首页
社区
课程
招聘
[讨论]用汇编来截取后缀名的小程序!(收集更好的思路)
发表于: 2007-8-14 00:54 6554

[讨论]用汇编来截取后缀名的小程序!(收集更好的思路)

2007-8-14 00:54
6554
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 取后缀的小程序
;
; Lio制作,Heicai发布
;
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.386
.model flat,stdcall
option casemap:none
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; Include 文件定义
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
include                windows.inc
include                user32.inc
includelib        user32.lib
include                kernel32.inc
includelib        kernel32.lib
include                advapi32.inc
includelib        advapi32.lib
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 数据段
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.data?
szDi dd ?
.const
szFile db 'c:\bootfont.bin',0
szBin db 'nib',0

;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 代码段
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.code
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 取后缀子程序
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_GetNameHou proc sstr,long
        lea edx,sstr                ;获取"路径\要复制的文件"的偏移起始地址
        invoke lstrlen,sstr         ;获取"路径\要复制的文件"长度
        add edx,eax                ;从起始地址加上长度指向字符尾的0后面
        sub edx,2                ;删2指向最后一个字符
        mov ecx,long                ;循环次数表示后缀长度
        mov esi,0
        mov ebx,offset szDi         ;开辟一个ebx空间,存放结果
        .repeat
                mov al,[edx]        ;"n"给al
                mov [ebx],al        ;"n"间接放到ebx内
                dec edx                ;指向"i"
                inc ebx                ;指向偏移地址0001H
                dec ecx                ;循环减1
        .until ecx==0
        mov al,0h                ;al填0
        mov [ebx],al                ;"nib"末尾填0表字符结束
        ret
_GetNameHou endp

start:
        invoke _GetNameHou,addr szFile,3               
        lea esi,szBin                                                       
        lea edi,szDi
        cmpsb
        invoke MessageBox,NULL,addr szDi,NULL,NULL

end start

;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 此程序还有瑕疵,取到的会是颠倒的后缀名
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

此程序还有瑕疵,取到的会是颠倒的后缀名
另外希望有更好方法取到后缀的发出来共享一下。最好用能API函数来完成。

[招生]系统0day安全班,企业级设备固件漏洞挖掘,Linux平台漏洞挖掘!

上传的附件:
收藏
免费 0
支持
分享
最新回复 (5)
雪    币: 222
活跃值: (10)
能力值: ( LV8,RANK:130 )
在线值:
发帖
回帖
粉丝
2
半夜路过,汗一下这个讨论……

GetPathExtensionA    PROC    pszAnsiPath, ppLocation

	USES	esi,edi

	mov	esi,[ppLocation]
	mov	edi,[pszAnsiPath]
	and	D[esi],0

L100:

	mov	al,[edi]
	inc	edi
	cmp	al,'.'
	jne	>L101
	mov	[esi],edi
	jmp	<L100

L101:

	test	al,al
	jz	>L102
	push	eax
	call	[kernel32:IsDBCSLeadByte]
	add	edi,eax
	jmp	<L100

L102:

	ret

ENDP

GetPathExtensionW    PROC    pszUnicodePath, ppLocation

	USES	esi,edi

	xor	eax,eax
	mov	esi,[ppLocation]
	mov	edi,[pszUnicodePath]
	mov	[esi],eax

L100:

	mov	ax,[edi]
	inc	edi
	inc	edi
	cmp	eax,'.'
	jne	>L101
	mov	[esi],edi
	jmp	<L100

L101:

	test	eax,eax
	jnz	<L100
	ret

ENDP
2007-8-14 03:18
0
雪    币: 247
活跃值: (11)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
3
文件指针的结构离就有扩展名把
2007-8-14 10:08
0
雪    币: 88
活跃值: (176)
能力值: ( LV3,RANK:30 )
在线值:
发帖
回帖
粉丝
4
不用这么复杂,只要把指针指到文件名最后一个字符,然后从最后一个字符开始跟'.'的ASCII码比较,相等时取.后一个字符的指针,则这个指针指向的字符串就是后缀名,可以用lstrcpy出来
2007-8-17 17:25
0
雪    币: 214
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
5
mov esi, sstr
; strlen(sstr)
xor eax, eax
mov ecx, 0fffffffh
repne scansb
neg ecx
dec ecx
; strrchr(sstr, '.')
mov ebx, ecx
mov al, '.'
add esi, ecx
std
repne scasb
cld
neg ecx
add ecx, ebx
; memcpy(dst, src, len)
mov edi, szDi
rep movsb
mov byte ptr [edi], 0
2007-8-18 06:18
0
雪    币: 217
活跃值: (99)
能力值: ( LV4,RANK:50 )
在线值:
发帖
回帖
粉丝
6
PathFindExtension

Searches a path for an extension.

LPTSTR PathFindExtension(
    LPCTSTR pPath
    );

Parameters
pPath
[in] Pointer to a null-terminated string of maximum length MAX_PATH that contains the path that contains the extension for which to search.
Return Values
Returns the address of the "." preceding the extension within pPath if an extension is found, or the address of the trailing NULL character otherwise.

Requirements
  Version 4.71 and later of Shlwapi.dll

  Windows NT/2000: Requires Windows 2000 (or Windows NT 4.0 with Internet Explorer 4.0 or later).
  Windows 95/98/Me: Requires Windows 98 (or Windows 95 with Internet Explorer 4.0 or later).
  Header: Declared in Shlwapi.h.
  Import Library: Shlwapi.lib.
2007-8-19 12:09
0
游客
登录 | 注册 方可回帖
返回
//