Results 1 to 2 of 2
  1. 12-19-2016 #1
    samlarenskoog
    samlarenskoog is offline
    Member
    MPGH Member
    samlarenskoog's Avatar
    Join Date
    Apr 2016
    Gender
    male
    Posts
    104
    Reputation
    25
    Thanks
    57
    My Mood
    Cheerful
    Send a message via Birdie™ to samlarenskoog Sweden

    Metamorphic Pseudo Assembler

    I am releasing first version of my pseudo metamorphic assembler.

    This very assembler reads own created instructions and mutates them differently to memory.

    All instructions:
    Code:
    pushm == push [mem]   
pushr == push reg                 or        sub esp, 4 | mov [esp], reg 
popm == pop [mem] 
popr == pop reg                   or        mov reg, [esp] | add esp, 4 
movm == mov reg, [mem] 
movr == mov reg, reg2          or        push reg | pop reg2 
movi == mov reg, imm          or        push imm | pop reg 
 @ret == ret 
xorr == xor reg, reg2 
jmp == jmp 
je == je 
jz == jz 
cmpi == cmp reg, imm 
cmpr == cmp reg, reg2 
incr == inc reg                      or        add reg, 1 
jne == jne 
jnz == jnz 
addi == add reg, imm             or        add reg, (imm+rand) | sub reg, rand 
xori == xor reg, imm 
 @label == label: 
subi == sub reg, imm             or         sub reg, (imm+rand) | add reg, rand 
mov_ptr_reg == mov [reg], reg2     (does not work with esp or ebp in ptr position) 
mov_reg_ptr == mov reg, [reg2]     (does not work with esp or ebp in ptr position) 
testr == test reg, reg2            or         (or reg, reg)      or      (and reg, reg) 
pushi == push imm 
decr == dec reg 
 @call == call 
 @Pushad == pushad 
 @Popad == popad
    If a mutation ends with a pseudo assembly instruction it can be added by the assembler and that way recursively mutate instructions.
    The generated instructions are not garbage and are needed to execute the program.
    Example of recursive metamorphism:
    Code:
    add eax, 1 -> add eax, 1+rand | sub eax, rand+rand2 | add eax, rand2+rand3 | sub eax, rand3, rand4
    As you can see it can continue and do this even for mov reg, reg2 and expand the code and morph it.

    I had a simple solution for adapting the jumps to the code expansion.
    The code first morphs it from the instructions and adds the neceasary labels.
    It then takes the labels address from the data section and adds it to the all jumps.
    The problem with this is that it the first jump will be assigned with the first label as destination, the second jump with the second labels address as destination and so on. The labels needs to be placed after each other in the data section because the jump fixer iterates through it by adding 4 to the first label address.

    Example of jump implementation:
    Code:
    section '.code' readable writeable executable 
main: 
 
        movi REGEAX, 1 
        testr REGEAX, REGEAX    ; test eax, eax 
        jz                      ; jz label1 
 
        movi REGEAX, 0x20 
        jmp                     ; jmp label2 
 
 @label1 
        movi REGEAX, 0x10 
 
 @label2 
        @ret 
 
        call buffert 
        invoke Sleep, -1 
 
 
section '.data' readable writeable 
label1          dd 0 
label2          dd 0 
pseudo          INSTR 
bufferSize      dd 0 
buffert dd ?
    To use it you have to allocate memory or use the data section in the example above.
    As you can see it also needs a instruction struct named pseudo for use.
    Add to pseudoAssembler.asm for own use:

    Code:
    buff            equ (your startaddress of buffer) 
decryptorSize   equ (just a doubleword for counting the length and aligning)
This assembler is perfect for polymorphic crypters and polymorphic stubs aswell as code morphing.
    Source:
    Code:
    ;******************************************* 
;*             (X) SamLaren 2016           * 
;******************************************* 
;*   Metamorphic Pseudo Assembler          * 
;*                                         * 
;* release v1.0             20/12-2016     * 
;*                                         * 
;******************************************* 
 
 
buff            equ buffert 
decryptorSize   equ bufferSize 
 
 
include 'pseudo_assembler.inc' 
 
 
fixAAjmps: 
buff_size               equ [ebp+8] 
buff_addr               equ [ebp+12] 
label_arr_address       equ [ebp+16] 
 
        push ebp 
        mov ebp, esp 
        pushad 
 
 
        xor ecx, ecx 
        mov eax, buff_addr 
        mov ebx, label_arr_address 
 
_@lop1: 
        cmp ecx, buff_size 
        je end_lop1 
 
        movzx edx, byte[eax+ecx] 
        cmp dl, 0xE9 
        je fix_jmp 
 
        cmp dl, 0x74 
        je fix_je_jmp 
 
        cmp dl, 0x75 
        je fix_jne_jmp 
 
 
ret_to_lop: 
        inc ecx 
        jmp _@lop1 
 
 
end_lop1: 
        popad 
        mov esp, ebp 
        pop ebp 
ret 
 
fix_jne_jmp: 
        push edx 
        mov edx, [ebx] 
        sub edx, buff_addr 
        sub edx, ecx 
        sub edx, 2 
        mov byte[eax+ecx+1], dl 
        pop edx 
        add ebx, 4 
        jmp ret_to_lop 
 
fix_je_jmp: 
        push edx 
        mov edx, [ebx] 
        sub edx, buff_addr 
        sub edx, ecx 
        sub edx, 2 
        mov byte[eax+ecx+1], dl 
        pop edx 
        add ebx, 4 
        jmp ret_to_lop 
 
fix_jmp: 
        push edx 
        mov edx, [ebx] 
        sub edx, buff_addr 
        sub edx, ecx 
        sub edx, 5 
        mov dword[eax+ecx+1], edx 
        pop edx 
        add ebx, 4 
        jmp ret_to_lop 
 
 
 
assembler: 
buff_address            equ [ebp+8] 
store_address           equ [ebp+12] 
        push ebp 
        mov ebp, esp 
        pushad 
 
        xor eax, eax 
        xor edx, edx 
 
        cmp [pseudo.type], TYPEPUSHAD 
        je @ps_pushad 
 
        cmp [pseudo.type], TYPEPOPAD 
        je @ps_popad 
 
        cmp [pseudo.type], TYPECALL 
        je @ps_call 
 
        cmp [pseudo.type], TYPEDECR 
        je @decr 
 
        cmp [pseudo.type], TYPEPUSHI 
        je @pushi 
 
        cmp [pseudo.type], TYPEPUSHM 
        je @pushi 
 
        cmp [pseudo.type], TYPETESTR 
        je @testr 
 
        cmp [pseudo.type], TYPEMOVREGPTR 
        je @mOv_reg_ptr 
 
        cmp [pseudo.type], TYPEMOVPTRREG 
        je @mOv_ptr_reg 
 
        cmp [pseudo.type], TYPESUBI 
        je @subi 
 
        cmp [pseudo.type], TYPELABEL 
        je _label 
 
        cmp [pseudo.type], TYPEXORI 
        je @Xori 
 
        cmp [pseudo.type], TYPEADDI 
        je @addi 
 
        cmp [pseudo.type], TYPEJNE 
        je @jnejump 
 
        cmp [pseudo.type], TYPEINCR 
        je @incr 
 
        cmp [pseudo.type], TYPECMPR 
        je @cmpr 
 
        cmp [pseudo.type], TYPECMPI 
        je @cmpi 
 
        cmp [pseudo.type], TYPEJE 
        je @jejump 
 
        cmp [pseudo.type], TYPEJMP 
        je @JumP 
 
        cmp [pseudo.type], TYPEXORR 
        je @Xorr 
 
        cmp [pseudo.type], TYPEPUSHR 
        je @pushr 
 
        cmp [pseudo.type], TYPEPOPR 
        je @popr 
 
        cmp [pseudo.type], TYPEMOVI 
        je @MovI 
 
        cmp [pseudo.type], TYPEMOVR 
        je @mOvr 
 
        cmp [pseudo.type], TYPERET 
        je retfunc 
 
_@exit: 
        popad 
        mov esp, ebp 
        pop ebp 
        ret 
 
@ps_popad: 
        mov [pseudo.len], 0x1 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0x61 
        stosb 
        jmp _@exit 
 
@ps_pushad: 
        mov [pseudo.len], 0x1 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0x60 
        stosb 
        jmp _@exit 
 
@ps_call: 
        mov [pseudo.len], 0x6 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0xFF 
        stosb 
        mov al, 0x15 
        stosb 
        mov eax, [pseudo.dst] 
        stosd 
        jmp _@exit 
 
 
 @decr: 
        mov [pseudo.len], 0x1          ; size = 1 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0x48 
        add al, byte[pseudo.dst] 
        stosb 
        jmp _@exit 
 
 @pushi: 
        mov edx, [pseudo.src] 
        cmp edx, 127 
        ja large_i 
 
        xor edx, edx 
        mov [pseudo.len], 0x2 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0x6A 
        stosb 
        mov al, byte[pseudo.src] 
        stosb 
        jmp _@exit 
 
 
large_i: 
        xor edx, edx 
        mov [pseudo.len], 0x5 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0x68 
        stosb 
        mov eax, [pseudo.src] 
        stosd 
        xor eax, eax 
        jmp _@exit 
 
 
 
 @testr: 
        call Rand 
        cmp eax, 6 
        jae testr_mut_1 
        cmp eax, 3 
        jae testr_mut_1 
 
        mov [pseudo.len], 0x2 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0x85 
        stosb 
        mov al, byte[pseudo.src] 
        mov dl, 0x8 
        mul dl 
        add al, 0xC0 
        add al, byte[pseudo.dst] 
        stosb 
        jmp _@exit 
 
        testr_mut_1:                            ; or reg, reg 
                mov [pseudo.len], 0x2 
                mov edi, buff_address 
                add edi, [decryptorSize]       ; Get next spot for instruction 
                movzx eax, [pseudo.len] 
                add [decryptorSize], eax       ; update decryptor size 
                mov al, 0x09 
                stosb 
                mov al, byte[pseudo.src] 
                mov dl, 0x8 
                mul dl 
                add al, 0xC0 
                add al, byte[pseudo.dst] 
                stosb 
                jmp _@exit 
 
        testr_mut_2:                            ; and reg, reg 
                mov [pseudo.len], 0x2 
                mov edi, buff_address 
                add edi, [decryptorSize]       ; Get next spot for instruction 
                movzx eax, [pseudo.len] 
                add [decryptorSize], eax       ; update decryptor size 
                mov al, 0x21 
                stosb 
                mov al, byte[pseudo.src] 
                mov dl, 0x8 
                mul dl 
                add al, 0xC0 
                add al, byte[pseudo.dst] 
                stosb 
                jmp _@exit 
 
 
 @mOv_reg_ptr: 
        mov [pseudo.len], 0x2 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0x8B 
        stosb 
        mov al, byte[pseudo.dst] 
        mov dl, 0x8 
        mul dl 
        add al, byte[pseudo.src] 
        stosb 
        jmp _@exit 
 
 
 @mOv_ptr_reg: 
        mov [pseudo.len], 0x2 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0x89 
        stosb 
        mov al, byte[pseudo.src] 
        mov dl, 0x8 
        mul dl 
        add al, byte[pseudo.dst] 
        stosb 
        jmp _@exit 
 
 @subi: 
        call Rand 
        cmp eax, 4 
        jae subi_mut_1 
 
        mov [pseudo.len], 0x3          ; size = 3 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0x83 
        stosb 
        mov al, 0xE8 
        add al, byte[pseudo.dst] 
        stosb 
        mov al, byte[pseudo.src] 
        stosb 
        jmp _@exit 
 
        subi_mut_1:                           ; sub reg, (imm+rand) | add reg, rand 
                mov [pseudo.len], 0x3 
                mov edi, buff_address 
                add edi, [decryptorSize]       ; Get next spot for instruction 
                movzx eax, [pseudo.len] 
                add [decryptorSize], eax       ; update decryptor size 
                call Rand 
                mov dl, al 
                mov al, 0x83 
                stosb 
                mov al, 0xE8 
                add al, byte[pseudo.dst] 
                stosb 
                mov al, byte[pseudo.src] 
                add al, dl 
                stosb 
                mov byte[pseudo.src], dl 
                jmp @addi 
 
 
_label: 
        mov eax, buff_address 
        add eax, [decryptorSize] 
        mov edx, [ebp+12] 
        mov [edx], eax 
        jmp _@exit 
 
 
 @Xori: 
        mov [pseudo.len], 0x3          ; size = 3 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0x83 
        stosb 
        mov al, 0xF0 
        add al, byte[pseudo.dst] 
        stosb 
        mov al, byte[pseudo.src] 
        stosb 
        jmp _@exit 
 
 @addi: 
        call Rand 
        cmp eax, 4 
        jae addi_mut_1 
 
 
        mov [pseudo.len], 0x3          ; size = 3 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0x83 
        stosb 
        mov al, 0xC0 
        add al, byte[pseudo.dst] 
        stosb 
        mov al, byte[pseudo.src] 
        stosb 
        jmp _@exit 
 
        addi_mut_1:                            ; add reg, (imm+rand) | sub reg, rand 
                mov [pseudo.len], 0x3 
                mov edi, buff_address 
                add edi, [decryptorSize]       ; Get next spot for instruction 
                movzx eax, [pseudo.len] 
                add [decryptorSize], eax       ; update decryptor size 
                call Rand 
                mov dl, al 
                mov al, 0x83 
                stosb 
                mov al, byte[pseudo.dst] 
                add al, 0xC0 
                stosb 
                mov al, byte[pseudo.src] 
                add al, dl 
                stosb 
                mov byte[pseudo.src], dl 
                jmp @subi 
 
 
 
 @jnejump: 
        mov [pseudo.len], 0x2          ; size = 2 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0x75 
        stosb 
        ;mov al, byte[pseudo.dst] 
        ;stosb 
        mov al, 0 
        stosb 
        jmp _@exit 
 
 
 @incr: 
        call Rand 
        cmp eax, 5 
        jae add_1 
 
        mov [pseudo.len], 0x1          ; size = 1 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0x40 
        add al, byte[pseudo.dst] 
        stosb 
        jmp _@exit 
 
        add_1:                         ; add reg, 1 
                mov [pseudo.src], 1 
                jmp @addi 
 
 
 
 @cmpr: 
        mov [pseudo.len], 0x2          ; size = 2 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0x39 
        stosb 
        mov al, byte[pseudo.src] 
        mov dl, 8 
        mul dl 
        add al, 0xC0 
        add al, byte[pseudo.dst] 
        stosb 
        jmp _@exit 
 
 
 @cmpi: 
        mov [pseudo.len], 0x3          ; size = 3 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0x83 
        stosb 
        mov al, 0xF8 
        add al, byte[pseudo.dst] 
        stosb 
        mov al, byte[pseudo.src] 
        stosb 
        jmp _@exit 
 
 @jejump: 
        mov [pseudo.len], 0x2          ; size = 2 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0x74 
        stosb 
        ;mov al, byte[pseudo.dst] 
        ;stosb 
        mov al, 0 
        stosb 
        jmp _@exit 
 
 @JumP: 
        mov eax, buff 
        add eax, [decryptorSize] 
        mov [pseudo.src], eax          ; save src location, vill aldrig hoppa från något annat ställe 
        xor eax, eax 
 
        mov [pseudo.len], 0x5          ; size = 5 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0xE9 
        stosb 
 
        mov eax, 0 
        stosd 
        jmp _@exit 
 
 @Xorr: 
        mov [pseudo.len], 0x2          ; size = 2 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0x31 
        stosb 
        mov al, byte[pseudo.src] 
        mov dl, 8 
        mul dl 
        add al, 0xC0 
        add al, byte[pseudo.dst] 
        stosb 
        jmp _@exit 
 
retfunc: 
        mov [pseudo.len], 0x1          ; size = 1 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0xC3 
        stosb 
        jmp _@exit 
 
 @MovI: 
        call Rand 
        cmp eax, 4 
        jae movi_mut_1 
 
        mov [pseudo.len], 0x5          ; size = 1 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0xB8 
        add al, byte[pseudo.dst] 
        stosb 
        mov eax, [pseudo.src] 
        stosd 
        jmp _@exit 
 
        movi_mut_1:                     ; push imm | pop reg 
                mov [pseudo.len], 0x5 
                mov edi, buff_address 
                add edi, [decryptorSize]       ; Get next spot for instruction 
                movzx eax, [pseudo.len] 
                add [decryptorSize], eax       ; update decryptor size 
                mov al, 0x68 
                stosb 
                mov eax, [pseudo.src] 
                stosd 
                xor eax, eax 
                jmp @popr 
 
 
 @popr: 
        call Rand 
        cmp eax, 5 
        jae popr_mut_1 
 
        mov [pseudo.len], 0x1          ; size = 1 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0x58 
        add al, byte[pseudo.dst] 
        stosb 
        jmp _@exit 
 
        popr_mut_1:                   ; mov reg, [esp] | add esp, 4 
                mov [pseudo.len], 0x3 
                mov edi, buff_address 
                add edi, [decryptorSize]       ; Get next spot for instruction 
                movzx eax, [pseudo.len] 
                add [decryptorSize], eax       ; update decryptor size 
                mov al, 0x8B 
                stosb 
                mov al, byte[pseudo.dst] 
                mov dl, 8 
                mul dl 
                add al, 0x4 
                stosb 
                mov al, 0x24 
                stosb 
                mov [pseudo.dst], REGESP 
                mov [pseudo.src], 0x4 
                jmp @addi 
 
 @pushr: 
        call Rand 
        cmp eax, 5 
        jae push_mut_1 
 
        mov [pseudo.len], 0x1          ; size = 1 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0x50 
        add al, byte[pseudo.src] 
        stosb 
        jmp _@exit 
 
        push_mut_1:                       ; sub esp, 4 | mov [esp], reg 
                mov [pseudo.len], 0x6 
                mov edi, buff_address 
                add edi, [decryptorSize]       ; Get next spot for instruction 
                movzx eax, [pseudo.len] 
                add [decryptorSize], eax       ; update decryptor size 
                mov al, 0x83 
                stosb 
                mov al, 0xEC 
                stosb 
                mov al, 0x4 
                stosb 
                mov al, 0x89 
                stosb 
                mov al, byte[pseudo.src] 
                mov dl, 8 
                mul dl 
                add al, 0x4 
                stosb 
                mov al, 0x24 
                stosb 
                jmp _@exit 
 
 
 @mOvr: 
        call Rand 
        cmp eax, 5 
        jae movr_mut_1 
 
        mov [pseudo.len], 0x2          ; size = 2 
        mov edi, buff_address 
        add edi, [decryptorSize]       ; Get next spot for instruction 
        movzx eax, [pseudo.len] 
        add [decryptorSize], eax       ; update decryptor size 
        mov al, 0x89 
        stosb 
        mov al, byte[pseudo.src] 
        mov dl, 0x8 
        mul dl 
        add al, 0xC0 
        add al, byte[pseudo.dst] 
        stosb 
        jmp _@exit 
 
        movr_mut_1:                       ; push reg | pop reg2 
                mov [pseudo.len], 0x1 
                mov edi, buff_address 
                add edi, [decryptorSize]       ; Get next spot for instruction 
                movzx eax, [pseudo.len] 
                add [decryptorSize], eax       ; update decryptor size 
                mov al, 0x50 
                add al, byte[pseudo.src] 
                stosb 
                jmp @popr 
 
 
 
Rand:                     ; Random number between 0 and 10 
        ;push ebp 
        ;mov ebp, esp 
        push edx 
        push ecx 
        xor eax, eax 
        rdtsc 
        xor edx, edx 
        mov ecx, 10 
        div ecx 
        mov eax, edx 
        pop ecx 
        pop edx 
        ;mov esp, ebp 
        ;pop ebp 
ret
    pseudoAssembler.inc
    Code:
    struct INSTR 
        type      db ? 
        src       dd ? 
        dst       dd ? 
        len       db ? 
ends 
 
macro store 
{ 
        push buff 
        call assembler 
} 
 
macro store_label arg1 
{ 
        push arg1 
        push buff 
        call assembler 
} 
 
macro fix_jmps 
{ 
        push label1 
        push buff 
        push [decryptorSize] 
        call fixAAjmps 
} 
 
macro pushr src 
{ 
        mov [pseudo.type], TYPEPUSHR 
        mov [pseudo.src], src 
        store 
} 
 
macro popr dst 
{ 
        mov [pseudo.type], TYPEPOPR 
        mov [pseudo.dst], dst 
        store 
} 
 
macro movr dst, src 
{ 
        mov [pseudo.type], TYPEMOVR 
        mov [pseudo.dst], dst 
        mov [pseudo.src], src 
        store 
} 
 
macro movi dst, src 
{ 
        mov [pseudo.type], TYPEMOVI 
        mov [pseudo.dst], dst 
        push eax 
        mov eax, src 
        mov [pseudo.src], eax 
        pop eax 
        store 
} 
 
macro movm dst, src 
{ 
        mov [pseudo.type], TYPEMOVI 
        mov [pseudo.dst], dst 
        push eax 
        mov eax, src 
        mov [pseudo.src], eax 
        pop eax 
        store 
} 
 
macro @ret 
{ 
        mov [pseudo.type], TYPERET 
        store 
} 
 
macro xorr dst, src 
{ 
        mov [pseudo.type], TYPEXORR 
        mov [pseudo.src], src 
        mov [pseudo.dst], dst 
        store 
} 
 
macro jump 
{ 
        mov [pseudo.type], TYPEJMP 
        mov [pseudo.dst], 0 
        store 
} 
 
macro jejump 
{ 
        mov [pseudo.type], TYPEJE 
        mov [pseudo.dst], 0 
        store 
} 
 
macro jzjump 
{ 
        mov [pseudo.type], TYPEJZ 
        mov [pseudo.dst], 0 
        store 
} 
 
macro cmpi dst, src 
{ 
        mov [pseudo.type], TYPECMPI 
        mov [pseudo.dst], dst 
        push eax 
        mov eax, src 
        mov [pseudo.src], src 
        pop eax 
        store 
} 
 
macro cmpm dst, src 
{ 
        mov [pseudo.type], TYPECMPI 
        mov [pseudo.dst], dst 
        push eax 
        mov eax, src 
        mov [pseudo.src], src 
        pop eax 
        store 
} 
 
macro cmpr dst, src 
{ 
        mov [pseudo.type], TYPECMPR 
        mov [pseudo.dst], dst 
        mov [pseudo.src], src 
        store 
} 
 
macro incr dst 
{ 
        mov [pseudo.type], TYPEINCR 
        mov [pseudo.dst], dst 
        store 
} 
 
macro jnejump 
{ 
        mov [pseudo.type], TYPEJNE 
        mov [pseudo.dst], 0 
        store 
} 
 
macro jnzjump 
{ 
        mov [pseudo.type], TYPEJNZ 
        mov [pseudo.dst], 0 
        store 
} 
 
macro addi dst, src 
{ 
        mov [pseudo.type], TYPEADDI 
        mov [pseudo.dst], dst 
        push eax 
        mov eax, src 
        mov [pseudo.src], eax 
        pop eax 
        store 
} 
 
macro addm dst, src 
{ 
        mov [pseudo.type], TYPEADDI 
        mov [pseudo.dst], dst 
        push eax 
        mov eax, src 
        mov [pseudo.src], eax 
        pop eax 
        store 
} 
 
macro xori dst, src 
{ 
        mov [pseudo.type], TYPEXORI 
        push eax 
        mov eax, src 
        mov [pseudo.src], eax 
        pop eax 
        mov [pseudo.dst], dst 
        store 
} 
 
macro xorm dst, src 
{ 
        mov [pseudo.type], TYPEXORI 
        push eax 
        mov eax, src 
        mov [pseudo.src], eax 
        pop eax 
        mov [pseudo.dst], dst 
        store 
} 
 
macro @label arg1 
{ 
        mov [pseudo.type], TYPELABEL 
        store_label arg1 
} 
 
macro subi dst, src 
{ 
        mov [pseudo.type], TYPESUBI 
        push eax 
        mov eax, src 
        mov [pseudo.src], eax 
        pop eax 
        mov [pseudo.dst], dst 
        store 
} 
 
macro subm dst, src 
{ 
        mov [pseudo.type], TYPESUBI 
        push eax 
        mov eax, src 
        mov [pseudo.src], eax 
        pop eax 
        mov [pseudo.dst], dst 
        store 
} 
 
macro mov_ptr_reg dst, src 
{ 
        mov [pseudo.type], TYPEMOVPTRREG 
        mov [pseudo.dst], dst 
        mov [pseudo.src], src 
        store 
} 
 
macro mov_reg_ptr dst, src 
{ 
        mov [pseudo.type], TYPEMOVREGPTR 
        mov [pseudo.dst], dst 
        mov [pseudo.src], src 
        store 
} 
 
macro testr dst, src 
{ 
        mov [pseudo.type], TYPETESTR 
        mov [pseudo.dst], dst 
        mov [pseudo.src], src 
        store 
} 
 
macro pushi src 
{ 
        mov [pseudo.type], TYPEPUSHI 
        push eax 
        mov eax, src 
        mov [pseudo.src], eax 
        pop eax 
        store 
} 
 
macro pushm src 
{ 
        mov [pseudo.type], TYPEPUSHI 
        push eax 
        mov eax, src 
        mov [pseudo.src], eax 
        pop eax 
        store 
} 
 
macro decr dst 
{ 
        mov [pseudo.type], TYPEDECR 
        mov [pseudo.dst], dst 
        store 
} 
 
macro @call dst 
{ 
        mov [pseudo.type], TYPECALL 
        mov [pseudo.dst], dst 
        store 
} 
 
macro @Pushad 
{ 
        mov [pseudo.type], TYPEPUSHAD 
        store 
} 
 
macro @Popad 
{ 
        mov [pseudo.type], TYPEPOPAD 
        store 
} 
 
TYPEPUSHM       equ 0x16    ; push [mem] 
TYPEPUSHR       equ 0x1     ; push reg 
TYPEPOPM        equ 0x2     ; pop [mem] 
TYPEPOPR        equ 0x3     ; pop reg 
TYPEMOVM        equ 0x6     ; mov reg, [mem] 
TYPEMOVR        equ 0x5     ; mov reg, reg2 
TYPEMOVI        equ 0x6     ; mov reg, imm  / mov reg, [mem] 
TYPERET         equ 0x7     ; ret 
TYPEXORR        equ 0x8     ; xor reg, reg2 
TYPEJMP         equ 0x9     ; jmp 
TYPEJE          equ 0xA     ; je 
TYPEJZ          equ 0xA     ; jz 
TYPECMPI        equ 0xB     ; cmp reg, imm  / cmp reg, [mem] 
TYPECMPR        equ 0xC     ; cmp reg, reg2 
TYPEINCR        equ 0xD     ; inc reg 
TYPEJNE         equ 0xE     ; jne 
TYPEJNZ         equ 0xE     ; jnz 
TYPEADDI        equ 0xF     ; add reg, imm  / add reg, [mem] 
TYPEXORI        equ 0x10    ; xor reg, imm  / xor reg, [mem] 
TYPELABEL       equ 0x11    ; label: 
TYPESUBI        equ 0x12    ; sub reg, imm  / sub reg, [mem] 
TYPEMOVPTRREG   equ 0x13    ; mov [reg], reg2         does not work with esp or ebp in ptr postition 
TYPEMOVREGPTR   equ 0x14    ; mov reg, [reg2]         does not work with esp or ebp in ptr postition 
TYPETESTR       equ 0x15    ; test reg, reg2 
TYPEPUSHI       equ 0x16    ; push imm      / push [mem] 
TYPEDECR        equ 0x17    ; dec reg 
TYPECALL        equ 0x18    ; call 
TYPEPUSHAD      equ 0x19    ; pushad 
TYPEPOPAD       equ 0x1A    ; popad 
 
REGEAX          equ 0x0 
REGECX          equ 0x1 
REGEDX          equ 0x2 
REGEBX          equ 0x3 
REGESP          equ 0x4 
REGEBP          equ 0x5 
REGESI          equ 0x6 
REGEDI          equ 0x7
    Use this as you want and contribute if you want. Hope it can come in use.
    // SamLaren
    Reply With Quote Reply With Quote

  2. The Following User Says Thank You to samlarenskoog For This Useful Post:

    selfadmirer (05-09-2019)
  3. 02-14-2017 #2
    PurpleOldMaN
    PurpleOldMaN is offline
    Bobo's Trainer
    Premium Member
    PurpleOldMaN's Avatar
    Join Date
    Jul 2014
    Gender
    male
    Location
    Giveaway section
    Posts
    828
    Reputation
    22
    Thanks
    60
    Send a message via Birdie™ to PurpleOldMaN United States
    This is truly impressive...
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Similar Threads

  1. [Assembly Tutorial] Object-oriented assembly <FASM>
    By TrollerCoaster in forum Programming Tutorials
    Replies: 3
    Last Post: 01-02-2013, 09:53 AM
  2. [Release] MapleStory Bypass Assembly Pseudo 12/17/2011
    By scriptkiddy in forum MapleStory Hack Coding/Source Code
    Replies: 3
    Last Post: 12-26-2011, 11:09 PM
  3. In What Do you Code Assembly ?
    By apezwijn in forum Assembly
    Replies: 5
    Last Post: 08-11-2008, 10:47 AM
  4. I wanne start learning Assembly plz read.!
    By Niratsio in forum Visual Basic Programming
    Replies: 14
    Last Post: 10-31-2007, 08:05 AM
  5. Converting Assembly Into Bytes
    By radnomguywfq3 in forum Visual Basic Programming
    Replies: 0
    Last Post: 09-24-2007, 04:42 PM