Sign in to follow this  
Followers 0
Ward

AutoIt Inline Assembly UDF

20 posts in this topic

Thanks to disasm source code by Oleh Yuschuk from http://www.ollydbg.de/.

I compiled them into a DLL and use it in this UDF.

Loot at the example script first:

#include <ASM.au3>

; Initial an asm object
Global $Asm = AsmInit()

Demo1()

Func Demo1()
; Demo 1: Using Parameters
    AsmReset($Asm)
    AsmAdd($Asm, "push ebp")
    AsmAdd($Asm, "mov ebp, esp")
    AsmAdd($Asm, "mov eax, [ebp + 08]")
    AsmAdd($Asm, "add eax, [ebp + 0c]")
    AsmAdd($Asm, "pop ebp")
    AsmAdd($Asm, "retn 8")
    ConsoleWrite(String(AsmGetBinary($Asm)) & @CRLF)
    $Ret = MemoryFuncCall("int", AsmGetPtr($Asm), "int", 1, "int", 2)
    MsgBox(0, "Demo 1: Using Parameters", "1 + 2 = " & $Ret[0])
EndFunc

; Release the asm object
AsmExit($Asm)
Exit

There are more examples including read Time-Stamp counter, using label,

call AutoIt function from assembly, and a assembly crc32 routine in the archive.

Have fun!

asm.zip


新版 _ArrayAdd 的白痴作者,不管是誰,去死一死好了

 

Share this post


Link to post
Share on other sites



#3 ·  Posted (edited)

Very nice, Unfortunately:

Func Demo1()
; Demo 1: Using Parameters
    $timer = TimerInit()
    AsmReset($Asm)
    AsmAdd($Asm, "push ebp")
    AsmAdd($Asm, "mov ebp, esp")
    AsmAdd($Asm, "mov eax, [ebp + 08]")
    AsmAdd($Asm, "add eax, [ebp + 0c]")
    AsmAdd($Asm, "pop ebp")
    AsmAdd($Asm, "retn 8")
    ConsoleWrite(String(AsmGetBinary($Asm)) & @CRLF)
    $Ret = MemoryFuncCall("int", AsmGetPtr($Asm), "int", 1, "int", 2)
    ConsoleWrite (TimerDiff ($timer) & "ms" & @CRLF)
    $timer = ""
    MsgBox(0, "Demo 1: Using Parameters", "1 + 2 = " & $Ret[0])
EndFunc

Result: 5.0036303630363ms

Func Demotwo()
    $timer = TimerInit()
    $t = 1 + 2
    ConsoleWrite (TimerDiff ($timer) & "ms" & @CRLF)
    $timer = ""
    MsgBox (32, "test", $t)
EndFunc

Result: 0.00672067206720672ms

Edited by Dampe

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

Very nice, Unfortunately:

I don't think it is unfortunately.

This UDF assemble the code to binary machine code, and then run it. So other machine code UDF must be faster than these.

So, it is not for speed, it for powerful, and for fun. Want to get cpu's Time-Stamp Counter ? You will find assembly is the easiest way.

If you need speed, see my other post about machine code UDF or MemoryDll UDF.

Edited by Ward

新版 _ArrayAdd 的白痴作者,不管是誰,去死一死好了

 

Share this post


Link to post
Share on other sites

Wow... No time this evening to play/test... but this could be huge. Thanks Ward.


Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.

Share this post


Link to post
Share on other sites

I don't think it is unfortunately.

This UDF assemble the code to binary machine code, and then run it. So other machine code UDF must be faster than these.

So, it is not for speed, it for powerful, and for fun. Want to get cpu's Time-Stamp Counter ? You will find assembly is the easiest way.

If you need speed, see my other post about machine code UDF or MemoryDll UDF.

Yeah, I agree completely on the fact of it's power, I just don't think it would be efficient to use it for basic addition and subtraction / whatever else.

Nice UDF none the less :)


Share this post


Link to post
Share on other sites

Newbie question: I have found with cheat engine and address ( for example 0x6F000000) and the opcode is ''mov eax, [ebp + 08]'' and ebp + 08 is the address Im searching to read a value... is possible to determine it with this UDF?

Share this post


Link to post
Share on other sites

LOL

Nice toy! I can't imagine any practical use for it in a scripting language but hey, who says programmers are not allowed to play around?

Next challenge: write a hardware driver entirely in AutoIt script! :)


UDFS & Apps:


DDEML.au3 - DDE Client + Server[*]
Localization.au3- localize your scripts[*]
TLI.au3 - type information on COM objects (TLBINF emulation)[*]
TLBAutoEnum.au3 - auto-import of COM constants (enums)[*]
AU3Automation - export AU3 scripts via COM interfaces
TypeLibInspector

- OleView was yesterday

Coder's last words before final release: WE APOLOGIZE FOR INCONVENIENCE 

Share this post


Link to post
Share on other sites

Newbie question: I have found with cheat engine and address ( for example 0x6F000000) and the opcode is ''mov eax, [ebp + 08]'' and ebp + 08 is the address Im searching to read a value... is possible to determine it with this UDF?

If You are talking about reading some other process' memory - bad luck, in protected mode it is ahm... protected :) Assembler won't help You at all unless Your cheat prog is registered as a debugger.

UDFS & Apps:


DDEML.au3 - DDE Client + Server[*]
Localization.au3- localize your scripts[*]
TLI.au3 - type information on COM objects (TLBINF emulation)[*]
TLBAutoEnum.au3 - auto-import of COM constants (enums)[*]
AU3Automation - export AU3 scripts via COM interfaces
TypeLibInspector

- OleView was yesterday

Coder's last words before final release: WE APOLOGIZE FOR INCONVENIENCE 

Share this post


Link to post
Share on other sites

u mean SeDebugPrivileges?

Share this post


Link to post
Share on other sites

u mean SeDebugPrivileges?

I mean You need to start the cheatee or attach to it with debugging rights and Your user has to be granted the privilege to debug software in first place. From my perspective it's easier just to fire up Visual Studio (or similar) and do the dirty work from there.

UDFS & Apps:


DDEML.au3 - DDE Client + Server[*]
Localization.au3- localize your scripts[*]
TLI.au3 - type information on COM objects (TLBINF emulation)[*]
TLBAutoEnum.au3 - auto-import of COM constants (enums)[*]
AU3Automation - export AU3 scripts via COM interfaces
TypeLibInspector

- OleView was yesterday

Coder's last words before final release: WE APOLOGIZE FOR INCONVENIENCE 

Share this post


Link to post
Share on other sites

I just have to do ''ebp + 08'', but how to determine ebp? (let's say I have debugging rights etc...)

Share this post


Link to post
Share on other sites

I just have to do ''ebp + 08'', but how to determine ebp? (let's say I have debugging rights etc...)

I may have misunderstood his UDF but I think all register content is in $Ret array after MemoryFuncCall. We'll have to figure out which one is which or wait for a reply from the author.

UDFS & Apps:


DDEML.au3 - DDE Client + Server[*]
Localization.au3- localize your scripts[*]
TLI.au3 - type information on COM objects (TLBINF emulation)[*]
TLBAutoEnum.au3 - auto-import of COM constants (enums)[*]
AU3Automation - export AU3 scripts via COM interfaces
TypeLibInspector

- OleView was yesterday

Coder's last words before final release: WE APOLOGIZE FOR INCONVENIENCE 

Share this post


Link to post
Share on other sites

I'm speechless, this is awesome. Thee is so many new opportunities with asm support.

Share this post


Link to post
Share on other sites

Can this be used to inject ASM into a live process I.E online game like wow, And as for debugging writes all you need is the new NomadMemory.au3 and use the function SETPRIVILEGE("SeDebugPrivilege", 1) and your au3 app has all the rights a debugger has... hackinggggggg :D If someone has done this please PM me or post it thanks alotttt


*WoW Dev Projects: AFK Tele Bot development journalSimple Player Pointer Scanner + Z-Teleport*My Projects: coming soon.Check out my WoW Dev wiki for patch 3.0.9!http://www.wowdev.wikidot.com

Share this post


Link to post
Share on other sites

I too am interested in inject ASM into a live process (Hi StrategicX, nice to see we are both researching the same line)

Share this post


Link to post
Share on other sites

Hmm how can u use the jmp or je in here ? to a self made asm function ?

Share this post


Link to post
Share on other sites

with Ward´s FASM-Assembly-UDF it is possible to call AutoIt-functions from Assemblercode. Look at the nice examples. With FASM the forward-jumps are also now possible. 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0