第0课 VM

#include <windows.h>#define vPush 0x11  //Whatever#define vCall 0x22  //Whatever#define vEnd  0xffBYTE VMData[] = {vPush, 0x00, 0x00, 0x00, 0x00, //push xxxxvPush, 0x00, 0x00, 0x00, 0x00, //push xxxxvPush, 0x00, 0x00, 0x00, 0x00, //push xxxxvPush, 0x00, 0x00, 0x00, 0x00, //push xxxxvCall, 0x00, 0x00, 0x00, 0x00, //call xxxxvEnd };__declspec(naked) void VM(PVOID VMData){__asm{//取得参数mov ecx, dword ptr ss : [esp + 4]__vStart :                               //这段把push 做了4个 //去第一个字节 mov al, byte ptr ds : [ecx] cmp al, vPush je __vPush cmp al, vCall je __vCall cmp al, vEnd je __vEnd __vPush :     inc ecx //往后加1mov edx, dword ptr ds : [ecx]push edxadd ecx, 4jmp __vStart__vCall :                                 //call函数inc ecxmov edx, dword ptr ds : [ecx]call edxadd ecx, 4jmp __vStart__vEnd :ret}}int main(int argc, char* argv[]){char *Caption = "VM";char *Text = "Hello World"; //__asm //{ //push MB_OK //mov eax,Caption //push eax //mov eax,Text //push eax //push 0 //call dword ptr ds:[MessageBoxA] //}//修改虚拟指令的数据__asm{     mov eax, eaxmov eax, eaxmov eax, eaxmov eax, eax}*(DWORD*)(VMData + 5 + 1) = (DWORD)Caption;*(DWORD*)(VMData + 10 + 1) = (DWORD)Text;*(DWORD*)(VMData + 20 + 1) = (DWORD)MessageBoxA;//执行虚拟指令VM(VMData);return 0;}