问一个远程线程的问题-编程技术-看雪-安全社区|安全招聘|kanxue.com

最新回复 (6)
zljzju 雪币： 202 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 3 回帖 12 粉丝 0 关注私信	zljzju 2 楼 RemoteThread.asm ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ; Sample code for < Win32ASM Programming > ; by 罗云彬, http://asm.yeah.net ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ; RemoteThread.asm ; 向 Explorer.exe 进程中嵌入一段远程执行的代码 ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ; 使用 nmake 或下列命令进行编译和链接: ; ml /c /coff RemoteThread.asm ; rc RemoteThread.rc ; Link /subsystem:windows RemoteThread.obj RemoteThread.res ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> .386 .model flat, stdcall option casemap :none ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ; Include 文件定义 ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> include windows.inc include user32.inc includelib user32.lib include kernel32.inc includelib kernel32.lib include Macro.inc ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ; 数据段 ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> .data? lpLoadLibrary dd ? lpGetProcAddress dd ? lpGetModuleHandle dd ? dwProcessID dd ? dwThreadID dd ? hProcess dd ? lpRemoteCode dd ? .const szErrOpen db '无法打开远程线程!',0 szDesktopClass db 'Progman',0 szDesktopWindow db 'Program Manager',0 szDllKernel db 'Kernel32.dll',0 szLoadLibrary db 'LoadLibraryA',0 szGetProcAddress db 'GetProcAddress',0 szGetModuleHandle db 'GetModuleHandleA',0 ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> .code ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> include RemoteCode.asm start: invoke GetModuleHandle,addr szDllKernel mov ebx,eax invoke GetProcAddress,ebx,offset szLoadLibrary mov lpLoadLibrary,eax invoke GetProcAddress,ebx,offset szGetProcAddress mov lpGetProcAddress,eax invoke GetProcAddress,ebx,offset szGetModuleHandle mov lpGetModuleHandle,eax ;********************************************************* ; 查找文件管理器窗口并获取进程ID，然后打开进程 ;******************************************************** invoke FindWindow,addr szDesktopClass,addr szDesktopWindow invoke GetWindowThreadProcessId,eax,offset dwProcessID mov dwThreadID,eax invoke OpenProcess,PROCESS_CREATE_THREAD or PROCESS_VM_OPERATION or \ PROCESS_VM_WRITE,FALSE,dwProcessID .if eax mov hProcess,eax ;******************************************************* ; 在进程中分配空间并将执行代码拷贝过去，然后创建一个远程线程 ;********************************************************* invoke VirtualAllocEx,hProcess,NULL,REMOTE_CODE_LENGTH,MEM_COMMIT,PAGE_EXECUTE_READWRITE .if eax mov lpRemoteCode,eax invoke WriteProcessMemory,hProcess,lpRemoteCode,\ offset REMOTE_CODE_START,REMOTE_CODE_LENGTH,NULL invoke WriteProcessMemory,hProcess,lpRemoteCode,\ offset lpLoadLibrary,sizeof dword * 3,NULL mov eax,lpRemoteCode add eax,offset _RemoteThread - offset REMOTE_CODE_START invoke CreateRemoteThread,hProcess,NULL,0,eax,0,0,NULL invoke CloseHandle,eax .endif invoke CloseHandle,hProcess .else invoke MessageBox,NULL,addr szErrOpen,NULL,MB_OK or MB_ICONWARNING .endif invoke ExitProcess,NULL ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> end start 2005-8-21 12:19 0
zljzju 雪币： 202 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 3 回帖 12 粉丝 0 关注私信	zljzju 3 楼 RemoteCode.asm ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ; Sample code for < Win32ASM Programming > ; by 罗云彬, http://asm.yeah.net ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ; RemoteCode.asm ; 一段自定位的代码，可以用来创建一个窗口 ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ; ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> REMOTE_CODE_START equ this byte _lpLoadLibrary dd ? ;导入函数地址表 _lpGetProcAddress dd ? _lpGetModuleHandle dd ? _lpDestroyWindow dd ? _lpPostQuitMessage dd ? _lpDefWindowProc dd ? _lpLoadCursor dd ? _lpRegisterClassEx dd ? _lpCreateWindowEx dd ? _lpShowWindow dd ? _lpUpdateWindow dd ? _lpGetMessage dd ? _lpTranslateMessage dd ? _lpDispatchMessage dd ? _hInstance dd ? _hWinMain dd ? _szClassName db 'RemoteClass',0 _szCaptionMain db 'RemoteWindow',0 _szDllUser db 'User32.dll',0 _szDestroyWindow db 'DestroyWindow',0 _szPostQuitMessage db 'PostQuitMessage',0 _szDefWindowProc db 'DefWindowProcA',0 _szLoadCursor db 'LoadCursorA',0 _szRegisterClassEx db 'RegisterClassExA',0 _szCreateWindowEx db 'CreateWindowExA',0 _szShowWindow db 'ShowWindow',0 _szUpdateWindow db 'UpdateWindow',0 _szGetMessage db 'GetMessageA',0 _szTranslateMessage db 'TranslateMessage',0 _szDispatchMessage db 'DispatchMessageA',0,0 ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> _RemoteThread proc uses ebx edi esi lParam local @hModule call @F @@: pop ebx sub ebx,offset @B ;********************************************************* _invoke [ebx + _lpGetModuleHandle],NULL mov [ebx + _hInstance],eax lea eax,[ebx + offset _szDllUser] _invoke [ebx + _lpGetModuleHandle],eax mov @hModule,eax lea esi,[ebx + offset _szDestroyWindow] lea edi,[ebx + offset _lpDestroyWindow] .while TRUE _invoke [ebx + _lpGetProcAddress],@hModule,esi mov [edi],eax add edi,4 @@: lodsb or al,al jnz @B .break .if ! byte ptr [esi+1] .endw ;******************************************************* call _WinMain ret _RemoteThread endp ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> _ProcWinMain proc uses ebx edi esi,hWnd,uMsg,wParam,lParam call @F @@: pop ebx sub ebx,offset @B ;******************************************************* mov eax,uMsg .if eax == WM_CLOSE _invoke [ebx + _lpDestroyWindow],hWnd _invoke [ebx + _lpPostQuitMessage],NULL ;******************************************************* .else _invoke [ebx + _lpDefWindowProc],hWnd,uMsg,wParam,lParam ret .endif ;******************************************************* xor eax,eax ret _ProcWinMain endp ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> _ZeroMemory proc _lpDest,_dwSize push edi mov edi,_lpDest mov ecx,_dwSize xor eax,eax cld rep stosb pop edi ret _ZeroMemory endp ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> _WinMain proc uses ebx esi edi _lParam local @stWndClass:WNDCLASSEX local @stMsg:MSG call @F @@: pop ebx sub ebx,offset @B ;******************************************************* invoke _ZeroMemory,addr @stWndClass,sizeof @stWndClass _invoke [ebx + _lpLoadCursor],0,IDC_ARROW mov @stWndClass.hCursor,eax push [ebx + _hInstance] pop @stWndClass.hInstance mov @stWndClass.cbSize,sizeof WNDCLASSEX mov @stWndClass.style,CS_HREDRAW or CS_VREDRAW lea eax,[ebx + offset _ProcWinMain] mov @stWndClass.lpfnWndProc,eax mov @stWndClass.hbrBackground,COLOR_WINDOW + 1 lea eax,[ebx + offset _szClassName] mov @stWndClass.lpszClassName,eax lea eax,@stWndClass _invoke [ebx + _lpRegisterClassEx],eax ;******************************************************* ; 建立并显示窗口 ;******************************************************* lea eax,[ebx + offset _szClassName] lea ecx,[ebx + offset _szCaptionMain] _invoke [ebx + _lpCreateWindowEx],WS_EX_CLIENTEDGE,eax,ecx,\ WS_OVERLAPPEDWINDOW,\ 100,100,600,400,\ NULL,NULL,[ebx + _hInstance],NULL mov [ebx + _hWinMain],eax _invoke [ebx + _lpShowWindow],[ebx + _hWinMain],SW_SHOWNORMAL _invoke [ebx + _lpUpdateWindow],[ebx + _hWinMain] ;*******************************************************; 消息循环 ;********************************************************* .while TRUE lea eax,@stMsg _invoke [ebx + _lpGetMessage],eax,NULL,0,0 .break .if eax == 0 lea eax,@stMsg _invoke [ebx + _lpTranslateMessage],eax lea eax,@stMsg _invoke [ebx + _lpDispatchMessage],eax .endw ret _WinMain endp REMOTE_CODE_END equ this byte REMOTE_CODE_LENGTH equ offset REMOTE_CODE_END - offset REMOTE_CODE_START ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 2005-8-21 12:22 0
zljzju 雪币： 202 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 3 回帖 12 粉丝 0 关注私信	zljzju 4 楼 Macro.inc ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ; 将参数列表的顺序翻转 ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> reverseArgs macro arglist:VARARG local txt,count txt TEXTEQU <> count = 0 for i,<arglist> count = count + 1 txt TEXTEQU @CatStr(i,<!,>,<%txt>) endm if count GT 0 txt SUBSTR txt,1,@SizeStr(%txt)-1 endif exitm txt endm ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ; 建立一个类似于 invoke 的 Macro ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> _invoke macro _Proc,args:VARARG local count count = 0 % for i,< reverseArgs( args ) > count = count + 1 push i endm call dword ptr _Proc endm ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 2005-8-21 12:23 0
marxixing 雪币： 233 活跃值： (43) 能力值： ( LV6，RANK：90 ) 在线值：发帖 12 回帖 57 粉丝 0 关注私信	marxixing 2 5 楼老兄，不是这个程序要隐藏，是注入explorer的程序是远程代码，他是为了教学方便，让窗口显示出来了。注入的母体还是存在的。如果你注入后马上退出，谁也看不出来。但远程代码已经在运行了。 2005-8-21 22:04 0
zljzju 雪币： 202 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 3 回帖 12 粉丝 0 关注私信	zljzju 6 楼哦，我理解错了，谢谢 2005-8-22 15:01 0
酷酷雪币： 201 活跃值： (11) 能力值： ( LV2，RANK：10 ) 在线值：发帖 33 回帖 322 粉丝 0 关注私信	酷酷 7 楼只学到第五章,呵呵,对于俺来说,兄弟你是先驱者哦 2005-8-22 15:59 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

zljzju

雪币： 202

活跃值： (10)

能力值：

( LV2，RANK：10 )

在线值：

发帖

3

回帖

12

粉丝

0

关注

私信

zljzju: 2 楼

RemoteThread.asm

;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; Sample code for < Win32ASM Programming >
; by 罗云彬, http://asm.yeah.net
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; RemoteThread.asm
; 向 Explorer.exe 进程中嵌入一段远程执行的代码
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 使用 nmake 或下列命令进行编译和链接:
; ml /c /coff RemoteThread.asm
; rc RemoteThread.rc
; Link /subsystem:windows RemoteThread.obj RemoteThread.res
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.386
.model flat, stdcall
option casemap :none
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; Include 文件定义
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
include windows.inc
include user32.inc
includelib user32.lib
include kernel32.inc
includelib kernel32.lib
include Macro.inc
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 数据段
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.data?
lpLoadLibrary dd ?
lpGetProcAddress dd ?
lpGetModuleHandle dd ?
dwProcessID dd ?
dwThreadID dd ?
hProcess dd ?
lpRemoteCode dd ?

.const
szErrOpen db '无法打开远程线程!',0
szDesktopClass db 'Progman',0
szDesktopWindow db 'Program Manager',0
szDllKernel db 'Kernel32.dll',0
szLoadLibrary db 'LoadLibraryA',0
szGetProcAddress db 'GetProcAddress',0
szGetModuleHandle db 'GetModuleHandleA',0
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.code
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

include RemoteCode.asm

start:
invoke GetModuleHandle,addr szDllKernel
mov ebx,eax
invoke GetProcAddress,ebx,offset szLoadLibrary
mov lpLoadLibrary,eax
invoke GetProcAddress,ebx,offset szGetProcAddress
mov lpGetProcAddress,eax
invoke GetProcAddress,ebx,offset szGetModuleHandle
mov lpGetModuleHandle,eax
;***********************************************************
; 查找文件管理器窗口并获取进程ID，然后打开进程
;************************************************************
invoke FindWindow,addr szDesktopClass,addr szDesktopWindow
invoke GetWindowThreadProcessId,eax,offset dwProcessID
mov dwThreadID,eax
invoke OpenProcess,PROCESS_CREATE_THREAD or PROCESS_VM_OPERATION or \
PROCESS_VM_WRITE,FALSE,dwProcessID
.if eax
mov hProcess,eax
;***********************************************************
; 在进程中分配空间并将执行代码拷贝过去，然后创建一个远程线程
;***********************************************************
invoke VirtualAllocEx,hProcess,NULL,REMOTE_CODE_LENGTH,MEM_COMMIT,PAGE_EXECUTE_READWRITE
.if eax
mov lpRemoteCode,eax
invoke WriteProcessMemory,hProcess,lpRemoteCode,\
offset REMOTE_CODE_START,REMOTE_CODE_LENGTH,NULL
invoke WriteProcessMemory,hProcess,lpRemoteCode,\
offset lpLoadLibrary,sizeof dword * 3,NULL
mov eax,lpRemoteCode
add eax,offset _RemoteThread - offset REMOTE_CODE_START
invoke CreateRemoteThread,hProcess,NULL,0,eax,0,0,NULL
invoke CloseHandle,eax
.endif
invoke CloseHandle,hProcess
.else
invoke MessageBox,NULL,addr szErrOpen,NULL,MB_OK or MB_ICONWARNING
.endif
invoke ExitProcess,NULL
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
end start

2005-8-21 12:19

0

zljzju

雪币： 202

活跃值： (10)

能力值：

( LV2，RANK：10 )

在线值：

发帖

3

回帖

12

粉丝

0

关注

私信

zljzju: 3 楼

RemoteCode.asm

;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; Sample code for < Win32ASM Programming >
; by 罗云彬, http://asm.yeah.net
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; RemoteCode.asm
; 一段自定位的代码，可以用来创建一个窗口
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
;
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
REMOTE_CODE_START equ this byte

_lpLoadLibrary dd ? ;导入函数地址表
_lpGetProcAddress dd ?
_lpGetModuleHandle dd ?

_lpDestroyWindow dd ?
_lpPostQuitMessage dd ?
_lpDefWindowProc dd ?
_lpLoadCursor dd ?
_lpRegisterClassEx dd ?
_lpCreateWindowEx dd ?
_lpShowWindow dd ?
_lpUpdateWindow dd ?
_lpGetMessage dd ?
_lpTranslateMessage dd ?
_lpDispatchMessage dd ?

_hInstance dd ?
_hWinMain dd ?
_szClassName db 'RemoteClass',0
_szCaptionMain db 'RemoteWindow',0
_szDllUser db 'User32.dll',0
_szDestroyWindow db 'DestroyWindow',0
_szPostQuitMessage db 'PostQuitMessage',0
_szDefWindowProc db 'DefWindowProcA',0
_szLoadCursor db 'LoadCursorA',0
_szRegisterClassEx db 'RegisterClassExA',0
_szCreateWindowEx db 'CreateWindowExA',0
_szShowWindow db 'ShowWindow',0
_szUpdateWindow db 'UpdateWindow',0
_szGetMessage db 'GetMessageA',0
_szTranslateMessage db 'TranslateMessage',0
_szDispatchMessage db 'DispatchMessageA',0,0
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_RemoteThread proc uses ebx edi esi lParam
local @hModule

call @F
@@:
pop ebx
sub ebx,offset @B
;***********************************************************
_invoke [ebx + _lpGetModuleHandle],NULL
mov [ebx + _hInstance],eax
lea eax,[ebx + offset _szDllUser]
_invoke [ebx + _lpGetModuleHandle],eax
mov @hModule,eax
lea esi,[ebx + offset _szDestroyWindow]
lea edi,[ebx + offset _lpDestroyWindow]
.while TRUE
_invoke [ebx + _lpGetProcAddress],@hModule,esi
mov [edi],eax
add edi,4
@@:
lodsb
or al,al
jnz @B
.break .if ! byte ptr [esi+1]
.endw
;***********************************************************
call _WinMain
ret

_RemoteThread endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_ProcWinMain proc uses ebx edi esi,hWnd,uMsg,wParam,lParam

call @F
@@:
pop ebx
sub ebx,offset @B
;***********************************************************
mov eax,uMsg
.if eax == WM_CLOSE
_invoke [ebx + _lpDestroyWindow],hWnd
_invoke [ebx + _lpPostQuitMessage],NULL
;***********************************************************
.else
_invoke [ebx + _lpDefWindowProc],hWnd,uMsg,wParam,lParam
ret
.endif
;***********************************************************
xor eax,eax
ret

_ProcWinMain endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_ZeroMemory proc _lpDest,_dwSize

push edi
mov edi,_lpDest
mov ecx,_dwSize
xor eax,eax
cld
rep stosb
pop edi
ret

_ZeroMemory endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_WinMain proc uses ebx esi edi _lParam
local @stWndClass:WNDCLASSEX
local @stMsg:MSG

call @F
@@:
pop ebx
sub ebx,offset @B
;***********************************************************
invoke _ZeroMemory,addr @stWndClass,sizeof @stWndClass
_invoke [ebx + _lpLoadCursor],0,IDC_ARROW
mov @stWndClass.hCursor,eax
push [ebx + _hInstance]
pop @stWndClass.hInstance
mov @stWndClass.cbSize,sizeof WNDCLASSEX
mov @stWndClass.style,CS_HREDRAW or CS_VREDRAW
lea eax,[ebx + offset _ProcWinMain]
mov @stWndClass.lpfnWndProc,eax
mov @stWndClass.hbrBackground,COLOR_WINDOW + 1
lea eax,[ebx + offset _szClassName]
mov @stWndClass.lpszClassName,eax
lea eax,@stWndClass
_invoke [ebx + _lpRegisterClassEx],eax
;***********************************************************
; 建立并显示窗口
;***********************************************************
lea eax,[ebx + offset _szClassName]
lea ecx,[ebx + offset _szCaptionMain]
_invoke [ebx + _lpCreateWindowEx],WS_EX_CLIENTEDGE,eax,ecx,\
WS_OVERLAPPEDWINDOW,\
100,100,600,400,\
NULL,NULL,[ebx + _hInstance],NULL
mov [ebx + _hWinMain],eax
_invoke [ebx + _lpShowWindow],[ebx + _hWinMain],SW_SHOWNORMAL
_invoke [ebx + _lpUpdateWindow],[ebx + _hWinMain]
;***********************************************************; 消息循环
;***********************************************************
.while TRUE
lea eax,@stMsg
_invoke [ebx + _lpGetMessage],eax,NULL,0,0
.break .if eax == 0
lea eax,@stMsg
_invoke [ebx + _lpTranslateMessage],eax
lea eax,@stMsg
_invoke [ebx + _lpDispatchMessage],eax
.endw
ret

_WinMain endp
REMOTE_CODE_END equ this byte
REMOTE_CODE_LENGTH equ offset REMOTE_CODE_END - offset REMOTE_CODE_START
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

2005-8-21 12:22

0

zljzju

雪币： 202

活跃值： (10)

能力值：

( LV2，RANK：10 )

在线值：

发帖

3

回帖

12

粉丝

0

关注

私信

zljzju: 4 楼

Macro.inc

;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 将参数列表的顺序翻转
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
reverseArgs macro arglist:VARARG
local txt,count

txt TEXTEQU <>
count = 0
for i,<arglist>
         count = count + 1
         txt TEXTEQU @CatStr(i,<!,>,<%txt>)
endm
if count GT 0
         txt SUBSTR  txt,1,@SizeStr(%txt)-1
endif
exitm txt
endm
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 建立一个类似于 invoke 的 Macro
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_invoke macro _Proc,args:VARARG
local count

count = 0
% for i,< reverseArgs( args ) >
count = count + 1
push i
endm
call dword ptr _Proc

endm
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

2005-8-21 12:23

0