flat assembler
Message board for the users of flat assembler.

Index > Macroinstructions > MALIGNus

Author
Thread Post new topic Reply to topic
Akujin



Joined: 11 Oct 2011
Posts: 26
Location: Exile
Akujin 29 Oct 2011, 19:52
Twisted Evil MALIGNus Multi-Byte NOPs ALIGN
Code:
format PE GUI 4.0

include 'win32a.inc'

entry start

; ---------------------------------------
; MALIGNus  Multi-Byte NOPs ALIGN
; ---------------------------------------
macro MALIGN ali{
d=(($+(ali-1))and(-ali))-$      ;!!!
if d=2
db 66h,90h
else if d=3
db 0Fh,1Fh,00h
else if d=4
db 0Fh,1Fh,40h,00h
else if d=5
db 0Fh,1Fh,44h,00h,00
else if d=6
db 66h,0Fh,1Fh,44h,00h,00h
else if d=7
db 0Fh,1Fh,80h,00h,00h,00h,00h
else if d=8
db 0Fh,1Fh,84h,00h,00h,00h,00h,00h
else if d=9
db 66h,0Fh,1Fh,84h,00h,00h,00h,00h,00h
; ...
; 5+5?;5+6?;6+6?;6+7?;7+7?;7+8?
; at least 15
; ...
else
ALIGN ali       ;!!!
end if}
; ...or use old 386 fillers
; ---------------------------------------

section '.data' data readable writeable
; ...
bit     db 1

section '.code' code readable writeable
; ...
bit3    db "           "

MALIGN 16
start:
        jmp over
vars    db "filler+9",0

MALIGN 16
over:
        invoke GetModuleHandle,0
        mov ecx,100

MALIGN 16
redo:
                pause
                dec ecx
                jnz redo
;        jmp outx

MALIGN 16
outx:
        invoke ExitProcess,eax


section '.idata' import data readable writeable

library kernel32,'kernel32.dll'

include 'api/kernel32.inc'
    


Regards.

_________________
CLI
HLT
Post 29 Oct 2011, 19:52
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20430
Location: In your JS exploiting you and your system
revolution 29 Oct 2011, 19:59
This has already been done here many times before.

See here for Tomasz's version: http://board.flatassembler.net/topic.php?p=23957#23957

And do a board search for other versions of the same thing.
Post 29 Oct 2011, 19:59
View user's profile Send private message Visit poster's website Reply with quote
Akujin



Joined: 11 Oct 2011
Posts: 26
Location: Exile
Akujin 29 Oct 2011, 20:13
Sorry i searched the forum but not luck, maybe used wrong keywords
or just stopped at the thread number 3 of 2098 Very Happy

Regards.

_________________
CLI
HLT
Post 29 Oct 2011, 20:13
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.