Informática Numaboa - Tutoriais e Programação
Janelas (masm)
Dom 7 Jan 2007 10:34 |
- Detalhes
- Categoria: Assembly Numaboa (antigo oiciliS)
- Atualização: Terça, 16 Fevereiro 2010 22:54
- Autor: vovó Vicki
- Acessos: 18846
Conferindo o trabalho do MASM
O QEditor não só é capaz de assemblar um código fonte, como também de dessassemblar um executável. Esta opção se encontra no menu [Tools / Dis-assemble EXE file]. Experimente usá-la com o texto deste programa ainda no editor. O QEditor abre uma nova instância dele mesmo e apresentará o seguinte:
:\masm32\ICZTUTES\TUTE03\WIN1.exe (hex) (dec)
.EXE size (bytes) 490 1168
Minimum load size (bytes) 450 1104
Overlay number 0 0
Initial CS:IP 0000:0000
Initial SS:SP 0000:00B8 184
Minimum allocation (para) 0 0
Maximum allocation (para) FFFF 65535
Header size (para) 4 4
Relocation table offset 40 64
Relocation entries 0 0
Portable Executable starts at b0
Signature 00004550 (PE)
Machine 014C (Intel 386)
Sections 0003
Time Date Stamp 3C4CEBF4 Tue Jan 22 01:35:00 2002
Symbol Table 00000000
Number of Symbols 00000000
Optional header size 00E0
Characteristics 010F
Relocation information stripped
Executable Image
Line numbers stripped
Local symbols stripped
32 bit word machine
Magic 010B
Linker Version 5.12
Size of Code 00000200
Size of Initialized Data 00000400
Size of Uninitialized Data 00000000
Address of Entry Point 00001000
Base of Code 00001000
Base of Data 00002000
Image Base 00400000
Section Alignment 00001000
File Alignment 00000200
Operating System Version 4.00
Image Version 0.00
Subsystem Version 4.00
reserved 00000000
Image Size 00004000
Header Size 00000400
Checksum 00000000
Subsystem 0002 (Windows)
DLL Characteristics 0000
Size Of Stack Reserve 00100000
Size Of Stack Commit 00001000
Size Of Heap Reserve 00100000
Size Of Heap Commit 00001000
Loader Flags 00000000
Number of Directories 00000010
Directory Name VirtAddr VirtSize
Export 00000000 00000000
Import 00002040 0000003C
Resource 00000000 00000000
Exception 00000000 00000000
Security 00000000 00000000
Base Relocation 00000000 00000000
Debug 00000000 00000000
Decription/Architecture 00000000 00000000
Machine Value (MIPS GP) 00000000 00000000
Thread Storage 00000000 00000000
Load Configuration 00000000 00000000
Bound Import 00000000 00000000
Import Address Table 00002000 00000040
Delay Import 00000000 00000000
COM Runtime Descriptor 00000000 00000000
(reserved) 00000000 00000000
Section Table
01 .text Virtual Address 00001000
Virtual Size 00000196
Raw Data Offset 00000400
Raw Data Size 00000200
Relocation Offset 00000000
Relocation Count 0000
Line Number Offset 00000000
Line Number Count 0000
Characteristics 60000020
Code
Executable
Readable
02 .rdata Virtual Address 00002000
Virtual Size 000001C2
Raw Data Offset 00000600
Raw Data Size 00000200
Relocation Offset 00000000
Relocation Count 0000
Line Number Offset 00000000
Line Number Count 0000
Characteristics 40000040
Initialized Data
Readable
03 .data Virtual Address 00003000
Virtual Size 00000024
Raw Data Offset 00000800
Raw Data Size 00000200
Relocation Offset 00000000
Relocation Count 0000
Line Number Offset 00000000
Line Number Count 0000
Characteristics C0000040
Initialized Data
Readable
Writeable
Imp Addr Hint Import Name from USER32.dll - Not Bound
00002010 19B LoadIconA
00002014 1DD PostQuitMessage
00002018 128 GetMessageA
0000201C 94 DispatchMessageA
00002020 27D TranslateMessage
00002024 28B UpdateWindow
00002028 197 LoadCursorA
0000202C 83 DefWindowProcA
00002030 58 CreateWindowExA
00002034 1EF RegisterClassExA
00002038 265 ShowWindow
Imp Addr Hint Import Name from KERNEL32.dll - Not Bound
00002000 111 GetModuleHandleA
00002004 B6 GetCommandLineA
00002008 75 ExitProcess
IAT Entry
00000000: 000021A0 0000218E - 00002180 00000000 - 00002110 0000211C
00000018: 000020F4 000020E0 - 00002150 00002164 - 00002102 000020CE
00000030: 000020BC 0000212E - 00002142 00000000
Disassembly
00401000 start:
00401000 6A00 push 0
00401002 E889010000 call fn_00401190
00401007 A31C304000 mov [40301Ch],eax
0040100C E879010000 call fn_0040118A
00401011 A320304000 mov [403020h],eax
00401016 6A0A push 0Ah
00401018 FF3520304000 push dword ptr [403020h]
0040101E 6A00 push 0
00401020 FF351C304000 push dword ptr [40301Ch]
00401026 E806000000 call fn_00401031
0040102B 50 push eax
0040102C E853010000 call fn_00401184
00401031 fn_00401031: ; o nosso gerenteJanela
00401031 55 push ebp
00401032 8BEC mov ebp,esp
00401034 83C4B0 add esp,0FFFFFFB0h
00401037 C745D030000000 mov dword ptr [ebp-30h],30h
0040103E C745D403000000 mov dword ptr [ebp-2Ch],3
00401045 C745D816114000 mov dword ptr [ebp-28h],401116h
0040104C C745DC00000000 mov dword ptr [ebp-24h],0
00401053 C745E000000000 mov dword ptr [ebp-20h],0
0040105A FF7508 push dword ptr [ebp+8]
0040105D 8F45E4 pop [ebp-1Ch]
00401060 68057F0000 push 7F05h
00401065 6A00 push 0
00401067 E8F4000000 call fn_00401160
0040106C 8945E8 mov [ebp-18h],eax
0040106F 8945FC mov [ebp-4],eax
00401072 68007F0000 push 7F00h
00401077 6A00 push 0
00401079 E8DC000000 call fn_0040115A
0040107E 8945EC mov [ebp-14h],eax
00401081 C745F006000000 mov dword ptr [ebp-10h],6
00401088 C745F400000000 mov dword ptr [ebp-0Ch],0
0040108F C745F800304000 mov dword ptr [ebp-8],403000h
00401096 8D45D0 lea eax,[ebp-30h]
00401099 50 push eax
0040109A E8CD000000 call fn_0040116C ; registra a classe
0040109F 6A00 push 0
004010A1 FF7508 push dword ptr [ebp+8]
004010A4 6A00 push 0
004010A6 6A00 push 0
004010A8 6800000080 push 80000000h
004010AD 6800000080 push 80000000h
004010B2 6800000080 push 80000000h
004010B7 6800000080 push 80000000h
004010BC 680000CF00 push 0CF0000h
004010C1 680A304000 push 40300Ah
004010C6 6800304000 push 403000h
004010CB 6A00 push 0
004010CD E870000000 call fn_00401142 ; cria a janela
004010D2 8945B0 mov [ebp-50h],eax
004010D5 6A01 push 1
004010D7 FF75B0 push dword ptr [ebp-50h]
004010DA E893000000 call fn_00401172 ; mostra a janela
004010DF FF75B0 push dword ptr [ebp-50h]
004010E2 E897000000 call fn_0040117E
004010E7 loc_004010E7: ; o loop infinito do gerenteJanela
004010E7 6A00 push 0
004010E9 6A00 push 0
004010EB 6A00 push 0
004010ED 8D45B4 lea eax,[ebp-4Ch]
004010F0 50 push eax
004010F1 E85E000000 call fn_00401154
004010F6 83F801 cmp eax,1
004010F9 7214 jb loc_0040110F
004010FB 8D45B4 lea eax,[ebp-4Ch]
004010FE 50 push eax
004010FF E874000000 call fn_00401178
00401104 8D45B4 lea eax,[ebp-4Ch]
00401107 50 push eax
00401108 E841000000 call fn_0040114E ; chama o gerenteMensagem
0040110D EBD8 jmp loc_004010E7
0040110F loc_0040110F: ; o nosso gerenteMensagem
0040110F 8B45BC mov eax,[ebp-44h]
00401112 C9 leave
00401113 C21000 ret 10h
00401116 55 push ebp
00401117 8BEC mov ebp,esp
00401119 837D0C02 cmp dword ptr [ebp+0Ch],2
0040111D 750D jnz loc_0040112C
0040111F 6A00 push 0
00401121 E840000000 call fn_00401166
00401126 33C0 xor eax,eax
00401128 C9 leave
00401129 C21000 ret 10h
0040112C loc_0040112C:
0040112C FF7514 push dword ptr [ebp+14h]
0040112F FF7510 push dword ptr [ebp+10h]
00401132 FF750C push dword ptr [ebp+0Ch]
00401135 FF7508 push dword ptr [ebp+8]
00401138 E80B000000 call fn_00401148
0040113D C9 leave
0040113E C21000 ret 10h
00401141 CC int 3
00401142 fn_00401142:
00401142 FF2530204000 jmp dword ptr [CreateWindowExA]
00401148 fn_00401148:
00401148 FF252C204000 jmp dword ptr [DefWindowProcA]
0040114E fn_0040114E:
0040114E FF251C204000 jmp dword ptr [DispatchMessageA]
00401154 fn_00401154:
00401154 FF2518204000 jmp dword ptr [GetMessageA]
0040115A fn_0040115A:
0040115A FF2528204000 jmp dword ptr [LoadCursorA]
00401160 fn_00401160:
00401160 FF2510204000 jmp dword ptr [LoadIconA]
00401166 fn_00401166:
00401166 FF2514204000 jmp dword ptr [PostQuitMessage]
0040116C fn_0040116C:
0040116C FF2534204000 jmp dword ptr [RegisterClassExA]
00401172 fn_00401172:
00401172 FF2538204000 jmp dword ptr [ShowWindow]
00401178 fn_00401178:
00401178 FF2520204000 jmp dword ptr [TranslateMessage]
0040117E fn_0040117E:
0040117E FF2524204000 jmp dword ptr [UpdateWindow]
00401184 fn_00401184:
00401184 FF2508204000 jmp dword ptr [ExitProcess]
0040118A fn_0040118A:
0040118A FF2504204000 jmp dword ptr [GetCommandLineA]
00401190 fn_00401190:
00401190 FF2500204000 jmp dword ptr [GetModuleHandleA]
Download
Você pode fazer o download de tutNB03.zip que contém o texto deste tutorial, além do código fonte e do executável ou ir para a seção Downloads/Tutoriais/Assembly Numaboa onde você encontra este e outros zips de tutoriais.
- << Anterior
- Próximo