对象储存做网站wordpress防止采集插件
文章目录
- nasm - console 32bits
- 概述
- 笔记
- my_build.bat
- nasm_main.asm
- 用VS2019写个程序,按照win32方式编译,比较一下。
- 备注
- END
nasm - console 32bits
概述
看到一个nasm的例子(用nasm实现一个32bits控制台的程序架子)
学习一下
笔记
my_build.bat
@echo off
rem my_build.batrem env
rem NASM version 2.16.03 compiled on Apr 17 2024
rem GoLink.Exe Version 1.0.4.6 Copyright Jeremy Gordon 2002-2025cls
set path=C:\Program Files\NASM;D:\my_dev\my_study_re\src\nasm\NasmX86AndX64ProgrammingExamples\tools\Golink;%path%rem .bat默认是不支持中文的
rem echo full path name - %~f0
rem echo full path - %~dp0
rem echo file name - %~nx0
rem echo work path - %cd%if "%1" == "build" (goto build
) else if "%1" == "clear" (goto clear
) else (goto usage
):usage
echo usage my_build.bat [option]
echo build - build asm to EXE
echo clear - clear trush on the project
goto end:build
echo build ...rem find file on work path
if exist "nasm_main.obj" (del "nasm_main.obj"
) nasm -f win32 nasm_main.asm -o nasm_main.obj
rem 用IDA打开.obj 已经可以看到实现逻辑了if exist "console_win32.exe" (del "console_win32.exe"
) rem 如果不指定要连接的dll, 会报错
golink /entry:Start /console kernel32.dll nasm_main.obj /fo console_win32.exeif exist "console_win32.exe" (echo run console_win32.exe console_win32.exe
)
goto end:clear
echo clear ...
if exist "nasm_main.obj" (del "nasm_main.obj"
) if exist "console_win32.exe" (del "console_win32.exe"
)
goto end:end
echo END
rem pause
call cmdnasm_main.asm
; @file nasm_main.asm
; @brief 用NASM实现一个32bits控制台程序NULL EQU 0
STD_OUTPUT_HANDLE EQU -11; 调用的win32API不用特意修饰, 用API的原始名称就行, 不必搞成 _WriteFile@20
extern GetStdHandle
extern WriteFile
extern ExitProcessglobal Startsection .dataMessage db "Console Message 32", 0x0D, 0x0AMessageLength EQU $-Messagesection .bssStandardHandle resd 1Written resd 1section .text
Start:push STD_OUTPUT_HANDLEcall GetStdHandlemov dword[StandardHandle], EAXpush NULLpush Writtenpush MessageLengthpush Messagepush dword[StandardHandle]call WriteFilepush NULL
call ExitProcess用VS2019写个程序,按照win32方式编译,比较一下。
#include <Windows.h>int main()
{const char* pMsg = "Console Message 64 ...";DWORD NumberOfBytesWritten = 0;system("pause");HANDLE hStdOut = GetStdHandle(STD_OUTPUT_HANDLE);WriteFile(hStdOut, pMsg, strlen(pMsg), &NumberOfBytesWritten, NULL);ExitProcess(0);
}然后单步调试,断住后,转到反汇编。比较了一下手写的NASM代码,发现基本和反汇编的结果一致。
NASM的语法和VS2019反汇编出来的代码几乎一模一样。
; @file nasm_main.asm
; @brief 用NASM实现一个32bits控制台程序NULL EQU 0
STD_OUTPUT_HANDLE EQU -11; 调用的win32API不用特意修饰, 用API的原始名称就行, 不必搞成 _WriteFile@20
extern GetStdHandle
extern WriteFile
extern ExitProcessglobal Startsection .dataMessage db "Console Message 32", 0x0D, 0x0AMessageLength EQU $-Messagesection .bssStandardHandle resd 1Written resd 1section .text
Start:; HANDLE hStdOut = GetStdHandle(STD_OUTPUT_HANDLE);; 00DB17D4 mov esi,esp ; 00DB17D6 push 0FFFFFFF5h // !; 00DB17D8 call dword ptr [__imp__GetStdHandle@4 (0DBB000h)] // ! ; 00DB17DE cmp esi,esp ; 00DB17E0 call __RTC_CheckEsp (0DB1235h) ; 00DB17E5 mov dword ptr [hStdOut],eax // !push STD_OUTPUT_HANDLEcall GetStdHandlemov dword[StandardHandle], EAX; WriteFile(hStdOut, pMsg, strlen(pMsg), &NumberOfBytesWritten, NULL);; 00DB17E8 mov esi,esp ; 00DB17EA push 0 // !; 00DB17EC lea eax,[NumberOfBytesWritten] ; 00DB17EF push eax // !; 00DB17F0 mov ecx,dword ptr [pMsg] ; 00DB17F3 push ecx // !; 00DB17F4 call _strlen (0DB1366h) ; 00DB17F9 add esp,4 ; 00DB17FC push eax // ! ; 00DB17FD mov edx,dword ptr [pMsg] ; 00DB1800 push edx // ! ; 00DB1801 mov eax,dword ptr [hStdOut] ; 00DB1804 push eax // ! ; 00DB1805 call dword ptr [__imp__WriteFile@20 (0DBB004h)] // !; 00DB180B cmp esi,esp ; 00DB180D call __RTC_CheckEsp (0DB1235h) push NULLpush Writtenpush MessageLengthpush Messagepush dword[StandardHandle]call WriteFile; ExitProcess(0);; 00DB1812 mov esi,esp ; 00DB1814 push 0 // !; 00DB1816 call dword ptr [__imp__ExitProcess@4 (0DBB008h)] // !; 00DB181C cmp esi,esp ; 00DB181E call __RTC_CheckEsp (0DB1235h) push NULLcall ExitProcess备注
从VS2019 c++ console工程的代码和NASM例子代码比较,可以得到一个提示。
如果用NASM手写代码不太熟练,可以从VS2019 c++代码的反汇编代码抽取汇编代码,直接就能用在NASM工程上。