therofl (10-02-2010)
Use this format for submitting snippets
It may be used later to parse the snippets to a application (like the one in the VB Section)
If you're going to post a snippet in this thread then you should be posting it in the following format:
Snippet Name: ____________________
Keywords: ____,____,____ ...
Description(Optional): _______________________
Code:This is to be used for any small bit of code you would like to share.Code:Your Code Here...
therofl (10-02-2010)
Well, I'm probably going to be the only one to post here. -sobsob-
Snippet name: Write to memory on key press.
Keywords: No one cares |:
Description: Writes to a memory address on a key press.
code:
[php]
.386
.model flat,stdcall
option casemap:none
include\masm32\include\windows.inc
include\masm32\include\user32.inc
include\masm32\include\kernel32.inc
includelib\masm32\lib\user32.lib
includelib\masm32\lib\kernel32.lib
.data
message db "Injection successfull!",0
flagAddress dd 1005194h
.code
MainThread proc
.while 1
xor eax,eax
push VK_INSERT
call GetAsyncKeyState
.if eax
mov ebx,0
mov ecx,flagAddress
mov [ecx],ebx
.endif
.endw
MainThread endp
DllMain proc hInst:HINSTANCE, dwReasonWORD, uselessWORD
.if dwReason == DLL_PROCESS_ATTACH
push 0
push 0
push 0
push offset MainThread
push 0
push 0
call CreateThread
push MB_OK
push offset message
push offset message
push 0
call MessageBoxA
.endif
mov eax,1
ret
DllMain endp
end DllMain
[/php]
Snippet name: Substring in asm
Keywords: Sting's, Substring, address, eax, edi, edx
Description:Find and copy a part of a string
Compiler/os/bit:MASM, windows, 32 (or 64... I dunno)
Code:
I hope this helps someone out there, it looks like me & void are the only ones learning asm atm, good luck voidCode:.386 .model flat,stdcall option casemap:none include \masm32\include\windows.inc include \masm32\include\kernel32.inc include \masm32\include\user32.inc include \masm32\include\masm32.inc includelib \masm32\lib\kernel32.lib includelib \masm32\lib\user32.lib includelib \masm32\lib\masm32.lib .data szMainStr db 'SCHiM rocks in C++ and in asm W00T',0 ; String to be searched szSubStr db 'and',0 ; Substring to search capt db 'Copied substring',0 .data? buffer db 100 dup(?) ; allocate our buffer .code start: xor eax, eax ; empty the registers we're going to use xor edx, edx ; empty the registers we're going to use xor edi, edi ; empty the registers we're going to use mov [buffer], 0 ; empty the buffer we're going to use mov edi, offset szMainStr ;load the address of the main string in eax mov edx, offset szSubStr ;load the address of the sub string in edx invoke InString, 1, edi, edx ; Find the substring and load the address back in edi dec eax ; Dec eax to the base pointer add eax, edi ; move the address of our substring to eax invoke lstrcpyn,ADDR buffer,eax, SIZEOF buffer ; Copy the substring at eax to the buffer, with the size of buffer invoke MessageBox,0,ADDR buffer,ADDR capt,MB_OK ; Message box out buffer invoke ExitProcess,0 END start
-SCHiM
I'm SCHiM
Morals derive from the instinct to survive. Moral behavior is survival behavior above the individual level.
Polymorphic engine
Interprocess callback class
SIN
Infinite-precision arithmetic
Hooking dynamic linkage
(sloppy)Kernel mode Disassembler!!!
Semi debugger
Snippet name: Random string generator
Keywords: String, Pseudo random, Generator
Description: generate a random string at a given length
Compiler/os/bit: MASM, windows, 32 (or 64... I dunno)
Code:
This'd be a ASM speed freaks worst nightmare, but I don't care because this works for me, I hope it will for othersCode:.386 .model flat, stdcall option casemap: none include \masm32\include\windows.inc include \masm32\include\user32.inc include \masm32\include\kernel32.inc includelib \masm32\lib\kernel32.lib include \masm32\include\masm32.inc includelib \masm32\lib\user32.lib includelib \masm32\lib\masm32.lib .data szTable db "ejiotio346juiuiotyuituiogrhjior4rhy789te5u90tuihnjfioghuigfjio2058989fjisefhioDJIAGFUHSDIFRUHOAHFVHDIOASJFOigodtghogjdfnfjkosbhjfhd",0 buffer db 9 dup(0) capt db "SCHiM",0 .code Rand proc ; Start of our random number function start: invoke GetTickCount ; we do some random operations on the registers here until... div eax ; devide eax mov edx, sizeof szTable ; move the size of our ror eax, 03h ; rotate 3*16^0 (3 :P) to the right xor eax, ebx ; xor eax, with ebx rol eax, 013h ; rotate to the left (3*16^0 + 1*16^1 + 0) 19 :P xor eax, ebx ; xor eax with ebx mov esi, eax ; move eax to esi invoke GetTickCount ; get tick count once more mov edx, sizeof szTable ; move the siz of our table once more, because gtc uses edx xor eax, esi ; here... (and xor eax with esi) comp: .if eax < edx ret ; if the number is good, return .else sub eax, sizeof szTable ; if the number is too big, decrease it's size jmp comp .endif Rand endp ; end of our random number function main proc xor ebx, ebx rar: call Rand ; random number is stored in eax mov al, [szTable + eax] ; put a random character in al mov [buffer + ebx], al ; put the character in our buffer at the location of ebx inc ebx ; increment our counter (I know ebx is not a counter register, but who cares... :P cmp ebx, 8d ; compare our counter with 8 in decimal jne rar ; if they don't match put another random char back in our buffer invoke MessageBoxA,0, addr buffer, addr capt, MB_OK ; if they match, show the result to the user ret main endp end main
Last edited by .::SCHiM::.; 10-13-2010 at 10:44 AM.
I'm SCHiM
Morals derive from the instinct to survive. Moral behavior is survival behavior above the individual level.
Polymorphic engine
Interprocess callback class
SIN
Infinite-precision arithmetic
Hooking dynamic linkage
(sloppy)Kernel mode Disassembler!!!
Semi debugger
therofl (11-01-2010)
Snippet name: Empty any buffer
Keywords: buffer, 0's, empty, clean, fast
Description: Empty any buffer efficient, safe, and easy
Compiler/os/bit: MASM, windows, 32 (or 64... I dunno)
Code:
Code:xor esi, esi lp: mov [buffer + esi], 0 inc esi cmp esi, sizeof buffer jne lp
I'm SCHiM
Morals derive from the instinct to survive. Moral behavior is survival behavior above the individual level.
Polymorphic engine
Interprocess callback class
SIN
Infinite-precision arithmetic
Hooking dynamic linkage
(sloppy)Kernel mode Disassembler!!!
Semi debugger
therofl (11-01-2010)
Shit's dead as fuck :\
Fasm snippet to fade a window in, called either in WM_CREATE or after window creation:
and for fading the window out just put "xor eax, 00FFh" after the div ecx.Code:fade_time = 1000 ; start fading invoke GetWindowLong,[hWnd],GWL_EXSTYLE or eax, WS_EX_LAYERED invoke SetWindowLong,[hWnd],GWL_EXSTYLE,eax invoke GetTickCount mov ebx, eax .sfade: invoke GetTickCount sub eax, ebx cmp eax, fade_time jge .efade shl eax, 8 cdq mov ecx, fade_time div ecx invoke SetLayeredWindowAttributes,[hWnd],0,eax,LWA_ALPHA ; check for window messages so it can still be controlled while we fade @@: xor eax, eax invoke PeekMessage,msg,eax,eax,eax,PM_REMOVE test eax, eax jz @f invoke TranslateMessage, msg invoke DispatchMessage, msg jmp @b @@: invoke Sleep, 10 jmp .sfade .efade: invoke GetWindowLong,[hWnd],GWL_EXSTYLE mov edx, WS_EX_LAYERED not edx and eax, edx invoke SetWindowLong,[hWnd],GWL_EXSTYLE,eax ; end fading
Last edited by [implicit]; 11-05-2012 at 01:22 AM.