首页
论坛
课程
招聘
[OllyDbg 1.x] [转帖]Multiline Ultimate Assembler 2.3 (1) by RaMMicHaeL
2014-9-15 00:41 3164

[OllyDbg 1.x] [转帖]Multiline Ultimate Assembler 2.3 (1) by RaMMicHaeL

2014-9-15 00:41
3164
Multiline Ultimate Assembler 2.3 (1) by RaMMicHaeL
Multiline Ultimate Assembler (formerly MUltimate Assembler) is a multiline (and ultimate) assembler (and disassembler) plugin for OllyDbg. It's a perfect tool for modifying and extending a compiled executable functionality, writing code caves, etc.

General:

- MUltimate Assembler is a multiline (and ultimate) assembler (and disassembler)
- To disassemble code, select it, and choose "MUltimate Assembler" from the right click menu
- To assemble code, click the Assemble button in the assembler window

Rules:

- You must define the address your code should be assembled on, like this: <00401000>- You can use any asm commands that OllyDbg can assemble
- You can use RVA (relative virtual) addressess with a module name, like this: $module.1000 or $"module".1000, or $$1000 to use the module of the address definition (e.g. <$m.1000>PUSH $$3 is the same as <$m.1000>PUSH $m.3)
- You can use labels, that must begin with a '@', and contain only letters, numbers, and _
- You can use anonymous labels, which are defined as '@@' and are referenced to as @b (or @r) for the preceding label and @f for the following label
- You can use C-style strings for text and binary data (use the L prefix for unicode)

Example:

<00401000> NOP ; This is a nop
JMP SHORT @f

@str:
"Hello World!\0"
; L"Hello World!\0" ; for unicode

@@:
PUSH @str
CALL @print_str
RET

<00401030>@print_str:
RET 4 ; TODO: Write the function


[公告]春风十里不如你,看雪团队诚邀你的加入!

上传的附件:
收藏
点赞1
打赏
分享
最新回复 (2)
雪    币: 275
活跃值: 活跃值 (23)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
huscj 活跃值 2014-9-15 08:55
2
0
感谢林版,夜深注意身体!感谢分享!
雪    币: 564
活跃值: 活跃值 (12)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
lixupeng 活跃值 2014-9-18 19:41
3
0
谢谢 分享
游客
登录 | 注册 方可回帖
返回