[Release] ProcessASM

[bigtimt]

this is a nifty little assembly i made to compile asm files into bytecode

RapidShare: Easy Filehosting

Credits:
Me
FASM

and Nesox for testing!

examples:

Code:

    Public ASM as New ProcessASM(Process.Start("C:Program FilesWorld of WarcraftWow.exe"))

    Public Sub Test()
        RunScript("DoEmote(""dance"")")
    End Sub

    Public Sub UpdateCurMgr()
        With ASM
            .Asm("mov EDX, [0x00D43318]")
            .Asm("mov EDX, [EDX+0x2218]")
            .Asm("FS mov EAX, [0x2C]")
            .Asm("mov EAX, [EAX]")
            .Asm("add EAX, 8")
            .Asm("mov [EAX], EDX")
        End With
    End Sub

    Public Sub RunScript(ByVal Script As String)
        Dim pScript As Int32 = ASM.AllocateMemory(256)
        ASM.WriteString(pScript, Script)

        UpdateCurMgr()
        With ASM
            .Asm("mov ecx, 0x0088C301")
            .Asm("mov eax, " & pScript)
            .Asm("push ecx")
            .Asm("push eax")
            .Asm("push eax")
            .Asm("mov eax, 0x00706C80")
            .Asm("call eax")
            .Asm("add esp, 0xC")
            .Execute()
        End With
    End Sub

Code:

flat assembler version 1.67
Copyright (c) 1999-2007, Tomasz Grysztar.
All rights reserved.

This program is free for commercial and non-commercial use as long as
the following conditions are adhered to.

Copyright remains Tomasz Grysztar, and as such any Copyright notices
in the code are not to be removed.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:

1. Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR
CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

The licence and distribution terms for any publically available
version or derivative of this code cannot be changed. i.e. this code
cannot simply be copied and put under another distribution licence
(including the GNU Public Licence).

[Nesox]

this is a nifty little assembly i made to compile asm files into bytecode

RapidShare: Easy Filehosting

Credits:
Me
FASM

and Nesox for testing!

examples:

Code:

    Public ASM as New ProcessASM(Process.Start("C:Program FilesWorld of WarcraftWow.exe"))

    Public Sub Test()
        RunScript("DoEmote(""dance"")")
    End Sub

    Public Sub UpdateCurMgr()
        With ASM
            .Asm("mov EDX, [0x00D43318]")
            .Asm("mov EDX, [EDX+0x2218]")
            .Asm("FS mov EAX, [0x2C]")
            .Asm("mov EAX, [EAX]")
            .Asm("add EAX, 8")
            .Asm("mov [EAX], EDX")
        End With
    End Sub

    Public Sub RunScript(ByVal Script As String)
        Dim pScript As Int32 = ASM.AllocateMemory(256)
        ASM.WriteString(pScript, Script)

        UpdateCurMgr()
        With ASM
            .Asm("mov ecx, 0x0088C301")
            .Asm("mov eax, " & pScript)
            .Asm("push ecx")
            .Asm("push eax")
            .Asm("push eax")
            .Asm("mov eax, 0x00706C80")
            .Asm("call eax")
            .Asm("add esp, 0xC")
            .Execute()
        End With
    End Sub

ah nice one altho some scripts i wasnt able to run

[Cypher]

Interesting.

Without taking a look at the source, I'm curious. What are you using to convert the mnemonics into their hex opcodes?

[Shynd]

It would seem that he has embedded Flat Assembler (FASM) as a resource. He copies it to disk as "temp.dat", copies his ASM buffer to disk as "temp2.dat", then executes FASM which converts mnemonics to opcodes. I'm pretty sure he kinda forgot to include the ****ing FASM License, so here it is just in case:

flat assembler version 1.67
Copyright (c) 1999-2007, Tomasz Grysztar.
All rights reserved.

This program is free for commercial and non-commercial use as long as
the following conditions are adhered to.

Copyright remains Tomasz Grysztar, and as such any Copyright notices
in the code are not to be removed.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:

1. Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR
CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

The licence and distribution terms for any publically available
version or derivative of this code cannot be changed. i.e. this code
cannot simply be copied and put under another distribution licence
(including the GNU Public Licence).

God damned despicable.

[hypnodok]

Without taking a further look at it, can this be used to call protected Lua functions?

[bigtimt]

no it can't

[Cypher]

Actually yes it can.

You can call protected functions via one of WoW's internal functions from memory. I personally just patch the protection check but if you choose to do it via a function call then this could probably do the trick. (Assuming you know the function to call and its prototype)

[Shynd]

I didn't really like your implementation of having to write to disk, execute FASM.exe, read from disk, etc., so I wrote a managed wrapper around FASM.DLL that the author of FASM, Thomas Grysztar, wrote and released on the flatassembler.net message board. Here it is, source, binaries, and test project included.

Flat Assembler compiled as a DLL (posted on the flatassembler.net message boards and compiled with version 1.67.27 by Shynd)
Managed wrapper for the Flat Assembler DLL

The unmanaged code in fasmdll_managed.cpp also shows how to call FASM.dll from unmanaged C/++. This is by no means release-quality, really more of a proof-of-concept, but effective nonetheless. Please see this post on the flatassembler.net message board for more information.



Usage:

Code:

Fasm.ManagedFasm fasm = new Fasm.ManagedFasm();
//the forward slashes in the line below should be backslashes...
//stupid forum parses out all backslashes so they don't show
byte[] a = fasm.Assemble("use32/nxor eax, eax/nmov ebx, eax/nmov ecx, eax/nmov edx, eax/nretn");

for (int i = 0; i < a.Length; i++)
	Console.Write("{0:X02} ", a[i]);
Console.WriteLine();

[bigtimt]

oh cool thanks shynd, didn't even think to see if there was a fasm.dll, this will increase speed greatly

[Shynd]

FasmManaged - Game Deception - Forums

[Meaf]

thanks for this one