Just a quick post for documentation sake of using inline asm with VB6 (or at least as close as we can get to it without an external c dll. In terms of development of the asm to put in. You can use your C Compiler to generate it for you..here are the tips.
- CallwindowsProc has 5 arguments max and can return a long The first argument is already used so your args start at [EBP+0x0C] this means use a dummy int arg first in your prototype to line up args.
- do not use any sub functions from your code do things in blocks in you have to.
- once you generate your code, you can extract the opcodes from VC in debug mode viewing mixed mode disasm (develop as an exe usually although you may have to as a dll to use with vb as standard call dll).
- you need to strip all the function prolog and epilog asm from the compiler generated block (or use naked declspec) your ret should be RETN 10h.
- keep a couple nops (&H90) in place at start in case you need room to add a breakpoint (&hCC) manually to stop on your asm in a debugger to debug it. yes you will have to use ollydbg to debug it in asm most likley.
- you can twiddle with the CallWindowProc prototypes more based on what you are using it for..see last example.
Full example here:
Note: All single quotes for comments are stripped by my blog script. Same as default CallWindowProc except param 1 is now "ByRef lpBytes As Any" or you can use the default like this: CallWindowProc(Varptr(asmBytes(0)).
The most simple and direct example of VB6 & ASM:
Private Declare Function CallAsm Lib "user32" Alias "CallWindowProcA" _ (ByRef lpBytes As Any, ByVal hWnd As Long, ByVal Msg As Long, ByVal wParam As Long, ByVal lParam As Long) As Long Function Shl(x As Long) As Long '8B45 0C MOV EAX,DWORD PTR SS:[EBP+12] 'D1E0 SHL EAX,1 'C2 10 00 RETN 10h Dim o() As Byte Const sl As String = "8B 45 0C D1 E0 C2 10 00" o() = toBytes(sl) Shl = CallAsm(o(0), x, 0, 0, 0) End Function private Function toBytes(x As String) As Byte() Dim tmp() As String Dim fx() As Byte Dim i As Long tmp = Split(x, " ") ReDim fx(UBound(tmp)) For i = 0 To UBound(tmp) fx(i) = CInt("&h" & tmp(i)) Next toBytes = fx() End Function
Another example of working on a byte buffer in your asm:
Private Declare Function CallAsm2 Lib "user32" Alias "CallWindowProcA" _ (ByRef lpBytes As Any, ByRef chararray As Any, ByVal length As Long, ByVal unused1 As Long, ByVal unused2 As Long) As Long Const opcodes As String = "909090C745F800000000EB098B4DF88" & _ "3C101894DF88B55F83B55107D258B45" & _ "0C0345F88A08884DFC8B45F833D28A5" & _ "5FC2AD08855FC8B550C0355F88A45FC" & _ "8802EBCA9090C21000" fx() = toBytes2(opcodes) CallAsm2 fx(0), byteBufferToWorkOn(0), UBound(byteBufferToWorkOn), 0, 0 Function toBytes2(x As String, Optional debugit As Boolean = False) As Byte() Dim tmp() As String Dim fx() As Byte Dim i As Long Dim y ReDim fx(Len(x) / 2) For i = 1 To Len(x) Step 2 fx(y) = CByte(CLng("&h" & Mid(x, i, 2))) y = y + 1 Next If debugit Then fx(0) = &HCC toBytes2 = fx() End Function
The opcodes are for the following C with the prolog and epilog stripped out:
void __stdcall fnDecode(int dummy, char* b, int len) { char x; for(int i=0; i<len; i++){ x = b[i]; _asm{ //do stuff to x here } b[i] = x; //update vb byte buffer } }
Source:
http://sandsprite.com/blogs/index.php/index.php?uid=11&pid=43
No comments:
Post a Comment