i've came across this block of code that executes machine code real time like i could type this in a text box and it would execute it
578B7C240C33C00FA2891F895704894F085F33C0C3
Which is just a simple routine to execute CPUID
now the code im using i downloaded and im not to sure on how it works so i was wondering if someone could explain it to me so i can do more with it thanks :D
Option Explicit
Private Type TPROC
hMem As Long
vtPtr As Long
End Type
Private aProc() As TPROC
Private Declare Function GlobalAlloc Lib "kernel32" (ByVal wFlags As Long, ByVal dwBytes As Long) As Long
Private Declare Function GlobalLock Lib "kernel32" (ByVal hMem As Long) As Long
Private Declare Function GlobalFree Lib "kernel32" (ByVal hMem As Long) As Long
Private Declare Function GlobalUnlock Lib "kernel32" (ByVal hMem As Long) As Long
Private Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (Destination As Any, Source As Any, ByVal Length As Long)
Function CpuID(ByVal strBuf As Long) As Long
RASM "578B7C240C33C00FA2891F895704894F085F33C0C3"
End Function
Private Sub Class_Initialize()
Dim b As Long
Dim a(1 To 12) As Byte
CpuID VarPtr(a(1))
End Sub
Private Sub RASM(s As String)
s = Replace$(s, " ", "")
Dim i As Long, aSize As Long, aB() As Byte
aSize = Len(s) \ 2
ReDim Preserve aB(1 To aSize)
For i = 1 To aSize
aB(i) = Val("&H" & Mid$(s, i * 2 - 1, 2))
Next
Static cp As Long
ReDim Preserve aProc(cp)
Dim hMem As Long, lPtr As Long
hMem = GlobalAlloc(0, aSize)
lPtr = GlobalLock(hMem)
CopyMemory ByVal lPtr, aB(1), aSize
GlobalUnlock hMem
aProc(cp).hMem = hMem
aProc(cp).vtPtr = VTable(cp)
VTable(cp) = lPtr
cp = cp + 1
End Sub
Private Sub Class_Terminate()
On Error GoTo E
Dim i As Long
For i = 0 To UBound(aProc)
VTable(i) = aProc(i).vtPtr
GlobalFree aProc(i).hMem
Next
E:
End Sub
Private Property Get VTable(ByVal Index As Long) As Long
Dim p As Long
Index = &H1C + Index * 4
CopyMemory p, ByVal ObjPtr(Me), 4
CopyMemory VTable, ByVal p + Index, 4
End Property
Private Property Let VTable(ByVal Index As Long, ByVal ProcPtr As Long)
Dim p As Long
Index = &H1C + Index * 4
CopyMemory p, ByVal ObjPtr(Me), 4
CopyMemory ByVal p + Index, ProcPtr, 4
End Property
so yeah thats pretty much it in a class module if anyone knows the exact (or even close to) details on how this work please let me know ^_^
the above code is fully operational if others wish to use it
Credit to Damian for this code he left this comment inthe class module
'
' Asmippets by Damian (Assembler Snippets)
' the way of calling procedures in machine codes from VB
'
' well, it's so hard to comment this stuff... if you're really eager to,
' you'd carefully step thru each single line of it and read tons
' of MSDN articles. if not, heh, it wasn't worth to comment it.
'
' general idea - replace VTable entries of class factory interface
' by links to pre-allocated memory blocks with our code.
' not a fastest way but works in both IDE and EXE, p-code and native.
'
' fastest way is replacing proc bodies in global modules - eliminates
' overhead of class methods calling and COM parameters passing. but
' no way to make it work in IDE except of using stuff like
' CallWindowProc - but this gets us back to call overhead and screws
' parameters passing.
'
not sure what the whole vtable entry class factory thingy is
and wonder if anyone knows how to implement the faster way which is the proc bodies (3rd paragraph) minus callwindowproc
Question
DDStriker
i've came across this block of code that executes machine code real time like i could type this in a text box and it would execute it
578B7C240C33C00FA2891F895704894F085F33C0C3
Which is just a simple routine to execute CPUID
now the code im using i downloaded and im not to sure on how it works so i was wondering if someone could explain it to me so i can do more with it thanks :D
Option Explicit Private Type TPROC hMem As Long vtPtr As Long End Type Private aProc() As TPROC Private Declare Function GlobalAlloc Lib "kernel32" (ByVal wFlags As Long, ByVal dwBytes As Long) As Long Private Declare Function GlobalLock Lib "kernel32" (ByVal hMem As Long) As Long Private Declare Function GlobalFree Lib "kernel32" (ByVal hMem As Long) As Long Private Declare Function GlobalUnlock Lib "kernel32" (ByVal hMem As Long) As Long Private Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (Destination As Any, Source As Any, ByVal Length As Long) Function CpuID(ByVal strBuf As Long) As Long RASM "578B7C240C33C00FA2891F895704894F085F33C0C3" End Function Private Sub Class_Initialize() Dim b As Long Dim a(1 To 12) As Byte CpuID VarPtr(a(1)) End Sub Private Sub RASM(s As String) s = Replace$(s, " ", "") Dim i As Long, aSize As Long, aB() As Byte aSize = Len(s) \ 2 ReDim Preserve aB(1 To aSize) For i = 1 To aSize aB(i) = Val("&H" & Mid$(s, i * 2 - 1, 2)) Next Static cp As Long ReDim Preserve aProc(cp) Dim hMem As Long, lPtr As Long hMem = GlobalAlloc(0, aSize) lPtr = GlobalLock(hMem) CopyMemory ByVal lPtr, aB(1), aSize GlobalUnlock hMem aProc(cp).hMem = hMem aProc(cp).vtPtr = VTable(cp) VTable(cp) = lPtr cp = cp + 1 End Sub Private Sub Class_Terminate() On Error GoTo E Dim i As Long For i = 0 To UBound(aProc) VTable(i) = aProc(i).vtPtr GlobalFree aProc(i).hMem Next E: End Sub Private Property Get VTable(ByVal Index As Long) As Long Dim p As Long Index = &H1C + Index * 4 CopyMemory p, ByVal ObjPtr(Me), 4 CopyMemory VTable, ByVal p + Index, 4 End Property Private Property Let VTable(ByVal Index As Long, ByVal ProcPtr As Long) Dim p As Long Index = &H1C + Index * 4 CopyMemory p, ByVal ObjPtr(Me), 4 CopyMemory ByVal p + Index, ProcPtr, 4 End Propertyso yeah thats pretty much it in a class module if anyone knows the exact (or even close to) details on how this work please let me know ^_^
the above code is fully operational if others wish to use it
Credit to Damian for this code he left this comment inthe class module
'
' Asmippets by Damian (Assembler Snippets)
' the way of calling procedures in machine codes from VB
'
' well, it's so hard to comment this stuff... if you're really eager to,
' you'd carefully step thru each single line of it and read tons
' of MSDN articles. if not, heh, it wasn't worth to comment it.
'
' general idea - replace VTable entries of class factory interface
' by links to pre-allocated memory blocks with our code.
' not a fastest way but works in both IDE and EXE, p-code and native.
'
' fastest way is replacing proc bodies in global modules - eliminates
' overhead of class methods calling and COM parameters passing. but
' no way to make it work in IDE except of using stuff like
' CallWindowProc - but this gets us back to call overhead and screws
' parameters passing.
'
not sure what the whole vtable entry class factory thingy is
and wonder if anyone knows how to implement the faster way which is the proc bodies (3rd paragraph) minus callwindowproc
Link to comment
Share on other sites
5 answers to this question
Recommended Posts