找回密码
 立即注册

QQ登录

只需一步,快速开始

查看: 2656|回复: 3

[源码分享] 按键精灵X版本内存汇编库

[复制链接]
  • TA的每日心情

    2018-6-1 15:26
  • 签到天数: 18 天

    [LV.4]偶尔看看III

    13

    主题

    21

    回帖

    320

    积分

    中级会员

    积分
    320
    QQ
    类人猿 发表于 2018-4-12 22:26:41 | 显示全部楼层 |阅读模式
    //================================类人猿按键精灵X版本独立内存汇编库:QQ:578052137    按键精灵的内存汇编技术学习Q群:526897608 =============================================
    //  手稿版本为:1.00
    //================================希望喜欢按键的朋友继续传递下去,继续更新===================================================
    //按键也可以独立做内存和汇编,不用依赖其他语言。代码发现bug问题请及时反馈给我,谢谢!
    dim PublicCode=""
    Dim Handle_Process=0//进程句

    Function GetHandlePro(HandlePro)
             Handle_Process=HandlePro
    End Function

    Declare Function OpenProcess Lib "kernel32" Alias "OpenProcess" (ByVal dwDesiredAccess As Long, ByVal  bInheritHandle As Long, ByVal dwProcessId As Long) As Long
    Declare Function ReadProcessMemory Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As Long,ByVal lpBaseAddress As Long, ByRef lpBuffer As Long, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
    Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Long, ByRef lpBuffer As Long, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
    Declare Function GetCurrentProcessId Lib "kernel32" Alias "GetCurrentProcessId" () As Long
    Declare Function htonl Lib "Wsock32.dll" (ByVal hostlong As Long) As Long //4字节高低位互转 //32位有符号整数 不支持无符号整数  FFFF FFFF ,这个还需要调试兼容
    Declare Function htons Lib "Wsock32.dll" (ByVal hostshort As Long) As Long //2字节
    Declare Function VirtualFreeEx Lib "kernel32" (ByVal hProcess As Long, ByVal lpAddress As long, ByVal dwSize As Long, ByVal dwFreeType As Long) As Long //
    Declare Function VirtualAllocEx Lib "kernel32" (ByVal hProcess As Long, lpAddress As long, ByVal dwSize As Long, ByVal flAllocationType As Long, ByVal flProtect As Long) As Long
    Declare Function GetLastError Lib "kernel32" Alias "GetLastError" () As Long
    Declare Function VirtualProtectEx Lib "kernel32 " (ByVal hProcess As Integer, ByVal lpAddress As Integer, ByVal dwSize As Integer, ByVal flNewProtect As Integer, ByRef lpflOldProtect As Integer) As Integer
    Declare Function LoadLibraryA Lib  "kernel32.dll" Alias  "LoadLibraryA"(ByVal lpLibFileName As String) As Long
    Declare Function FreeLibrary Lib "kernel32" Alias "FreeLibrary" (ByVal hLibModule As Long) As Long
    Declare Function GetModuleHandleA Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long
    Declare Function GetProcAddress Lib  "kernel32.dll" Alias  "GetProcAddress"(ByVal 模块句柄 As Long,ByVal 进程名称 As String) As Long
    Declare Function GetWindowThreadProcessId Lib "user32" Alias "GetWindowThreadProcessId" (ByVal hwnd As Long, ByRef lpdwProcessId As Long) As Long   
    Declare Function CallWindowProcA Lib "user32" Alias "CallWindowProcA" (ByVal lpPrevWndFunc As Long, ByVal hWnd As Long, ByVal Msg As long, ByVal wParam As Long, ByVal lParam As Long) As Long
    Declare Function GetCurrentThreadId Lib "kernel32" Alias "GetCurrentThreadId" () As Long
    Declare Function CreateRemoteThread Lib "kernel32" (ByVal hProcess As Long, ByVal lpThreadAttributes As long, ByVal dwStackSize As Long, ByVal lpStartAddress As Long, ByVal lpParameter As long, ByVal dwCreationFlags As Long, lpThreadId As Long) As Long
    Declare Function SetWindowsHookExW Lib "user32" Alias "SetWindowsHookExW" (ByVal idHook As Long, ByVal lpfn As Long, ByVal hmod As Long, ByVal dwThreadId As Long) As Long
    Declare Function CallNextHookEx Lib "user32" Alias "CallNextHookEx" (ByVal hHook As Long, ByVal ncode As Long,ByVal wParam As Long,byval lParam As long) As Long   
    Declare Function VirtualAlloc Lib "kernel32" (ByVal lpAddress As Long, ByVal dwSize As Long, ByVal flAllocationType As Long, ByVal flProtect As Long) As Long
    Declare Function VirtualFree Lib "kernel32" (ByVal lpAddress As Long, ByVal dwSize As Long, ByVal dwFreeType As Long) As Long
    Declare Function WaitForSingleObject Lib "kernel32" (ByVal hHandle As Long, ByVal dwMilliseconds As Long) As Long
    Declare Function CreateProcessA Lib "kernel32" Alias "CreateProcessA" ( lpApplicationName As String, ByVal lpCommandLine As String, ByVal lpProcessAttributes As Long,ByVal lpThreadAttributes As Long, ByVal bInheritHandles As Long, ByVal dwCreationFlags As Long, lpEnvironment As Any, ByVal lpCurrentDriectory As String,ByVal  lpStartupInfo As long, ByVal lpProcessInformation As long) As Long
    Declare Function ReadProcessMemoryB Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As Long,ByVal lpBaseAddress As Long, ByVal lpBuffer As Long, ByVal nSize As Long,  lpNumberOfBytesWritten As Long) As Long

    Function 进制_单字节集转十(ByteValue)
                Dim Hex_Read=""
                If ByteValue < 16 Then
                    Hex_Read = "0" & Hex(ByteValue)
                 Else
                    Hex_Read=Hex(ByteValue)
                End If
                Return Hex_Read
    End Function

    Function 内存搜索特征码S(BeginAddr, EndAddr, FeatureCode)//暂时最快速度,十六进制字节集
        Dim Struct = StructPack("BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0)
        Dim Addr_Sturct=addrof(Struct)
        dim X1,X2,X3,X4,X5,X6,X7,X8,X9,X10,X11,X12,X13,X14,X15,X16,X17,X18,X19,X20,X21,X22,X23,X24,X25,X26,X27,X28,X29,X30,X31,X32  //这里其实可以根据自己情况,步长位8
        FeatureCode = 进制_十六字节集转十字节集(FeatureCode)//这里要进行转换,下面是十进制字节集比较
        Dim  CurAddr=0
        Dim dwSize=(1024+Len(FeatureCode)+32)/32
        Dim Array_ReadVale()
        Dim Pos_Addr=0
        Dim n=0
        Dim str_code=""
        Dim LeftCut_Str=""
        dim arrar_cut
        For CurAddr = BeginAddr To EndAddr Step 1024
            n=0
            For  int(dwSize)
                ReadProcessMemoryB(Handle_Process,CurAddr+n*32, Addr_Sturct, 32, 0)
                X1,X2,X3,X4,X5,X6,X7,X8,X9,X10,X11,X12,X13,X14,X15,X16,X17,X18,X19,X20,X21,X22,X23,X24,X25,X26,X27,X28,X29,X30,X31,X32  = StructUnPack("BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB", Struct)
                Array_ReadVale(n+1) = X1&"," & X2&"," & X3&"," & X4&"," & X5&"," & X6&"," & X7&"," & X8&","  & X9&"," & X10&"," & X11&"," & X12&"," & X13&"," & X14&"," & X15&"," & X16&"," &X17&","&X18&","&X19&","&X20&","&X21&","_
                &X22&","&X23&","&X24&","&X25&","&X26&","&X27&","&X28&","&X29&","&X30&","&X31 &","&X32&","
                n = n + 1
            Next
            str_code=Join(Array_ReadVale, "")
            Pos_Addr = Instr(str_code, FeatureCode, 1)
            If Pos_Addr <> 0 Then  
                LeftCut_Str = Left(str_code, Pos_Addr)
                arrar_cut=split(LeftCut_Str,",")
    //            TracePrint  arrar_cut
                TracePrint ("哥哥!终于找到了。"& Hex(CurAddr+ubound(arrar_cut)-1))
                Exit For
            End If   
        Next
        Struct = Null
        return  CurAddr+ubound(arrar_cut)-1
    End Function

    Function 内存搜索特征码A(BeginAddr, EndAddr, FeatureCode)//暂时最快速度,完美解决
        Dim Struct = StructPack("BBBBBBBBBBBBBBBB",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0)
        Dim Addr_Sturct=addrof(Struct)
        dim X1,X2,X3,X4,X5,X6,X7,X8,X9,X10,X11,X12,X13,X14,X15,X16  //这里其实可以根据自己情况,步长位8
            FeatureCode = replace(FeatureCode, " ", "")
        Dim dwSize=(1024+Len(FeatureCode)+16)/16
        Dim Array_ReadVale()
        Dim Pos_Addr=0
        Dim n=0
        Dim CurAddr=0
        For CurAddr = BeginAddr To EndAddr Step 1024
             n=0
            For dwSize-1
                ReadProcessMemoryB(Handle_Process,CurAddr+n*16, Addr_Sturct, 16, 0)
                X1,X2,X3,X4,X5,X6,X7,X8,X9,X10,X11,X12,X13,X14,X15,X16  = StructUnPack("BBBBBBBBBBBBBBBB", Struct)
                Array_ReadVale(n+1) =进制_单字节集转十(X1) &进制_单字节集转十(X2) &进制_单字节集转十(X3) &进制_单字节集转十(X4) &进制_单字节集转十(X5) &进制_单字节集转十(X6) &进制_单字节集转十(X7) &进制_单字节集转十(X8) &进制_单字节集转十(X9) &_
                进制_单字节集转十(X10) &进制_单字节集转十(X11) &进制_单字节集转十(X12) &进制_单字节集转十(X13) &进制_单字节集转十(X14) &进制_单字节集转十(X15) &进制_单字节集转十(X16)
                n = n + 1
            Next
             Pos_Addr = Instr(Join(Array_ReadVale, ""), FeatureCode, 1)

            If Pos_Addr <> 0 Then
    //            TracePrint ("哥哥!终于找到了。"& Hex(CurAddr+(Pos_Addr+1)/2-1))
                Exit For
            End If   
            CurAddr=CurAddr+1024
        Next
        Struct = Null
           return  CurAddr+(Pos_Addr+1)/2-1
    End Function

    Function 创建进程S(PathfileName,path)
    Dim struct9=申请_本地内存(500)
    Dim struct10=申请_本地内存(20)
    CreateProcessA(0,PathfileName,0,0,0,0,0,path,struct9,struct10)
    释放_本地内存 (struct9)
    释放_本地内存 (struct10)
    End function

    Function 远程_获取模块函数名(Str_module,Str_Funciton)
    Dim RetAddr=申请_进程内存空间(256) //申请储存返回值4字节和字符串
    Dim PHandle=GetModuleHandleA("kernel32.dll")
    dim FunAddr= GetProcAddress(PHandle, "GetModuleHandleA")
    dim addr_GetProcAddress= GetProcAddress(PHandle, "GetProcAddress")
    TracePrint addr_GetProcAddress
    Dim addr_module=RetAddr+4
    写入_ASCII字符(addr_module,str_module)
    Dim addrFun =RetAddr+256//函数名字
    写入_ASCII字符(addrFun,Str_Funciton)
    AsmClear()
    Push(addr_module)
    Mov_EAX_(FunAddr)
    Call_EAX
    Mov_Ptr_Addr_EAX (RetAddr)
    Mov_EAX_Ptr_(RetAddr)
    Push(addrFun)//函数
    Push_EAX //模块
    Mov_EDX_(addr_GetProcAddress)
    Call_EDX()
    Mov_Ptr_Addr_EAX (RetAddr)
    AsmCodeCall (0)
    dim addr_func=读取_4字节整数(RetAddr)
    释放_进程内存空间(RetAddr)
    Return addr_func
    End Function

    Function 远程_获取模块句柄(str_module)
    Dim RetAddr=申请_进程内存空间(256) //申请储存返回值4字节和字符串
    Dim PHandle=GetModuleHandleA("kernel32.dll")
    dim FunAddr= GetProcAddress(PHandle, "GetModuleHandleA")
    //TracePrint FunAddr
    Dim addr =RetAddr+4//
    写入_ASCII字符(addr,str_module)
    AsmClear()
    Push(addr)
    Mov_EAX_(FunAddr)
    Call_EAX
    Mov_Ptr_Addr_EAX(RetAddr)
    AsmCodeCall (0)
    dim Handle_Module=读取_4字节整数(RetAddr)
    释放_进程内存空间(RetAddr)
    Return Handle_Module
    End Function

    Function BindHandlePro(ProcessId)//汇编执行绑定指定进程id获取进程句柄,每次执行的时候要执行一次
    Handle_Process = OpenProcess(2035711, false, ProcessId)//获取进程句柄
    Return Handle_Process
    End Function

    Function AsmCodeCall(AsmType)//核心代码
        PublicCode = PublicCode & "C3"
        PublicCode = 十六进制字节集标准化(PublicCode)
        //    TracePrint PublicCode
        dim NewWriteCodeAddr =0
        Dim size=0
        size = Len(PublicCode) + 10
        NewWriteCodeAddr = 申请_进程内存空间(size)//申请空
    //    TracePrint "注入函数地址:"& Hex(NewWriteCodeAddr)
        call 写入_字节集( NewWriteCodeAddr, PublicCode)
        dim RThwnd = CreateRemoteThread(Handle_Process, 0, 0, NewWriteCodeAddr, 0, 0, 0)
        WaitForSingleObject(RThwnd,&HFFFFFFFF)
        释放_进程内存空间(NewWriteCodeAddr)
    End Function

    Function 远程_调用进程函数(Addr)
        Dim RThwnd = CreateRemoteThread(Handle_Process, 0, 0, Addr, 0, 0, 0)
        WaitForSingleObject(RThwnd,&HFFFFFFFF)
        return RThwnd
    End Function

    Function 远程_注入dll( dll路径字符串)
        Dim LoadLibraryA_Addr=动态库dll函数地址获取("kernel32.dll","LoadLibraryA")
        dim CodeSize = len(dll路径字符串)+100 //加10避免空间不够用
        TracePrint  Hex(LoadLibraryA_Addr)
        dim NewWriteCodeAddr = 申请_进程内存空间(CodeSize)//申请空间
        TracePrint Hex(NewWriteCodeAddr)
        CALL 写入_ASCII字符(NewWriteCodeAddr, dll路径字符串)
         Dim RThwnd=CreateRemoteThread(Handle_Process, 0, 0, LoadLibraryA_Addr, NewWriteCodeAddr, 0, 0)          
         WaitForSingleObject(RThwnd,&HFFFFFFFF)
        释放_进程内存空间 (NewWriteCodeAddr)
        return  RThwnd
    End Function

    Function 写入_ASCII字符(lpBaseAddress, 字符串)
        dim i=1
        Dim bytestr
        For len(字符串)
            bytestr = Asc(mid(字符串, i, 1))
            //        TracePrint bytestr
            写入_整数(lpBaseAddress - 1 + i, bytestr,1)
            i=i+1
        Next
    End Function

    Function 写入_字节集( WriteAddr, Byte字节集)
        Dim ByteArr
        ByteArr=Split(Byte字节集," ")
        dim i=0
        For UBound(ByteArr)
            //                TracePrint 字节数组(i+1)
            call 写入_整数(WriteAddr+i,"&H"&ByteArr(i+1),1) //这里我统一加上&H,可以进行运
            i=i+1
        Next
        Return WriteAddr
    End Function
    Function 十六进制字节集标准化(十六字节集)
        Dim i
        dim  PublicCode_1 =""                     
        For i = 0 To Len(十六字节集) / 2 - 1
            PublicCode_1 = PublicCode_1 &(" " & Mid(十六字节集, i * 2 + 1, 2)) //======里是字符集转换空格隔开======
        Next
        PublicCode_1 = LTrim(PublicCode_1," ")//重新赋值
        return  PublicCode_1

    End Function
    Function 内存_属性修改(Addr,AddrSize)
        Dim oldVal=0
        return  VirtualProtectEx(Handle_Process, Addr, AddrSize, 64, oldVal) //是否需要原来属性,这个还有待测试,是否获取原来属性也可以的。
    End Function
    Function 线程ID_当前()
        Return GetCurrentThreadId()
    End Function
    Function 线程ID_窗口获取(Hwnd) //窗口线程,也就是窗口创建者ID
        return  GetWindowThreadProcessId(Hwnd,null)
    End Function
    Function 进程ID_窗口获取(Hwnd)
        Dim  lpdwProcessId=0
        GetWindowThreadProcessId(Hwnd,lpdwProcessId)
    End Function
    Function 动态库dll载入(PathFileName)
        Return LoadLibraryA(PathFileName)
    End Function
    Function 动态库dll卸载(PathFileName)
        dim hMoule=GetModuleHandleA(PathFileName) //获取模块名
        Return FreeLibrary(hMoule)
    End Function
    Function 动态库dll函数地址获取(FileName,FuncName)//大小写字符敏感
        dim hMoule=GetModuleHandleA(FileName) //获取模块名
        return        GetProcAddress(hMoule,FuncName)
    End Function
    Function 动态库dll模块句柄获取(FileName)
        return        GetModuleHandleA(FileName)
    End Function
    Function 获取内存最后错误()
        Return GetLastError()
    End Function
    Function 申请_进程内存空间(size)
        dim  tmp_Addr=0
        tmp_Addr= VirtualAllocEx(Handle_Process, 0, size, 4096, 64)
        Return tmp_Addr
    End Function
    Function 释放_进程内存空间(addr)
        return  VirtualFreeEx(Handle_Process, Addr, 0,32768)
    End Function
    Function 申请_本地内存(size)
        return        VirtualAlloc(0,size,&H1000,&H40)//第二个参数注意下
    End Function
    Function 释放_本地内存(addr)
        return         VirtualFree(addr,0,&H4000)
    End Function

    Function 进制_十六字节集转十字节集(StrHexCode)//TracePrint 进制_十六字节集转十字节集("E8 67 56 71 00 8B 86 A8 24 00 00 8D")
    Dim CodeArray=split(StrHexCode," ")
    Dim StrCode=""
    Dim m=1  //按键x版本数值从0开始
    For UBound(CodeArray)
            StrCode=StrCode &","&  进制_十六转十(CodeArray[m])
            m=m+1
    Next
    Return LTrim(StrCode,",")
    End Function

    Function 进制_十字节集转十六字节集(StrHexCode)//TracePrint 进制_十字节集转十六字节集("232,103,86,113,0,139,134,168,36,0,0,141")
    Dim CodeArray=split(StrHexCode,",")
    Dim StrCode=""
    Dim m=1  //按键x版本数值从0开始
    For UBound(CodeArray)
            StrCode=StrCode &" "&  Hex(CodeArray[m])
            m=m+1
    Next
    Return LTrim(StrCode," ")
    End Function

    Function 进制_单字节转二进制字节(Value)//只支持无符号整数,最大数值不能超过255
        Dim ByteArr=""
        Dim LenVal=0
        Dim BuWei=""
        If Value<16 then
            ByteArr = "0" & Hex(value)
        ElseIf Value <=255 and Value>=16 Then   
            ByteArr = Hex(value)
        ElseIf Value > 255 Then
            TracePrint "单字节类型数据溢出!"
            ByteArr = Hex(value)
        End If
        return ByteArr
    End Function
    Function 进制_双字节整数转二进制字节(Value, ValType)
        Dim ByteArr=""
        Dim LenVal=0
        Dim BuWei=""
        If Value<=65535 and Value>=0 then
            ByteArr=Hex(htons(Value)) //调用网络2字节API
            LenVal = Len(ByteArr)
            TracePrint ByteArr
            BuWei=""
            For (4-LenVal)
                BuWei=BuWei&"0"
            Next
            ByteArr = BuWei & ByteArr
            return ByteArr
        Else
            TracePrint "数据溢出!"
        End if
    End Function
    Function 进制_四字节整数转二进制字节(Value,ValueType)
        Dim addr=0
        Dim bufaddr=0
        Dim Struct
        If ValueType=0 then
            Struct = StructPack("L", Value)// 无符号整数
        ElseIf ValueType = 1 Then
            Struct = StructPack("l", Value)// 有符号整数
        End if
        addr = addrof(Struct)
        TracePrint Hex(addr)
        Dim n=0
        Dim str=""
        For 4
            ReadProcessMemory(获取本地进程句柄(),addr+n, bufaddr, 1, 0)//读取每个字节的值//  lpBaseAddress是存放数据的地址
            TracePrint hEX(bufaddr)
            If bufaddr = 0 Then
                str=str &"00"
            ElseIf Len(Hex(bufaddr)) = 1 Then
                str=str &"0" & Hex(bufaddr)
            Else
                str=str & Hex(bufaddr)
            End If
            n = n + 1
        Next
        Struct=null//释放内存
        Return str
    End Function
    Function 进制_八字节整数转二进制字节(Value, ValueType)//64位或者长整数
        Dim addr=0
        Dim bufaddr=0
        Dim Struct
        If ValueType=0 then
            Struct = StructPack("J", Value)// 无符号64整数
        ElseIf ValueType = 1 Then
            Struct = StructPack("j", Value)// 有符号64整数
        End if
        addr = addrof(Struct)
        TracePrint Hex(addr)
        Dim n=0
        Dim str=""
        For 8
            ReadProcessMemory(获取本地进程句柄(),addr+n, bufaddr, 1, 0)//读取每个字节的值//  lpBaseAddress是存放数据的地址
            TracePrint hEX(bufaddr)
            If bufaddr = 0 Then
                str=str &"00"
            ElseIf Len(Hex(bufaddr)) = 1 Then
                str=str &"0" & Hex(bufaddr)
            Else
                str=str & Hex(bufaddr)
            End If
            n = n + 1
        Next
        Struct=null//释放内存
        Return str
    End Function
    Function 进制_浮点转二进制字节(Value)
        Dim addr=0
        Dim bufaddr=0
        Dim Struct = StructPack("f",Value) //结构体竟然不会自己释放的。  
        addr = addrof(Struct)
        TracePrint Hex(addr)
        Dim n=0
        Dim str=""
        For 4
            ReadProcessMemory(获取本地进程句柄(),addr+n, bufaddr, 1, 0)//读取每个字节的值//  lpBaseAddress是存放数据的地址
            str=str & Hex(bufaddr)
            n=n+1
        Next
        Struct=null//释放内存
        Return str
    End Function
    Function 进制_双浮点转二进制字节(Value)
        Dim addr=0
        Dim bufaddr=0
        Dim Struct = StructPack("d",Value) //结构体竟然不会自己释放的。  
        addr = addrof(Struct)
        TracePrint Hex(addr)
        Dim n=0
        Dim str=""
        For 8
            ReadProcessMemory(获取本地进程句柄(),addr+n, bufaddr, 1, 0)//读取每个字节的值//  lpBaseAddress是存放数据的地址
            str=str & Hex(bufaddr)
            n=n+1
        Next
        Struct=null//释放内存
        Return str
    End Function
    Function 进制_十六转十(十六进制字符串)
        //例子:Msgbox lib.算法.十六进制转十进制("FFFFFF")
        Dim D,H,i,Ia
        D = 0
        H = UCase(十六进制字符串)
        For i = 1 To Len(H)
            Ia = Asc(Mid(H, i, 1)) - 48
            If Ia > 9 Then Ia = Ia - 7
            D = D * 16 + Ia
        Next
        return   D
    End Function
    Function 进制_浮点数转十六(Value)
        Dim x1, addr=0
        Dim bufaddr=0
        Dim Struct = StructPack("f",Value) //结构体竟然不会自己释放的。  
        x1= StructUnPack("f", Struct)
        addr = addrof(Struct)
        ReadProcessMemory(获取本地进程句柄(),addr, bufaddr, 4, 0)//读取每个字节的值//  lpBaseAddress是存放数据的地址
        Struct=null//释放内存
        Return Hex(bufaddr)
    End Function
    Function 获取本地进程句柄()
        dim pid=GetCurrentProcessId()
        Return OpenProcess(2035711, false, pid)//获取进程句柄
    End Function
    Function 写入_单精度浮点数(lpBaseAddress, WriteValue)// 4字节   2字节   1字节
        Return        WriteProcessMemory(Handle_Process, lpBaseAddress, WriteValue, 4, 0)//  lpBaseAddress是存放数据的地址
    End Function
    Function 写入_整数(lpBaseAddress, WriteValue,size)// 4字节   2字节   1字节
        Return        WriteProcessMemory(Handle_Process, lpBaseAddress, WriteValue, size, 0)//  lpBaseAddress是存放数据的地址
    End Function
    Function 写入_4字节整数(lpBaseAddress, WriteValue)// 4字节   2字节   1字节
        Return        WriteProcessMemory(Handle_Process, lpBaseAddress, WriteValue, 4, 0)//  lpBaseAddress是存放数据的地址
    End Function
    Function 写入_八字节长整数(Addr, Value,TypeVal)
        Dim Struct
        If TypeVal=0 then
            Struct = StructPack("J",Value)//无符号
        ElseIf TypeVal = 1 Then
            Struct = StructPack("j",Value)//有符号
        End If
        Dim Value1 =0
        dim Value2  =0 //这里要注意初始化
        Value1,Value2  =StructUnPack("ll",Struct)
        Struct=null//释放内存
        WriteProcessMemory(Handle_Process, addr, Value1, 4, 0)
        return WriteProcessMemory(Handle_Process, addr+4, Value2, 4, 0)  
    End Function
    Function 写入_双浮点数(Addr,Value)
        Dim Struct = StructPack("d",Value)
        Dim Value1 =0
        dim Value2  =0 //这里要注意初始化
        Value1,Value2  =StructUnPack("ll",Struct)
        Struct=null//释放内存
        WriteProcessMemory(Handle_Process, addr, Value1, 4, 0)
        return WriteProcessMemory(Handle_Process, addr+4, Value2, 4, 0)  
    End Function
    //=============================================================读取数据
    Function 读取_整数(lpBaseAddress,size)// 4字节   2字节   1字节
        Dim ReadValue=0
        Return         ReadProcessMemory(Handle_Process,lpBaseAddress, ReadValue, size, 0)//读取每个字节的值//  lpBaseAddress是存放数据的地址
    End Function
    Function 读取_4字节整数(lpBaseAddress)// 4字节   2字节   1字节
        Dim ReadValue=0
        ReadProcessMemory(Handle_Process,lpBaseAddress, ReadValue, 4, 0)//读取每个字节的值//  lpBaseAddress是存放数据的地址
        Return ReadValue
    End Function
    Function 读取_浮点数(lpBaseAddress)// 4字节   2字节   1字节
        Dim ReadValue=0.02
        If lpBaseAddress>=3.4*10^-38  and lpBaseAddress<=3.4*10^38 then
            ReadProcessMemory(Handle_Process,lpBaseAddress, ReadValue, 4, 0)//读取每个字节的值//  lpBaseAddress是存放数据的地址
        End if
        Return ReadValue
    End Function
    Function 读取_双浮点数(addr)
        Dim bufaddr1=0
        Dim bufaddr2=0
        ReadProcessMemory(Handle_Process, addr, bufaddr1, 4, 0) //先分别读写数值的前4位后四位
        ReadProcessMemory(Handle_Process, addr+4, bufaddr2, 4, 0)
        Dim Struct = StructPack("ll",bufaddr1,bufaddr2) //结构体竟然不会自己释放的。  浮点数这里要用ll不要用LL
        dim StructAddr = addrof(Struct)
        Dim DbValue=0.0
        DbValue= StructUnPack("d",Struct)
        Struct = null//释放内存
        Return DbValue
    End Function
    Function 读取_ASCII字符串(lpBaseAddress, size)// 4字节   2字节   1字节
        Dim srt=""
        dim n=0
        Dim ReadValue
        For size
            ReadProcessMemory(Handle_Process,lpBaseAddress+n, ReadValue, 1, 0)//读取每个字节的值//  lpBaseAddress是存放数据的地址
            srt = srt & chr(ReadValue)
            // TracePrint chr(ReadValue)
            n=n+1
        Next
        Return srt
    End Function
    //=======================================================================================常用命令
    Function W_ShellCode()
        Dim shell_code=""
        shell_code=PublicCode
        Return shell_code
    End Function
    Function W_HighAndLow(Value , n) '高低位互换
        Dim tmp1=""
        dim tmp2=""
        dim i
        tmp1 = Right("0000000"& Hex(Value), n)
        For i = 0 To Len(tmp1) / 2 - 1
            tmp2 = tmp2 & Mid(tmp1, Len(tmp1) - 1 - 2 * i, 2)
        Next    //=======================================这里出错
        Return  tmp2
    End Function
    //Function W_HighAndLow(Value, n)'高低位互换,这个是更新版本,n是多余的参数,还有bug 0000
    //    If Value <255 and Value >16 Then
    //        W_HighAndLow = Hex(Value)
    //    ElseIf Value < 16 and Value >=0 Then
    //      
    //            W_HighAndLow = "0" & Hex(Value)
    //        
    //    Else
    //        W_HighAndLow = Hex(htonl(Value))
    //    End If
    //End Function
    //================================类人猿按键精灵X版本独立内存汇编库:QQ:578052137    按键精灵的内存汇编技术学习Q群:526897608 =============================================
    //  手稿版本为:1.00
    //================================希望喜欢按键的朋友继续传递下去,继续更新===================================================
    //按键也可以独立做内存和汇编,不用依赖其他语言。代码发现bug问题请及时反馈给我,谢谢!
    Function AsmClear()       
        PublicCode=""
    End Function
    Function Leave()
        PublicCode = PublicCode & "C9"
    End Function
    Function Pushad()
        PublicCode = PublicCode & "60"
    End Function
    Function Popad()
        PublicCode = PublicCode & "61"
    End Function
    Function Nop()
        PublicCode = PublicCode & "90"
    End Function
    Function Ret()
        PublicCode = PublicCode & "C3"
    End Function
    Function Retn(i)  //这个是新加的
        PublicCode = PublicCode & "C2"& W_HighAndLow(i, 4)
    End Function
    Function Retf()
        PublicCode = PublicCode & "C8"
    End Function
    Function IN_AL_DX()
        PublicCode = PublicCode & "EC"
    End Function
    Function TEST_EBX_EDX()
        PublicCode = PublicCode & "85D3"
    End Function
    Function TEST_EAX_ECX()
        PublicCode = PublicCode & "85C1"
    End Function
    'Add
    '&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
    Function Add_EAX_EDX()
        PublicCode = PublicCode & "03C2"
    End Function
    Function Add_EBX_EAX()
        PublicCode = PublicCode & "03D8"
    End Function
    Function Add_EAX_Ptr_(i)
        PublicCode = PublicCode & "0305" & W_HighAndLow(i, 8)
    End Function
    Function Add_EBX_Ptr_(i)
        PublicCode = PublicCode & "031D" & W_HighAndLow(i, 8)
    End Function
    Function Add_EBP_Ptr_(i)
        PublicCode = PublicCode & "032D" & W_HighAndLow(i, 8)
    End Function
    Function Add_EAX_(i)
        PublicCode = PublicCode & "05" & W_HighAndLow(i, 8)
    End Function
    Function Add_EBX_(i)
        PublicCode = PublicCode & "83C3" & W_HighAndLow(i, 8)
    End Function
    Function Add_ECX_(i)
        PublicCode = PublicCode & "83C1" & W_HighAndLow(i, 8)
    End Function
    Function Add_EDX_(i)
        PublicCode = PublicCode & "83C2" & W_HighAndLow(i, 8)
    End Function
    Function Add_ESI_(i)
        PublicCode = PublicCode & "83C6" & W_HighAndLow(i, 8)
    End Function
    Function Add_ESP_(i)
        PublicCode = PublicCode & "83C4" & W_HighAndLow(i, 8)
    End Function
    'Sub
    '&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
    Function Sub_EAX_ECX()
        PublicCode = PublicCode & "2BC1"
    End Function
    Function Sub_ECX_EAX()
        PublicCode = PublicCode & "2BC8"
    End Function
    Function Sub_EAX_(i)
        If i <= 127  and i >= 0 Then
            PublicCode = PublicCode & "83E8" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "2D" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Sub_ECX_(i)
        If i <= 127  and i >= 0 Then
            PublicCode = PublicCode & "83E9" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "81E9" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Sub_EDX_(i)
        If i <= 127  and i >= 0 Then
            PublicCode = PublicCode & "83EA" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "81EA" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Sub_EBX_(i)
        If i <= 127  and i >= 0 Then
            PublicCode = PublicCode & "83EB" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "81EB" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Sub_ESP_(i)
        If i <= 127  and i >= 0 Then
            PublicCode = PublicCode & "83EC" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "81EC" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Sub_EBP_(i)
        If i <= 127  and i >= 0 Then
            PublicCode = PublicCode & "83ED" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "81ED" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Sub_ESI_(i)
        If i <= 127  and i >= 0 Then
            PublicCode = PublicCode & "83EE" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "81EE" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Sub_EDI_(i)
        If i <= 127  and i >= 0 Then
            PublicCode = PublicCode & "83EF" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "81EF" & W_HighAndLow(i, 8)
        End If
    End Function
    'Call
    '&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
    Function Call_EAX()
        PublicCode = PublicCode & "FFD0"
    End Function
    Function Call_EBX()
        PublicCode = PublicCode & "FFD3"
    End Function
    Function Call_ECX()
        PublicCode = PublicCode & "FFD1"
    End Function
    Function Call_EDX()
        PublicCode = PublicCode & "FFD2"
    End Function
    Function Call_ESI()
        PublicCode = PublicCode & "FFD6"
    End Function
    Function Call_ESP()
        PublicCode = PublicCode & "FFD4"
    End Function
    Function Call_EBP()
        PublicCode = PublicCode & "FFD5"
    End Function
    Function Call_EDI()
        PublicCode = PublicCode & "FFD7"
    End Function
    Function Call_Ptr_(i )
        PublicCode = PublicCode & "FF15" & W_HighAndLow(i, 8)
    End Function
    //Function Call_Ptr_Value(i ) //这个是新加进去的,这个时候错误的
    //PublicCode = PublicCode & "E8" & W_HighAndLow(i, 8)
    //End Function
    Function Call_Ptr_EAX()
        PublicCode = PublicCode & "FF10"
    End Function
    Function Call_Ptr_EBX()
        PublicCode = PublicCode & "FF13"
    End Function
    'Cmp
    '&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
    Function Cmp_EAX_(i)
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "83F8" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "3D" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Cmp_EAX_EDX()
        PublicCode = PublicCode & "3BC2"
    End Function
    Function Cmp_EAX_Ptr_(i)
        PublicCode = PublicCode & "3B05" & W_HighAndLow(i, 8)
    End Function
    Function Cmp_Ptr_Addr_EAX(i) //这个可以用作规范
        PublicCode = PublicCode & "3905" & W_HighAndLow(i, 8)
    End Function
    'DEC
    '&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
    Function Dec_EAX()
        PublicCode = PublicCode & "48"
    End Function
    Function Dec_EBX()
        PublicCode = PublicCode & "4B"
    End Function
    Function Dec_ECX()
        PublicCode = PublicCode & "49"
    End Function
    Function Dec_EDX()
        PublicCode = PublicCode & "4A"
    End Function
    'Idiv
    '&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
    Function Idiv_EAX()
        PublicCode = PublicCode & "F7F8"
    End Function
    Function Idiv_EBX()
        PublicCode = PublicCode & "F7FB"
    End Function
    Function Idiv_ECX()
        PublicCode = PublicCode & "F7F9"
    End Function
    Function Idiv_EDX()
        PublicCode = PublicCode & "F7FA"
    End Function
    'Imul
    '&&&&&&&
    //&&&&&&&&&&&&&&&&&&&&&&&&&&&&
    Function Imul_EAX_EDX()
        PublicCode = PublicCode & "0FAFC2"
    End Function
    Function Imul_EAX_(i)
        PublicCode = PublicCode & "6BC0" & W_HighAndLow(i, 2)
    End Function
    Function ImulB_EAX_(i )
        PublicCode = PublicCode & "69C0" & W_HighAndLow(i, 8)
    End Function
    'INC
    '&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
    Function Inc_EAX()
        PublicCode = PublicCode & "40"
    End Function
    Function Inc_EBX()
        PublicCode = PublicCode & "43"
    End Function
    Function Inc_ECX()
        PublicCode = PublicCode & "41"
    End Function
    Function Inc_EDX()
        PublicCode = PublicCode & "42"
    End Function
    Function Inc_EDI()
        PublicCode = PublicCode & "47"
    End Function
    Function Inc_ESI()
        PublicCode = PublicCode & "46"
    End Function
    Function Inc_Ptr_EAX()
        PublicCode = PublicCode & "FF00"
    End Function
    Function Inc_Ptr_EBX()
        PublicCode = PublicCode & "FF03"
    End Function
    Function Inc_Ptr_ECX()
        PublicCode = PublicCode & "FF01"
    End Function
    Function Inc_Ptr_EDX()
        PublicCode = PublicCode & "FF02"
    End Function
    'JMP/JE/JNE
    '&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
    Function JMP_EAX()
        PublicCode = PublicCode & "FFE0"
    End Function
    'Mov
    Function Mov_Ptr_Addr_EAX(i)      
        PublicCode = PublicCode & "A3" & W_HighAndLow(i, 8)
    End Function
    Function Mov_Ptr_Addr_AL(i)      
        PublicCode = PublicCode & "A2" & W_HighAndLow(i, 8)
    End Function
    Function Mov_Ptr_Addr_AH(i)      
        PublicCode = PublicCode & "8825" & W_HighAndLow(i, 8)
    End Function
    Function Mov_EAX_(i )
        PublicCode = PublicCode & "B8" & W_HighAndLow(i, 8)
    End Function
    Function Mov_EBX_(i )
        PublicCode = PublicCode & "BB" & W_HighAndLow(i, 8)
    End Function
    Function Mov_ECX_(i )
        PublicCode = PublicCode & "B9" & W_HighAndLow(i, 8)
    End Function
    Function Mov_EDX_(i )
        PublicCode = PublicCode & "BA" & W_HighAndLow(i, 8)
    End Function
    Function Mov_ESI_(i )
        PublicCode = PublicCode & "BE" & W_HighAndLow(i, 8)
    End Function
    Function Mov_ESP_(i )
        PublicCode = PublicCode & "BC" & W_HighAndLow(i, 8)
    End Function
    Function Mov_EBP_(i )
        PublicCode = PublicCode & "BD" & W_HighAndLow(i, 8)
    End Function
    Function Mov_EDI_(i )
        PublicCode = PublicCode & "BF" & W_HighAndLow(i, 8)
    End Function
    Function Mov_EBX_Ptr_(i)
        PublicCode = PublicCode & "8B1D" & W_HighAndLow(i, 8)
    End Function
    Function Mov_ECX_Ptr_(i )
        PublicCode = PublicCode & "8B0D" & W_HighAndLow(i, 8)
    End Function
    Function Mov_EAX_Ptr_(i)
        PublicCode = PublicCode & "A1" & W_HighAndLow(i, 8)
    End Function
    Function Mov_EDX_Ptr_(i )
        PublicCode = PublicCode & "8B15" & W_HighAndLow(i, 8)
    End Function
    Function Mov_ESI_Ptr_(i )
        PublicCode = PublicCode & "8B35" & W_HighAndLow(i, 8)
    End Function
    Function Mov_ESP_Ptr_(i )
        PublicCode = PublicCode & "8B25" & W_HighAndLow(i, 8)
    End Function
    Function Mov_EBP_Ptr_(i )
        PublicCode = PublicCode & "8B2D" & W_HighAndLow(i, 8)
    End Function
    Function Mov_EAX_Ptr_EAX()
        PublicCode = PublicCode & "8B00"
    End Function
    Function Mov_EAX_Ptr_EBP()
        PublicCode = PublicCode & "8B4500"
    End Function
    Function Mov_EAX_Ptr_EBX()
        PublicCode = PublicCode & "8B03"
    End Function
    Function Mov_EAX_Ptr_ECX()
        PublicCode = PublicCode & "8B01"
    End Function
    Function Mov_EAX_Ptr_EDX()
        PublicCode = PublicCode & "8B02"
    End Function
    Function Mov_EAX_Ptr_EDI()
        PublicCode = PublicCode & "8B07"
    End Function
    Function Mov_EAX_Ptr_ESP()
        PublicCode = PublicCode & "8B0424"
    End Function
    Function Mov_EAX_Ptr_ESI()
        PublicCode = PublicCode & "8B06"
    End Function
    Function Mov_EAX_Ptr_EAX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B40" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B80" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EAX_Ptr_ESP_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B4424" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B8424" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EAX_Ptr_EBX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B43" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B83" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EAX_Ptr_ECX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B41" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B81" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EAX_Ptr_EDX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B42" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B82" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EAX_Ptr_EDI_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B47" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B87" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EAX_Ptr_EBP_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B45" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B85" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EAX_Ptr_ESI_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B46" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B86" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EBX_Ptr_EAX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B58" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B98" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EBX_Ptr_ESP_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B5C24" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B9C24" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EBX_Ptr_EBX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B5B" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B9B" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EBX_Ptr_ECX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B59" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B99" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EBX_Ptr_EDX_OffSet(i )
        If i <= 255  and i >= 0  Then
            PublicCode = PublicCode & "8B5A" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B9A" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EBX_Ptr_EDI_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B5F" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B9F" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EBX_Ptr_EBP_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B5D" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B9D" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EBX_Ptr_ESI_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B5E" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B9E" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_ECX_Ptr_EAX_OffSet(i)  //这里出错过
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B48" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B88" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_ECX_Ptr_ESP_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B4C24" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B8C24" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_ECX_Ptr_EBX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B4B" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B8B" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_ECX_Ptr_ECX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B49" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B89" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_ECX_Ptr_EDX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B4A" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B8A" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_ECX_Ptr_EDI_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B4F" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B8F" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_ECX_Ptr_EBP_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B4D" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B8D" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_ECX_Ptr_ESI_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B4E" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B8E" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EDX_Ptr_EAX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B50" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B90" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EDX_Ptr_ESP_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B5424" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B9424" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EDX_Ptr_EBX_OffSet(i)
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B53" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B93" & W_HighAndLow(i, 8 ) //这里出错过
        End If
    End Function
    Function Mov_EDX_Ptr_ECX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B51" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B91" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EDX_Ptr_EDX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B52" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B92" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EDX_Ptr_EDI_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B57" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B97" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EDX_Ptr_EBP_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B55" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B95" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EDX_Ptr_ESI_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8B56" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8B96" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Mov_EBX_Ptr_EAX()
        PublicCode = PublicCode & "8B18"
    End Function
    Function Mov_EBX_Ptr_EBP()
        PublicCode = PublicCode & "8B5D00"
    End Function
    Function Mov_EBX_Ptr_EBX()
        PublicCode = PublicCode & "8B1B"
    End Function
    Function Mov_EBX_Ptr_ECX()
        PublicCode = PublicCode & "8B19"
    End Function
    Function Mov_EBX_Ptr_EDX()
        PublicCode = PublicCode & "8B1A"
    End Function
    Function Mov_EBX_Ptr_EDI()
        PublicCode = PublicCode & "8B1F"
    End Function
    Function Mov_EBX_Ptr_ESP()
        PublicCode = PublicCode & "8B1C24"
    End Function
    Function Mov_EBX_Ptr_ESI()
        PublicCode = PublicCode & "8B1E"
    End Function
    Function Mov_ECX_Ptr_EAX()
        PublicCode = PublicCode & "8B08"
    End Function
    Function Mov_ECX_Ptr_EBP()
        PublicCode = PublicCode & "8B4D00"
    End Function
    Function Mov_ECX_Ptr_EBX()
        PublicCode = PublicCode & "8B0B"
    End Function
    Function Mov_ECX_Ptr_ECX()
        PublicCode = PublicCode & "8B09"
    End Function
    Function Mov_ECX_Ptr_EDX()
        PublicCode = PublicCode & "8B0A"
    End Function
    Function Mov_ECX_Ptr_EDI()
        PublicCode = PublicCode & "8B0F"
    End Function
    Function Mov_ECX_Ptr_ESP()
        PublicCode = PublicCode & "8B0C24"
    End Function
    Function Mov_ECX_Ptr_ESI()
        PublicCode = PublicCode & "8B0E"
    End Function
    Function Mov_EDX_Ptr_EAX()
        PublicCode = PublicCode & "8B10"
    End Function
    Function Mov_EDX_Ptr_EBP()
        PublicCode = PublicCode & "8B5500"
    End Function
    Function Mov_EDX_Ptr_EBX()
        PublicCode = PublicCode & "8B13"
    End Function
    Function Mov_EDX_Ptr_ECX()
        PublicCode = PublicCode & "8B11"
    End Function
    Function Mov_EDX_Ptr_EDX()
        PublicCode = PublicCode & "8B12"
    End Function
    Function Mov_EDX_Ptr_EDI()
        PublicCode = PublicCode & "8B17"
    End Function
    Function Mov_EDX_Ptr_ESI()
        PublicCode = PublicCode & "8B16"
    End Function
    Function Mov_EDX_Ptr_ESP()
        PublicCode = PublicCode & "8B1424"
    End Function
    Function Mov_EAX_EBP()
        PublicCode = PublicCode & "8BC5"
    End Function
    Function Mov_EAX_EBX()
        PublicCode = PublicCode & "8BC3"
    End Function
    Function Mov_EAX_ECX()
        PublicCode = PublicCode & "8BC1"
    End Function
    Function Mov_EAX_EDI()
        PublicCode = PublicCode & "8BC7"
    End Function
    Function Mov_EAX_EDX()
        PublicCode = PublicCode & "8BC2"
    End Function
    Function Mov_EAX_ESI()
        PublicCode = PublicCode & "8BC6"
    End Function
    Function Mov_EAX_ESP()
        PublicCode = PublicCode & "8BC4"
    End Function
    Function Mov_EBX_EBP()
        PublicCode = PublicCode & "8BDD"
    End Function
    Function Mov_EBX_EAX()
        PublicCode = PublicCode & "8BD8"
    End Function
    Function Mov_EBX_ECX()
        PublicCode = PublicCode & "8BD9"
    End Function
    Function Mov_EBX_EDI()
        PublicCode = PublicCode & "8BDF"
    End Function
    Function Mov_EBX_EDX()
        PublicCode = PublicCode & "8BDA"
    End Function
    Function Mov_EBX_ESI()
        PublicCode = PublicCode & "8BDE"
    End Function
    Function Mov_EBX_ESP()
        PublicCode = PublicCode & "8BDC"
    End Function
    Function Mov_ECX_EBP()
        PublicCode = PublicCode & "8BCD"
    End Function
    Function Mov_ECX_EAX()
        PublicCode = PublicCode & "8BC8"
    End Function
    Function Mov_ECX_EBX()
        PublicCode = PublicCode & "8BCB"
    End Function
    Function Mov_ECX_EDI()
        PublicCode = PublicCode & "8BCF"
    End Function
    Function Mov_ECX_EDX()
        PublicCode = PublicCode & "8BCA"
    End Function
    Function Mov_ECX_ESI()
        PublicCode = PublicCode & "8BCE"
    End Function
    Function Mov_ECX_ESP()
        PublicCode = PublicCode & "8BCC"
    End Function
    Function Mov_EDX_EBP()
        PublicCode = PublicCode & "8BD5"
    End Function
    Function Mov_EDX_EBX()
        PublicCode = PublicCode & "8BD3"
    End Function
    Function Mov_EDX_ECX()
        PublicCode = PublicCode & "8BD1"
    End Function
    Function Mov_EDX_EDI()
        PublicCode = PublicCode & "8BD7"
    End Function
    Function Mov_EDX_EAX()
        PublicCode = PublicCode & "8BD0"
    End Function
    Function Mov_EDX_ESI()
        PublicCode = PublicCode & "8BD6"
    End Function
    Function Mov_EDX_ESP()
        PublicCode = PublicCode & "8BD4"
    End Function
    Function Mov_ESI_EBP()
        PublicCode = PublicCode & "8BF5"
    End Function
    Function Mov_ESI_EBX()
        PublicCode = PublicCode & "8BF3"
    End Function
    Function Mov_ESI_ECX()
        PublicCode = PublicCode & "8BF1"
    End Function
    Function Mov_ESI_EDI()
        PublicCode = PublicCode & "8BF7"
    End Function
    Function Mov_ESI_EAX()
        PublicCode = PublicCode & "8BF0"
    End Function
    Function Mov_ESI_EDX()
        PublicCode = PublicCode & "8BF2"
    End Function
    Function Mov_ESI_ESP()
        PublicCode = PublicCode & "8BF4"
    End Function
    Function Mov_ESP_EBP()
        PublicCode = PublicCode & "8BE5"
    End Function
    Function Mov_ESP_EBX()
        PublicCode = PublicCode & "8BE3"
    End Function
    Function Mov_ESP_ECX()
        PublicCode = PublicCode & "8BE1"
    End Function
    Function Mov_ESP_EDI()
        PublicCode = PublicCode & "8BE7"
    End Function
    Function Mov_ESP_EAX()
        PublicCode = PublicCode & "8BE0"
    End Function
    Function Mov_ESP_EDX()
        PublicCode = PublicCode & "8BE2"
    End Function
    Function Mov_ESP_ESI()
        PublicCode = PublicCode & "8BE6"
    End Function
    Function Mov_EDI_EBP()
        PublicCode = PublicCode & "8BFD"
    End Function
    Function Mov_EDI_EAX()
        PublicCode = PublicCode & "8BF8"
    End Function
    Function Mov_EDI_EBX()
        PublicCode = PublicCode & "8BFB"
    End Function
    Function Mov_EDI_ECX()
        PublicCode = PublicCode & "8BF9"
    End Function
    Function Mov_EDI_EDX()
        PublicCode = PublicCode & "8BFA"
    End Function
    Function Mov_EDI_ESI()
        PublicCode = PublicCode & "8BFE"
    End Function
    Function Mov_EDI_ESP()
        PublicCode = PublicCode & "8BFC"
    End Function
    Function Mov_EBP_EDI()
        PublicCode = PublicCode & "8BDF"
    End Function
    Function Mov_EBP_EAX()
        PublicCode = PublicCode & "8BE8"
    End Function
    Function Mov_EBP_EBX()
        PublicCode = PublicCode & "8BEB"
    End Function
    Function Mov_EBP_ECX()
        PublicCode = PublicCode & "8BE9"
    End Function
    Function Mov_EBP_EDX()
        PublicCode = PublicCode & "8BEA"
    End Function
    Function Mov_EBP_ESI()
        PublicCode = PublicCode & "8BEE"
    End Function
    Function Mov_EBP_ESP()
        PublicCode = PublicCode & "8BEC"
    End Function
    'Push
    '&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
    Function Push(i)
        If i <= 127  and i >= 0 Then
            PublicCode = PublicCode & "6A" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "68" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Push_Ptr_(i )
        PublicCode = PublicCode & "FF35" & W_HighAndLow(i, 8)
    End Function
    Function Push_EAX()
        PublicCode = PublicCode & "50"
    End Function
    Function Push_ECX()
        PublicCode = PublicCode & "51"
    End Function
    Function Push_EDX()
        PublicCode = PublicCode & "52"
    End Function
    Function Push_EBX()
        PublicCode = PublicCode & "53"
    End Function
    Function Push_ESP()
        PublicCode = PublicCode & "54"
    End Function
    Function Push_EBP()
        PublicCode = PublicCode & "55"
    End Function
    Function Push_ESI()
        PublicCode = PublicCode & "56"
    End Function
    Function Push_EDI()
        PublicCode = PublicCode & "57"
    End Function
    'Lea
    '&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
    Function Lea_EAX_Ptr_EAX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D40" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D80" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EAX_Ptr_EBX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D43" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D83" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EAX_Ptr_ECX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D41" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D81" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EAX_Ptr_EDX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D42" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D82" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EAX_Ptr_ESI_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D46" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D86" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EAX_Ptr_ESP_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D40" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D80" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EAX_Ptr_EBP_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D4424" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D8424" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EAX_Ptr_EDI_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D47" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D87" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EBX_Ptr_EAX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D58" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D98" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EBX_Ptr_ESP_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D5C24" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D9C24" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EBX_Ptr_EBX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D5B" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D9B" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EBX_Ptr_ECX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D59" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D99" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EBX_Ptr_EDX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D5A" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D9A" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EBX_Ptr_EDI_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D5F" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D9F" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EBX_Ptr_EBP_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D5D" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D9D" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EBX_Ptr_ESI_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D5E" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D9E" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_ECX_Ptr_EAX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D48" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D88" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_ECX_Ptr_ESP_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D4C24" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D8C24" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_ECX_Ptr_EBX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D4B" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D8B" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_ECX_Ptr_ECX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D49" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D89" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_ECX_Ptr_EDX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D4A" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D8A" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_ECX_Ptr_EDI_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D4F" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D8F" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_ECX_Ptr_EBP_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D4D" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D8D" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_ECX_Ptr_ESI_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D4E" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D8E" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EDX_Ptr_EAX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D50" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D90" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EDX_Ptr_ESP_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D5424" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D9424" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EDX_Ptr_EBX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D53" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D93" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EDX_Ptr_ECX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D51" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D91" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EDX_Ptr_EDX_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D52" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D92" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EDX_Ptr_EDI_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D57" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D97" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EDX_Ptr_EBP_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D55" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D95" & W_HighAndLow(i, 8)
        End If
    End Function
    Function Lea_EDX_Ptr_ESI_OffSet(i )
        If i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "8D56" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "8D96" & W_HighAndLow(i, 8)
        End If
    End Function
    'pop
    '&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
    Function Pop_EAX()
        PublicCode = PublicCode & "58"
    End Function
    Function Pop_EBX()
        PublicCode = PublicCode & "5B"
    End Function
    Function Pop_ECX()
        PublicCode = PublicCode & "59"
    End Function
    Function Pop_EDX()
        PublicCode = PublicCode & "5A"
    End Function
    Function Pop_ESI()
        PublicCode = PublicCode & "5E"
    End Function
    Function Pop_ESP()
        PublicCode = PublicCode & "5C"
    End Function
    Function Pop_EDI()
        PublicCode = PublicCode & "5F"
    End Function
    Function Pop_EBP()
        PublicCode = PublicCode & "5D"
    End Function
    'XOR加密
    '&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&新加的
    Function Xor_ECX_EAX()
        PublicCode = PublicCode & "33C8"
    End Function
    Function Xor_EAX_ECX()
        PublicCode = PublicCode & "33C1"
    End Function
    'SHL SHR加密
    '&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
    Function Shl_EAX_(i)
        If i = 0 Then
            PublicCode = PublicCode & "D1E0"
        ElseIf  i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "C1E0" & W_HighAndLow(i, 2)
        Else
            TracePrint "命令书写错误!"
        End If
    End Function
    Function Shl_ECX_(i)
        If i = 0 Then
            PublicCode = PublicCode & "D1E1"
        ElseIf  i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "C1E1" & W_HighAndLow(i, 2)
        Else
            TracePrint "命令书写错误!"
        End If
    End Function
    Function Shr_EAX_(i)
        If i = 0 Then
            PublicCode = PublicCode & "D1E8"
        ElseIf  i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "C1E8" & W_HighAndLow(i, 2)
        Else
            TracePrint "命令书写错误!"
        End If
    End Function
    Function Shr_ECX_(i)
        If i = 0 Then
            PublicCode = PublicCode & "D1E9"
        ElseIf  i <= 255  and i >= 0 Then
            PublicCode = PublicCode & "C1E9" & W_HighAndLow(i, 2)
        Else
            TracePrint "命令书写错误!"
        End If
    End Function
    //AND
    Function And_EAX_(i)
        If i <= 127  and i >= 0 Then
            PublicCode = PublicCode & "83C0" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "05" & W_HighAndLow(i, 8)
        End If
    End Function
    Function And_ECX_(i)
        If i <= 127  and i >= 0 Then
            PublicCode = PublicCode & "83E1" & W_HighAndLow(i, 2)
        Else
            PublicCode = PublicCode & "25" & W_HighAndLow(i, 8)
        End If
    End Function
    Function And_EAX_ECX()
        PublicCode = PublicCode & "21C8"
    End Function
    Function And_EBX_EDX()
        PublicCode = PublicCode & "21D3"
    End Function
    //   OR
    Function Or_EAX_ECX()
        PublicCode = PublicCode & "33C1"
    End Function
    Function Or_EBX_EDX()
        PublicCode = PublicCode & "09D3"
    End Function
    //not
    Function Not_EAX()
        PublicCode = PublicCode & "F7D0"
    End Function
    Function Not_ECX()
        PublicCode = PublicCode & "F7D1"
    End Function

    Function ABC按键X_类人猿技术群_526897608() //这个功能是将字节集转化成空格形式55 8B EC A1 7C 24
        TracePrint "技术联系类人猿Q: 578052137"
    End Function
    Function ABC按键X_技术QQ_578052137() //这个功能是将字节集转化成空格形式55 8B EC A1 7C 24
        TracePrint "技术联系类人猿Q: 578052137"
    End Function

    Function ABC按键X_测试版本_支持按键X版本内存汇编//这个功能是将字节集转化成空格形式55 8B EC A1 7C 24
        TracePrint "技术联系类人猿Q: 578052137"
    End Function
    //================================类人猿按键精灵X版本独立内存汇编库:QQ:578052137    按键精灵的内存汇编技术学习Q群:526897608 =============================================
    //  手稿版本为:1.00
    //================================希望喜欢按键的朋友继续传递下去,继续更新===================================================
    //按键也可以独立做内存和汇编,不用依赖其他语言。代码发现bug问题请及时反馈给我,谢谢!

  • TA的每日心情

    2018-6-1 15:26
  • 签到天数: 18 天

    [LV.4]偶尔看看III

    13

    主题

    21

    回帖

    320

    积分

    中级会员

    积分
    320
    QQ
     楼主| 类人猿 发表于 2018-5-23 19:14:17 | 显示全部楼层
    看得懂的没几个,看懂的可以联系下我,一起交流下!
    回复

    使用道具 举报

  • TA的每日心情
    开心
    2019-10-9 11:44
  • 签到天数: 1 天

    [LV.1]初来乍到

    0

    主题

    5

    回帖

    13

    积分

    新手上路

    积分
    13
    qq8572160 发表于 2019-10-9 11:51:46 | 显示全部楼层
    谢谢楼主分享家教程
    回复

    使用道具 举报

    您需要登录后才可以回帖 登录 | 立即注册

    本版积分规则

    QQ|手机版|小黑屋|虫虫联盟 ( 备案号:蜀ICP备15018121号-1 )

    GMT+8, 2025-1-18 13:11 , Processed in 0.636114 second(s), 26 queries .

    Powered by Discuz! X3.5 Licensed

    © 2001-2024 Discuz! Team.

    快速回复 返回顶部 返回列表