PING IP汇编实现代码
pingip proc ss0:DWORD ;SS0:等于IP地址XX.XX.XX.XX,返回:EAX=-1不通,其他time。local hsock:dword
local sockx:sockaddr_in
local sockr:sockaddr_in
local sockrl:dword
local sock0:fd_set
local sock1:timeval
invoke socket,2,3,1
.if eax!= -1
mov hsock,eax
mov sockx.sin_family,02
mov sockx.sin_port,0
mov eax,ss0
mov sockx.sin_addr,eax
invoke RtlZeroMemory,addr icmpbf,1024
mov icmpbf,8
mov dword ptr ds:icmpbf+4,'4321'
invoke GetTickCount
mov dword ptr ds:icmpbf+8,eax
invoke ipcrc,addr icmpbf,28h
mov word ptr ds:icmpbf+2,ax
invoke sendto,hsock,addr icmpbf,28h,0,addr sockx,10h
.if eax==-1
pingiperr:
invoke closesocket,hsock
mov eax,-1
ret
.endif
mov sock1.tv_sec,0
mov sock1.tv_usec,1000000
mov sock0.fd_count,1
mov eax,hsock
mov sock0.fd_array,eax
invoke select,0,addr sock0,0,0,addr sock1
.if eax==-1
jmp pingiperr
.endif
.if eax==0
jmp pingiperr
.endif
mov sockrl,16
invoke recvfrom,hsock,addr icmpbf,1024,0,addr sockr,addr sockrl
.if eax==-1
jmp pingiperr
.endif
mov eax,sockr.sin_addr
cmp eax,sockx.sin_addr
jnz pingiperr
mov eax,dword ptr ds:icmpbf+18h
cmp eax,'4321'
jnz pingiperr
invoke closesocket,hsock
invoke GetTickCount
sub eax,dword ptr ds:icmpbf+1ch
.endif
ret
pingip endp
[url]http://blog.sina.com.cn/s/blog_4bd62ac401009j9o.html[/url] 反汇编高手重现江湖啊!偶的学习对象啊!顺便说一句,最近启明和绿盟、华赛招的安全研究人员都对反汇编方面有要求,难道业界集体看好应用层安全,传输层和网络层安全被研究透了?没市场潜力了?
页:
[1]