这是我测试PE格式的STUB的源代码,可显示当前所用操作 操作系统版本。
dos下的stub部分源代码---调用DOS中断服务程序
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ ; FileName: os_type.asm ; function: Reports current operation system type ; Author : Purple Endurer ; Version : 0.1 ; ; OS Name Offset of INT 08h Offset of INT 43h ; ------------------------------------------------------- ; MS DOS 7.00 001Fh 5710h ; MS DOS 7.10 18DEh 6EE5h ; UCDOS 1AF3h ; UCDOS98 1AEBh 6E20h ; MSDOS mode 0000h ; PDOS95 0A50h 6E20h ; ; Date Summary ; ------------------------------------------------------- ; 2002.04.07 Created from software paper 95P125 ; 2002.06.11 Show version if os is MS-DOS ; 2002.08.07 Convert it to DOS EXE format to be stub ; program in PE format execute file ; 2004.02.09 Added the condition asm var 'UseStack' ; Question: ; Why can this program run normally with stack segment, ; though there is push and pop instruction in bin2dec proc? UseStack equ 0 data segment strMSDOS db "MS DOS " cMajorVer db ' ' db '.' cMinorVer db " $" strUCDOS db "UCDOS" cUCDOSVer db " 98特别版$" strPDOS95 db "Windows95中文DOS方式PDOS95$" data ends if UseStack sseg segment stack db 10 dup(?) sseg ends endif code segment ;-------------------------------------- if UseStack assume cs: code, ds: data, ss: sseg else assume cs: code, ds: data endif main proc start: mov ax, data mov ds, ax if UseStack mov ax, sseg mov ss, ax endif mov ah, 30h ; Get Version int 21h add al, '0' mov cMajorVer, al mov bx, offset cMinorVer call bin2dec mov ax, 3508h int 21h mov dx, offset strMSDOS mov ah, 09h int 21h cmp bx, 1fh je @end ;Here is DOS 7.00 only cmp bx, 18deh je @End ;Here is DOS 7.10 only mov dx, offset strUCDOS cmp bx, 1aebh je @Report cmp bx, 1af3h jne @next2 mov cUCDOSVer, '$' jmp @report @next2: mov dx, offset strPDOS95 cmp bx, 0a50h jne @End @Report: ;mov ah, 09h int 21h @End: mov ax, 4c00h int 21h main endp ; ======================================================== ; Input : AH = the Binary will be translated) ; BX = First offset of memory us to store the result ; Output: BX = First offset of memory stored the result ; -------------------------------------------------------- bin2dec proc push dx mov dl, 10 @LoopDiv: mov al, ah xor ah, ah div dl ; (AL) <- (AX) / (DL) (AH) <- (AX) % (DL) add al, '0' mov [bx], al inc bx cmp ah, 10 jg @LoopDiv add ah, '0' mov [bx], ah pop dx ret bin2dec endp ;========================================= code ends end main WINDOWS下的源代码--调用 API 函数GetVersionEx() ;<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< ;FileName: StubDemo.asm ; Fuction: Demo how to use the custome stub of PE exe files. ; Author: Purple Endurer ; Date Summary ; ------------------------------------------------------- ; 2002.04.07 Created! ;<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< .386 .model flat, stdcall option casemap:none include /masm32/include/windows.inc include /masm32/include/kernel32.inc include /masm32/include/user32.inc includelib /masm32/lib/user32.lib includelib /masm32/lib/kernel32.lib bDetailInfo equ 0 .data szMsgBoxTitle db "当前操作系统",0 if bDetailInfo ;?????? bDetailInfo szWin31 db "Win32s on Windows 3.1 ", 0 szWin9x db "Win32 on Windows 95 ", 0 else szWin31 db "Windows 3.1 ", 0 szWin9x db "Windows 95 ", 0 endif ;?????? bDetailInfo szWinNT db "Windows NT ", 0 szFormat4OsVer db "%lu.%lu.%lu", 0 szGetOsInfoFail db "取操作系统信息失败!", 0 .data? OsVer OSVERSIONINFO <> szOsVerInfo db 255 dup (?) szOsVerInfoTmp db 255 dup (?) .code start: mov OsVer.dwOSVersionInfoSize, SIZEOF OSVERSIONINFO invoke GetVersionEx, ADDR OsVer .if eax mov eax, OsVer.dwPlatformId ;Identifies the build number of the operating ;system in the low-order word For Win9X .if eax == VER_PLATFORM_WIN32s mov esi, OFFSET szWin31 and OsVer.dwBuildNumber, 0FFFFh .elseif eax == VER_PLATFORM_WIN32_WINDOWS mov esi, OFFSET szWin9x and OsVer.dwBuildNumber, 0FFFFh .else ; eax ==VER_PLATFORM_WIN32_NT mov esi, OFFSET szWinNT .endif invoke lstrcpy, ADDR szOsVerInfo, esi invoke wsprintf, ADDR szOsVerInfoTmp,/ ADDR szFormat4OsVer, OsVer.dwMajorVersion,/ OsVer.dwMinorVersion, OsVer.dwBuildNumber invoke lstrcat, ADDR szOsVerInfo, ADDR szOsVerInfoTmp invoke lstrcat, ADDR szOsVerInfo, ADDR OsVer.szCSDVersion mov edi, OFFSET szOsVerInfo mov esi, MB_OK OR MB_ICONINFORMATION .else mov edi, OFFSET szGetOsInfoFail mov esi, MB_OK OR MB_ICONWARNING .endif invoke MessageBox, NULL, edi, addr szMsgBoxTitle, esi invoke ExitProcess,NULL end start
到命令行,把我们自己定义的stub连接进来
命令是:
/masm32/bin/link /stub:<filename.exe> /subsystem:windows <objectname.obj>
本例中使用的命令是:
/masm32v6/WORKS/my_stub>/masm32/bin/link /stub:stub.exe /subsystem:windows stubdemo.obj
尽管会看到下面的警告信息,但程序仍然是可以正常运行的。
Microsoft (R) Incremental Linker Version 5.12.8078 Copyright (C) Microsoft Corp 1992-1998. All rights reserved. stub.exe : warning LNK4060: stub file missing full MS-DOS header; rebuild stub with /KNOWEAS 16-bit LINK option
