?? rlp.asm
字號(hào):
;------------------------------------------------------------------
.586
.model flat, stdcall
option casemap :none ; case sensitive
include \masm32\include\windows.inc
include \masm32\include\user32.inc
include \masm32\include\kernel32.inc
include \masm32\include\comdlg32.inc
include \masm32\include\shell32.inc
include aplib.inc
includelib \masm32\lib\user32.lib
includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\comdlg32.lib
includelib \masm32\lib\shell32.lib
includelib aplib.lib
;------------------------------------------------------------------
WndProc PROTO :DWORD,:DWORD,:DWORD,:DWORD
WndProc2 PROTO :DWORD,:DWORD,:DWORD,:DWORD
WndProc3 PROTO :DWORD,:DWORD,:DWORD,:DWORD
GetExeFile PROTO
UnmapFile PROTO
MapFile PROTO :DWORD
ResizeMapFile PROTO :DWORD,:DWORD
ConvertFO2VA PROTO :DWORD,:DWORD
ConvertVA2FO PROTO :DWORD,:DWORD
GetSectionNumber PROTO :DWORD,:DWORD
IsSectionPackable PROTO :DWORD,:DWORD
CreateOutFile PROTO :DWORD
CloseOutFile PROTO
WriteData PROTO :DWORD,:DWORD
cProgress PROTO C :DWORD,:DWORD,:DWORD,:DWORD
lProgress PROTO :DWORD
ExtractOverlay PROTO :DWORD,:DWORD
AddOverlay PROTO :DWORD,:DWORD
CompressSection PROTO :DWORD,:DWORD,:DWORD
FindMainIcon PROTO
FilterCode PROTO :DWORD,:DWORD,:DWORD
CompressRelocations PROTO :DWORD,:DWORD
SortRelocations PROTO :DWORD,:DWORD
;------------------------------------------------------------------
.data
szTMP db "Overlay.ovl",0h
dlgname db "TESTWIN",0
dlgname2 db "TESTWIN2",0
dlgname3 db "TESTWIN3",0
dlgTitle db "RLPack - BasicEdition",0h
dlgTitle2 db "RLPack - About",0h
dlgTitle3 db "RLPack - Resource options",0h
;
; Promenljive za About dialog
;
szMyWebSite db "http://www.reversinglabs.com",0h
szMyUpdate db "http://www.reversinglabs.com/download.html",0h
;
; Promenljive za OpenFileName dialog
;
ofn OPENFILENAME <>
FilterString db "All .exe Files",0,"*.exe",0h,"All .dll Files",0,"*.dll",0h,"All Files",0,"*.*",0h,0h
OurTitle db "RLPack - BasicEdition",0h
szCHM db "help.chm",0h
;
; Razno
;
szPackedExe db ".bak",0h
szSN_text db ".text",0h
szSN_code db "CODE",0h
szSN_Ddata db "DATA",0h
szSN_bss db "BSS",0h
szSN_tls db ".tls",0h
szSN_data db ".data",0h
szSN_rdata db ".rdata",0h
szSN_idata db ".idata",0h
szSN_edata db ".edata",0h
szSN_rsrc db ".rsrc",0h
szSN_reloc db ".reloc",0h
szTYPELIB db "T",0,"Y",0,"P",0,"E",0,"L",0,"I",0,"B",0,0,0
comma db ",",0h
szRSRCPackFormat db "%X,",0h
;
; Messages
;
szInfo_Version db " RLPack Basic Edition 1.20, (c)2007 by Reversing Labs",0h
szInfo_UserName db " Licensed to: PUBLIC",0h
szInfo_License1 db " License type: GPL 2.0",0h
OSize_format db "Original size: %d bytes",0h
PSize_format db "Packed size: %d bytes",0h
Ratio_format db "Ratio: %d percent",0h
szOpen db "open",0h
WebSite db "http://www.reversinglabs.com/buy.html",0h
szPackStart db "Packing started...",0h
szLoadIat db "Loading IAT",0h
szPackingSections db "Packing sections",0h
szPackingResources db "Packing resources",0h
szPackingExport db "Packing export table",0h
szFilePacked db "File has been packed!",0h
szSaveOverlay db "Saving overlay",0h
szPackEnded db "Packing ended...",0h
szUnpackable db "File can not be packed!",0h
szAbout db "About",0h
szWarningTitle db "Warning:",0h
szStripTLS db "Stripping TLS may cause application to crash or not work at all! Do you want to leave this option ON?",0h
szErrorText db "[Error] Error while opening file or file not selected!",0h
szErrorTitle db "[Error]",0h
szNotAValidEXEFile db "Selected file is not a valid EXE file!",0h
szNotAValidPEFile db "Selected file is not a valid PE32 file!",0h
szFileAlreadyPacked db "Selected file might be already packed with RLPack or some other packer! Do you want to continue?",0h
szFoundCertificate db "RLPack has detected a security certificate apended to file.",13,10,"Since this certificate will not work after file packing it will be stripped!",0h
;
; LZMA
;
szAPLIB db "aPLib 0.43",0h
szSLZMA db "LZMA 4.30",0h
szLZMA db "lzma.dll",0h
szCompress db "Compress",0h
szFreeCompressionMemory db "FreeCompressionMemory",0h
;
; New PeHeader
;
nPEHeader db 04Dh,05Ah,090h,000h,003h,000h,000h,000h
db 004h,000h,000h,000h,0FFh,0FFh,000h,000h
db 0B8h,000h,000h,000h,000h,000h,000h,000h
db 040h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,0B0h,000h,000h,000h
db 00Eh,01Fh,0BAh,00Eh,000h,0B4h,009h,0CDh
db 021h,0B8h,001h,04Ch,0CDh,021h,054h,068h
db 069h,073h,020h,070h,072h,06Fh,067h,072h
db 061h,06Dh,020h,063h,061h,06Eh,06Eh,06Fh
db 074h,020h,062h,065h,020h,072h,075h,06Eh
db 020h,069h,06Eh,020h,044h,04Fh,053h,020h
db 06Dh,06Fh,064h,065h,02Eh,00Dh,00Dh,00Ah
db 024h,000h,000h,000h,000h,000h,000h,000h
db 05Dh,065h,0FDh,0C8h,019h,004h,093h,09Bh
db 019h,004h,093h,09Bh,019h,004h,093h,09Bh
db 097h,01Bh,080h,09Bh,011h,004h,093h,09Bh
db 0E5h,024h,081h,09Bh,018h,004h,093h,09Bh
db 052h,069h,063h,068h,019h,004h,093h,09Bh
db 000h,000h,000h,000h,000h,000h,000h,000h
db 050h,045h,000h,000h,04Ch,001h,002h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,0E0h,000h,000h,000h
db 00Bh,001h,005h,00Ch,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,010h,000h,000h,000h,002h,000h,000h
db 004h,000h,000h,000h,000h,000h,000h,000h
db 004h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,002h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,010h,000h,000h,010h,000h,000h
db 000h,000h,010h,000h,000h,010h,000h,000h
db 000h,000h,000h,000h,010h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 02Eh,070h,061h,063h,06Bh,065h,064h,000h
db 000h,060h,000h,000h,000h,010h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,020h,000h,000h,060h
db 02Eh,052h,04Ch,050h,061h,063h,06Bh,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,020h,000h,000h,0E0h
db 000h,000h,000h,000h,000h,000h,000h,000h
db 000h,000h,000h,000h,000h,000h,000h,000h
DLLAPISpacer db 01h
Hundred dd 100
.data?
Compressor dd ?
;
; LZMA
;
hLZMA dd ?
hCompress dd ?
hFreeCompressionMemory dd ?
;
; Misc
;
HW dd ?
BoxHwnd dd ?
BoxHwnd2 dd ?
packTypeLib dd ?
szOpenFileName db MAX_PATH dup(?)
szPackedFileName db MAX_PATH dup(?)
;
; Mapiranje fajla
;
FileHWND dd ?
FileSize dd ?
FileMap dd ?
FileMapVA dd ?
;
; Ostale promenljive
;
hInstance dd ?
buffer db 512 dup(?)
rawbuffer db 512 dup(?)
rPack dd ?
;
; Pe.Data
;
SizeOfImage dd ?
ImageBase dd ?
PackedOEP dd ?
NumberOfSections dd ?
PEHeader dd ?
TimeDateStamp dd ?
Characteristics dd ?
SubSytem dd ?
DelayImportTable dd ?
DelayImportTableSize dd ?
;
; Pack variables
;
MAIN_ICON dd ?
CurrentSectionNumber dd ?
CurrentSectionOffset dd ?
CompressSectionOffset dd ?
VirtualSize dd ?
VirtualOffset dd ?
RawSize dd ?
RawOffset dd ?
SectionFlags dd ?
Shareable dd ?
OutMemBuffSize dd ?
OutMemBuff dd ?
WorkMemSize dd ?
WorkMemBuff dd ?
PackedSize dd ?
hPackedFile dd ?
hPackedFileBuff dd ?
hPackedFilePos dd ?
NumberOfBytesWritten dd ?
FirstSectionOffset dd ?
FirstSectionSize dd ?
FirstSection dd ?
SectionWriteOffset dd ?
PackedSectionTable db 100 dup(?)
STUB_DATA db 1024 dup(?)
STUB_OEP dd ?
STUB_OEP_OFFSET dd ?
DLLNumber dd ?
DLLPointer dd ?
DLLNameBuff dd ?
APINameBuff dd ?
DLLNameBuff_Base dd ?
APINameBuff_Base dd ?
pFirst dd ?
pRSRC dd ?
RSRCSize dd ?
pRSRCBuff dd ?
pRSRCBuffPos dd ?
pRSRCBuffSize dd ?
Level1_CNT dd ?
Level2_CNT dd ?
Level3_CNT dd ?
pSize dd ?
pType dd ?
pName dd ?
pRelOffsetToData dd ?
pDataRVA dd ?
pOffset dd ?
oStripReloc dd ?
oStripTLS dd ?
OriginalSize dd ?
Ratio dd ?
LastRatio dd ?
oStripRSRC dd ?
ThreadRunning dd ?
oOverlay dd ?
oExportTable dd ?
orgExportAddr dd ?
orgExportSize dd ?
ExportTableBuffSize dd ?
ExportTableBuff dd ?
OverlayExists dd ?
hSaveFile dd ?
eStart dd ?
eSize dd ?
RelocationRVA dd ?
IsDll dd ?
ReadDataBuffer db 1000h dup(?)
tmpRelocations db 2000h dup(?)
.code
start:
invoke GetModuleHandle, NULL
mov hInstance, eax
; -------------------------------------------
; Call the dialog box stored in resource file
; -------------------------------------------
invoke DialogBoxParam,hInstance,ADDR dlgname,0,ADDR WndProc,0
invoke ExitProcess,eax
;------------------------------------------------------------------
WndProc3 proc hWin :DWORD,
uMsg :DWORD,
wParam :DWORD,
lParam :DWORD
LOCAL LocRetn :DWORD
LOCAL lBoxHwnd :DWORD
PUSHAD
MOV LocRetn,0
.if uMsg == WM_INITDIALOG
MOV LocRetn,1
invoke GetModuleHandle, NULL
mov hInstance, eax
invoke SendMessage,hWin,WM_SETTEXT,0,ADDR dlgTitle3
invoke LoadIcon,hInstance,500 ; icon ID
PUSH EAX
PUSH 0
PUSH 80h
PUSH hWin
CALL SendMessage
INVOKE LoadBitmap,hInstance,510
MOV EDI,EAX
INVOKE GetDlgItem,hWin,7000
INVOKE SendMessage,EAX,STM_SETIMAGE,IMAGE_BITMAP,EDI
MOV ESI,7001
.while ESI <= 7025
INVOKE CheckDlgButton,hWin,ESI,1
INC ESI
.endw
INVOKE RtlZeroMemory,addr rawbuffer,512
INVOKE GetDlgItem,HW,1002
MOV ESI,EAX
INVOKE GetWindowTextLength,ESI
.if EAX > 0
INC EAX
INVOKE GetWindowText,ESI,addr buffer,EAX
INVOKE lstrcat,addr buffer,addr comma
MOV EAX,offset buffer
MOV EBX,offset rawbuffer
MOV ECX,EAX
.while BYTE PTR[EAX] != 0
.if BYTE PTR[EAX] == ','
MOV BYTE PTR[EAX],0
MOV EDI,EAX
PUSH ECX
CALL _convert_text_2_number
MOV DWORD PTR[EBX],EAX
ADD EBX,4
MOV EAX,EDI
LEA ECX,DWORD PTR[EAX+1]
.endif
INC EAX
.endw
MOV EBX,offset rawbuffer
.while DWORD PTR[EBX] != 0
.if DWORD PTR[EBX] >= 1 && DWORD PTR[EBX] <= 24
MOV ESI,7000
ADD ESI,DWORD PTR[EBX]
PUSHAD
INVOKE CheckDlgButton,hWin,ESI,0
POPAD
.endif
ADD EBX,4
.endw
.if packTypeLib == NULL
INVOKE CheckDlgButton,hWin,7025,0
.endif
.else
INVOKE CheckDlgButton,hWin,7016,0
INVOKE CheckDlgButton,hWin,7024,0
INVOKE CheckDlgButton,hWin,7025,0
.endif
.elseif uMsg == WM_CLOSE
INVOKE EndDialog,hWin,0
.elseif uMsg == WM_COMMAND
.if wParam == 8000
INVOKE RtlZeroMemory,addr ReadDataBuffer,1000h
MOV packTypeLib,0
MOV ESI,7001
.while ESI <= 7025
INVOKE IsDlgButtonChecked,hWin,ESI
.if EAX == FALSE
MOV EDI,ESI
SUB EDI,7000
.if EDI <= 24 && EDI != 13 && EDI != 15 && EDI != 18
PUSH EDI
PUSH offset szRSRCPackFormat
PUSH offset buffer
CALL wsprintf
ADD ESP,0Ch
INVOKE lstrcat,addr ReadDataBuffer,addr buffer
.endif
.else
MOV EDI,ESI
SUB EDI,7000
.if EDI == 25
MOV packTypeLib,1
.endif
.endif
INC ESI
.endw
INVOKE lstrlen,addr ReadDataBuffer
ADD EAX,offset ReadDataBuffer
MOV BYTE PTR[EAX-1],0
INVOKE GetDlgItem,HW,1002
INVOKE SetWindowText,EAX,addr ReadDataBuffer
INVOKE EndDialog,hWin,0
.elseif wParam == 8001
INVOKE EndDialog,hWin,0
.endif
.endif
POPAD
MOV EAX,LocRetn
RET
WndProc3 endp
;------------------------------------------------------------------
WndProc2 proc hWin :DWORD,
uMsg :DWORD,
wParam :DWORD,
lParam :DWORD
LOCAL LocRetn :DWORD
PUSHAD
MOV LocRetn,0
.if uMsg == WM_INITDIALOG
MOV LocRetn,1
invoke GetModuleHandle, NULL
mov hInstance, eax
invoke SendMessage,hWin,WM_SETTEXT,0,ADDR szAbout
invoke LoadIcon,hInstance,500 ; icon ID
MOV EDI,EAX
PUSH EAX
PUSH 0
PUSH 80h
PUSH hWin
CALL SendMessage
INVOKE GetDlgItem,hWin,3003
INVOKE SendMessage,EAX,STM_SETIMAGE,IMAGE_ICON,EDI
INVOKE LoadBitmap,hInstance,510
MOV EDI,EAX
INVOKE GetDlgItem,hWin,3001
INVOKE SendMessage,EAX,STM_SETIMAGE,IMAGE_BITMAP,EDI
.elseif uMsg == WM_CLOSE
invoke EndDialog,hWin,0
.elseif uMsg == WM_COMMAND
.if wParam == 3005
invoke EndDialog,hWin,0
.elseif wParam == 3006
INVOKE ShellExecute,NULL,addr szOpen,addr szMyWebSite,NULL,NULL,TRUE
.elseif wParam == 3007
INVOKE ShellExecute,NULL,addr szOpen,addr szMyUpdate,NULL,NULL,TRUE
.endif
.endif
POPAD
MOV EAX,LocRetn
RET
WndProc2 endp
;------------------------------------------------------------------
?? 快捷鍵說明
復(fù)制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號(hào)
Ctrl + =
減小字號(hào)
Ctrl + -