Re: Macro2D

---

• From: "Rosario" <x@xxx>
• Date: Fri, 26 Sep 2008 09:09:51 +0200

---

"Herbert Kleebauer" <klee@xxxxxxxxx> ha scritto nel messaggio
news:48D8FB65.A82E864A@xxxxxxxxxxxx

Frank Kotler wrote:

Dunno if it's the ".exe" extension that gives it away, or the "MZ". They
can pick it up inside a .zip, apparently. I'm sure we could devise a way
to fool 'em!

Yes, there are crazy administrators. Try to send a mail with only one
text line and without any attachment:

?> BMZ loves BS.

?> Some (at least our) mail server does block it because it starts with BMZ:

here there is not that word "BMZ" - "B" :)

I heard some of you don't receve .zip file with this news group:
this should be a programme for decode file i send
compile it using nasmw -fobj file|
and alink -oPE -subsys con file.obj win32.lib

section _DATA use32 public class=DATA
global _main
extern CreateFileA
extern CloseHandle
extern ReadFile
extern WriteFile
extern GetCommandLineA
extern GetStdHandle
extern FlushFileBuffers

%define NL 13, 10
%define GENERIC_READ 080000000h
%define GENERIC_WRITE 040000000h
%define FILE_ATTRIBUTE_NORMAL 000000080h
%define OPEN_EXISTING 000000003h
%define CREATE_ALWAYS 000000002h
%define INVALID_HANDLE_VALUE 0FFFFFFFFh
%define IVA_ 0FFFFFFFFh
%define STD_ERROR_HANDLE 0FFFFFFF4h
%define STD_INPUT_HANDLE 0FFFFFFF6h
%define STD_OUTPUT_HANDLE 0FFFFFFF5h
stdin dd -1
stdout dd -1
stderr dd -1

; numeri decimali 0x0
; numeri hex non decimali 0x1
; altre lettere dell'alfabeto + "_" 0x2
; "@" "$" "%" 0x3 [alfanumerico <=3]
%define Space 6
%define Punti 9

; 0, 1, 2, 3, 4, 5, 6, 7, 8, 9
MyTable:
db 5, 16, 16, 16, 16, 16, 16, 16, 16, 6 ; 0
db 5, 16, 16, 16, 16, 16, 16, 16, 16, 16 ; 1
db 16, 16, 16, 16, 16, 16, 16, 16, 16, 16 ; 2
db 16, 16, 6, 9, 16, 9, 3, 3, 9, 16 ; 3
db 9, 9, 9, 9, 9, 9, 2, 16, 0, 0 ; 4
db 0, 0, 0, 0, 0, 0, 0, 0, 16, 16 ; 5
db 9, 9, 9, 9, 3, 1, 1, 1, 1, 1 ; 6
db 1, 2, 2, 2, 2, 2, 2, 2, 2, 2 ; 7
db 2, 2, 2, 2, 2, 2, 2, 2, 2, 2 ; 8
db 2, 16, 16, 16, 9, 2, 16, 1, 1, 1 ; 9
db 1, 1, 1, 2, 2, 2, 2, 2, 2, 2 ; 10
db 2, 2, 2, 2, 2, 2, 2, 2, 2, 2 ; 11
db 2, 2, 2, 16, 9, 16, 16, 16, 16, 16 ; 12
db 16, 16, 16, 16, 16, 16, 16, 16, 16, 16 ; 13
db 16, 16, 16, 16, 16, 16, 16, 16, 16, 16 ; 14
db 16, 16, 16, 16, 16, 16, 16, 16, 16, 16 ; 15
db 16, 16, 16, 16, 16, 16, 16, 16, 16, 16 ; 16
db 16, 16, 16, 16, 16, 16, 16, 16, 16, 16 ; 17
db 16, 16, 16, 16, 16, 16, 16, 16, 16, 16 ; 18
db 16, 16, 16, 16, 16, 16, 16, 16, 16, 16 ; 19
db 16, 16, 16, 16, 16, 16, 16, 16, 16, 16 ; 20
db 16, 16, 16, 16, 16, 16, 16, 16, 16, 16 ; 21
db 16, 16, 16, 16, 16, 16, 16, 16, 16, 16 ; 22
db 16, 16, 16, 16, 16, 16, 16, 16, 16, 16 ; 23
db 16, 16, 16, 16, 16, 16, 16, 16, 16, 16 ; 24
db 16, 16, 16, 16, 16, 16, 0, 0, 0, 0 ; 25

IErroreIdiIargomentiII db "Errore di argomenti; " , 0, 0

helptext:
db "Uso: " , NL
db "+" , NL
db '"ThisFile.exe -ToBin inputfile"' , NL
db 'Cerca nel file di input la stringa "||name||{\13\10"' , NL
db 'se la trova, apre un file di nome "name" e decodifica' , NL
db 'da ascii a binario il suo contenuto fino a "\13\10}".'
nl db 13, 10, 0, 0

; For rosasm
;*
; %define CreateFileA 'kernel32.CreateFileA'
; %define CloseHandle 'kernel32.CloseHandle'
; %define ReadFile 'kernel32.ReadFile'
; %define WriteFile 'kernel32.WriteFile'
; %define GetCommandLineA 'kernel32.GetCommandLineA'
; %define GetStdHandle 'kernel32.GetStdHandle'
; %define FlushFileBuffers 'kernel32.FlushFileBuffers'
;*

section _TEXT use32 public class=CODE

GetStdIo:
jmp short .1
..e: mov eax, -1
stc
jmp .z
..1: push STD_ERROR_HANDLE
call GetStdHandle
mov [stderr], eax
cmp eax, -1
je .e
push STD_INPUT_HANDLE
call GetStdHandle
mov [stdin], eax
cmp eax, -1
je .e
push STD_OUTPUT_HANDLE
call GetStdHandle
mov [stdout], eax
cmp eax, -1
je .e
..2: xor eax, eax
..3: clc
..z:
ret

;0j,4i,8ra,12P_Handle
FlushCloseHandle:
push esi
push edi
mov esi, dword[esp+ 12]
cmp esi, -1
jne .1
..e: xor eax, eax
stc
jmp short .z ; bene a!=0
..1: push esi
call FlushFileBuffers
mov edi, eax
push esi
call CloseHandle
cmp eax, 0
je .e
cmp edi, 0
je .e
clc
..z:
pop edi
pop esi
ret 4

CloseStdIo:
mov edx, [stderr]
push edx
call FlushCloseHandle
mov edx, [stdin]
push edx
call CloseHandle
mov edx, [stdout]
push edx
call FlushCloseHandle
mov dword[stderr], -1
mov dword[stdin], -1
mov dword[stdout], -1
xor eax, eax
..z:
ret

;u32 SPuts(u32 Handle, u32 String)
; scrive in Handle la stringa String
; 0j,4r,8c,12ra,16P_Handle,20P_Str + 8
; 24 28
SPuts:
push ecx
push edx
push edi
sub esp, 8
mov eax, dword[esp+ 28]
xor ecx, ecx
mov edx, eax
cmp dword[esp+24], -1
je .e
cmp eax, 0
jne .2
..e: stc
jmp short .z
..1: inc eax
inc ecx
..2: cmp byte[eax], 0
jne .1
mov edi, dword[esp+ 24]
mov eax, esp
push 0
push eax
push ecx
push edx
push edi
call WriteFile
mov ecx, eax
mov eax, [esp]
cmp ecx, 0
je .e
clc
..z:
lea esp, [esp+8]
pop edi
pop edx
pop ecx
ret 8

; ritorna la lunghezza della stringa presa
; c==1 significa raggiunto EOF
; c==0 significa non raggiunto EOF
; 0k,4j,8i,12b,16ra,
; 20PArr,24PArrSize,28PHandle + 8
; 28 j |32 k |36 i
SGetLine:
push ebx
push esi
push edi
push ebp
sub esp, 8
mov edi, dword[esp+ 28]
mov ebp, dword[esp+ 32]
mov esi, dword[esp+ 36]
mov ebx, esp
cmp ebp, 0
jle .e0
cmp edi, 0
jne .1
..e0: xor eax, eax
..e: xor ecx, ecx
stc
jmp short .z
..e1: mov byte[edi], 0
sub edi, [esp+28]
mov eax, edi
jmp short .e
..1: add ebp, edi
..2: cmp edi, ebp
jae .e1
push 0
push ebx
push 1
push edi
push esi
call ReadFile
cmp eax, 0
je .e1
cmp dword[esp], 1
jne .3 ;raggiunto EOF
inc edi
cmp byte[edi-1], 10
jne .2
xor ecx, ecx
jmp short .4
..3: mov ecx, 1
..4: mov byte[edi], 0
sub edi, [esp+28]
mov eax, edi
clc
..z:
lea esp, [esp+8]
pop ebp
pop edi
pop esi
pop ebx
ret 12

; 0c,4r, 8ra, 12P_Pfile + 16
; 28
; trash only eax
Getc:
push edx
push ecx
sub esp, 16
mov edx, dword[esp+ 28]
mov ecx, esp
cmp edx, -1
jne .1
..e: mov eax, -1
stc
jmp short .z
..eof: mov eax, -1
clc
jmp short .z
..1: lea eax, [esp+8]
push 0
push ecx
push 1
push eax
push edx
call ReadFile
cmp eax, 0
je .e
cmp dword[esp], 1
jne .eof
xor eax, eax
mov al, [esp+8]
clc
..z:
lea esp, [esp+16]
pop ecx
pop edx
ret 4

; u32 NCharsWritten PutNChars(u32 handle, u8* arr, u32 n)
;0j,4r,8c,12ra, 16P_h,20P_a,24P_n + 8
; 24 ,28 ,32
PutNChars:
push ecx
push edx
push edi
sub esp, 8
mov edi, dword[esp+ 24]
mov edx, dword[esp+ 28]
mov ecx, dword[esp+ 32]
mov dword[esp], 0
cmp edi, -1
je .e0
cmp edx, 0
je .e0
cmp ecx, 0
jg .1
jz .0
..e0: xor eax, eax
..e: stc
jmp short .z
..0: xor eax, eax
clc
jmp short .z
..1: mov eax, esp
push 0
push eax
push ecx
push edx
push edi
call WriteFile
mov ecx, eax
mov eax, [esp]
cmp ecx, 0
je .e
clc
..z:
lea esp, [esp+8]
pop edi
pop edx
pop ecx
ret 12

; u32 NcharRis AsciiToBin(u8* Ris, u8* Origin, u32 n)
; NB n==2,3,4 only
; 0j,4i,8r,12c,16ra,20P_r,24P_o,28P_n
AsciiToBin:
push ecx
push edx
push esi
push edi
mov ecx, dword[esp+ 28]
xor eax, eax
cmp ecx, 4
ja .e
cmp ecx, 1
jbe .e
mov edi, dword[esp+ 20]
mov esi, dword[esp+ 24]
xor edx, edx
sub ecx, 1
jmp short .0
..e: stc
jmp .z ; 6,2
..0: mov dx, [esi]
sub edx, 02020h
mov eax, edx
mov al, 0
shr eax, 2
or al, dl
mov [edi], al
inc esi
inc edi
dec ecx
jz .1 ; 4,4
mov dx, [esi]
sub edx, 02020h
mov dl, 0
shl edx, 4
or ah, dh
mov [edi], ah
inc esi
inc edi
dec ecx
jz .1 ; 2,6
mov dx, [esi]
sub edx, 02020h
mov eax, edx
shr dl, 4
shl ah, 2
or ah, dl
mov [edi], ah
..1: mov eax, dword[esp+ 28]
dec eax
clc
..z:
pop edi
pop esi
pop edx
pop ecx
ret 12


; u32 PrendiArgomenti(u32** arr, u32 NArrElements)
; ritorna il numero di argomenti presi CF==0 tutto ok
; alla fine un puntatore permesso del vettore arr
; punta a un array di char che descrive l'argomento
; che risulta essere finito da ' ' spazio o tab
; se non inizia con ' oppure "
; altrimenti e' finito rispettivamente da ' e da "
; altrimenti se errore es il vettore e' tutto riempito
; o i parametri sono sbagliati: ritorna
; il numero di argomenti ed CF==1
; 0j,4i,8b, 12ra,16P_arr, 20P_limite
PrendiArgomenti:
push ebx
push esi
push edi
mov ebx, dword[esp+ 16]
cmp dword[esp+20], 0
jle .e0
cmp ebx, 0
jne .a
..e0: xor eax, eax
..e: stc
jmp .z
..ee: mov eax, ecx
jmp short .e
..a: call GetCommandLineA
mov esi, eax ; nel puntatore 0 vi e' il primo argomento
cmp eax, 0
je .e0
xor ecx, ecx
xor eax, eax
mov edx, dword[esp+ 20]
jmp short .2 ; c=contatore; r=il limite;
..0: inc esi
mov al, [esi]
cmp eax, 0
je .e
cmp eax, edi
jne .0
..1: inc esi ; leva gli eventuali spazi prima
..2: mov al, [esi]
cmp byte[MyTable+eax], Space
je .1
cmp eax, 0
je .3
mov [ebx+ecx*4], esi ; assegna al puntatore il primo
carattere
inc ecx
cmp ecx, edx
jae .ee
mov edi, eax
cmp eax, '"'
je .0
cmp eax, 39
je .0
..2a: inc esi
..2b: mov al, [esi]
cmp eax, 0
je .3
cmp byte[MyTable+eax], Space
jne .2a ; scorre la parola
jmp short .1
..3: mov eax, ecx
clc
..z:
pop edi
pop esi
pop ebx
ret 8

LevaSpaziDa_i:
xor eax, eax
..0: mov al, [esi]
cmp byte[MyTable+eax], Space
jne .1
inc esi
jmp short .0
..1: ret

; parametri: i la stringa da leggere
; j la stringa da scrivere
; k la size di j
; alla fine modifica sia i,j,k
; Ritorna in ecx la lunghezza della parola
; scritta in j
;
; il primo carattere puntato da i
; non deve essere spazio
; modifica i,j,k,a,c
PrendiWordTraSpazi_jki:
push ebp
xor eax, eax
cmp ebp, 0
jl .e
jz .ee
jmp short .1
..ee: mov ecx, [esp]
sub ecx, ebp
mov byte[edi], 0
..e: stc
jmp short .z
..0: dec ebp
jz .ee
inc esi
inc edi
cmp eax, ','
je .2
cmp eax, ';'
je .2
..1: mov al, [esi]
mov [edi], al
cmp eax, 0
je .3
cmp byte[MyTable+eax], Space
jne .0
..2: mov byte[edi], 0
..3: mov ecx, [esp]
sub ecx, ebp
clc
..z:
lea esp, [esp+4]
ret

; parametri: i la stringa da leggere
; j la stringa da scrivere
; k la size di j
; alla fine modifica sia i,j,k
; Ritorna in ecx la lunghezza della stringa
; scritta in j
;
; il primo carattere puntato da i
; deve essere " oppure '
; modifica i,j,k,a,c,r
PrendiWordTraVirgolette_jki:
push ebp
xor eax, eax
xor ecx, ecx
cmp ebp, 0
mov cl, [esi]
jl .e
jz .ee
cmp ecx, '"'
je .1
cmp ecx, "'"
je .1
cmp ecx, 96
je .1
jmp short .e
..ee: mov ecx, [esp]
sub ecx, ebp
mov byte[edi], 0
..e: stc
jmp short .z
..1: mov [edi], cl
..2: dec ebp
jz .ee
inc esi
inc edi
mov al, [esi]
mov [edi], al
cmp eax, 0
je .3
cmp eax, ecx
jne .2
dec ebp
inc esi
inc edi
mov byte[edi], 0
..3: mov ecx, [esp]
sub ecx, ebp
clc
..z:
lea esp, [esp+4]
ret


; In i vi e' il nome
; In j vi e' dove lo si vuole scrivere
; In k vi e' la dimensione di j
PrendiWordSpaziVirgolette_jki:
call LevaSpaziDa_i
xor eax, eax
mov al, [esi]
cmp eax, '"'
jne .1
..0: call PrendiWordTraVirgolette_jki
jmp short .2
..1: cmp eax, "'"
je .0
cmp eax, 96
je .0
call PrendiWordTraSpazi_jki
..2:
ret

; 0k,4j,8i,12b,16ra, 20P_fR + 2048
; 2068
; b1= 40.. 552 512chars buffer
; b2= 600..1112 512chars buffer
; b3=1120..2040 920chars buffer 512+920=1432
AsciiFileToBin:
push ebx
push esi
push edi
push ebp
sub esp, 2048
%define InpHandle 16
%define OutHandle 20
%define InpFName 40
%define OutFName 600
mov esi, dword[esp+ 2068]
cmp esi, 0
jne .1
..e: mov eax, -1
..e0: stc
jmp .z
..1: lea edi, [esp+InpFName]
mov ebp, 512
call PrendiWordSpaziVirgolette_jki
jc .e
lea edx, [esp+InpFName]
push 0
push FILE_ATTRIBUTE_NORMAL
push OPEN_EXISTING
push 0
push 0
push GENERIC_READ
push edx
call CreateFileA
mov [esp+InpHandle], eax

cmp eax, INVALID_HANDLE_VALUE
je .e
jmp short .2
..e2: mov edx, [esp+OutHandle]
push edx
call FlushCloseHandle
..e1: mov edx, [esp+InpHandle]
push edx
call CloseHandle
..e3: mov eax, ebx
jmp .e0
..2: mov esi, eax
..3: push esi
call Getc
jc .e1
cmp eax, -1
je .e1
cmp eax, '|'
jne .3
push esi
call Getc
jc .e1
cmp eax, -1
je .e1
cmp eax, '|'
jne .3
lea edx, [esp+OutFName]
push edx
push esi
push 1432
push edx
call SGetLine
pop edx
jc .e1
cmp ecx, 1
je .e1 ; ragiunto EOF
cmp eax, 5
jbe .3 ; 0->0 -1->a, -2->d, -3->{, -4->|, -5->|
lea ecx, [edx+eax-5]
mov edx, dword[ecx]
and edx, 000FFFFFFh
cmp edx, "||{"
jne .3
mov dword[ecx], 0
lea edx, [esp+OutFName]
mov edi, ecx
xor eax, eax
jmp short .4a
..4: dec edi
..4a: cmp edi, edx
jbe .3
mov al, [edi]
cmp byte[MyTable+eax], Space
je .4
mov byte[edi], 0
..4c: dec edi
cmp edi, edx
jbe .5
mov al, [edi]
cmp byte[MyTable+eax], 2
jbe .4c
inc edi
cmp byte[edi], 0
je .3
..5: mov ebx, 1
push 0
push FILE_ATTRIBUTE_NORMAL
push CREATE_ALWAYS
push 0
push 0
push GENERIC_WRITE
push edi
call CreateFileA
mov [esp+OutHandle], eax

cmp eax, INVALID_HANDLE_VALUE
je .e4
mov ebx, 2
jmp short .5a
..e4: jmp .e1
..e5: jmp .e2
..5a: mov edi, [esp+OutHandle]
mov esi, [esp+InpHandle]
lea ebp, [esp+InpFName]
..6: push esi
push 1432
push ebp
call SGetLine
jc .e5
cmp ecx, 1
jne .6a
cmp eax, 1
jbe .9
..6a: cmp eax, 3
jb .6
mov edx, [ebp]
and edx, 000FFFFFFh
cmp edx, 0a0d7dh
je .9
lea edx, [ebp+eax]
dec edx
cmp byte[edx], 10
jne .6b
dec edx
..6b: cmp byte[edx], 13
jne .6c
dec edx
..6c: inc edx
mov ebx, ebp
mov [esp], edx
mov edx, ebp
sub edx, 8
; u32 NcharRis AsciiToBin(u8* Ris, u8* Origin, u32 n)
; NB n==2,3,4 only
..6d: cmp ebx, [esp]
jae .6
mov ecx, [esp]
sub ecx, ebx
cmp ecx, 4
jbe .6e
mov ecx, 4
..6e: push ecx
push ebx
push edx
call AsciiToBin
add ebx, ecx
; u32 NCharsWritten PutNChars(u32 handle, u8* arr, u32 n)
push eax
push edx
push edi
call PutNChars
jc .e5
jmp .6d
..9: mov ebx, 3
mov edx, [esp+OutHandle]
push edx
call FlushCloseHandle
jc .e1
mov edx, [esp+InpHandle]
push edx
call CloseHandle
jc .e3
xor eax, eax
..z:
%undef InpFName
%undef OutFName
%undef InpHandle
%undef OutHandle
lea esp, [esp+2048]
pop ebp
pop edi
pop esi
pop ebx
ret 4


; P --> help
; P * --> help
; P -ToBin filein --> AsciiFileToBin()
; 1234567
; negli altri casi --> help
...start:
_main:
AsmMain:
push ebx
push esi
push edi
push ebp
sub esp, 2048
finit
call GetStdIo
jc .e0
lea eax, [esp+40]
push 200
push eax
call PrendiArgomenti
jnc .1
..e: mov ebx, [stderr]
cmp ebx, -1
je .0
push IErroreIdiIargomentiII
push ebx
call SPuts
..0: call CloseStdIo
..e0: mov eax, 1
stc
jmp .z
..e1: mov ebx, [stderr]
cmp ebx, -1
je .0
push helptext
push ebx
call SPuts
jmp short .0
..1: cmp eax, 0
je .e
mov ecx, eax
dec ecx
..2: cmp ecx, 2
jne .e1
mov eax, dword[esp+ ecx*4+40-4] ; I argomento
mov esi, [eax]
mov edi, [eax+4]
and edi, 000FFFFFFh
cmp esi, "-ToB"
jne .e1
cmp edi, "in "
jne .e1
mov edx, dword[esp+ ecx*4+40] ; II argomento
push edx
call AsciiFileToBin
jc .e
..y: call CloseStdIo
xor eax, eax
..z:
lea esp, [esp+2048]
pop ebp
pop edi
pop esi
pop ebx
ret







.

---

• References:
  • Re: Macro2D
    • From: Frank Kotler
  • Re: Macro2D
    • From: NathanCBaker
  • Re: Macro2D
    • From: Frank Kotler
  • Re: Macro2D
    • From: Nathan Baker
  • Re: Macro2D
    • From: Wolfgang Kern
  • Re: Macro2D
    • From: Frank Kotler
  • Re: Macro2D
    • From: Herbert Kleebauer

• Prev by Date: Re: Macro2D
• Next by Date: Good real estate business - don't miss your chance!
• Previous by thread: Re: Macro2D
• Next by thread: Re: Macro2D
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Macro2D ... õ1, eax", 0 ... db "push striIIi", NL ... db ".2: cmp edi, ebp", NL ... db ".4: mov eax, edi", NL ... (alt.lang.asm) One RosAsm Pre-parser ... cmp eax 0 | ja L0<< ... mov ecx, D ... (alt.lang.asm) ascii to st0 ... push IDC_ARROW ... cmp eax, 0 ... mov ebp, esp ... cmp dword @Message, WM_CLOSE ... (alt.lang.asm) Re: recvfrom ... push ebx ... mov eax, ... cmp eax, SOCKET_ERROR ... (alt.lang.asm) Re: Interesting Web Site on Open Source Development ... mov D§esp 0DEADBEEF call Code04013A0 ... call Code0401100 push eax lea eax D§esp+014 push Data0402124 ... push eax call 'USER32.wsprintfA' add esp 0C push 030 lea ecx D§esp+014 push ecx ... (alt.lang.asm)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

coding.derkeiler.com  > Archive  > Assembler  > alt.lang.asm  > 2008-09