dword | 易学教程

How to convert a DWORD into a DB

阅读更多关于 How to convert a DWORD into a DB

问题 I want to display a score in a game that I built in MASM32, and I have a problem, how do I convert a DWORD to a DB (string). There is the function crt__itoa to convert a dword to an integer , but for some reason it doesn't work (do i need to include an other lib ? ). There is the function TextOutA to display a score, but again I cant print it out because I don't have a string so it can print it from. 回答1: do i need to include an other lib? - Probably. You need msvcrt.inc and msvcrt.lib for

Storing dword into address

阅读更多关于 Storing dword into address

问题 I'm in middle of teaching myself certain parts of Assembly Language, and right now, I am focusing on storing data declarations in addresses. When it comes to storing hex, I know that if I am dealing with bytes, for instance; 1234 I can store them like this: Address 0000 - 12 Address 0001 - 24 Because dwords are 32 bits, I am assuming that each would take up twice as much space. If I end up with this for dword: 54 00 87 D1 49 5A AF 56 32 Would they be stored like this: Address 0000 - 54

x86 assembly: printing integer to the console after mul (seg fault)

阅读更多关于 x86 assembly: printing integer to the console after mul (seg fault)

问题 I'm trying to learn x86 assembly. The book I'm using is Assembly Language - Step by Step, Programming With Linux (and I'd have to say it's pretty good). I've learned a lot so far, but I feel as though I should also be challenging myself to stay ahead in many respects so I can learn faster through doing (I can do follow along, top-down learning, but I find it tediously slow). So, I figured it would be a cool idea to try and multiply two registers (32-bit) and then output the data to the

抖音越狱检测深度分析

阅读更多关于抖音越狱检测深度分析

如有合作，交流方面的意愿，请联系QQ：571652571 iOS抖音App安全机制分析准备工作工具在本文中，用到的工具有IDA Pro, Frida, TheOS，文本编辑器(如VSCode) 脱壳首先我们进行静态分析，第一步要脱壳，市面上常见的工具有dump-decrypted/frida-ios-dump/clutch等工具。使用frida查看App加载了哪些自带动态库，并对这些模块进行脱壳: Process.enumerateModulesSync().forEach(function(e){if(e.path.indexOf('.app')!=-1){console.log(e.path)}}) .../Aweme.app/Aweme .../Aweme.app/Frameworks/AgoraRtcEngineKit.framework/AgoraRtcEngineKit .../Frameworks/ByteRtcEngineKit.framework/ByteRtcEngineKit .../Aweme.app/Frameworks/AwemeDylib.framework/AwemeDylib 越狱检测分析由于抖音二进制相当大，单单IDA分析便需要几十分钟，而越狱逻辑可能隐藏在任何地方，而不限于在进程初始化时(mod_init_func)

Clarification: Porting 32 to 64 bit

阅读更多关于 Clarification: Porting 32 to 64 bit

问题 Quoting from http://msdn.microsoft.com/en-us/library/windows/desktop/aa384242%28v=vs.85%29.aspx Use UINT_PTR and INT_PTR where appropriate (and if you are uncertain whether they are required, there is no harm in using them just in case). Do not cast your pointers to the types ULONG, LONG, INT, UINT, or DWORD. Can I safely assume that converting all referenced of DWORD to UNIT_PTR in an existing 32 bit Codeline is safe without any side effects? Is there are other recommended guidelines to port

植物大战僵尸：逆向分析阳光

阅读更多关于植物大战僵尸：逆向分析阳光

植物大战僵尸这款游戏可以说是很多90后的回忆了，基本上只要是90后或多或少的都接触过，而玩游戏与制作辅助是两个概念，今天我将给大家分享一些游戏辅助方面的制作技巧，之所以使用植物大战僵尸这款游戏是因为游戏简单容易分析，且不需要考虑驱动保护版权等相应的问题，这里我会把我的分析思路分享出来，来供大家参考。游戏下载地址：链接： https://pan.baidu.com/s/1ajoUNpq8DmYspWWkhAt-Eg 提取码：4i3y 教程大纲 1.简单实现无限阳光 2.实现自动收集阳光 3.寻找葵花生产速度 4.寻找阳光掉落Call 5.直接一键秒通关提示：分析思路学会了，可以应用到任何一款游戏中，网游过驱动保护后，分析思路也是如此，此处只用于技术研究学习交流，请勿将技术用于商业游戏上。简单实现无限阳光本次实验内容：通过逆向分析植物阳光数量的动态地址找到阳光的基址与偏移，从而实现每次启动游戏都能够使用基址加偏移的方式定位阳光数据，最后我们将通过使用C语言编写通用辅助实现简单的无限阳光外挂，在教程开始之前我们先来说一下为什么会有动态地址与基址的概念！大部分编程语言都会有局部变量和全局变量，相对于局部变量来说是在游戏运行后动态分配的默认由堆栈存储，而全局变量则是我们所说的基址其默认存储在全局数据区，全局数据区里面的数据则是在编译的时候就写入到程序里了，所以不会变化

winnt.h

阅读更多关于 winnt.h

winnt.h https://docs.microsoft.com/en-us/windows/win32/api/winnt/ /*++ BUILD Version: 0091 Increment this if a change has global effects Copyright (c) Microsoft Corporation. All rights reserved. Module Name: winnt.h Abstract: This module defines the 32-Bit Windows types and constants that are defined by NT, but exposed through the Win32 API. Revision History: --*/ #ifndef _WINNT_ #define _WINNT_ #if _MSC_VER >= 1200 #pragma warning(push) #endif #pragma warning(disable:4201) // named type definition in parentheses #pragma warning(disable:4214) // bit field types other than int #ifdef _

在资源管理器中隐藏指定分区

阅读更多关于在资源管理器中隐藏指定分区

好久没写东西了，忙了好久的小论文。涉及到一个小需求：想隐藏某一个分区，尽量不被用户看到，但是为了方便编程、维护，又希望可以通过盘符地址访问，怎么办呢？这个问题可以通过修改注册表的方式解决： 1. 注册表HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer下新建键值对NoDrives，类型选择DWORD就好 2. 对应的值value |= (1 << 盘符 >= 'a' ? 盘符 - 'a' : 盘符 - 'A')) 3. 重启Windows资源管理器一个小demo放到GitHub了： https://github.com/Hilaver/partition-hiding 下面是代码 HKEY hKey = NULL; TCHAR *subKey; LONG lReturned = 0; DWORD dwMusk = 0x00; char volLetter[512]; printf("输入要隐藏的盘符(如C,D,F):"); scanf_s("%s",volLetter,sizeof(volLetter)); for (int i = 0; i < strlen(volLetter); i++) { if ((volLetter[i] >= 'a'&&volLetter[i

实现：获取文件属性

阅读更多关于实现：获取文件属性

代码如下： #include<stdio.h> #include<Windows.h> /* WIN32_FILE_ATTRIBUTE_DATA 文件属性的结构体 GetFileAttributesEx 这个是GetFileAttributes的加强版哇 */ DWORD ShowFileSize(DWORD nFileSizeHigh, DWORD nFileSizeLow) { //32位相当于4G，如果小的话都会再nFileSizeLow ，也没必要来左移nFileSizeHigh ULONGLONG FileSize;//64位无符号的整数来存储文件大小，因为 DWORD nFileSizeHigh DWORD nFileSizeLow printf("%d----%d", nFileSizeHigh, nFileSizeLow); FileSize = nFileSizeHigh; FileSize <<= 32; FileSize += nFileSizeLow; printf("文件大小为:%I64d\n",FileSize); return 0; } DWORD ShowFileAttribute(DWORD dwFileAttributes) { printf("文件信息\t"); if (dwFileAttributes & FILE_ATTRIBUTE

What is large dword?

阅读更多关于 What is large dword?

问题 What function have short and large in this code portion? large is same as long dword ? mov eax, ebx cmp [ebp+var_1], 0 jz short loc_413123 call sub_40341C pop large dword ptr fs:0 add esp, 0Ch 回答1: short jz short loc_413123 merely means that the offset (i.e. distance) for this jump is so small that it fits in a single byte, so this jump has been compiled to two simple bytes: 0x74 [1-byte-offset] Had the distance been larger, the compiler would have had to encode the jump differently, which