mbr.asm

楼主^#

更多发布于：2010-06-04 10:22

68013

;记得2007年潜心研究mbr，曾经手工分析过，现在连格式都忘了。
;今天有幸在win32下搞一个程序，没啥！很简单，没有技术含量。
;不足之处，请多多指教：
;QQ:112426112
;Email:leguanyuan@126.com
;Websites:http://correy.webs.com
;ml /coff mbr.asm /link /subsystem:windows
.386
.model flat, stdcall
option casemap:none
include kernel32.inc
include user32.inc
includelib kernel32.lib
includelib user32.lib

.data
dn db "\\.\PhysicalDrive0",0
correy db "made by correy",0
noo db "建立对象失败",0
errored db "读取内容失败！",0

.data?
x dd ?
buffer db 1024 DUP (?);不能定义的太小。
buffer2 db 512 DUP (?);不能定义的太小。
nc db 2 dup (?)

.code
showeax proc
local bufferp[9]:byte
pushad
mov cx,2
xor esi,esi
againp:
dec cx
rol al,4
push ax
and ax,0Fh
cmp ax,9
jg big
add ax,30h
mov [nc+esi],al
;inc esi
;mov [bufferp+esi],20h
pop ax
inc esi
cmp cx,0
jne againp
je showp
big:
add ax,37h
mov [nc+esi],al
;inc esi
;mov [bufferp+esi],20h
pop ax
inc esi
cmp cx,0
jne againp
showp:;
inc esi
mov [nc+esi],20h
;invoke MessageBox,NULL,addr bufferp,0,0
popad
ret
showeax endp

start:invoke CreateFile,addr dn,80000000h,1,0,3,0,0
cmp eax,-1
je no
invoke ReadFile,eax,addr buffer2,512,addr x,0
cmp eax,0
je err

mov ecx,512
lea esi,buffer2
mov edi,offset buffer

as:mov al,byte ptr [esi]
call showeax
mov dx,word ptr [nc]
mov word ptr [edi],dx
add edi,2
mov word ptr [edi],20h
inc edi
inc esi
dec ecx
cmp ecx,0
jne as

invoke MessageBox,0,addr buffer,addr correy,0
jmp exit

no:invoke MessageBox,0,addr noo,addr correy,0
jmp exit

err:invoke MessageBox,0,addr errored,addr correy,0

exit:invoke ExitProcess, 0
end start
;made at 2010.06.03

喜欢0

0h0h0h008 驱动牛犊注册日期2006-07-31 最后登录2011-08-28 粉丝0 关注0 积分9分威望78点贡献值0点好评度46点原创分0分专家分0分加关注写私信	沙发^# 发布于：2010-07-08 17:50 打油帖
	回复(0) 喜欢(0)

您需要登录后才可以回帖，登录或者注册

mbr.asm

最新喜欢：