这是我测试PE格式的STUB的源代码,可显示当前所用操作操作系统版本。
dos下的stub部分源代码---调用DOS中断服务程序
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
; FileName: os_type.asm
; function: Reports current operation system type
; Author : Purple Endurer
; Version : 0.1
;
; OS Name Offset of INT 08h Offset of INT 43h
; -------------------------------------------------------
; MS DOS 7.00 001Fh 5710h
; MS DOS 7.10 18DEh 6EE5h
; UCDOS 1AF3h
; UCDOS98 1AEBh 6E20h
; MSDOS mode 0000h
; PDOS95 0A50h 6E20h
;
; Date Summary
; -------------------------------------------------------
; 2002.04.07 Created from software paper 95P125
; 2002.06.11 Show version if os is MS-DOS
; 2002.08.07 Convert it to DOS EXE format to be stub
; program in PE format execute file
; 2004.02.09 Added the condition asm var 'UseStack'
; Question:
; Why can this program run normally with stack segment,
; though there is push and pop instruction in bin2dec proc?
UseStack equ 0
data segment
strMSDOS db "MS DOS "
cMajorVer db ' '
db '.'
cMinorVer db " $"
strUCDOS db "UCDOS"
cUCDOSVer db " 98特别版$"
strPDOS95 db "Windows95中文DOS方式PDOS95$"
data ends
if UseStack
sseg segment stack
db 10 dup(?)
sseg ends
endif
code segment
;--------------------------------------
if UseStack
assume cs: code, ds: data, ss: sseg
else
assume cs: code, ds: data
endif
main proc
start:
mov ax, data
mov ds, ax
if UseStack
mov ax, sseg
mov ss, ax
endif
mov ah, 30h ; Get Version
int 21h
add al, '0'
mov cMajorVer, al
mov bx, offset cMinorVer
call bin2dec
mov ax, 3508h
int 21h
mov dx, offset strMSDOS
mov ah, 09h
int 21h
cmp bx, 1fh
je @end ;Here is DOS 7.00 only
cmp bx, 18deh
je @End ;Here is DOS 7.10 only
mov dx, offset strUCDOS
cmp bx, 1aebh
je @Report
cmp bx, 1af3h
jne @next2
mov cUCDOSVer, '$'
jmp @report
@next2:
mov dx, offset strPDOS95
cmp bx, 0a50h
jne @End
@Report:
;mov ah, 09h
int 21h
@End:
mov ax, 4c00h
int 21h
main endp
; ========================================================
; Input : AH = the Binary will be translated)
; BX = First offset of memory us to store the result
; Output: BX = First offset of memory stored the result
; --------------------------------------------------------
bin2dec proc
push dx
mov dl, 10
@LoopDiv:
mov al, ah
xor ah, ah
div dl ; (AL) <- (AX) / (DL) (AH) <- (AX) % (DL)
add al, '0'
mov [bx], al
inc bx
cmp ah, 10
jg @LoopDiv
add ah, '0'
mov [bx], ah
pop dx
ret
bin2dec endp
;=========================================
code ends
end main
WINDOWS下的源代码--调用 API 函数GetVersionEx()
;<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
;FileName: StubDemo.asm
; Fuction: Demo how to use the custome stub of PE exe files.
; Author: Purple Endurer
; Date Summary
; -------------------------------------------------------
; 2002.04.07 Created!
;<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
.386
.model flat, stdcall
option casemap:none
include \masm32\include\windows.inc
include \masm32\include\kernel32.inc
include \masm32\include\user32.inc
includelib \masm32\lib\user32.lib
includelib \masm32\lib\kernel32.lib
bDetailInfo equ 0
.data
szMsgBoxTitle db "当前操作系统",0
if bDetailInfo ;?????? bDetailInfo
szWin31 db "Win32s on Windows 3.1 ", 0
szWin9x db "Win32 on Windows 95 ", 0
else
szWin31 db "Windows 3.1 ", 0
szWin9x db "Windows 95 ", 0
endif ;?????? bDetailInfo
szWinNT db "Windows NT ", 0
szFormat4OsVer db "%lu.%lu.%lu", 0
szGetOsInfoFail db "取操作系统信息失败!", 0
.data?
OsVer OSVERSIONINFO <>
szOsVerInfo db 255 dup (?)
szOsVerInfoTmp db 255 dup (?)
.code
start:
mov OsVer.dwOSVersionInfoSize, SIZEOF OSVERSIONINFO
invoke GetVersionEx, ADDR OsVer
.if eax
mov eax, OsVer.dwPlatformId
;Identifies the build number of the operating
;system in the low-order word For Win9X
.if eax == VER_PLATFORM_WIN32s
mov esi, OFFSET szWin31
and OsVer.dwBuildNumber, 0FFFFh
.elseif eax == VER_PLATFORM_WIN32_WINDOWS
mov esi, OFFSET szWin9x
and OsVer.dwBuildNumber, 0FFFFh
.else ; eax ==VER_PLATFORM_WIN32_NT
mov esi, OFFSET szWinNT
.endif
invoke lstrcpy, ADDR szOsVerInfo, esi
invoke wsprintf, ADDR szOsVerInfoTmp,ADDR szFormat4OsVer, OsVer.dwMajorVersion,OsVer.dwMinorVersion, OsVer.dwBuildNumber
invoke lstrcat, ADDR szOsVerInfo, ADDR szOsVerInfoTmp
invoke lstrcat, ADDR szOsVerInfo, ADDR OsVer.szCSDVersion
mov edi, OFFSET szOsVerInfo
mov esi, MB_OK OR MB_ICONINFORMATION
.else
mov edi, OFFSET szGetOsInfoFail
mov esi, MB_OK OR MB_ICONWARNING
.endif
invoke MessageBox, NULL, edi, addr szMsgBoxTitle, esi
invoke ExitProcess,NULL
end start
到命令行,把我们自己定义的stub连接进来
命令是:
\masm32\bin\link /stub:<filename.exe> /subsystem:windows <objectname.obj>
本例中使用的命令是:
\masm32v6\WORKS\my_stub>\masm32\bin\link /stub:stub.exe /subsystem:windows stubdemo.obj
尽管会看到下面的警告信息,但程序仍然是可以正常运行的。
Microsoft (R) Incremental Linker Version 5.12.8078
Copyright (C) Microsoft Corp 1992-1998. All rights reserved.
stub.exe : warning LNK4060: stub file missing full MS-DOS header; rebuild stub with /KNOWEAS 16-bit LINK option