附件:dasm.rar
dasm64.rar (X64 版)
文件只有29K,保证好用!附件中有DLL和示范工程,代码如下:
typedef unsigned long (__stdcall * FREEDASM)(unsigned long,unsigned __int64,unsigned char *,char *);
int main(int argc, char* argv[])
{
printf("Hello World!\n");
FREEDASM freedasm;
HMODULE hDll;
unsigned char * pinst;
unsigned long len;
char szDasm[512];
hDll=(HMODULE)::LoadLibrary("freedasm.dll");
freedasm=(FREEDASM)::GetProcAddress(hDll,"FreeDasm");
if(freedasm)
{
pinst=(unsigned char *)&main;
for(int i=0;i<100;i++)
{
if(len=freedasm(sizeof(pinst)/4,(unsigned __int64)pinst,pinst,szDasm))
{
printf("%x:%s\n",pinst,szDasm);
pinst+=len;
}
else
{
printf("%x:db %x\n",pinst,*pinst);
pinst++;
}
}
}
return 0;
}
由free64受权传播。
http://www.tortall.net/projects/yasm/
一个很不错的开源汇编程序,想学习的不防看一下:
Key Current User-Visible Features ¶
Note: some of these are post-0.4.0 features only available in the latest snapshot.
Nearly feature-complete lexing and parsing of (preprocessed) NASM syntax.
Limited lexing and parsing of GAS (GNU assembler) syntax?.
AMD64 support (enabled using "BITS 64", "-m amd64", or selecting an explicitly 64-bit object format output such as "-f win64" or "-f elf64")
64-bit (and larger) integer constants allowed (including math operations).
Internationalization support via GNU gettext.
A simple 2-pass optimizer (it's a bit better than the NASM one).
The "real" NASM preprocessor (imported from NASM's source tree).
Binary object file? output (NASM style).
COFF object file? output, for use with DJGPP.
Win32 object file? output (including Win64/AMD64 support).
STABS debug format.
ELF32 and ELF64 object file output. No debugging information included at this point.
Portability; currently compilable on:
UNIX and compatibles (FreeBSD and Linux tested, GNU configure based autoconfiguration)
DOS (using DJGPP)
Windows (using Visual C++ or CygWin).
[培训]《安卓高级研修班(网课)》月薪三万计划,掌握调试、分析还原ollvm、vmp的方法,定制art虚拟机自动化脱壳的方法
