我的 壳程序 框架

阅读更多关于《我的 壳程序 框架》

;frame.asm

; #########################################################################

      .386
      .model flat , stdcall
      option casemap :none   ; case sensitive

; #########################################################################

; @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
; proto directive can specifier a function type
; but must implement this function use divrective ‘proc’
; and ‘proc’ directive will insert some instructions in your code
; and these instructions are not seen in list file !!
; these code is like below ,
; lines start with ;;;; is assembler auto inserted instructions
;     fun proc x:dword
;;;; push ebp
;;;; mov  ebp , esp
;
; ……
; your function body …
; ….
;
;;;; pop  ebp
;     fun endp

; in api call , this is not alowed , must a direct no condition jump
; to transfer control to api function , code should like below:
;
;     fun:
; jmp DWORD PTR [xxxx]  ; [xxxx] store the address of the api function
;

; because these codes will be used in any different address
; can not use absolute address to addressing data
; in my code , I use IRA (instruction relative address) to every
; gloable variant and API function’s address
; this behavior is defined as a macro ‘ldira’ (LoaD IRA)
; you can see the macro below , thus , in my api fun ,
; this call like this:
;
;     fun:
;       ldira eax , xxxx
; jmp DWORD PTR [eax]
;
; after expand macro ldira , the code is :
;
;     fun:
; call LL
;      LL:
;       pop eax
; add eax , xxxx – LL
; jmp DWORD PTR [eax]
;
; @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

include /masm32/include/windows.inc
include /masm32/include/user32.inc
include /masm32/include/kernel32.inc
include /masm32/include/gdi32.inc

; a void directive
myaddr equ

; ——————————————————————
; macro for put IRA of _ira to _dst
; ——————————————————————
ldira macro   _dst , _ira
 local LL
 call LL
LL:
 pop _dst
 add _dst , myaddr _ira – myaddr LL
 endm

; ——————————————————————
; macro for making STDCALL procedure and API calls.
; ——————————————————————

Scall MACRO fun_name:REQ,p1,p2,p3,p4,p5,p6,p7,p8,p9,p10,p11,p12, /
                     p13,p14,p15,p16,p17,p18,p19,p20,p21,p22

    ;; —————————————
    ;; loop through arguments backwards, push
    ;; NON blank ones and call the function.
    ;; —————————————

    FOR arg,<p22,p21,p20,p19,p18,p17,p16,p15,p14,p13,/
             p12,p11,p10,p9,p8,p7,p6,p5,p4,p3,p2,p1>
      IFNB <arg>    ;; If not blank
        push arg    ;; push parameter
      ENDIF
    ENDM

    call fun_name       ;; call the procedure

ENDM

Section_Start  equ  0 ;1000h ;( 1000h  –  myaddr start  )

MyShieldHeader struc
 ShieldEntry     DD  myaddr start – myaddr _TEXT
 ShieldImportAddress DD  myaddr Start_Import_Table – start + Section_Start
 ShieldImportSize    DD  myaddr End_Import_Table – myaddr Start_Import_Table

 ClientEntry     DD myaddr NoClientProgram@@
 ClientImportAddress DD ?
 ClientImportSize    DD  ?

 ClientCodeBase     DD ? ; need not store , but I reserve it
 ClientDataBase     DD  ?

 Authentication     DB  32 dup(?)  ; 256 bit Authentication Number
MyShieldHeader ends

_TEXT segment public ‘code’
org 0
start:
 jmp EntryPoint

 org start + 10h

WangBaTitle label byte
 db “Íõ°Ëµ°£¡£¡ÏëÆƽ⣿£¿”
 db 0

WangBaMsg label byte
 db “Íõ°Ëµ°£¡£¡ÏëÆƽ⣿£¿” , 0DH , 0AH
 db “ÔÙÐÞÁ¶¼¸Äê°É£¡£¡” , 0DH , 0AH
 db 08h,”ºÇºÇ£¡£¡”  , 0DH , 0AH
 db 08h,”ÒѾ­´ÓÊýѧÉÏÖ¤Ã÷ÁËÕâ¸öÈí¼þ” , 0DH , 0AH
 db 08h,”ÔÚÓîÖæÃðÍö֮ǰÊDz»¿ÉÆƽâµÄ£¡£¡” , 0DH , 0AH
 db 0

 org start + 100h

 shieldHeader MyShieldHeader < > ; here stores MyshieldHeader

 org start + 200h

EntryPoint:

; ####################################################################################
;;;; start of user code

ifdef _MORE_DEBUG
 jmp L1

szDlgTitle db ‘Hello World’,0
szMsg    db ‘Hello World’,0

szDlgTitleIRA DB ‘Addressing by instruction relative address’,0
szMsgIRA      DB ‘Addressing by instruction relative address’,0dh,0ah,0

L1:
 ldira eax , szDlgTitleIRA
 ldira ecx , szMsgIRA

 push MB_OK     ;;;invoke iraMessageBoxA , 0 , eax , ecx , MB_OK
 push ecx
 push eax
 push 0
 call near ptr iraMessageBoxA@16

 ldira eax , WangBaMsg
 ldira ecx , WangBaTitle
 Scall iraMessageBoxA@16,NULL,eax,ecx,MB_OKCANCEL
endif

; ###################################################################################
;               ||||
;   |||| <—– Á÷³Ì˳ÐòÍùÏ£¬ÎÞÌøת
;         /  /
;    ¡Å
; ###################################################################################
; call shield function in C++ source , because shield main and user function it calls
; are in C++ source , it can be very complexcomplex
; extrn _ShieldMain@0:near
 call _ShieldMain@0 ; ShildMain has no parameters

; ###################################################################################

;               ||||
;   |||| <—– Á÷³Ì˳ÐòÍùÏ£¬ÎÞÌøת
;         /  /
;    ¡Å

; ###################################################################################
; Load Client Import Functions

 Scall _LoadClientImport@0
 
; ###################################################################################

;               ||||
;   |||| <—– Á÷³Ì˳ÐòÍùÏ£¬ÎÞÌøת
;         /  /
;    ¡Å

; ###################################################################################
; jump to the client entry point

 ldira ecx , shieldHeader.ClientEntry
 
 Scall iraGetModuleHandleA@4 , NULL ; self module handle put to eax
 
 add DWORD PTR [ecx] , eax ; now [ecx] hold the current client entry point
 
 jmp DWORD PTR [ECX]

; ###################################################################################

 

; ###################################################################################
;;; user code compiled form C++ is int this file
;;; ¿ªÊ¼Ê±Îªµ÷ÊÔÓã¬ÏÖÔÚÕâ¸ö include ÒÑÎÞÓã¬
;;; ½«ÔÚ¡°!¿Ç!Ö÷³ÌÐò¡±Öаüº¬±¾Îļþ¡ª¡ª frame.asm ,
;;; ¿ÉÓÃÓÚ¶à¸ö¡°!¿Ç!Ö÷³ÌÐò¡±£¬Éú³É¶à¸ö¿Ç

; include shield.asm

;;; End of user code
; ###################################################################################

 

; ###################################################################################
; only used when no client , if client is present ,
; execute can not reach here

NoClientProgram@@:
 ldira eax , szMsgNoClient
 ldira ecx , szTitleNoClient
 Scall iraMessageBoxA@16 , NULL , eax , ecx , MB_OK

     push 0
     call near ptr iraExitProcess@4

szTitleNoClient db ‘Have no Client Program!’
  db 0
szMsgNoClient   db ‘Have no Client Program!’,0dh,0ah
  db ‘Shield Terminate!!’
  db 0

; ###################################################################################

 

; ###################################################################################
; This is a function , it convert an address to an IRV , only used in C++ Source
; This function is efficient and perfect ! It Optimized the stack structure
; have only one parameter , this parameter is the address to be converted
 A2IRA@4:
  call A2IRA@4LL
   A2IRA@4LL:
      pop eax
      sub eax , A2IRA@4LL
      add eax , DWORD PTR [esp+4] ; the parameter
      ret 4

; this function return the shield header ,
; can only use in shield MODULE , can not use in other MODULE , such as “merge” MODULE
 GetShieldHeader@0:
  ldira eax , shieldHeader
  ret 0
      
; #############################################################################  

_TEXT ENDS

; #############################################################################
; Import Table Related contents are in this file

  include ShieldImport.asm
 
; this file only contain one function named “LoadClientImport” and have no paramters
; because this function is hard coding with assembly , so i code it with C and
; compile it to assembly 
  include LoadClientImport.asm
 
; #############################################################################

 END start