ASNI 与 UNICODE 的选择!
我们来看 Hello Word!到例子 !~~
程序代码:.386
.Model Flat, StdCall
Option Casemap :None
Include Windows.inc
Include User32.inc
Include Kernel32.inc
Include /MASMPlus/macros/Strings.mac
IncludeLib User32.lib
IncludeLib Kernel32.lib
.Code
Start Proc
invoke MessageBoxW,NULL,$CTW0("AAAAW"),0,0
ret
Start EndP
End Start先从UNICODE函数说起 !~
以下是OD跟踪 MessageBoxW 过程
程序代码:MessageBoxW:
00401000 > 6A 00 push 0 ; uType
00401002 6A 00 push 0 ; lpCaption
00401004 68 08204000 push 00402008 ; lpText UNICODE "AAAAW"
00401009 6A 00 push 0 ; hWnd
0040100B E8 02000000 call <jmp.&user32.MessageBoxW> ; 这里CALL进去看
00401010 C3 retn
00401011 CC int3
00401012 - FF25 00204000 jmp dword ptr [<&user32.MessageBoxW>>; user32.MessageBoxW ; JMP过去
MessageBoxW 函数
77D6630A >/$ 8BFF mov edi, edi
----------------------------------------------------------------------------------------------------
77D6630C |. 55 push ebp
77D6630D |. 8BEC mov ebp, esp ; 建立堆栈框架
----------------------------------------------------------------------------------------------------
77D6630F |. 833D BC04D777>cmp dword ptr [77D704BC], 0 ; 全局变量 初始 0
77D66316 |. 74 24 je short 77D6633C ; 跳转 到 77D6633C
77D66318 |. 64:A1 1800000>mov eax, dword ptr fs:[18]
77D6631E |. 6A 00 push 0
77D66320 |. FF70 24 push dword ptr [eax+24]
77D66323 |. 68 240BD777 push 77D70B24
77D66328 |. FF15 C812D177 call dword ptr [<&KERNEL32.Interlocke>; kernel32.InterlockedCompareExchange
77D6632E |. 85C0 test eax, eax
77D66330 |. 75 0A jnz short 77D6633C
77D66332 |. C705 200BD777>mov dword ptr [77D70B20], 1
----------------------------------------------------------------------------------------------------
77D6633C |> 6A 00 push 0 ; /wLanguageId
77D6633E |. FF75 14 push dword ptr [ebp+14] ; |uType
77D66341 |. FF75 10 push dword ptr [ebp+10] ; |lpCaption
77D66344 |. FF75 0C push dword ptr [ebp+C] ; |lpText
77D66347 |. FF75 08 push dword ptr [ebp+8] ; |hWnd
77D6634A |. E8 89A2FEFF call MessageBoxExW ; 内部调用 MessageBoxExW 这里CALL进去
----------------------------------------------------------------------------------------------------
77D6634F |. 5D pop ebp
77D66350 \. C2 1000 retn 10
MessageBoxExW 函数
77D505D8 >/$ 8BFF mov edi, edi
----------------------------------------------------------------------------------------------------
77D505DA |. 55 push ebp
77D505DB |. 8BEC mov ebp, esp
----------------------------------------------------------------------------------------------------
77D505DD |. 6A FF push -1 ; dwMilliseconds
77D505DF |. FF75 18 push dword ptr [ebp+18] ; wLanguageId
77D505E2 |. FF75 14 push dword ptr [ebp+14] ; uType
77D505E5 |. FF75 10 push dword ptr [ebp+10] ; lpCaption
77D505E8 |. FF75 0C push dword ptr [ebp+C] ; lpText
77D505EB |. FF75 08 push dword ptr [ebp+8] ; hWnd
77D505EE |. E8 665B0100 call MessageBoxTimeoutW ; 内部调用 MessageBoxTimeoutW 这里CALL进去
----------------------------------------------------------------------------------------------------
77D505F3 |. 5D pop ebp
77D505F4 \. C2 1400 retn 14
MessageBoxTimeoutW 函数 未文档化
77D66159 >/$ 8BFF mov edi, edi
----------------------------------------------------------------------------------------------------
77D6615B |. 55 push ebp
77D6615C |. 8BEC mov ebp, esp
77D6615E |. 83EC 4C sub esp, 4C ; 堆栈框架 局部变量 共76字节
----------------------------------------------------------------------------------------------------
77D66161 |. 57 push edi ; 保存EDI
----------------------------------------------------------------------------------------------------
77D66162 |. 33C0 xor eax, eax ; eax == 0
77D66164 |. 6A 13 push 13
77D66166 |. 59 pop ecx ; ecx == 13h
77D66167 |. 8D7D B4 lea edi, dword ptr [ebp-4C]
77D6616A |. F3:AB rep stos dword ptr es:[edi] ; edi 指向区域 填0 13h*4字节 76 字节
; 也就是说 将所有局部变量 填0 初始化
----------------------------------------------------------------------------------------------------
77D6616C |. 8B45 08 mov eax, dword ptr [ebp+8]
77D6616F |. 8945 B8 mov dword ptr [ebp-48], eax ; hWnd -> dword ptr [ebp-48]
----------------------------------------------------------------------------------------------------
77D66172 |. 8B45 0C mov eax, dword ptr [ebp+C]
77D66175 |. 8945 C0 mov dword ptr [ebp-40], eax ; lpText -> dword ptr [ebp-40]
----------------------------------------------------------------------------------------------------
77D66178 |. 8B45 10 mov eax, dword ptr [ebp+10]
77D6617B |. 8945 C4 mov dword ptr [ebp-3C], eax ; lpCaption -> dword ptr [ebp-3C]
----------------------------------------------------------------------------------------------------
77D6617E |. 8B45 14 mov eax, dword ptr [ebp+14]
77D66181 |. 8945 C8 mov dword ptr [ebp-38], eax ; uType -> dword ptr [ebp-38]
----------------------------------------------------------------------------------------------------
77D66184 |. 66:8B45 18 mov ax, word ptr [ebp+18] ; wLanguageId -> ax
----------------------------------------------------------------------------------------------------
77D66188 |. 33C9 xor ecx, ecx ; ecx清0
----------------------------------------------------------------------------------------------------
77D6618A |. 390D BC04D777 cmp dword ptr [77D704BC], ecx ; dword ptr [77D704BC] 全局变量初始为0
----------------------------------------------------------------------------------------------------
77D66190 |. 66:8945 E0 mov word ptr [ebp-20], ax ; wLanguageId -> word ptr [ebp-20]
----------------------------------------------------------------------------------------------------
77D66194 |. 8B45 1C mov eax, dword ptr [ebp+1C] ; dwMilliseconds -> eax
----------------------------------------------------------------------------------------------------
77D66197 |. C745 B4 28000>mov dword ptr [ebp-4C], 28 ; dword ptr [ebp-4C] 填28h
----------------------------------------------------------------------------------------------------
77D6619E |. 894D BC mov dword ptr [ebp-44], ecx ; dword ptr [ebp-44] 填0
----------------------------------------------------------------------------------------------------
77D661A1 |. 8945 F8 mov dword ptr [ebp-8], eax ; dwMilliseconds -> dword ptr [ebp-8]
就是填充局部变量 由以上内容我们得知
局部变量共 4ch(76字节)分布情况如下
dword ptr [ebp-4C] == 28h 4
dword ptr [ebp-48] == hWnd 4
dword ptr [ebp-44] == 0 4
dword ptr [ebp-40] == lpText 4
dword ptr [ebp-3C] == lpCaption 4
dword ptr [ebp-38] == uType 4
word ptr [ebp-20] == wLanguageId 2
dword ptr [ebp-8] == dwMilliseconds 4
共 1Eh(30)字节
----------------------------------------------------------------------------------------------------
77D661A4 |. 5F pop edi
----------------------------------------------------------------------------------------------------
77D661A5 |. 74 23 je short 77D661CA ;跳 77D661CA
----------------------------------------------------------------------------------------------------
77D661A7 |. 64:A1 1800000>mov eax, dword ptr fs:[18]
77D661AD |. 51 push ecx
77D661AE |. FF70 24 push dword ptr [eax+24]
77D661B1 |. 68 240BD777 push 77D70B24
77D661B6 |. FF15 C812D177 call dword ptr [<&KERNEL32.Interlocke>; kernel32.InterlockedCompareExchange
77D661BC |. 85C0 test eax, eax
77D661BE |. 75 0A jnz short 77D661CA
77D661C0 |. C705 200BD777>mov dword ptr [77D70B20], 1
----------------------------------------------------------------------------------------------------
77D661CA |> 8D45 B4 lea eax, dword ptr [ebp-4C] ; 跳到这里
77D661CD |. 50 push eax
77D661CE |. E8 3C3FFDFF call 77D3A10F ; MessageBoxWorker 一个参数 CALL进去看
----------------------------------------------------------------------------------------------------
77D661D3 |. C9 leave
77D661D4 \. C2 1800 retn 18
MessageBoxWorker 函数
77D3A10F $ 8BFF mov edi, edi ; ntdll.7C930228
77D3A111 . 55 push ebp
77D3A112 . 8BEC mov ebp, esp
77D3A114 . 81EC 38010000 sub esp, 138
77D3A11A . A1 B801D777 mov eax, dword ptr [77D701B8]
77D3A11F . 53 push ebx
77D3A120 . 56 push esi
77D3A121 . 8B75 08 mov esi, dword ptr [ebp+8]
77D3A124 . 33DB xor ebx, ebx
77D3A126 . 395E 44 cmp dword ptr [esi+44], ebx
77D3A129 . 57 push edi
77D3A12A . 8B7E 14 mov edi, dword ptr [esi+14]
77D3A12D . 8945 FC mov dword ptr [ebp-4], eax
77D3A130 . 899D ECFEFFFF mov dword ptr [ebp-114], ebx
77D3A136 . 75 04 jnz short 77D3A13C
77D3A138 . 834E 44 FF or dword ptr [esi+44], FFFFFFFF
77D3A13C > 391D BC04D777 cmp dword ptr [77D704BC], ebx
77D3A142 . 0F85 E9ED0000 jnz 77D48F31
77D3A148 > 391D D807D777 cmp dword ptr [77D707D8], ebx
77D3A14E . 0F85 E8ED0000 jnz 77D48F3C
77D3A154 . 395E 10 cmp dword ptr [esi+10], ebx
77D3A157 . 0F84 2FEE0000 je 77D48F8C
77D3A15D > F7C7 00000400 test edi, 40000
77D3A163 . 0F85 82EE0000 jnz 77D48FEB
77D3A169 > F7C7 00002200 test edi, 220000
77D3A16F . 0F85 9FEE0000 jnz 77D49014
77D3A175 . 8B46 04 mov eax, dword ptr [esi+4]
77D3A178 . 85C0 test eax, eax
77D3A17A . 74 0E je short 77D3A18A
77D3A17C . 50 push eax ; /hWnd
77D3A17D . E8 B117FEFF call IsWindow ; \IsWindow
77D3A182 . 85C0 test eax, eax
77D3A184 . 0F84 AEEE0000 je 77D49038
77D3A18A > 8BC7 mov eax, edi
77D3A18C . 83E0 0F and eax, 0F
77D3A18F . 83F8 06 cmp eax, 6
77D3A192 . 8985 E8FEFFFF mov dword ptr [ebp-118], eax
77D3A198 . 0F87 A1EE0000 ja 77D4903F
77D3A19E . 0FB698 D820D1>movzx ebx, byte ptr [eax+77D120D8]
77D3A1A5 . 8BCF mov ecx, edi
77D3A1A7 . C1E9 0E shr ecx, 0E
77D3A1AA . 83E1 01 and ecx, 1
77D3A1AD . C1EF 08 shr edi, 8
77D3A1B0 . 83E7 0F and edi, 0F
77D3A1B3 . 03D9 add ebx, ecx
77D3A1B5 . 3BFB cmp edi, ebx
77D3A1B7 . 89BD F4FEFFFF mov dword ptr [ebp-10C], edi
77D3A1BD . 0F83 8DEE0000 jnb 77D49050
77D3A1C3 > 83A5 F8FEFFFF>and dword ptr [ebp-108], 0
77D3A1CA . 85DB test ebx, ebx
77D3A1CC . 0FB680 E020D1>movzx eax, byte ptr [eax+77D120E0]
77D3A1D3 . 76 6F jbe short 77D3A244
77D3A1D5 . 8D0485 E820D1>lea eax, dword ptr [eax*4+77D120E8]
77D3A1DC . 8985 F0FEFFFF mov dword ptr [ebp-110], eax
77D3A1E2 > 8B00 mov eax, dword ptr [eax]
77D3A1E4 . 8B0D 8000D777 mov ecx, dword ptr [77D70080]
77D3A1EA . 8D0480 lea eax, dword ptr [eax+eax*4]
77D3A1ED . 8DBCC1 000200>lea edi, dword ptr [ecx+eax*8+200]
77D3A1F4 . 66:8B46 2C mov ax, word ptr [esi+2C]
77D3A1F8 . 66:85C0 test ax, ax
77D3A1FB . 0F85 5BEE0000 jnz 77D4905C
77D3A201 . 8B85 F8FEFFFF mov eax, dword ptr [ebp-108]
77D3A207 . 89BC85 D8FEFF>mov dword ptr [ebp+eax*4-128], edi
77D3A20E > 8B7F 20 mov edi, dword ptr [edi+20]
77D3A211 . 83FF 02 cmp edi, 2
77D3A214 . 8B85 F8FEFFFF mov eax, dword ptr [ebp-108]
77D3A21A . 89BC85 C8FEFF>mov dword ptr [ebp+eax*4-138], edi
77D3A221 . 0F84 78EE0000 je 77D4909F
77D3A227 > 8B85 F0FEFFFF mov eax, dword ptr [ebp-110]
77D3A22D . FF85 F8FEFFFF inc dword ptr [ebp-108]
77D3A233 . 83C0 04 add eax, 4
77D3A236 . 399D F8FEFFFF cmp dword ptr [ebp-108], ebx
77D3A23C . 8985 F0FEFFFF mov dword ptr [ebp-110], eax
77D3A242 .^ 72 9E jb short 77D3A1E2
77D3A244 > 6A 00 push 0
77D3A246 . 6A 01 push 1
77D3A248 . E8 7B0B0000 call 77D3ADC8
77D3A24D . 83BD E8FEFFFF>cmp dword ptr [ebp-118], 0
77D3A254 . 8D85 C8FEFFFF lea eax, dword ptr [ebp-138]
77D3A25A . 8946 30 mov dword ptr [esi+30], eax
77D3A25D . 8D85 D8FEFFFF lea eax, dword ptr [ebp-128]
77D3A263 . 8946 34 mov dword ptr [esi+34], eax
77D3A266 . 8B85 F4FEFFFF mov eax, dword ptr [ebp-10C]
77D3A26C . 8946 3C mov dword ptr [esi+3C], eax
77D3A26F . 895E 38 mov dword ptr [esi+38], ebx
77D3A272 . 0F85 36EE0000 jnz 77D490AE
77D3A278 . 33C0 xor eax, eax
77D3A27A . 40 inc eax
77D3A27B > 56 push esi
77D3A27C . 8946 40 mov dword ptr [esi+40], eax
77D3A27F . E8 23000000 call SoftModalMessageBox ; 到这里 对话框就显示了 不往下跟了 喜欢自己研究吧
77D3A284 . 66:837E 2C 00 cmp word ptr [esi+2C], 0
77D3A289 . 8BF8 mov edi, eax
77D3A28B . 0F85 2FEE0000 jnz 77D490C0
77D3A291 > 8BC7 mov eax, edi
77D3A293 > 8B4D FC mov ecx, dword ptr [ebp-4]
77D3A296 . 5F pop edi
77D3A297 . 5E pop esi
77D3A298 . 5B pop ebx
77D3A299 . E8 D6E3FDFF call 77D18674
77D3A29E . C9 leave
77D3A29F . C2 0400 retn 4
MessageBoxW调用顺序是
MessageBoxW -> MessageBoxExW -> MessageBoxTimeoutW
通过以上分析我们可以得知 直接调用 MessageBoxTimeoutW 可以省略很多无用到步骤
此函数由 USER32导出
MessageBoxTimeoutW 声明如下
MessageBoxTimeoutW PROTO hWnd:DWORD,lpText:DWORD,lpCaption:DWORD,uType:DWORD,wLanguageId:WORD,dwMilliseconds:DWORD
wLanguageId 是0
dwMilliseconds 是 -1
调用如下:
invoke MessageBoxTimeoutW,NULL,$CTW0("AAAAW"),0,0,0,-1好了我们继续看 MessageBoxA函数
程序代码:.386
.Model Flat, StdCall
Option Casemap :None
Include Windows.inc
Include User32.inc
Include Kernel32.inc
Include /MASMPlus/macros/Strings.mac
IncludeLib User32.lib
IncludeLib Kernel32.lib
.Code
Start Proc
invoke MessageBoxA,NULL,$CTA0("AAAAW"),0,0
ret
Start EndP
End StartOD跟踪如下
程序代码:00401000 > 6A 00 push 0 00401002 6A 00 push 0 00401004 68 08204000 push 00402008 ; ASCII "AAAAW" 00401009 6A 00 push 0 0040100B E8 02000000 call <jmp.&user32.MessageBoxA> ; call进去看 00401010 C3 retn 00401011 CC int3 00401012 - FF25 00204000 jmp dword ptr [<&user32.MessageBoxA>>; user32.MessageBoxA 跳到MessageBoxA函数 MessageBoxA 函数 77D5058A > 8BFF mov edi, edi ---------------------------------------------------------------------------------------------------- 77D5058C 55 push ebp 77D5058D 8BEC mov ebp, esp ;堆栈框架 ---------------------------------------------------------------------------------------------------- 77D5058F 833D BC04D777 0>cmp dword ptr [77D704BC], 0 77D50596 74 24 je short 77D505BC 77D50598 64:A1 18000000 mov eax, dword ptr fs:[18] 77D5059E 6A 00 push 0 77D505A0 FF70 24 push dword ptr [eax+24] 77D505A3 68 240BD777 push 77D70B24 77D505A8 FF15 C812D177 call dword ptr [<&KERNEL32.Interlocke>; kernel32.InterlockedCompareExchange 77D505AE 85C0 test eax, eax 77D505B0 75 0A jnz short 77D505BC 77D505B2 C705 200BD777 0>mov dword ptr [77D70B20], 1 ---------------------------------------------------------------------------------------------------- 77D505BC 6A 00 push 0 ; wLanguageId 跳到这里跟 MessageBoxW 一样 77D505BE FF75 14 push dword ptr [ebp+14] ; uType 77D505C1 FF75 10 push dword ptr [ebp+10] ; lpCaption 77D505C4 FF75 0C push dword ptr [ebp+C] ; lpText 77D505C7 FF75 08 push dword ptr [ebp+8] ; hWnd 77D505CA E8 2D000000 call MessageBoxExA ; 内部调用MessageBoxExA CALL进去看 ---------------------------------------------------------------------------------------------------- 77D505CF 5D pop ebp 77D505D0 C2 1000 retn 10 MessageBoxExA 函数 77D505FC > 8BFF mov edi, edi 77D505FE 55 push ebp 77D505FF 8BEC mov ebp, esp ; 不多说了 都一样看下面 ---------------------------------------------------------------------------------------------------- 77D50601 6A FF push -1 ; dwMilliseconds 77D50603 FF75 18 push dword ptr [ebp+18] ; wLanguageId 77D50606 FF75 14 push dword ptr [ebp+14] ; uType 77D50609 FF75 10 push dword ptr [ebp+10] ; lpCaption 77D5060C FF75 0C push dword ptr [ebp+C] ; lpText 77D5060F FF75 08 push dword ptr [ebp+8] ; hWnd 77D50612 E8 C55B0100 call MessageBoxTimeoutA ; 内部调用 MessageBoxTimeoutA CALL进去看 ---------------------------------------------------------------------------------------------------- 77D50617 5D pop ebp 77D50618 C2 1400 retn 14 MessageBoxTimeoutA 函数 看完这个 就什么都明白了 77D661DC > 8BFF mov edi, edi ---------------------------------------------------------------------------------------------------- 77D661DE 55 push ebp 77D661DF 8BEC mov ebp, esp ; 堆栈框架 ---------------------------------------------------------------------------------------------------- 77D661E1 51 push ecx 77D661E2 51 push ecx 77D661E3 53 push ebx 77D661E4 56 push esi ; 保存寄存器 ---------------------------------------------------------------------------------------------------- 77D661E5 33DB xor ebx, ebx ; ebx 清零 ---------------------------------------------------------------------------------------------------- 77D661E7 57 push edi ; 保存edi 77D661E8 33FF xor edi, edi ; 清零 ---------------------------------------------------------------------------------------------------- 77D661EA 43 inc ebx ; ebx == 1 ---------------------------------------------------------------------------------------------------- 77D661EB 83CE FF or esi, FFFFFFFF ; 设置esi为 0FFFFFFFFh(-1) ---------------------------------------------------------------------------------------------------- 77D661EE 397D 0C cmp dword ptr [ebp+C], edi ; cmp lpText,0 77D661F1 897D FC mov dword ptr [ebp-4], edi ; dword ptr [ebp-4] 填0 77D661F4 897D F8 mov dword ptr [ebp-8], edi ; dword ptr [ebp-8] 填0 ---------------------------------------------------------------------------------------------------- 77D661F7 74 14 je short 77D6620D ; 若对话框文本为0 跳 77D6620D 我们到例子有内容 ---------------------------------------------------------------------------------------------------- 77D661F9 53 push ebx ; ebx == 1 77D661FA 56 push esi ; esi == 0FFFFFFFFh(-1) 77D661FB 8D45 FC lea eax, dword ptr [ebp-4] ; 77D661FE 50 push eax ; 77D661FF 56 push esi ; esi == 0FFFFFFFFh(-1) 77D66200 FF75 0C push dword ptr [ebp+C] ; lpText 77D66203 57 push edi ; edi == 0 77D66204 E8 A44BFBFF call MBToWCSEx ; call 进去自己看吧 ANSI 转 UNICODE ---------------------------------------------------------------------------------------------------- MessageBoxA调用顺序是 MessageBoxA -> MessageBoxExA -> MessageBoxTimeoutA -> MBToWCSEx -> MessageBoxTimeoutW ; 下面到不解释了 自己看吧 到这里已经很明确了 MessageBoxA 实际就是将 ANSI转换成 UNICODE然后调用 MessageBoxTimeoutW 具体编程过程中应该使用ANSI 还是 UNICODE 大家也应该明确了 呵呵!~~ 77D66209 85C0 test eax, eax 77D6620B 74 29 je short 77D66236 77D6620D 397D 10 cmp dword ptr [ebp+10], edi 77D66210 74 28 je short 77D6623A 77D66212 53 push ebx 77D66213 56 push esi 77D66214 8D45 F8 lea eax, dword ptr [ebp-8] 77D66217 50 push eax 77D66218 56 push esi 77D66219 FF75 10 push dword ptr [ebp+10] 77D6621C 57 push edi 77D6621D E8 8B4BFBFF call MBToWCSEx 77D66222 85C0 test eax, eax 77D66224 75 14 jnz short 77D6623A 77D66226 FF75 FC push dword ptr [ebp-4] 77D66229 57 push edi 77D6622A FF35 2402D777 push dword ptr [77D70224] 77D66230 FF15 A413D177 call dword ptr [<&KERNEL32.HeapFree>] ; ntdll.RtlFreeHeap 77D66236 33C0 xor eax, eax 77D66238 EB 65 jmp short 77D6629F 77D6623A 393D BC04D777 cmp dword ptr [77D704BC], edi 77D66240 74 1F je short 77D66261 77D66242 64:A1 18000000 mov eax, dword ptr fs:[18] 77D66248 57 push edi 77D66249 FF70 24 push dword ptr [eax+24] 77D6624C 68 240BD777 push 77D70B24 77D66251 FF15 C812D177 call dword ptr [<&KERNEL32.Interlocke>; kernel32.InterlockedCompareExchange 77D66257 85C0 test eax, eax 77D66259 75 06 jnz short 77D66261 77D6625B 891D 200BD777 mov dword ptr [77D70B20], ebx --------------------------------------------------------------------- 77D66261 FF75 1C push dword ptr [ebp+1C] 77D66264 FF75 18 push dword ptr [ebp+18] 77D66267 FF75 14 push dword ptr [ebp+14] 77D6626A FF75 F8 push dword ptr [ebp-8] 77D6626D FF75 FC push dword ptr [ebp-4] 77D66270 FF75 08 push dword ptr [ebp+8] 77D66273 E8 E1FEFFFF call MessageBoxTimeoutW 这里 看 呵呵!~~ ---------------------------------------------------------------------- 77D66278 FF75 FC push dword ptr [ebp-4] 77D6627B 8B35 A413D177 mov esi, dword ptr [<&KERNEL32.HeapF>; ntdll.RtlFreeHeap 77D66281 57 push edi 77D66282 FF35 2402D777 push dword ptr [77D70224] 77D66288 8BD8 mov ebx, eax 77D6628A FFD6 call esi 77D6628C 397D F8 cmp dword ptr [ebp-8], edi 77D6628F 74 0C je short 77D6629D 77D66291 FF75 F8 push dword ptr [ebp-8] 77D66294 57 push edi 77D66295 FF35 2402D777 push dword ptr [77D70224] 77D6629B FFD6 call esi 77D6629D 8BC3 mov eax, ebx 77D6629F 5F pop edi 77D662A0 5E pop esi 77D662A1 5B pop ebx 77D662A2 C9 leave 77D662A3 C2 1800 retn 18
MessageBoxTimeoutW 调用:
程序代码:.386
.Model Flat, StdCall
Option Casemap :None
Include Windows.inc
Include User32.inc
Include Kernel32.inc
Include /MASMPlus/macros/Strings.mac
IncludeLib User32.lib
IncludeLib Kernel32.lib
MessageBoxTimeoutW PROTO hWnd:DWORD,lpText:DWORD,lpCaption:DWORD,uType:DWORD,wLanguageId:WORD,dwMilliseconds:DWORD
.Code
Start Proc
invoke MessageBoxTimeoutW,NULL,$CTW0("AAAAW"),0,0,0,-1
; MessageBoxTimeoutW 是 具有 定时器功能到
; dwMilliseconds 参数用于指定 定时器 单位毫秒 -1 永远不关闭
invoke MessageBoxTimeoutW,NULL,$CTW0("AAAAW"),0,0,0,1000 ;1秒自动关闭
ret
Start EndP
End Start[ 本帖最后由 sll0807 于 2009-10-16 16:03 编辑 ]
不大。因为这个并不常用。
