汇编手记之第一个窗口程序

发表评论
990 views

 ›
汇编手记之第一个窗口程序

写在前面

我又来写汇编了,最近搞微信逆向搞的头大。
汇编的话,直接从书里抄代码还是轻松愉快,调用的基本是Windows API,也并不晦涩难懂。
而且,看着自己敲的代码在OD里一行一行的执行,瞬间觉得自己理解了编程的本质(雾)。
这样一个窗口程序,编译后只有2.5kb左右,不知道用C++实现编译出来会多大。

汇编代码

.386
.model flat,stdcall
option casemap:none
;-----------------------------------
; Include
;-----------------------------------
include windows.inc
include gdi32.inc
includelib gdi32.lib
include user32.inc
includelib user32.lib
include kernel32.inc
includelib kernel32.lib

;-----------------------------------
; 数据段
;-----------------------------------
.data?
hInstance       dd ?
hwinMain        dd ?

.const
szClassName     db '我的窗口类',0
szCaptionMain   db '第一个窗口程序',0
szText          db 'Win32汇编,简单且强力!',0

;-----------------------------------
; 代码段
;-----------------------------------
.code
;-----------------------------------
; 窗口过程
;-----------------------------------
_ProcWinMain    proc uses ebx edi esi,hWnd,uMsg,wParam,lParam
                local @stPs:PAINTSTRUCT
                local @stRect:RECT
                local @hDc
                mov eax,uMsg
;-----------------------------------
                .if eax == WM_PAINT
                    invoke BeginPaint,hWnd,addr @stPs
                    mov @hDc,eax
                    invoke GetClientRect,hWnd,addr @stRect
                    invoke DrawText,@hDc,addr szText,-1,\
                           addr @stRect,\
                           DT_SINGLELINE or DT_CENTER or DT_VCENTER
                    invoke EndPaint,hWnd,addr @stPs
;----------------------------------
                .elseif eax == WM_CLOSE
                    invoke DestroyWindow,hwinMain
                    invoke PostQuitMessage,NULL
;----------------------------------
                .else
                    invoke DefWindowProc,hWnd,uMsg,wParam,lParam
                    ret
                .endif
;----------------------------------
                xor eax,eax
                ret
_ProcWinMain    endp
;----------------------------------
_WinMain    proc
            local @stWndClass:WNDCLASSEX
            local @stMsg:MSG
            invoke GetModuleHandle,NULL
            mov hInstance,eax
            invoke RtlZeroMemory,addr @stWndClass,sizeof @stWndClass
;----------------------------------
; 注册窗口类
;----------------------------------
            invoke LoadCursor,0,IDC_ARROW
            mov @stWndClass.hCursor,eax
            push hInstance
            pop @stWndClass.hInstance
            mov @stWndClass.cbSize,sizeof WNDCLASSEX
            mov @stWndClass.style,CS_HREDRAW or CS_VREDRAW
            mov @stWndClass.lpfnWndProc,offset _ProcWinMain
            mov @stWndClass.hbrBackground,COLOR_WINDOW + 1
            mov @stWndClass.lpszClassName,offset szClassName
            invoke RegisterClassEx,addr @stWndClass
;----------------------------------
; 建立并显示窗口
;----------------------------------
            invoke CreateWindowEx,WS_EX_CLIENTEDGE,\
                   offset szClassName,offset szCaptionMain,\
                   WS_OVERLAPPEDWINDOW,\
                   100,100,600,400,\
                   NULL,NULL,hInstance,NULL
            mov hwinMain,eax
            invoke ShowWindow,hwinMain,SW_SHOWNORMAL
            invoke UpdateWindow,hwinMain
;----------------------------------
; 消息循环
;----------------------------------
                .while TRUE
                    invoke GetMessage,addr @stMsg,NULL,0,0
                    .break .if eax == 0
                    invoke TranslateMessage,addr @stMsg
                    invoke DispatchMessage,addr @stMsg
                .endw
                ret
_WinMain    endp
;----------------------------------
start:
            call _WinMain
            invoke ExitProcess,NULL
;----------------------------------
end         start

博客没有汇编高亮,凑合看吧。。

MakeFile

顺便把MakeFile也记录过来,多保留几份,嘿嘿。

OBJS = FirstWindow.obj
EXE = FirstWindow.exe
RES = 

LINK_FLAG = /subsystem:windows
ML_FLAG = /c /coff

$(EXE):$(OBJS)
    Link $(LINK_FLAG) $(OBJS) $(RES) /out:$(EXE)

.asm.obj:
    ml $(ML_FLAG) $<

.rc.res:  
    rc{1}lt

clean:
    del *.obj
    del *.res

窗口长这样


嗯!很不错。

C++版本

趁着刷课,把C++版本的搞出来了,Release版本大小10kb,不知道微软加了什么料进去,字符集也都一样的,看看差别:

#include<windows.h>
#pragma comment(linker, "/subsystem:\"windows\" /entry:\"mainCRTStartup\"")

HINSTANCE hInstance = NULL;
HWND hwinMain = NULL;

const char* szClassName = "我的窗口类";
const char* szCaptionMain = "第一个窗口程序";
const char* szText = "珍爱生命远离CPP!";

VOID WINAPI _ProcWinMain(HWND hWnd, UINT uMsg, WPARAM wParam, LPARAM lParam) {
    PAINTSTRUCT stPs = { 0 };
    RECT stRect = { 0 };
    HDC hDc = NULL;
    if (uMsg == WM_PAINT) {
        hDc = BeginPaint(hWnd,&stPs);
        GetClientRect(hWnd, &stRect);
        DrawText(hDc,szText,-1,&stRect,DT_SINGLELINE | DT_CENTER | DT_VCENTER);
        EndPaint(hWnd, &stPs);
    }
    else if (uMsg == WM_CLOSE) {
        DestroyWindow(hwinMain);
        PostQuitMessage(NULL);
    }
    else {
        DefWindowProc(hWnd,uMsg,wParam,lParam);
        return;
    }
    return;
}

VOID _WinMain() {
    WNDCLASSEX stWndClass = { 0 };
    MSG stMsg = { 0 };
    hInstance = GetModuleHandle(NULL);
    ZeroMemory(&stWndClass, sizeof(stWndClass));
    stWndClass.hCursor = LoadCursor(0, IDC_ARROW);
    stWndClass.hInstance = hInstance;
    stWndClass.cbSize = sizeof(WNDCLASSEX);
    stWndClass.style = (CS_HREDRAW | CS_VREDRAW);
    stWndClass.lpfnWndProc = (WNDPROC)_ProcWinMain;
    stWndClass.hbrBackground = (HBRUSH)(COLOR_WINDOW + 1);
    stWndClass.lpszClassName = szClassName;
    RegisterClassEx(&stWndClass);
    hwinMain = CreateWindowEx(WS_EX_CLIENTEDGE, szClassName, szCaptionMain, WS_OVERLAPPEDWINDOW,
        100, 100, 600, 400,
        NULL, NULL, hInstance, NULL);
    ShowWindow(hwinMain, SW_SHOWNORMAL);
    UpdateWindow(hwinMain);
    while (1) {
        if (!GetMessage(&stMsg, NULL, 0, 0)) {
            break;
        }
        TranslateMessage(&stMsg);
        DispatchMessage(&stMsg);

    }
    return;
}

int main() {
    _WinMain();
    ExitProcess(NULL);
    return 0;
}

样式和汇编版本完全一致。