1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Lemmings aa-> Inline asm

Discussion in 'Programming' started by GroundZero, Aug 20, 2010.

  1. GroundZero

    GroundZero LOL Banned Coder Donor

    Hello i would ask if this Script which i Converted will work.
    I can test because i cannot install visual Studio everytime Error.
    Orginal Script:

    Code (Text):
    1. [ENABLE]
    2. Alloc(MAXONE,512)
    3. Alloc(ONEKEY00,4)
    4. Alloc(JUPKEY,4)
    5. Alloc(JUPKEY2,4)
    6. Registersymbol(MAXONE)
    7. Registersymbol(ONEKEY00)
    8. Registersymbol(JUPKEY)
    9. Registersymbol(JUPKEY2)
    10. Label(MAXONE00)
    11. Label(ONE)
    12. Label(ONE00)
    13. Label(TWO)
    14. Label(TWO00)
    15.  
    16. ONEKEY00:
    17. dd 1
    18. JUPKEY:
    19. dd 1
    20. JUPKEY2:
    21. dd 1
    22.  
    23.  
    24. MAXONE:
    25. fld qword ptr [ebp-14]
    26. leave
    27. cmp [ONEKEY00],0
    28. je MAXONE00
    29. cmp dword ptr [esp],00921635 //DC 6D ?? 83 C4 10 DD 55 ?? DC 1D ?? ?? ?? ?? DF E0 9E 0F 84
    30. je ONE // take the first result -.- you will get 2 addresses
    31. cmp dword ptr [esp],00921B31 //DC 5D ?? 59 59 DF E0 9E ?? ?? DD 45 ?? 8B CE 51 51 DD 1C 24 E8 ?? ?? ?? ?? 89 46 ?? 83 BF ?? ?? 00 00 00 74 ?? 6A 00 6A
    32. je TWO // take the first result -.- you will get 2 addresses
    33.  
    34.  
    35. MAXONE00:
    36. ret
    37.  
    38.  
    39. ONE:
    40. add esp,4
    41. cmp [JUPKEY],1
    42. jne ONE00
    43. cmp [ebx+248],2 // 8B 83 ?? ?? 00 00 83 F8 01 0F 85 ?? ?? ?? ?? DD 45
    44. jne ONE00
    45. mov [ebx+4A8],0 // + the same as the one above
    46. fsubr qword ptr [ebp-18]
    47. add esp,10
    48. fst qword ptr [ebp-18]
    49. fcomp qword ptr [00A38C30] //00 00 00 00 00 00 00 00 66 00 61 00 69 00 ?? 00 00 00
    50. jmp 009219C4 //FF 75 ?? 8B CB FF 75 ?? E8 ?? ?? ?? ?? 5F 5E 5B C9 C2 ?? ?? 55 8B EC 51 51 53 56 8B D9 57
    51.  
    52.  
    53. ONE00:
    54. fsubr qword ptr [ebp-18]
    55. jmp 00921638 //83 C4 ?? DD 55 ?? DC 1D ?? ?? ?? ?? DF E0 9E 0F 84 ?? ?? ?? ?? 8B 83 ?? ?? 00 00 83 F8 01
    56.  
    57.  
    58. TWO:
    59. add esp,4
    60. cmp [JUPKEY2],1
    61. jne TWO00
    62. fcomp qword ptr [ebp-08]
    63. pop ecx
    64. pop ecx
    65. jmp 00921B9B //83 BF ?? ?? ?? ?? 03 0F 85 ?? ?? ?? ?? FF 77 ?? 83 65 ?? 00
    66.  
    67.  
    68. TWO00:
    69. fcomp qword ptr [ebp-08]
    70. jmp 00921B34 //59 59 DF E0 9E 73 21 DD 45 F8 8B CE 51 51 DD 1C 24 E8
    71.  
    72.  
    73. 0059E203: //DD 45 ?? C9 C3 56 6A FF FF 74 24 ?? 8B F1 E8 ?? ?? ?? ?? 8B c6 5e c2
    74. jmp MAXONE
    75.  
    76. [DISABLE]
    77. 0059E203:
    78. db DD 45 EC C9 C3
    79.  
    80. dealloc(MAXONE)
    81. dealloc(ONEKEY00)
    82. dealloc(JUPKEY)
    83. dealloc(JUPKEY2)
    84. unregistersymbol(MAXONE)
    85. unregistersymbol(ONEKEY00)
    86. unregistersymbol(JUPKEY)
    87. unregistersymbol(JUPKEY2)
    88.  
    Converted

    Code (Text):
    1. //Lemmings
    2. DWORD dwLemAddy = 0x0059E203;
    3. DWORD dwADDY1 = 0x009219C4 ;
    4. DWORD dwADDY2 = 0x00921638 ;
    5. DWORD dwADDY3 = 0x00921B9B ;
    6. DWORD dwADDY4 = 0x00921B34 ;
    7. DWORD cmpADDY = 0x00921635 ;
    8. DWORD cmpADDY1 = 0x00921B31;
    9. DWORD ONEKEY00 = 0x1;
    10. DWORD JUPKEY1 = 0x1;
    11. DWORD JUPKEY2 = 0x1;
    12.  
    13.  
    14.  
    15. void __declspec(naked) __stdcall MAXONE ()  
    16. {
    17.     _asm
    18.     {
    19.  
    20.  
    21. fld qword ptr [ebp-0x14]
    22. leave
    23. cmp [ONEKEY00],0
    24. je MAXONE00
    25. cmp dword ptr [esp],cmpADDY
    26. je ONE
    27. cmp dword ptr [esp],cmpADDY1
    28. je TWO
    29.  
    30.  
    31. MAXONE00:
    32. ret
    33.  
    34.  
    35. ONE:
    36. add esp,0x4
    37. cmp [JUPKEY],0x1
    38. jne ONE00
    39. cmp [ebx+0x248],0x2
    40. jne ONE00
    41. mov [ebx+0x4A8],0x0
    42. fsubr qword ptr [ebp-0x18]
    43. add esp,10
    44. fst qword ptr [ebp-0x18]
    45. fcomp qword ptr [0x00A38C30]
    46. jmp dwADDY1
    47.  
    48.  
    49. ONE00:
    50. fsubr qword ptr [ebp-0x18]
    51. jmp dwADDY2
    52.  
    53.  
    54. TWO:
    55. add esp,0x4
    56. cmp [JUPKEY2],0x1
    57. jne TWO00
    58. fcomp qword ptr [ebp-0x08]
    59. pop ecx
    60. pop ecx
    61. jmp dwADDY3
    62.  
    63.  
    64. TWO00:
    65. fcomp qword ptr [ebp-0x08]
    66. jmp dwADDY4
    67.     }
    68. }
    69.  
    70. void Lemmings(BOOL enable)
    71. {
    72. if (enable == true)
    73. {
    74. *(BYTE*)dwLemAddy = 0xE9;
    75. *(DWORD*)(dwLemAddy+1) = JMP(dwLemAddy,MAXONE);
    76. }
    77.  
    78. else
    79. {
    80. *(DWORD*)dwLemAddy = 0xc3c9ec45;
    81. *(DWORD*)dwLemAddy+5 = 0xc3;
    82. }
    83. }
    84.  
    85.  
     
  2. fag

    fag Banned Banned

    "jmp 0x00921B9B "

    That won't work, since you aren't allowed to jump to a constant. However, push+ret works fine.
     
  3. GroundZero

    GroundZero LOL Banned Coder Donor

    it was still in the night so now i correct the script i dunno if its work
     
  4. fag

    fag Banned Banned

    Still won't work. "jmp dwADDY4" will change EIP to &dwADDY4, which is clearly not what you want. Do "jmp dword ptr [dwADDY4]"
     
  5. GroundZero

    GroundZero LOL Banned Coder Donor

    problem i cannt test cause vs wont work
     
  6. Cuckoo

    Cuckoo Fuckeh Yuuu Donor

    does this lemming auto assemble script work?
     

Share This Page