|
|
|
[求助]为什么这么一个小软件占这么大内存???
EmptyWorkingSet |
|
请教-entry参数怎么用
把lib 文件比如kernel32.lib加入到链接器选项 |
|
关于VC下 Win32程序的速度优化有什么好建议吗?
推荐一个很简单的方案 用Inter C++ 9.1编译器 并选择循环展开 会发现程序体积大了很多 但是速度也快了不少 特别是选择了SSE3 流水线优化的情况下:) |
|
|
|
[原创]挖掘操作系统内部未导出函数,将注入进行到底
我有一点不明白,为什么注入主程序都要用Shellcode技术获取输入表呢? 比如VirtualAlloc 这个函数 直接用GetProcAddress不好吗? |
|
VC8中打造512字节超小应用程序[图文][原创]
看错了,,,,那个有一个附件的标志 以为是被锁了,,,:) |
|
VC8中打造512字节超小应用程序[图文][原创]
为什么被锁了? |
|
[求助]如何将这段代码写成汇编的?
{ push ebp mov ebp, esp and esp, -8 ; fffffff8H sub esp, 424 ; 000001a8H push ebx push ebp push esi push edi ; 74 : SYSTEM_PERFORMANCE_INFORMATION SysPerfInfo; ; 75 : SYSTEM_TIME_INFORMATION SysTimeInfo; ; 76 : SYSTEM_BASIC_INFORMATION SysBaseInfo; ; 77 : double dbIdleTime; ; 78 : double dbSystemTime; ; 79 : LONG status; ; 80 : LARGE_INTEGER liOldIdleTime = {0,0}; ; 81 : LARGE_INTEGER liOldSystemTime = {0,0}; ; 82 : ; 83 : NtQuerySystemInformation = (PROCNTQSI)GetProcAddress( ; 84 : GetModuleHandle("ntdll"), ; 85 : "NtQuerySystemInformation" ; 86 : ); push OFFSET $SG-5 xor edi, edi xor ebx, ebx push OFFSET $SG-6 xor esi, esi mov DWORD PTR _liOldIdleTime$[esp+452], ebx mov DWORD PTR _liOldSystemTime$[esp+452], edi call DWORD PTR __imp__GetModuleHandleA@4 push eax call DWORD PTR __imp__GetProcAddress@8 ; 87 : ; 88 : if (!NtQuerySystemInformation) cmp eax, edi mov DWORD PTR ?NtQuerySystemInformation@@3P6GJIPAXKPAK@ZA, eax ; NtQuerySystemInformation je $LN17@main ; 89 : return; ; 90 : ; 91 : // get number of processors in the system ; 92 : status = NtQuerySystemInformation(SystemBasicInformation,&SysBaseInfo,sizeof(SysBaseInfo),NULL); push edi push 44 ; 0000002cH lea ecx, DWORD PTR _SysBaseInfo$[esp+448] push ecx push edi call eax ; 93 : if (status != NO_ERROR) test eax, eax jne $LN17@main ; 94 : return; ; 95 : ; 96 : printf("\nCPU Usage (press any key to exit): "); push OFFSET $SG-7 call DWORD PTR __imp__printf add esp, 4 ; 97 : while(!_kbhit()) call DWORD PTR __imp___kbhit test eax, eax jne $LN4@main mov ebp, DWORD PTR __imp__Sleep@4 $LL5@main: ; 98 : { ; 99 : // get new system time ; 100 : status = NtQuerySystemInformation(SystemTimeInformation,&SysTimeInfo,sizeof(SysTimeInfo),0); push 0 push 32 ; 00000020H lea edx, DWORD PTR _SysTimeInfo$[esp+448] push edx push 3 call DWORD PTR ?NtQuerySystemInformation@@3P6GJIPAXKPAK@ZA ; NtQuerySystemInformation ; 101 : if (status!=NO_ERROR) test eax, eax jne $LN17@main ; 102 : return; ; 103 : ; 104 : // get new CPU's idle time ; 105 : status = NtQuerySystemInformation(SystemPerformanceInformation,&SysPerfInfo,sizeof(SysPerfInfo),NULL); push eax push 312 ; 00000138H lea eax, DWORD PTR _SysPerfInfo$[esp+448] push eax push 2 call DWORD PTR ?NtQuerySystemInformation@@3P6GJIPAXKPAK@ZA ; NtQuerySystemInformation ; 106 : if (status != NO_ERROR) test eax, eax jne $LN17@main ; 107 : return; ; 108 : ; 109 : // if it's a first call - skip it ; 110 : if (liOldIdleTime.QuadPart != 0) mov ecx, esi or ecx, ebx je $LN1@main ; 115 : ; 116 : // CurrentCpuIdle = IdleTime / SystemTime ; 117 : dbIdleTime = dbIdleTime / dbSystemTime; ; 118 : ; 119 : // CurrentCpuUsage% = 100 - (CurrentCpuIdle * 100) / NumberOfProcessors ; 120 : dbIdleTime = 100.0 - dbIdleTime * 100.0 / (double)SysBaseInfo.bKeNumberProcessors + 0.5; ; 121 : ; 122 : printf("\b\b\b\b%3d%%",(UINT)dbIdleTime); fild DWORD PTR _SysPerfInfo$[esp+444] mov edx, DWORD PTR _SysPerfInfo$[esp+440] test edx, edx fld QWORD PTR __real@41f0000000000000 fmul ST(1), ST(0) fild DWORD PTR _SysPerfInfo$[esp+440] jge SHORT $LN18@main fadd QWORD PTR __real@41f0000000000000 $LN18@main: test esi, esi faddp ST(2), ST(0) fild DWORD PTR _liOldIdleTime$[esp+444] mov DWORD PTR tv215[esp+440], esi fmul ST(0), ST(1) fild DWORD PTR tv215[esp+440] jge SHORT $LN19@main fadd QWORD PTR __real@41f0000000000000 $LN19@main: mov eax, DWORD PTR _SysTimeInfo$[esp+448] faddp ST(1), ST(0) test eax, eax fsubp ST(2), ST(0) fild DWORD PTR _SysTimeInfo$[esp+452] fmul ST(0), ST(1) fild DWORD PTR _SysTimeInfo$[esp+448] jge SHORT $LN20@main fadd QWORD PTR __real@41f0000000000000 $LN20@main: test edi, edi faddp ST(1), ST(0) fild DWORD PTR _liOldSystemTime$[esp+444] mov DWORD PTR tv208[esp+440], edi fmulp ST(2), ST(0) fild DWORD PTR tv208[esp+440] jge SHORT $LN21@main fadd QWORD PTR __real@41f0000000000000 $LN21@main: ; 111 : { ; 112 : // CurrentValue = NewValue - OldValue ; 113 : dbIdleTime = Li2Double(SysPerfInfo.liIdleTime) - Li2Double(liOldIdleTime); ; 114 : dbSystemTime = Li2Double(SysTimeInfo.liKeSystemTime) - Li2Double(liOldSystemTime); faddp ST(2), ST(0) ; 115 : ; 116 : // CurrentCpuIdle = IdleTime / SystemTime ; 117 : dbIdleTime = dbIdleTime / dbSystemTime; ; 118 : ; 119 : // CurrentCpuUsage% = 100 - (CurrentCpuIdle * 100) / NumberOfProcessors ; 120 : dbIdleTime = 100.0 - dbIdleTime * 100.0 / (double)SysBaseInfo.bKeNumberProcessors + 0.5; ; 121 : ; 122 : printf("\b\b\b\b%3d%%",(UINT)dbIdleTime); movzx ecx, BYTE PTR _SysBaseInfo$[esp+480] mov DWORD PTR tv204[esp+440], ecx fsubrp ST(1), ST(0) fdivp ST(1), ST(0) fld QWORD PTR __real@4059000000000000 fmul ST(1), ST(0) fild DWORD PTR tv204[esp+440] fnstcw WORD PTR tv202[esp+440] fdivp ST(2), ST(0) movzx eax, WORD PTR tv202[esp+440] or eax, 3072 ; 00000c00H mov DWORD PTR tv199[esp+440], eax fsubrp ST(1), ST(0) fadd QWORD PTR __real@3fe0000000000000 fldcw WORD PTR tv199[esp+440] fistp QWORD PTR tv197[esp+440] mov edx, DWORD PTR tv197[esp+440] push edx push OFFSET $SG-8 fldcw WORD PTR tv202[esp+448] call DWORD PTR __imp__printf add esp, 8 $LN1@main: ; 123 : } ; 124 : ; 125 : // store new CPU's idle and system time ; 126 : liOldIdleTime = SysPerfInfo.liIdleTime; mov ebx, DWORD PTR _SysPerfInfo$[esp+444] ; 127 : liOldSystemTime = SysTimeInfo.liKeSystemTime; mov eax, DWORD PTR _SysTimeInfo$[esp+452] mov esi, DWORD PTR _SysPerfInfo$[esp+440] mov edi, DWORD PTR _SysTimeInfo$[esp+448] ; 128 : ; 129 : // wait one second ; 130 : Sleep(1000); push 1000 ; 000003e8H mov DWORD PTR _liOldIdleTime$[esp+448], ebx mov DWORD PTR _liOldSystemTime$[esp+448], eax call ebp call DWORD PTR __imp___kbhit test eax, eax je $LL5@main $LN4@main: ; 131 : } ; 132 : printf("\n"); push OFFSET $SG-9 call DWORD PTR __imp__printf add esp, 4 $LN17@main: ; 133 : } pop edi xor eax, eax pop esi pop ebp pop ebx mov esp, ebp pop ebp ret 0 _main ENDP _TEXT ENDS END |
|
|
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值