Function Lea_ECX_DWORD_Ptr_EDX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D4A" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D8A" + Int2Hex(i, 8)

End If

End Function

Function Lea_ECX_DWORD_Ptr_EDI_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D4F" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D8F" + Int2Hex(i, 8)

End If

End Function

Function Lea_ECX_DWORD_Ptr_EBP_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D4D" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D8D" + Int2Hex(i, 8)

End If

End Function

Function Lea_ECX_DWORD_Ptr_ESI_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D4E" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D8E" + Int2Hex(i, 8)

End If

End Function

Function Lea_EDX_DWORD_Ptr_EAX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D50" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D90" + Int2Hex(i, 8)

End If

End Function

Function Lea_EDX_DWORD_Ptr_ESP_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D5424" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D9424" + Int2Hex(i, 8)

End If

End Function

Function Lea_EDX_DWORD_Ptr_EBX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D53" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D93" + Int2Hex(i, 8)

End If

End Function

Function Lea_EDX_DWORD_Ptr_ECX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D51" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D91" + Int2Hex(i, 8)

End If

End Function

Function Lea_EDX_DWORD_Ptr_EDX_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D52" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D92" + Int2Hex(i, 8)

End If

End Function

Function Lea_EDX_DWORD_Ptr_EDI_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D57" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D97" + Int2Hex(i, 8)

End If

End Function

Function Lea_EDX_DWORD_Ptr_EBP_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D55" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D95" + Int2Hex(i, 8)

End If

End Function

Function Lea_EDX_DWORD_Ptr_ESI_Add(ByVal i As Long) As Long

If i <= 255 Then

OPcode = OPcode + "8D56" + Int2Hex(i, 2)

Else

OPcode = OPcode + "8D96" + Int2Hex(i, 8)

End If

End Function

'POP

Function Pop_EAX() As Long

OPcode = OPcode + "58"

End Function

Function Pop_EBX() As Long

OPcode = OPcode + "5B"

End Function

Function Pop_ECX() As Long

OPcode = OPcode + "59"

End Function

Function Pop_EDX() As Long

OPcode = OPcode + "5A"

End Function

Function Pop_ESI() As Long

OPcode = OPcode + "5E"

End Function

Function Pop_ESP() As Long

OPcode = OPcode + "5C"

End Function

Function Pop_EDI() As Long

OPcode = OPcode + "5F"

End Function

Function Pop_EBP() As Long

OPcode = OPcode + "5D"

End Function

Public Function Ptr(ByRef Add) As Long

Ptr = VarPtr(Add)

End Function

Public Function Float4Int(ByVal Ans As Single) '浮点转整形

Dim AB As Long, a As Single

CopyMemory AB, Ans, 4

Float4Int = AB

End Function

'Public Function Float8Int(ByRef Ans) '浮点转整形

' Dim AB As Long

' CopyMemory AB, Ans, 8

' Float8Int = AB

'End Function

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

The AU3 codes

]
Func CopyMemory($Destination, $Source, $Length)
    Local $Return
    $Return = DllCall("kernel32.dll", "none", "RtlMoveMemory", "ptr", $Destination, "ptr", $Source,"int", $Length)
    Return $Return[0]
EndFunc   ;==>CopyMemory
Func GetWindowThreadProcessId($hWnd, $lpdwProcessId)
    Local $Return
    $Return = DllCall("user32.dll", "int", "GetWindowThreadProcessId", "int", $hWnd, "int", $lpdwProcessId)
    Return $Return[0]
EndFunc   ;==>GetWindowThreadProcessId
Func CreateRemoteThread($hProcess, $lpThreadAttributes, $dwStackSize, $lpStartAddress, $lpParameter, $dwCreationFlags, $lpThreadId)
    Local $Return
    $Return = DllCall("kernel32.dll", "int", "CreateRemoteThread", "int", $hProcess, "ptr", $lpThreadAttributes, "int", $dwStackSize, "int", $lpStartAddress, "ptr", $lpParameter, "int", $dwCreationFlags, "int", $lpThreadId)
    Return $Return[0]
EndFunc   ;==>CreateRemoteThread

Func WriteProcessMemory($hProcess, $lpBaseAddress, $lpBuffer, $nSize, $lpNumberOfBytesWritten)
    Global $Return
    $Return = DllCall ("kernel32.dll", "int", "WriteProcessMemory", "int", $hProcess, "ptr", $lpBaseAddress, "ptr", $lpBuffer, "int", $nSize,"int", $lpNumberOfBytesWritten)
    Return $Return[0]
EndFunc

Func CallWindowProc($lpPrevWndFunc, $hWnd, $Msg, $wParam, $lParam)
    Local $Return
    $Return = DllCall("user32.dll", "int", "CallWindowProcA", "int", $lpPrevWndFunc, "int", $hWnd, "int", $Msg, "int", $wParam, "int", $lParam)
    Return $Return[0]
EndFunc   ;==>CallWindowProc

Func VirtualAllocEx($hProcess, $pAddress, $iSize, $iAllocation, $iProtect)
    Local $aResult = DllCall("Kernel32.dll", "ptr", "VirtualAllocEx", "int", $hProcess, "ptr", $pAddress, "int", $iSize, "int", $iAllocation, "int", $iProtect)
    If @error Or Not IsArray($aResult) Then Return SetError(-1, -1, 0)
    Return $aResult[0]
EndFunc   ;==>VirtualAllocEx

Func VirtualFreeEx($hProcess, $pAddress, $iSize, $iFreeType)
    Local $aResult = DllCall("Kernel32.dll", "ptr", "VirtualFreeEx", "hwnd", $hProcess, "ptr", $pAddress, "int", $iSize, "int", $iFreeType)
    If @error Or Not IsArray($aResult) Then Return SetError(-1, -1, 0)
    Return $aResult[0]
EndFunc   ;==>VirtualFreeEx

Func WaitForSingleObject($hHandle, $dwMilliseconds)
    Local $Return
    $Return = DllCall("kernel32.dll", "int", "WaitForSingleObject", "int", $hHandle, "int", $dwMilliseconds)
    Return $Return[0]
EndFunc   ;==>WaitForSingleObject

Func OpenProcess($iAccess, $bInherit, $iProcessID)
    Local $aResult = DllCall("Kernel32.Dll", "int", "OpenProcess", "int", $iAccess, "int", $bInherit, "int", $iProcessID)
    If @error Or Not IsArray($aResult) Then Return SetError(-1, -1, 0)
    Return $aResult[0]
EndFunc   ;==>OpenProcess

Func CloseHandle($hObject)
    Local $aResult = DllCall("Kernel32.dll", "int", "CloseHandle", "int", $hObject)
    If @error Or Not IsArray($aResult) Then Return SetError(-1, -1, 0)
    Return $aResult[0]
EndFunc   ;==>CloseHandle

;===============================================================================
;~ Private Declare Function GetAddrOf Lib "KERNEL32" Alias "MulDiv" (nNumber As Any, Optional ByVal nNumerator As Long = 1, Optional ByVal nDenominator As Long = 1) As Long
;~    ' This is the dummy function used to get the addres of a VB variable.
Func VarPtr($v_Variable)    ;VarPtr
;~     Declare Function VarPtrArray Lib "msvbvm60.dll" Alias "VarPtr" _
;~ (Var() as Any) As Long
    Local $pointer ,$debug = True
    $pointer = DllCall("KERNEL32.dll", "long", "MulDiv", "ptr", $v_Variable[0])
    ;$pointer =dllcall("msvbvm60.dll","long","VarPtr","long",$v_Variable[0])
    If @error Then
        If $debug Then MsgBox(0, "Error:", "Error:>" & @error & @CRLF)
        Return 0
    Else
        Return $pointer
    EndIf

EndFunc   ;==>VarPtr
;=====================================================================================
;===============================================================================
Const $PAGE_EXECUTE_READWRITE = 0x40
Const $MEM_COMMIT = 0x1000
Const $MEM_RELEASE = 0x8000
Const $MEM_DECOMMIT = 0x4000
Const $PROCESS_ALL_ACCESS = 0x1F0FFF
Const $INFINITE = 0xFFFF      ;  Infinite timeout
Const $WAIT_TIMEOUT = 0x102
Dim $AsmCode[100]
Dim $OPcode 
Dim $InjectProcess               ;要注入的进程ID
Dim $tmp_Addr                   ;要注入的进程启始地址
Dim $RThwnd                      ;已经注入的线程句柄
;===============================================================================

Func Get_Result()
    Dim $i
    ReDim $AsmCode [StringLen($OPcode) / 2 - 1]
    For $i = 0 To UBound($AsmCode)
        $AsmCode[$i] = Int("0x" & StringMid($OPcode, $i * 2 + 1, 2))
    Next
    $Get_Result = CallWindowProc(VarPtr($AsmCode[0]), 0, 0, 0, 0)
EndFunc   ;==>Get_Result

Func Get_Code()
    $Get_Code = $OPcode
EndFunc   ;==>Get_Code
;================================
Func Run_ASM2($hWnd)
    Dim $i, $tmp_Addr, $RThwnd, $h, $pid
    ReDim $AsmCode [StringLen ($OPcode) / 2 - 1]
    For $i = 0 To UBound($AsmCode)
        $AsmCode [$i] = Int("0x" & StringMid($OPcode, $i * 2 + 1, 2))
    Next
    GetWindowThreadProcessId($hWnd, $pid)
    $h = OpenProcess($PROCESS_ALL_ACCESS, False, $pid)
    $tmp_Addr = VirtualAllocEx($h, 0, UBound($AsmCode) + 1, $MEM_COMMIT, $PAGE_EXECUTE_READWRITE)
    WriteProcessMemory($h, $tmp_Addr, VarPtr($AsmCode[0]), UBound($AsmCode) + 1, 0)
    $RThwnd = CreateRemoteThread($h, 0, 0, $tmp_Addr, 0, 0, 0)
    VirtualFreeEx($h, $tmp_Addr, UBound($AsmCode) + 1, $MEM_RELEASE)
    CloseHandle($RThwnd)
    CloseHandle($h)
    $OPcode = ""
EndFunc   ;==>Run_ASM2
;=================================
Func InjectCode($hWnd)
    Dim $i, $h, $pid
    ReDim $AsmCode [StringLen($OPcode) / 2 - 1]
    For $i = 0 To UBound($AsmCode)
        $AsmCode[$i] = Int("0x" & StringMid($OPcode, $i * 2 + 1, 2))
    Next
    GetWindowThreadProcessId($hWnd, $pid)                                                ;获得进程ID
    $InjectProcess = OpenProcess($PROCESS_ALL_ACCESS, False, $pid)                         ;打开进程并获得进程句柄
    $tmp_Addr = VirtualAllocEx($InjectProcess, 0, UBound($AsmCode) + 1, _
            $MEM_COMMIT, $PAGE_EXECUTE_READWRITE)                       ;为汇编代码分配内存
    WriteProcessMemory($InjectProcess, $tmp_Addr, VarPtr($AsmCode[0]), _
            UBound($AsmCode) + 1, 0)                                  ;把汇编代码注入进程
EndFunc   ;==>InjectCode

Func Run_ASM()                                                                           ;执行注入的汇编代码
    Dim $Ret
    $RThwnd = CreateRemoteThread($InjectProcess, 0, 0, $tmp_Addr, 0, 0, 0)
    Do
        $Ret = WaitForSingleObject($RThwnd, 50)                   ;等待50豪秒
        ;DoEvents
    Until $Ret <> $WAIT_TIMEOUT
    CloseHandle($RThwnd)
EndFunc   ;==>Run_ASM

Func FreeMem()
    VirtualFreeEx($InjectProcess, $tmp_Addr, UBound($AsmCode) + 1, $MEM_RELEASE)
    CloseHandle($InjectProcess)
    $OPcode = ""
    $AsmCode = 0
EndFunc   ;==>FreeMem
;========================================================
Func Int2Hex($Value, $n)  ;高低位互换
    Dim $tmp1, $tmp2, $i
    $tmp1 = StringRight("0000000" + Hex($Value), $n)
    For $i = 0 To StringLen($tmp1) / 2 - 1
        $tmp2 = $tmp2 + StringMid($tmp1, StringLen($tmp1) - 1 - 2 * $i, 2)
    Next
    $Int2Hex = $tmp2
EndFunc   ;==>Int2Hex

Func Leave()
    $OPcode = $OPcode + "C9" 
EndFunc   ;==>Leave

Func Pushad()
    $OPcode = $OPcode + "60" 
EndFunc   ;==>Pushad

Func Popad()
    $OPcode = $OPcode + "61" 
EndFunc   ;==>Popad

Func Nop()
    $OPcode = $OPcode + "90" 
EndFunc   ;==>Nop

Func Ret()
    $OPcode = $OPcode + "C3" 
EndFunc   ;==>Ret

Func RetA($i)
    $OPcode = $OPcode + Int2Hex($i, 4)
EndFunc   ;==>RetA

Func IN_AL_DX()
    $OPcode = $OPcode + "EC" 
EndFunc   ;==>IN_AL_DX

Func TEST_EAX_EAX()
    $OPcode = $OPcode + "85C0" 
EndFunc   ;==>TEST_EAX_EAX

;Add
;+++++++++++++++++++++++++++++++++++
Func Add_EAX_EDX()
    $OPcode = $OPcode + "03C2" 
EndFunc   ;==>Add_EAX_EDX

Func Add_EBX_EAX()
    $OPcode = $OPcode + "03D8" 
EndFunc   ;==>Add_EBX_EAX

Func Add_EAX_DWORD_Ptr($i)
    $OPcode = $OPcode + "0305" + Int2Hex($i, 8)
EndFunc   ;==>Add_EAX_DWORD_Ptr

Func Add_EBX_DWORD_Ptr($i)
    $OPcode = $OPcode + "031D" + Int2Hex($i, 8)
EndFunc   ;==>Add_EBX_DWORD_Ptr

Func Add_EBP_DWORD_Ptr($i)
    $OPcode = $OPcode + "032D" + Int2Hex($i, 8)
EndFunc   ;==>Add_EBP_DWORD_Ptr

Func Add_EAX($i)
    $OPcode = $OPcode + "05" + Int2Hex($i, 8)
EndFunc   ;==>Add_EAX

Func Add_EBX($i)
    $OPcode = $OPcode + "83C3" + Int2Hex($i, 8)
EndFunc   ;==>Add_EBX

Func Add_ECX($i)
    $OPcode = $OPcode + "83C1" + Int2Hex($i, 8)
EndFunc   ;==>Add_ECX

Func Add_EDX($i)
    $OPcode = $OPcode + "83C2" + Int2Hex($i, 8)
EndFunc   ;==>Add_EDX

Func Add_ESI($i)
    $OPcode = $OPcode + "83C6" + Int2Hex($i, 8)
EndFunc   ;==>Add_ESI

Func Add_ESP($i)
    $OPcode = $OPcode + "83C4" + Int2Hex($i, 8)
EndFunc   ;==>Add_ESP

;Call
;+++++++++++++++++++++++++++++++++++
Func Call_EAX()
    $OPcode = $OPcode + "FFD0" 
EndFunc   ;==>Call_EAX

Func Call_EBX()
    $OPcode = $OPcode + "FFD3" 
EndFunc   ;==>Call_EBX

Func Call_ECX()
    $OPcode = $OPcode + "FFD1" 
EndFunc   ;==>Call_ECX

Func Call_EDX()
    $OPcode = $OPcode + "FFD2" 
EndFunc   ;==>Call_EDX

Func Call_ESI()
    $OPcode = $OPcode + "FFD2" 
EndFunc   ;==>Call_ESI

Func Call_ESP()
    $OPcode = $OPcode + "FFD4" 
EndFunc   ;==>Call_ESP

Func Call_EBP()
    $OPcode = $OPcode + "FFD5" 
EndFunc   ;==>Call_EBP

Func Call_EDI()
    $OPcode = $OPcode + "FFD7" 
EndFunc   ;==>Call_EDI

Func Call_DWORD_Ptr($i)
    $OPcode = $OPcode + "FF15" + Int2Hex($i, 8)
EndFunc   ;==>Call_DWORD_Ptr

Func Call_DWORD_Ptr_EAX()
    $OPcode = $OPcode + "FF10" 
EndFunc   ;==>Call_DWORD_Ptr_EAX

Func Call_DWORD_Ptr_EBX()
    $OPcode = $OPcode + "FF13" 
EndFunc   ;==>Call_DWORD_Ptr_EBX

;Cmp
;+++++++++++++++++++++++++++++++++++
Func Cmp_EAX($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "83F8" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "3D" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Cmp_EAX

Func Cmp_EAX_EDX()
    $OPcode = $OPcode + "3BC2" 
EndFunc   ;==>Cmp_EAX_EDX

Func Cmp_EAX_DWORD_Ptr($i)
    $OPcode = $OPcode + "3B05" + Int2Hex($i, 8)
EndFunc   ;==>Cmp_EAX_DWORD_Ptr

Func Cmp_DWORD_Ptr_EAX($i)
    $OPcode = $OPcode + "3905" + Int2Hex($i, 8)
EndFunc   ;==>Cmp_DWORD_Ptr_EAX

;DEC
;+++++++++++++++++++++++++++++++++++
Func Dec_EAX()
    $OPcode = $OPcode + "48" 
EndFunc   ;==>Dec_EAX

Func Dec_EBX()
    $OPcode = $OPcode + "4B" 
EndFunc   ;==>Dec_EBX

Func Dec_ECX()
    $OPcode = $OPcode + "49" 
EndFunc   ;==>Dec_ECX

Func Dec_EDX()
    $OPcode = $OPcode + "4A" 
EndFunc   ;==>Dec_EDX

;Idiv
;+++++++++++++++++++++++++++++++++++
Func Idiv_EAX()
    $OPcode = $OPcode + "F7F8" 
EndFunc   ;==>Idiv_EAX

Func Idiv_EBX()
    $OPcode = $OPcode + "F7FB" 
EndFunc   ;==>Idiv_EBX

Func Idiv_ECX()
    $OPcode = $OPcode + "F7F9" 
EndFunc   ;==>Idiv_ECX

Func Idiv_EDX()
    $OPcode = $OPcode + "F7FA" 
EndFunc   ;==>Idiv_EDX

;Imul
;+++++++++++++++++++++++++++++++++++
Func Imul_EAX_EDX()
    $OPcode = $OPcode + "0FAFC2" 
EndFunc   ;==>Imul_EAX_EDX

Func Imul_EAX($i)
    $OPcode = $OPcode + "6BC0" + Int2Hex($i, 2)
EndFunc   ;==>Imul_EAX

Func ImulB_EAX($i)
    $OPcode = $OPcode + "69C0" + Int2Hex($i, 8)
EndFunc   ;==>ImulB_EAX

;INC
;+++++++++++++++++++++++++++++++++++
Func Inc_EAX()
    $OPcode = $OPcode + "40" 
EndFunc   ;==>Inc_EAX

Func Inc_EBX()
    $OPcode = $OPcode + "43" 
EndFunc   ;==>Inc_EBX

Func Inc_ECX()
    $OPcode = $OPcode + "41" 
EndFunc   ;==>Inc_ECX

Func Inc_EDX()
    $OPcode = $OPcode + "42" 
EndFunc   ;==>Inc_EDX

Func Inc_EDI()
    $OPcode = $OPcode + "47" 
EndFunc   ;==>Inc_EDI

Func Inc_ESI()
    $OPcode = $OPcode + "46" 
EndFunc   ;==>Inc_ESI

Func Inc_DWORD_Ptr_EAX()
    $OPcode = $OPcode + "FF00" 
EndFunc   ;==>Inc_DWORD_Ptr_EAX

Func Inc_DWORD_Ptr_EBX()
    $OPcode = $OPcode + "FF03" 
EndFunc   ;==>Inc_DWORD_Ptr_EBX

Func Inc_DWORD_Ptr_ECX()
    $OPcode = $OPcode + "FF01" 
EndFunc   ;==>Inc_DWORD_Ptr_ECX

Func Inc_DWORD_Ptr_EDX()
    $OPcode = $OPcode + "FF02" 
EndFunc   ;==>Inc_DWORD_Ptr_EDX

;JMP/JE/JNE
;+++++++++++++++++++++++++++++++++++
Func JMP_EAX()
    $OPcode = $OPcode + "FFE0" 
EndFunc   ;==>JMP_EAX

;Mov
Func Mov_DWORD_Ptr_EAX($i)
    $OPcode = $OPcode + "A3" + Int2Hex($i, 8)
EndFunc   ;==>Mov_DWORD_Ptr_EAX

Func Mov_EAX($i)
    $OPcode = $OPcode + "B8" + Int2Hex($i, 8)
EndFunc   ;==>Mov_EAX

Func Mov_EBX($i)
    $OPcode = $OPcode + "BB" + Int2Hex($i, 8)
EndFunc   ;==>Mov_EBX

Func Mov_ECX($i)
    $OPcode = $OPcode + "B9" + Int2Hex($i, 8)
EndFunc   ;==>Mov_ECX

Func Mov_EDX($i)
    $OPcode = $OPcode + "BA" + Int2Hex($i, 8)
EndFunc   ;==>Mov_EDX

Func Mov_ESI($i)
    $OPcode = $OPcode + "BE" + Int2Hex($i, 8)
EndFunc   ;==>Mov_ESI

Func Mov_ESP($i)
    $OPcode = $OPcode + "BC" + Int2Hex($i, 8)
EndFunc   ;==>Mov_ESP

Func Mov_EBP($i)
    $OPcode = $OPcode + "BD" + Int2Hex($i, 8)
EndFunc   ;==>Mov_EBP

Func Mov_EDI($i)
    $OPcode = $OPcode + "BF" + Int2Hex($i, 8)
EndFunc   ;==>Mov_EDI

Func Mov_EBX_DWORD_Ptr($i)
    $OPcode = $OPcode + "8B1D" + Int2Hex($i, 8)
EndFunc   ;==>Mov_EBX_DWORD_Ptr

Func Mov_ECX_DWORD_Ptr($i)
    $OPcode = $OPcode + "8B0D" + Int2Hex($i, 8)
EndFunc   ;==>Mov_ECX_DWORD_Ptr

Func Mov_EAX_DWORD_Ptr($i)
    $OPcode = $OPcode + "A1" + Int2Hex($i, 8)
EndFunc   ;==>Mov_EAX_DWORD_Ptr

Func Mov_EDX_DWORD_Ptr($i)
    $OPcode = $OPcode + "8B15" + Int2Hex($i, 8)
EndFunc   ;==>Mov_EDX_DWORD_Ptr

Func Mov_ESI_DWORD_Ptr($i)
    $OPcode = $OPcode + "8B35" + Int2Hex($i, 8)
EndFunc   ;==>Mov_ESI_DWORD_Ptr

Func Mov_ESP_DWORD_Ptr($i)
    $OPcode = $OPcode + "8B25" + Int2Hex($i, 8)
EndFunc   ;==>Mov_ESP_DWORD_Ptr

Func Mov_EBP_DWORD_Ptr($i)
    $OPcode = $OPcode + "8B2D" + Int2Hex($i, 8)
EndFunc   ;==>Mov_EBP_DWORD_Ptr

Func Mov_EAX_DWORD_Ptr_EAX()
    $OPcode = $OPcode + "8B00" 
EndFunc   ;==>Mov_EAX_DWORD_Ptr_EAX

Func Mov_EAX_DWORD_Ptr_EBP()
    $OPcode = $OPcode + "8B4500" 
EndFunc   ;==>Mov_EAX_DWORD_Ptr_EBP

Func Mov_EAX_DWORD_Ptr_EBX()
    $OPcode = $OPcode + "8B03" 
EndFunc   ;==>Mov_EAX_DWORD_Ptr_EBX

Func Mov_EAX_DWORD_Ptr_ECX()
    $OPcode = $OPcode + "8B01" 
EndFunc   ;==>Mov_EAX_DWORD_Ptr_ECX

Func Mov_EAX_DWORD_Ptr_EDX()
    $OPcode = $OPcode + "8B02" 
EndFunc   ;==>Mov_EAX_DWORD_Ptr_EDX

Func Mov_EAX_DWORD_Ptr_EDI()
    $OPcode = $OPcode + "8B07" 
EndFunc   ;==>Mov_EAX_DWORD_Ptr_EDI

Func Mov_EAX_DWORD_Ptr_ESP()
    $OPcode = $OPcode + "8B0424" 
EndFunc   ;==>Mov_EAX_DWORD_Ptr_ESP

Func Mov_EAX_DWORD_Ptr_ESI()
    $OPcode = $OPcode + "8B06" 
EndFunc   ;==>Mov_EAX_DWORD_Ptr_ESI

Func Mov_EAX_DWORD_Ptr_EAX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B40" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B80" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EAX_DWORD_Ptr_EAX_Add

Func Mov_EAX_DWORD_Ptr_ESP_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B4424" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B8424" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EAX_DWORD_Ptr_ESP_Add

Func Mov_EAX_DWORD_Ptr_EBX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B43" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B83" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EAX_DWORD_Ptr_EBX_Add

Func Mov_EAX_DWORD_Ptr_ECX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B41" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B81" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EAX_DWORD_Ptr_ECX_Add

Func Mov_EAX_DWORD_Ptr_EDX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B42" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B82" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EAX_DWORD_Ptr_EDX_Add

Func Mov_EAX_DWORD_Ptr_EDI_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B47" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B87" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EAX_DWORD_Ptr_EDI_Add

Func Mov_EAX_DWORD_Ptr_EBP_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B45" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B85" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EAX_DWORD_Ptr_EBP_Add

Func Mov_EAX_DWORD_Ptr_ESI_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B46" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B86" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EAX_DWORD_Ptr_ESI_Add

Func Mov_EBX_DWORD_Ptr_EAX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B58" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B98" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EBX_DWORD_Ptr_EAX_Add

Func Mov_EBX_DWORD_Ptr_ESP_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B5C24" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B9C24" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EBX_DWORD_Ptr_ESP_Add

Func Mov_EBX_DWORD_Ptr_EBX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B5B" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B9B" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EBX_DWORD_Ptr_EBX_Add

Func Mov_EBX_DWORD_Ptr_ECX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B59" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B99" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EBX_DWORD_Ptr_ECX_Add

Func Mov_EBX_DWORD_Ptr_EDX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B5A" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B9A" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EBX_DWORD_Ptr_EDX_Add

Func Mov_EBX_DWORD_Ptr_EDI_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B5F" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B9F" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EBX_DWORD_Ptr_EDI_Add

Func Mov_EBX_DWORD_Ptr_EBP_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B5D" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B9D" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EBX_DWORD_Ptr_EBP_Add

Func Mov_EBX_DWORD_Ptr_ESI_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B5E" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B9E" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EBX_DWORD_Ptr_ESI_Add

Func Mov_ECX_DWORD_Ptr_EAX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B48" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B88" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_ECX_DWORD_Ptr_EAX_Add

Func Mov_ECX_DWORD_Ptr_ESP_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B4C24" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B8C24" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_ECX_DWORD_Ptr_ESP_Add

Func Mov_ECX_DWORD_Ptr_EBX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B4B" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B8B" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_ECX_DWORD_Ptr_EBX_Add

Func Mov_ECX_DWORD_Ptr_ECX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B49" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B89" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_ECX_DWORD_Ptr_ECX_Add

Func Mov_ECX_DWORD_Ptr_EDX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B4A" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B8A" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_ECX_DWORD_Ptr_EDX_Add

Func Mov_ECX_DWORD_Ptr_EDI_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B4F" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B8F" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_ECX_DWORD_Ptr_EDI_Add

Func Mov_ECX_DWORD_Ptr_EBP_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B4D" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B8D" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_ECX_DWORD_Ptr_EBP_Add

Func Mov_ECX_DWORD_Ptr_ESI_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B4E" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B8E" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_ECX_DWORD_Ptr_ESI_Add

Func Mov_EDX_DWORD_Ptr_EAX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B50" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B90" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EDX_DWORD_Ptr_EAX_Add

Func Mov_EDX_DWORD_Ptr_ESP_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B5424" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B9424" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EDX_DWORD_Ptr_ESP_Add

Func Mov_EDX_DWORD_Ptr_EBX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B53" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B93" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EDX_DWORD_Ptr_EBX_Add

Func Mov_EDX_DWORD_Ptr_ECX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B51" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B91" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EDX_DWORD_Ptr_ECX_Add

Func Mov_EDX_DWORD_Ptr_EDX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B52" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B92" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EDX_DWORD_Ptr_EDX_Add

Func Mov_EDX_DWORD_Ptr_EDI_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B57" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B97" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EDX_DWORD_Ptr_EDI_Add

Func Mov_EDX_DWORD_Ptr_EBP_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B55" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B95" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EDX_DWORD_Ptr_EBP_Add

Func Mov_EDX_DWORD_Ptr_ESI_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8B56" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8B96" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Mov_EDX_DWORD_Ptr_ESI_Add

Func Mov_EBX_DWORD_Ptr_EAX()
    $OPcode = $OPcode + "8B18" 
EndFunc   ;==>Mov_EBX_DWORD_Ptr_EAX

Func Mov_EBX_DWORD_Ptr_EBP()
    $OPcode = $OPcode + "8B5D00" 
EndFunc   ;==>Mov_EBX_DWORD_Ptr_EBP

Func Mov_EBX_DWORD_Ptr_EBX()
    $OPcode = $OPcode + "8B1B" 
EndFunc   ;==>Mov_EBX_DWORD_Ptr_EBX

Func Mov_EBX_DWORD_Ptr_ECX()
    $OPcode = $OPcode + "8B19" 
EndFunc   ;==>Mov_EBX_DWORD_Ptr_ECX

Func Mov_EBX_DWORD_Ptr_EDX()
    $OPcode = $OPcode + "8B1A" 
EndFunc   ;==>Mov_EBX_DWORD_Ptr_EDX

Func Mov_EBX_DWORD_Ptr_EDI()
    $OPcode = $OPcode + "8B1F" 
EndFunc   ;==>Mov_EBX_DWORD_Ptr_EDI

Func Mov_EBX_DWORD_Ptr_ESP()
    $OPcode = $OPcode + "8B1C24" 
EndFunc   ;==>Mov_EBX_DWORD_Ptr_ESP

Func Mov_EBX_DWORD_Ptr_ESI()
    $OPcode = $OPcode + "8B1E" 
EndFunc   ;==>Mov_EBX_DWORD_Ptr_ESI
Func Mov_ECX_DWORD_Ptr_EAX()
    $OPcode = $OPcode + "8B08" 
EndFunc   ;==>Mov_ECX_DWORD_Ptr_EAX

Func Mov_ECX_DWORD_Ptr_EBP()
    $OPcode = $OPcode + "8B4D00" 
EndFunc   ;==>Mov_ECX_DWORD_Ptr_EBP

Func Mov_ECX_DWORD_Ptr_EBX()
    $OPcode = $OPcode + "8B0B" 
EndFunc   ;==>Mov_ECX_DWORD_Ptr_EBX

Func Mov_ECX_DWORD_Ptr_ECX()
    $OPcode = $OPcode + "8B09" 
EndFunc   ;==>Mov_ECX_DWORD_Ptr_ECX

Func Mov_ECX_DWORD_Ptr_EDX()
    $OPcode = $OPcode + "8B0A" 
EndFunc   ;==>Mov_ECX_DWORD_Ptr_EDX

Func Mov_ECX_DWORD_Ptr_EDI()
    $OPcode = $OPcode + "8B0F" 
EndFunc   ;==>Mov_ECX_DWORD_Ptr_EDI

Func Mov_ECX_DWORD_Ptr_ESP()
    $OPcode = $OPcode + "8B0C24" 
EndFunc   ;==>Mov_ECX_DWORD_Ptr_ESP

Func Mov_ECX_DWORD_Ptr_ESI()
    $OPcode = $OPcode + "8B0E" 
EndFunc   ;==>Mov_ECX_DWORD_Ptr_ESI

Func Mov_EDX_DWORD_Ptr_EAX()
    $OPcode = $OPcode + "8B10" 
EndFunc   ;==>Mov_EDX_DWORD_Ptr_EAX

Func Mov_EDX_DWORD_Ptr_EBP()
    $OPcode = $OPcode + "8B5500" 
EndFunc   ;==>Mov_EDX_DWORD_Ptr_EBP

Func Mov_EDX_DWORD_Ptr_EBX()
    $OPcode = $OPcode + "8B13" 
EndFunc   ;==>Mov_EDX_DWORD_Ptr_EBX

Func Mov_EDX_DWORD_Ptr_ECX()
    $OPcode = $OPcode + "8B11" 
EndFunc   ;==>Mov_EDX_DWORD_Ptr_ECX

Func Mov_EDX_DWORD_Ptr_EDX()
    $OPcode = $OPcode + "8B12" 
EndFunc   ;==>Mov_EDX_DWORD_Ptr_EDX

Func Mov_EDX_DWORD_Ptr_EDI()
    $OPcode = $OPcode + "8B17" 
EndFunc   ;==>Mov_EDX_DWORD_Ptr_EDI

Func Mov_EDX_DWORD_Ptr_ESI()
    $OPcode = $OPcode + "8B16" 
EndFunc   ;==>Mov_EDX_DWORD_Ptr_ESI

Func Mov_EDX_DWORD_Ptr_ESP()
    $OPcode = $OPcode + "8B1424" 
EndFunc   ;==>Mov_EDX_DWORD_Ptr_ESP

Func Mov_EAX_EBP()
    $OPcode = $OPcode + "8BC5" 
EndFunc   ;==>Mov_EAX_EBP

Func Mov_EAX_EBX()
    $OPcode = $OPcode + "8BC3" 
EndFunc   ;==>Mov_EAX_EBX

Func Mov_EAX_ECX()
    $OPcode = $OPcode + "8BC1" 
EndFunc   ;==>Mov_EAX_ECX

Func Mov_EAX_EDI()
    $OPcode = $OPcode + "8BC7" 
EndFunc   ;==>Mov_EAX_EDI

Func Mov_EAX_EDX()
    $OPcode = $OPcode + "8BC2" 
EndFunc   ;==>Mov_EAX_EDX

Func Mov_EAX_ESI()
    $OPcode = $OPcode + "8BC6" 
EndFunc   ;==>Mov_EAX_ESI

Func Mov_EAX_ESP()
    $OPcode = $OPcode + "8BC4" 
EndFunc   ;==>Mov_EAX_ESP

Func Mov_EBX_EBP()
    $OPcode = $OPcode + "8BDD" 
EndFunc   ;==>Mov_EBX_EBP

Func Mov_EBX_EAX()
    $OPcode = $OPcode + "8BD8" 
EndFunc   ;==>Mov_EBX_EAX

Func Mov_EBX_ECX()
    $OPcode = $OPcode + "8BD9" 
EndFunc   ;==>Mov_EBX_ECX

Func Mov_EBX_EDI()
    $OPcode = $OPcode + "8BDF" 
EndFunc   ;==>Mov_EBX_EDI

Func Mov_EBX_EDX()
    $OPcode = $OPcode + "8BDA" 
EndFunc   ;==>Mov_EBX_EDX

Func Mov_EBX_ESI()
    $OPcode = $OPcode + "8BDE" 
EndFunc   ;==>Mov_EBX_ESI

Func Mov_EBX_ESP()
    $OPcode = $OPcode + "8BDC" 
EndFunc   ;==>Mov_EBX_ESP

Func Mov_ECX_EBP()
    $OPcode = $OPcode + "8BCD" 
EndFunc   ;==>Mov_ECX_EBP

Func Mov_ECX_EAX()
    $OPcode = $OPcode + "8BC8" 
EndFunc   ;==>Mov_ECX_EAX

Func Mov_ECX_EBX()
    $OPcode = $OPcode + "8BCB" 
EndFunc   ;==>Mov_ECX_EBX

Func Mov_ECX_EDI()
    $OPcode = $OPcode + "8BCF" 
EndFunc   ;==>Mov_ECX_EDI

Func Mov_ECX_EDX()
    $OPcode = $OPcode + "8BCA" 
EndFunc   ;==>Mov_ECX_EDX

Func Mov_ECX_ESI()
    $OPcode = $OPcode + "8BCE" 
EndFunc   ;==>Mov_ECX_ESI

Func Mov_ECX_ESP()
    $OPcode = $OPcode + "8BCC" 
EndFunc   ;==>Mov_ECX_ESP

Func Mov_EDX_EBP()
    $OPcode = $OPcode + "8BD5" 
EndFunc   ;==>Mov_EDX_EBP

Func Mov_EDX_EBX()
    $OPcode = $OPcode + "8BD3" 
EndFunc   ;==>Mov_EDX_EBX

Func Mov_EDX_ECX()
    $OPcode = $OPcode + "8BD1" 
EndFunc   ;==>Mov_EDX_ECX

Func Mov_EDX_EDI()
    $OPcode = $OPcode + "8BD7" 
EndFunc   ;==>Mov_EDX_EDI

Func Mov_EDX_EAX()
    $OPcode = $OPcode + "8BD0" 
EndFunc   ;==>Mov_EDX_EAX

Func Mov_EDX_ESI()
    $OPcode = $OPcode + "8BD6" 
EndFunc   ;==>Mov_EDX_ESI

Func Mov_EDX_ESP()
    $OPcode = $OPcode + "8BD4" 
EndFunc   ;==>Mov_EDX_ESP

Func Mov_ESI_EBP()
    $OPcode = $OPcode + "8BF5" 
EndFunc   ;==>Mov_ESI_EBP

Func Mov_ESI_EBX()
    $OPcode = $OPcode + "8BF3" 
EndFunc   ;==>Mov_ESI_EBX

Func Mov_ESI_ECX()
    $OPcode = $OPcode + "8BF1" 
EndFunc   ;==>Mov_ESI_ECX

Func Mov_ESI_EDI()
    $OPcode = $OPcode + "8BF7" 
EndFunc   ;==>Mov_ESI_EDI

Func Mov_ESI_EAX()
    $OPcode = $OPcode + "8BF0" 
EndFunc   ;==>Mov_ESI_EAX

Func Mov_ESI_EDX()
    $OPcode = $OPcode + "8BF2" 
EndFunc   ;==>Mov_ESI_EDX

Func Mov_ESI_ESP()
    $OPcode = $OPcode + "8BF4" 
EndFunc   ;==>Mov_ESI_ESP

Func Mov_ESP_EBP()
    $OPcode = $OPcode + "8BE5" 
EndFunc   ;==>Mov_ESP_EBP

Func Mov_ESP_EBX()
    $OPcode = $OPcode + "8BE3" 
EndFunc   ;==>Mov_ESP_EBX

Func Mov_ESP_ECX()
    $OPcode = $OPcode + "8BE1" 
EndFunc   ;==>Mov_ESP_ECX

Func Mov_ESP_EDI()
    $OPcode = $OPcode + "8BE7" 
EndFunc   ;==>Mov_ESP_EDI

Func Mov_ESP_EAX()
    $OPcode = $OPcode + "8BE0" 
EndFunc   ;==>Mov_ESP_EAX

Func Mov_ESP_EDX()
    $OPcode = $OPcode + "8BE2" 
EndFunc   ;==>Mov_ESP_EDX

Func Mov_ESP_ESI()
    $OPcode = $OPcode + "8BE6" 
EndFunc   ;==>Mov_ESP_ESI

Func Mov_EDI_EBP()
    $OPcode = $OPcode + "8BFD" 
EndFunc   ;==>Mov_EDI_EBP

Func Mov_EDI_EAX()
    $OPcode = $OPcode + "8BF8" 
EndFunc   ;==>Mov_EDI_EAX

Func Mov_EDI_EBX()
    $OPcode = $OPcode + "8BFB" 
EndFunc   ;==>Mov_EDI_EBX

Func Mov_EDI_ECX()
    $OPcode = $OPcode + "8BF9" 
EndFunc   ;==>Mov_EDI_ECX

Func Mov_EDI_EDX()
    $OPcode = $OPcode + "8BFA" 
EndFunc   ;==>Mov_EDI_EDX

Func Mov_EDI_ESI()
    $OPcode = $OPcode + "8BFE" 
EndFunc   ;==>Mov_EDI_ESI

Func Mov_EDI_ESP()
    $OPcode = $OPcode + "8BFC" 
EndFunc   ;==>Mov_EDI_ESP
Func Mov_EBP_EDI()
    $OPcode = $OPcode + "8BDF" 
EndFunc   ;==>Mov_EBP_EDI

Func Mov_EBP_EAX()
    $OPcode = $OPcode + "8BE8" 
EndFunc   ;==>Mov_EBP_EAX

Func Mov_EBP_EBX()
    $OPcode = $OPcode + "8BEB" 
EndFunc   ;==>Mov_EBP_EBX

Func Mov_EBP_ECX()
    $OPcode = $OPcode + "8BE9" 
EndFunc   ;==>Mov_EBP_ECX

Func Mov_EBP_EDX()
    $OPcode = $OPcode + "8BEA" 
EndFunc   ;==>Mov_EBP_EDX

Func Mov_EBP_ESI()
    $OPcode = $OPcode + "8BEE" 
EndFunc   ;==>Mov_EBP_ESI

Func Mov_EBP_ESP()
    $OPcode = $OPcode + "8BEC" 
EndFunc   ;==>Mov_EBP_ESP
;Push
;+++++++++++++++++++++++++++++++++++
Func Push($i)
    ;If $i <= 255 Then
    ;$OPcode = $OPcode + "6A" + Int2Hex($i, 2)
    ;Else
    $OPcode = $OPcode + "68" + Int2Hex($i, 8)
    ;EndIf
EndFunc   ;==>Push

Func Push_DWORD_Ptr($i)
    $OPcode = $OPcode + "FF35" + Int2Hex($i, 8)
EndFunc   ;==>Push_DWORD_Ptr

Func Push_EAX()
    $OPcode = $OPcode + "50" 
EndFunc   ;==>Push_EAX

Func Push_ECX()
    $OPcode = $OPcode + "51" 
EndFunc   ;==>Push_ECX

Func Push_EDX()
    $OPcode = $OPcode + "52" 
EndFunc   ;==>Push_EDX

Func Push_EBX()
    $OPcode = $OPcode + "53" 
EndFunc   ;==>Push_EBX
Func Push_ESP()
    $OPcode = $OPcode + "54" 
EndFunc   ;==>Push_ESP

Func Push_EBP()
    $OPcode = $OPcode + "55" 
EndFunc   ;==>Push_EBP

Func Push_ESI()
    $OPcode = $OPcode + "56" 
EndFunc   ;==>Push_ESI

Func Push_EDI()
    $OPcode = $OPcode + "57" 
EndFunc   ;==>Push_EDI
;LEA
Func Lea_EAX_DWORD_Ptr_EAX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D40" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D80" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EAX_DWORD_Ptr_EAX_Add

Func Lea_EAX_DWORD_Ptr_EBX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D43" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D83" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EAX_DWORD_Ptr_EBX_Add

Func Lea_EAX_DWORD_Ptr_ECX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D41" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D81" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EAX_DWORD_Ptr_ECX_Add

Func Lea_EAX_DWORD_Ptr_EDX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D42" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D82" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EAX_DWORD_Ptr_EDX_Add

Func Lea_EAX_DWORD_Ptr_ESI_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D46" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D86" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EAX_DWORD_Ptr_ESI_Add

Func Lea_EAX_DWORD_Ptr_ESP_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D40" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D80" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EAX_DWORD_Ptr_ESP_Add

Func Lea_EAX_DWORD_Ptr_EBP_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D4424" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D8424" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EAX_DWORD_Ptr_EBP_Add

Func Lea_EAX_DWORD_Ptr_EDI_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D47" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D87" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EAX_DWORD_Ptr_EDI_Add

Func Lea_EBX_DWORD_Ptr_EAX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D58" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D98" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EBX_DWORD_Ptr_EAX_Add

Func Lea_EBX_DWORD_Ptr_ESP_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D5C24" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D9C24" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EBX_DWORD_Ptr_ESP_Add

Func Lea_EBX_DWORD_Ptr_EBX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D5B" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D9B" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EBX_DWORD_Ptr_EBX_Add

Func Lea_EBX_DWORD_Ptr_ECX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D59" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D99" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EBX_DWORD_Ptr_ECX_Add

Func Lea_EBX_DWORD_Ptr_EDX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D5A" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D9A" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EBX_DWORD_Ptr_EDX_Add

Func Lea_EBX_DWORD_Ptr_EDI_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D5F" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D9F" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EBX_DWORD_Ptr_EDI_Add

Func Lea_EBX_DWORD_Ptr_EBP_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D5D" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D9D" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EBX_DWORD_Ptr_EBP_Add

Func Lea_EBX_DWORD_Ptr_ESI_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D5E" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D9E" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EBX_DWORD_Ptr_ESI_Add

Func Lea_ECX_DWORD_Ptr_EAX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D48" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D88" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_ECX_DWORD_Ptr_EAX_Add

Func Lea_ECX_DWORD_Ptr_ESP_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D4C24" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D8C24" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_ECX_DWORD_Ptr_ESP_Add

Func Lea_ECX_DWORD_Ptr_EBX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D4B" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D8B" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_ECX_DWORD_Ptr_EBX_Add

Func Lea_ECX_DWORD_Ptr_ECX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D49" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D89" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_ECX_DWORD_Ptr_ECX_Add

Func Lea_ECX_DWORD_Ptr_EDX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D4A" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D8A" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_ECX_DWORD_Ptr_EDX_Add

Func Lea_ECX_DWORD_Ptr_EDI_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D4F" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D8F" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_ECX_DWORD_Ptr_EDI_Add

Func Lea_ECX_DWORD_Ptr_EBP_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D4D" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D8D" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_ECX_DWORD_Ptr_EBP_Add

Func Lea_ECX_DWORD_Ptr_ESI_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D4E" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D8E" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_ECX_DWORD_Ptr_ESI_Add

Func Lea_EDX_DWORD_Ptr_EAX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D50" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D90" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EDX_DWORD_Ptr_EAX_Add

Func Lea_EDX_DWORD_Ptr_ESP_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D5424" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D9424" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EDX_DWORD_Ptr_ESP_Add

Func Lea_EDX_DWORD_Ptr_EBX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D53" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D93" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EDX_DWORD_Ptr_EBX_Add

Func Lea_EDX_DWORD_Ptr_ECX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D51" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D91" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EDX_DWORD_Ptr_ECX_Add

Func Lea_EDX_DWORD_Ptr_EDX_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D52" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D92" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EDX_DWORD_Ptr_EDX_Add

Func Lea_EDX_DWORD_Ptr_EDI_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D57" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D97" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EDX_DWORD_Ptr_EDI_Add

Func Lea_EDX_DWORD_Ptr_EBP_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D55" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D95" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EDX_DWORD_Ptr_EBP_Add

Func Lea_EDX_DWORD_Ptr_ESI_Add($i)
    If $i <= 255 Then
        $OPcode = $OPcode + "8D56" + Int2Hex($i, 2)
    Else
        $OPcode = $OPcode + "8D96" + Int2Hex($i, 8)
    EndIf
EndFunc   ;==>Lea_EDX_DWORD_Ptr_ESI_Add

;POP
Func Pop_EAX()
    $OPcode = $OPcode + "58" 
EndFunc   ;==>Pop_EAX

Func Pop_EBX()
    $OPcode = $OPcode + "5B" 
EndFunc   ;==>Pop_EBX

Func Pop_ECX()
    $OPcode = $OPcode + "59" 
EndFunc   ;==>Pop_ECX

Func Pop_EDX()
    $OPcode = $OPcode + "5A" 
EndFunc   ;==>Pop_EDX

Func Pop_ESI()
    $OPcode = $OPcode + "5E" 
EndFunc   ;==>Pop_ESI

Func Pop_ESP()
    $OPcode = $OPcode + "5C" 
EndFunc   ;==>Pop_ESP

Func Pop_EDI()
    $OPcode = $OPcode + "5F" 
EndFunc   ;==>Pop_EDI

Func Pop_EBP()
    $OPcode = $OPcode + "5D" 
EndFunc   ;==>Pop_EBP

Func Ptr(ByRef $Add)
    $Ptr = VarPtr($Add)
EndFunc   ;==>Ptr

Func Float4Int($Ans)  ;浮点转整形
    Dim $AB, $a
    CopyMemory($AB, $Ans, 4)
    $Float4Int = $AB
EndFunc   ;==>Float4Int

;Func  Float8Int(ByRef Ans) ;浮点转整形
;    Dim AB As Long
;    CopyMemory AB, Ans, 8
;    Float8Int = AB
;EndFunc
Edited by SmOke_N
Added autoit tags

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

Seems the [ codebox] [ /codebox] tags are failing, try replacing them with AutoIt ones.

(Just replace codebox with AutoIt between the brackets on yours.)

You might also explain exactly what you are talking about.

Edit:

I would fix it for you on the tags, but I'm sure you have some type of syntax spacing that would make it look cleaner if you repasted your work.

Edited by SmOke_N

Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

"whatmeans" is trying to write an simple, but fast (inline)assembler for AutoIt...

I wrote the Inline-Assembler XPIA for Profan, but XPIA use a complete other technic to do that. "whatmeans" is direct generating machinecode, what means several negativ effects, e.g. he could not uses API. My technic is to build a dll from inline-assembler-pieces and generates datas from this dll into the original sourcecode. I use MASM32 to generate this dlls and my inline assembler can use the complete MASM-syntax including all API and macros.

Fine work, whatmeans! :D

Edited by Nordwind

Share this post


Link to post
Share on other sites

It's impress me much. But can you give me an example using asm code and inject function. I have a trouble of using it

Share this post


Link to post
Share on other sites

Is there something wrong with the code?

If Not Then I think this belongs in the Example Scripts forum, easier to find it that way, as it seems to be a lot of work worth revisiting when i know ASM :)


[font="Impact"]Use the helpfile, It´s one of the best exlusive features of Autoit.[/font]http://support.microsoft.com/kb/q555375ALIBI Run - a replacement for the windows run promptPC Controller - an application for controlling other PCs[size="1"]Science flies us to the moon. Religion flies us into buildings.[/size][size="1"]http://bit.ly/cAMPZV[/size]

Share this post


Link to post
Share on other sites

#9 ·  Posted (edited)

An example of the ASM would be very nice :-)

UEZ

Edit: @whatmeans: forgot to mention that the code looks very interesting! Thanks for sharing :)

Edited by UEZ

Please don't send me any personal message and ask for support! I will not reply!

Selection of finest graphical examples at Codepen.io

The own fart smells best!
Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!
¯\_(ツ)_/¯  ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ

Share this post


Link to post
Share on other sites

Hi,

this looks very nice, but I found a little error in a function declaration/definition:

Func Ptr(ByRef $Add)
    $Ptr = VarPtr($Add)
EndFunc   ;==>Ptr

This is alreardy defined by AutoIt, isn't it.

And yes, an example would be nice ... :)

Greets

Greenhorn

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0