-
Notifications
You must be signed in to change notification settings - Fork 32
/
Copy pathLDE64.asm
79 lines (68 loc) · 1.42 KB
/
LDE64.asm
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
;
; LDE64 x64 relocatable (Length Disassembler Engine) for 64 bits plateforms
; FREEWARE
;
; coded by BeatriX
; beatrix2004(at)free(dot)fr
;
; release : 1.6 - 01-14-09
;
;
; Syntax to disassemble 32 bits target (fastcall convention):
; mov edx, 0
; mov rcx, Address2Disasm
; call LDE
;
; Syntax to disassemble 64 bits target:
; mov edx, 64
; mov rcx, Address2Disasm
; call LDE
;
;******************************************************
.code
start:
; ================================================
; _fastcall
; mov edx, Architecture ( 0 == IA-32 // 64 == EM64T )
; mov rcx, EIP
; call LDE
;
; ================================================
_LDE@16:
push rbp
sub rsp, 43
mov rbp, rsp
push rcx
push rdx
push rsi
call StartLDE
#include Includes\datas.asm
StartLDE:
pop rsi
push rcx
pop [EIP_]
mov d [Architecture_], edx
mov b [NB_PREFIX], 0
mov d [OperandSize], 32
mov d [AddressSize], 32
cmp d [Architecture_], 64
jne >
mov d [AddressSize], 64
:
mov rax, [EIP_]
movzx rcx, b [rax]
lea rax, [rsi+rcx*8]
add rax, [rax]
call rax
pop rsi
pop rdx
pop rcx
cmp rax, -1
je >
mov rax, [EIP_]
sub rax, rcx
:
add rsp, 43
pop rbp
ret
#include Includes\opcodes.asm