ASM像VB一样调用C库函数
LoadLibrary + GetProcAddress。======
IncludeLib User32.Lib
IncludeLib Kernel32.Lib
EXTERN LoadLibraryA:PROC
EXTERN GetProcAddress:PROC
EXTERN ExitProcess:PROC
EXTERN MessageBoxA:PROC
.DATA?
hMod dq 0
pApi dq 0
RetTxtdb 256 dup(?) ;字节数组
.DATA
szTit BYTE"Address Of ",0
szDll BYTE"msvcrt.dll",0
szFun BYTE"_i64toa",0
.CODE
Entry PROC
;hMod=LoadLibraryA("msvcrt.dll")
sub rsp,16
lea rcx,szDll
call LoadLibraryA
mov hMod,rax
add rsp,16
;pApi=GetProcAddress(hMod,"_i64toa")
sub rsp,24
mov rcx,hMod
lea rdx,szFun
call GetProcAddress
mov pApi,rax
add rsp,24
;_i64toa(pApi,RetTxt,16)
sub rsp,32
mov rcx,pApi
lea rdx,RetTxt
mov r8,16
call pApi
add rsp,32
;MessageBoxA(0,RetTxt,szTit,0)
sub rsp,28H
mov rcx,0
lea rdx,RetTxt
lea r8,szTit
mov r9,0
call MessageBoxA
add rsp,28H
;ExitProcess(0)
sub rsp,8
mov rcx,0
call ExitProcess
add rsp,8
ret
Entry ENDP
END
函数名称采用stud_PE获得,代码使用“老罗代码高亮工具”x64版染色。 能力太差,不太能懂 代码加色太美了
页:
[1]