|
|
本帖最后由 Tesla.Angela 于 2010-8-7 00:23 编辑
TaOpenThread的汇编版本暂时不想写了,谁爱写谁写吧。
以下是TaTerminateThread的代码:
.386
.model flat, stdcall
option casemap :none
include windows.inc
include user32.inc
include kernel32.inc
include masm32.inc
includelib user32.lib
includelib kernel32.lib
includelib masm32.lib
include macro.asm
.data
NtDllDll db 'NTDLL.DLL',0
Kernel32 db 'kernel32.dll',0
GetDebug db 'RtlAdjustPrivilege',0
ExThread db 'ExitThread',0
.CODE
START:
getp proc
local hNtdll:DWORD
local pRtlAdjustPrivilege:DWORD
local rtv:DWORD
invoke LoadLibrary,offset NtDllDll
mov hNtdll,eax
invoke GetProcAddress,hNtdll,offset GetDebug
mov pRtlAdjustPrivilege,eax
lea eax,rtv
push eax
push 0
push 1
push 20
call pRtlAdjustPrivilege
invoke FreeLibrary,hNtdll
getp endp
tatt proc
local hThread:DWORD
local hModule:DWORD
local ctx:CONTEXT
invoke OpenThread,THREAD_ALL_ACCESS,0,2020;ThreadId
mov hThread,eax
.if eax==0
invoke ExitProcess,0
.endif
invoke GetModuleHandle,offset Kernel32
mov hModule,eax
invoke GetProcAddress,hModule,offset ExThread
mov ctx.regEip,eax
invoke SuspendThread,hThread
invoke SetThreadContext,hThread,addr ctx
invoke ResumeThread,hThread
invoke CloseHandle,hThread
tatt endp
invoke ExitProcess,0
end START
另外很想说个题外话,有没有人理解我的签名中那首诗的意境?
练得身形似鹤形,
千株松下两函经。
我来问道无馀说,
云在青天水在瓶。
云在青天水在瓶,
一行一动各一名。
若能参透瓶中意,
虚空法界任其行。
答案:
|
|
发表于 2010-8-6 23:42:08
发表于 2010-8-7 16:10:10
