@unwind3:
invoke MessageBox,0,CTEXT("Note... unwinding in xhandler3..."),addr sztit,40h
@cantdo3:
popad
MOV EAX,ExceptionContinueSearch
RET
per_xHandler3 ENDP
;-----------------------------------------
;lame routine for debug
Dispcont proc
inc count
call dispMsg
ret
Dispcont endp
dispMsg proc
local szbuf[200]:byte
pushad
mov eax,dword ptr[esi]
mov ebx,dword ptr[esi+4]
mov ecx,dword ptr[edi+0b8h]
mov edx,dword ptr[edi+0a4h]
.data
fmt db "Context eip--> %8X ebx--> %8X ",0dh,0ah
db "Flags Ex.c-> %8x flg--> %8X",0dh,0ah
db "it’s the %d times xhandler was called!",0
.code
invoke wsprintf,addr szbuf,addr fmt,ecx,edx,eax,ebx,count
invoke MessageBox,0,addr szbuf,CTEXT("related Mess of context"),0
popad
ret
dispMsg endp
;;------------------------------------------------
END _Start
;------------------下面是我在本文里用到到的宏,我的mac.h比较长,就不贴了-----
ddd MACRO Text ;define data in .data section
local name ;This and other can be used as: ddd("My god!")
.data ;isn’t cool?
name db Text,0
.code
EXITM <addr name>
ENDM
CTEXT MACRO y:VARARG ;This is a good macro
LOCAL sym
CONST segment
IFIDNI <y>,<>
sym db 0
ELSE
sym db y,0
ENDIF
CONST ends
EXITM <OFFSET sym>
ENDM
m2m MACRO M1, M2 ;mov is too boring sometimes!
push M2
pop M1
ENDM
;-----------------------------------------
BTW:够长了吧,基本内容介绍完毕,更多内容下一部分介绍一点利用Seh的tricks,哪位大侠有什么好的想法或者有什么错误,请不吝指正,毕竟我是菜鸟...
上一页 1 2 3 4 |
安全中国首页 > 文章中心 > 编释语言