|
|
-------------------------((((06/05/2008 V 1.2.12 )))--------------------------
----------------------------<<<< What's new: >>>>-----------------------------
1. Adding support for asm like command in 'multicommand assembler'.
Added commands til now are:
1.1) PUSHSTR -> There'are 2 versions of this cmd:
1.1.1) First one, without argument
(ex: pushstr 'kernel32.dll' -> PUSH 3D0000 ; ASCII "kernel32.dll" )
1.1.2) Second one, accept one argument (The address where to assemble)
ex: pushstr 'kernel32.dll', 401000 -> PUSH 00401000
1.2) PUSHALL -> push several commands
(ex: pushall 0402000, @GWL_EXSTYLE
call GetWindowLongA
assembled to: ->
PUSH 00402000
CALL user32.GetWindowLongA)
+/- all constants in windows.inc (thanks hutch and iczelion for this
file) can be used just with the prefix '@'
1.3) INVOKE -> Works like its homologous asm command with an extra
Note that:
1.3.1 - The strings will be assembled in a 'rundom' address
allocated in debugee memory
1.3.2 - you can integrate string directly in the invoke macro
( ex1: invoke MessageBoxA, 'Text1 from invoke macro', 'Text2 from invoke macro', @MB_OK
-> PUSH 0 ; /Style = MB_OK|MB_APPLMODAL
PUSH 1D0030 ; |Title = "Text2 from invoke macro"
PUSH 1D0048 ; |Text = "Text1 from invoke macro"
PUSH 00402000 ; |hOwner = 00402000
CALL DWORD PTR DS:[<&user32.MessageBoxA>> ; \MessageBoxA
ex1: And invoke GetPrivateProfileIntA, 'Section Name', 'Key', 0, 'B:\bla\bla\bla\bla.ini'
-> PUSH 1D0060 ; /IniFileName = "B:\bla\bla\bla\bla.ini"
PUSH 0 ; |Default = 0
PUSH 1D0077 ; |Key = "Key"
PUSH 1D007B ; |Section = "Section Name"
CALL DWORD PTR DS:[<&kernel32.GetPrivate> ; \GetPrivateProfileIntA
)
1.4) Note that the constants are located in 'BYTES.OEP' file provided
with this version (version of 06/05/ 2008) and you've to re^lace the old
one. Otherwise, all constants will return 0 and will assembled : push 0.
2- Position saving for most important and most used dialog boxes.
Please, consider to use the pushstr macro instead of invoke one if the
lenght of pushed text is > 40 chars Privacy note: The last entered piece
of text to assemble in MCasm is stored in registry
("HKEY_CURRENT_USER\Software\IDAFicator Plugin"
, just in case.
3- MuCAsm now remembers last entered text even between debugging 2 sessions.
------------------------------(((( TODO list )))-------------------------------
1- Automatic update of bp menu checked item when starting olly with already
set bpts.
2- Keep a list of disabeled hwbp so reverser can set them on after restarting
HWBP dialogbox
3- Handling the relative jumps by the MuCAsm. |
UltraDebug免责声明
✅以上内容均来自网友转发或原创,如存在侵权请发送到站方邮件9003554@qq.com处理。
✅The above content is forwarded or original by netizens. If there is infringement, please send the email to the destination 9003554@qq.com handle.
|
滇ICP备2022002049号-2 
滇公网安备 53032102000034号)
