CloseMapFile PROC hMapFile:DWORD,hFileRead:DWORD invoke CloseHandle,hMapFile ;mov hMapFile,0 invoke CloseHandle,hFileRead ret CloseMapFile endp GetMd5Thread PROC PFile:DWORD LOCAL seh:SEH LOCAL md5 ,ProcessId LOCAL @FileText[MAX_PATH]:BYTE LOCAL @TEMP[MAX_PATH]:BYTE LOCAL @hFileRead,@hMap...
.text:00011030;_DWORD __stdcall TestSeh().text:00011030_TestSeh@0 proc near;CODE XREF: DriverEntry(x,x)+5 p.text:00011030.text:00011030ulVal = dword ptr -1Ch .text:00011030ms_exc = CPPEH_RECORD ptr -18h .text:00011030.text:00011030movedi, edi .text:00011032pushebp .text:00011033movebp...
dispMsg proc ;My lame proc to display some message pushad mov eax,[esi] mov ebx,[esi+4] mov ecx,[edi+0b8h] mov edx,[edi+0a4h] invoke wsprintf,addr szbuf,addr fmt,ecx,edx,eax,ebx invoke MessageBox,0,addr szbuf,CTEXT("related Mess of context"),0 popad ret dispMsg endp END _...
GetMd5Thread PROC PFileDWORD LOCAL seh:SEH LOCAL md5 ProcessId LOCAL @FileText[MAXPATH]:BYTE LOCAL@TEMP[MAX_PATH]:BYTE LOCAL @hFileRead,@hMapFile,@Memory,@FileSize ;SEH异常 assume fs:nothing push fs:[0] pop seh.Link ;备份SEH mov seh.Current,offsetSEHHandler ;SEH处理函数...
dispMsgproc ;My lame proc to display some message pushad mov eax,[esi] mov ebx,[esi+4] mov ecx,[edi+0b8h] mov edx,[edi+0a4h] invoke wsprintf,addr szbuf,addr fmt,ecx,edx,eax,ebx invoke MessageBox,0,addr szbuf,CTEXT("related Mess of context"),0 popad ret dis...
#define debugmsg(str) MessageBox(0,str,"Debug Message",0); #define DispMsg(str) printf("[+] %s \n",str);char cBuff[2048]; DWORD MyExceptionHandler(void) { printf("In exception handler..."); ExitProcess(1); return 0; } void overflow(char * s,int size) { char s1[320]; print...
none include\masm32\include\windows.inc include\masm32\include\kernel32.inc include\masm32\include\user32.inc includelib\masm32\lib\kernel32.lib includelib\masm32\lib\user32.lib WndProcproto:DWORD,:DWORD,:DWORD,:DWORD Error_Handlerproto:DWORD,:DWORD,:DWORD,:DWORD SetHookproto .const
HelloWndProc); if(nRetCode < 0) return -1; Addtolist(0,0,"Hello,World! v1.0"); Addtolist(0,-1," Copyright (C) 2010 Claud"); return 0; } extc int _export cdecl ODBG_Pluginmenu( int origin, char data[4096], void *item) ...
SetSEH SEHprocxor eax, eaxpush 00000000h ; 引发MessageBoxA push NULLpush offset szMessage push 00000000h ;call MessageBoxA mov eax,077E5425Fh ;addr of MessageBoxA in Windows Server 2K3 SP1,硬编码,懒下call SpringSEH;restore previous SEHUnSetSEHretcall MessageBox ;这句不会执行,仅仅是为了让...
// if the current process has a subsystem port, then send a message to // the subsystem port and wait for a reply. If the subsystem handles the // exception, then continue execution. Else terminate the process. // // If the current process is a wow64 process, an alignment fault has...