This is more of a thing that was interesting me for quite a while. I know you can allocate a buffer with execution
permissions, which you in turn can fill with opcodes and data like below (calling MessageBoxA).
Code: Select all
Import "user32.lib"
MessageBoxA(hWnd.l, szMessage.s, szTitle.s, dwFlags.l)
EndImport
Procedure assemblyCall()
Protected requiredSize = 28
; 4x 1byte push with 4 dword values = 20
; 1x MOV EAX, DWORD = 5 bytes
; 1x CALL EAX = 2 bytes
; 1x return = 1 byte.
vm = VirtualAlloc_(#Null, requiredSize, #MEM_COMMIT, #PAGE_EXECUTE_READWRITE)
If(vm)
Protected szTitle.s = "Hello World!!"
Protected szMessage.s = "Testing executing the contents of this buffer."
Protected Flags = #MB_ICONINFORMATION | #MB_YESNO
Protected dwOffset = 0
Protected *function = @MessageBoxA()
; MsgBoxStyle - PUSH Flags
PokeA(vm + dwOffset, $68): dwOffset + 1
PokeL(vm + dwOffset, Flags): dwOffset + 4
; szTitle - PUSH lpszTitle
PokeA(vm + dwOffset, $68): dwOffset + 1
PokeL(vm + dwOffset, @szTitle): dwOffset + 4
; szMessage - PUSH lpszMessage
PokeA(vm + dwOffset, $68): dwOffset + 1
PokeL(vm + dwOffset, @szMessage): dwOffset + 4
; hWindowHandle - PUSH 0
PokeA(vm + dwOffset, $68): dwOffset + 1
PokeL(vm + dwOffset, 0): dwOffset + 4
; push function = MOV EAX, function
PokeA(vm + dwOffset, $B8): dwOffset + 1
PokeL(vm + dwOffset, *function): dwOffset + 4
; Call
PokeA(vm + dwOffset, $FF): dwOffset + 1 ; CALL EAX
PokeA(vm + dwOffset, $D0): dwOffset + 1
PokeA(vm + dwOffset, $C3): dwOffset + 1 ;RETN
eax_result.l = CallFunctionFast(vm)
If(eax_result = #IDYES)
Debug "You pressed yes :)"
Else
Debug "You pressed no :("
EndIf
VirtualFree_(vm, 0, #MEM_RELEASE)
EndIf
EndProcedure
assemblyCall()
that can assemble / compile assembly code and execute it dynamically? I mean, I know it must be possible,
because this code works for me. But this isn't really an easy read.
I would like a real-time assembler like this, because then I'd be able to use assembly dynamically. Extending
scripting languages with it etc.
Anyhow, just my curiosity here. I'm curious of what is currently possible.
I remember that something like this has been done in AutoIt a while ago, dynamically assembling and executing FASM code.
Thanks.