5 Replies - 638 Views - Last Post: 22 February 2016 - 11:57 AM

#1 JacobH   User is offline

  • D.I.C Head
  • member icon

Reputation: 27
  • View blog
  • Posts: 181
  • Joined: 07-September 15

Anyone worked on or seen any cool automated assembly code generators?

Posted 21 February 2016 - 09:10 PM

Just out of curiosity, has anyone worked on or seen any cool projects that automate assembly code generation based on the parameters supplied? In a x32 application I needed to use assembly code to execute code not native to my application and often. In this case, I was trying to call functions that took care of extracting the data structures for me to display information about the apps performance in a log.

The code I found looked something like this:

    /// <summary>
    ///     Define the C Declaration Calling Convention.
    /// </summary>
    public class CdeclCallingConvention : ICallingConvention
    {
        #region Public Properties, Indexers
        /// <summary>
        ///     The name of the calling convention.
        /// </summary>
        public string Name => "Cdecl";

        /// <summary>
        ///     Defines which function performs the clean-up task.
        /// </summary>
        public CleanupTypes Cleanup => CleanupTypes.Caller;
        #endregion

        #region Interface Implementations
        /// <summary>
        ///     Formats the given parameters to call a function.
        /// </summary>
        /// <param name="parameters">An array of parameters.</param>
        /// <returns>The mnemonics to pass the parameters.</returns>
        public string FormatParameters(IntPtr[] parameters) {
            // Declare a var to store the mnemonics
            var ret = new StringBuilder();
            // For each parameters (in reverse order)
            foreach(var parameter in parameters.Reverse())
                ret.AppendLine("push " + parameter);
            // Return the mnemonics
            return ret.ToString();
        }

        /// <summary>
        ///     Formats the call of a given function.
        /// </summary>
        /// <param name="function">The function to call.</param>
        /// <returns>The mnemonics to call the function.</returns>
        public string FormatCalling(IntPtr function) {
            return "call " + function;
        }

        /// <summary>
        ///     Formats the cleaning of a given number of parameters.
        /// </summary>
        /// <param name="nbParameters">The number of parameters to clean.</param>
        /// <returns>The mnemonics to clean a given number of parameters.</returns>
        public string FormatCleaning(int nbParameters) {
            return "add esp, " + nbParameters*4;
        }
        #endregion
    }



Then it had some marshaling tricks to hold a reference to the parameter and converted the thred that executed the assembly's exit code to the object type. It had to do this since it was from a non-injected .dll and was written in C#.
    public T Execute<T>(IntPtr address, CallingConventions callingConvention, params dynamic[] parameters)
        {
            // Marshal the parameters
            var marshalledParameters = parameters.Select(p => MarshalValue.Marshal(NativeHelper.Instance, p)).Cast<IMarshalledValue>().ToArray();
            // Start a transaction
            AssemblyTransaction t;
            using (t = BeginTransaction())
            {
                // Get the object dedicated to create mnemonics for the given calling convention
                var calling = CallingConventionselector.Get(callingConvention);
                // Push the parameters
                t.AddLine(calling.FormatParameters(marshalledParameters.Select(p => p.Reference).ToArray()));
                // Call the function
                t.AddLine(calling.FormatCalling(address));
                // Clean the parameters
                if(calling.Cleanup == CleanupTypes.Caller)
                    t.AddLine(calling.FormatCleaning(marshalledParameters.Length));
                // Add the return mnemonic
                t.AddLine("retn");
            }

            // Clean the marshalled parameters
            foreach (var parameter in marshalledParameters)
            {
                parameter.Dispose();
            }
            // Return the exit code
            return t.GetExitCode<T>();
        }


I'm new to assembly and its a really cool in some ways, for example reviewing applications in some kind of app like olydbg or x64dbg. Unlike normal progamming, I can not know right away by seeing the code what is going on. It at times can be both frustrating and rewarding when you do figure it out.

I've thought about making something like it for x64 as well for fun, since as far as I know arguments are very simple for x64. Push the up to 4 args to the stack [rcx rdx r8 r9] and if there is more arguments, clean the stack.

Is This A Good Question/Topic? 0
  • +

Replies To: Anyone worked on or seen any cool automated assembly code generators?

#2 modi123_1   User is online

  • Suitor #2
  • member icon



Reputation: 14151
  • View blog
  • Posts: 56,726
  • Joined: 12-June 08

Re: Anyone worked on or seen any cool automated assembly code generators?

Posted 21 February 2016 - 09:19 PM

Whatcha trying to inject/memory mess with?
Was This Post Helpful? 0
  • +
  • -

#3 JacobH   User is offline

  • D.I.C Head
  • member icon

Reputation: 27
  • View blog
  • Posts: 181
  • Joined: 07-September 15

Re: Anyone worked on or seen any cool automated assembly code generators?

Posted 21 February 2016 - 11:25 PM

View Postmodi123_1, on 21 February 2016 - 09:19 PM, said:

Whatcha trying to inject/memory mess with?


Right now? Nothing. I just thought that the code was really neat, I never had seen anything like it before. It really helped me understand the basic calling conventions and how they work. Prior to finding it I had just started googling about assembly code, and honestly most quick results made basic asm seem very confusing and intimidating.

I would just be interested if others have seen anything or done anything like this as well. It could perhaps be a very good learning tool for getting into assembly for what ever reason some one has.
Was This Post Helpful? 0
  • +
  • -

#4 modi123_1   User is online

  • Suitor #2
  • member icon



Reputation: 14151
  • View blog
  • Posts: 56,726
  • Joined: 12-June 08

Re: Anyone worked on or seen any cool automated assembly code generators?

Posted 21 February 2016 - 11:28 PM

Be mindful of the bright line for food use and for ill. Messing with an app or game's memory is on the wrong side of that bright line.
Was This Post Helpful? 0
  • +
  • -

#5 JacobH   User is offline

  • D.I.C Head
  • member icon

Reputation: 27
  • View blog
  • Posts: 181
  • Joined: 07-September 15

Re: Anyone worked on or seen any cool automated assembly code generators?

Posted 22 February 2016 - 12:30 AM

View Postmodi123_1, on 21 February 2016 - 11:28 PM, said:

Be mindful of the bright line for food use and for ill. Messing with an app or game's memory is on the wrong side of that bright line.


There are a lot of 3rd party applications for many apps/games that use their memory to add additional functionality. From text-to-speech to lots of screen recording software targeted at games. Fraps even hooks games rendering methods in order to record. In my case I reviewed their policy ahead of time, so just make sure you know what you're getting into.


Anyways, I could care less about executing assembly code and more about the act of generating it dynamically based on input. To me that was the cool part about it. It's very useful for learning how its working, or was for me rather. For all I care the code could have been printed to the console and the method given a dummy method. I'd have been equally as happy.
Was This Post Helpful? 0
  • +
  • -

#6 turboscrew   User is offline

  • D.I.C Lover
  • member icon

Reputation: 168
  • View blog
  • Posts: 1,077
  • Joined: 03-April 12

Re: Anyone worked on or seen any cool automated assembly code generators?

Posted 22 February 2016 - 11:57 AM

Most of them are called compilers. :bigsmile:
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1