diff options
Diffstat (limited to 'samples/disas/x64.asm')
-rw-r--r-- | samples/disas/x64.asm | 520 |
1 files changed, 520 insertions, 0 deletions
diff --git a/samples/disas/x64.asm b/samples/disas/x64.asm new file mode 100644 index 0000000..a60d4dc --- /dev/null +++ b/samples/disas/x64.asm @@ -0,0 +1,520 @@ +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;; +;; Detours Test Program (x64.asm/disas.exe) +;; +;; Microsoft Research Detours Package +;; +;; Copyright (c) Microsoft Corporation. All rights reserved. +;; + +.xlist +.list +.code + +PUBLIC TestCodes + +_TEXT SEGMENT + +TestCodes PROC + +begin: +faraway: + int 3 + nop + int 3 + db 066h,090h ; // 2-byte NOP. + int 3 + db 00fh, 01fh, 000h ; // 3-byte NOP. + int 3 + db 00fh, 01fh, 040h, 000h ; // 4-byte NOP. + int 3 + db 00fh, 01fh, 044h, 000h, 000h ; // 5-byte NOP. + int 3 + db 066h, 00fh, 01fh, 044h, 000h, 000h ; // 6-byte NOP. + int 3 + db 00fh, 01fh, 080h, 000h, 000h, 000h, 000h ; // 7-byte NOP. + int 3 + db 00fh, 01fh, 084h, 000h, 000h, 000h, 000h, 000h ; // 8-byte NOP. + int 3 + db 066h, 00fh, 01fh, 084h, 000h, 000h, 000h, 000h, 000h ; // 9-byte NOP. + int 3 + mov rax, cr8 + int 3 + mov rcx, cr8 + int 3 + mov rdx, cr8 + int 3 + mov rbx, cr8 + int 3 + mov rsp, cr8 + int 3 + mov rbp, cr8 + int 3 + mov rsi, cr8 + int 3 + mov rdi, cr8 + int 3 + mov r8, cr8 + int 3 + mov r9, cr8 + int 3 + mov r10, cr8 + int 3 + mov r11, cr8 + int 3 + mov r12, cr8 + int 3 + mov r13, cr8 + int 3 + mov r14, cr8 + int 3 + mov r15, cr8 + int 3 + mov cr8, rax + int 3 + mov cr8, rcx + int 3 + mov cr8, rdx + int 3 + mov cr8, rbx + int 3 + mov cr8, rsp + int 3 + mov cr8, rbp + int 3 + mov cr8, rsi + int 3 + mov cr8, rdi + int 3 + mov cr8, r8 + int 3 + mov cr8, r9 + int 3 + mov cr8, r10 + int 3 + mov cr8, r11 + int 3 + mov cr8, r12 + int 3 + mov cr8, r13 + int 3 + mov cr8, r14 + int 3 + mov cr8, r15 + int 3 + xor rax, rax + int 3 + xor rcx, rcx + int 3 + xor rdx, rdx + int 3 + xor rbx, rbx + int 3 + xor rsp, rsp + int 3 + xor rbp, rbp + int 3 + xor rsi, rsi + int 3 + xor rdi, rdi + int 3 + xor r8, r8 + int 3 + xor r9, r9 + int 3 + xor r10, r10 + int 3 + xor r11, r11 + int 3 + xor r12, r12 + int 3 + xor r13, r13 + int 3 + xor r14, r14 + int 3 + xor r15, r15 + int 3 + jmp rax + int 3 + jmp rbx + int 3 + jmp rcx + int 3 + jmp rdx + int 3 + push rax + int 3 + push rbx + int 3 + push rcx + int 3 + push rdx + int 3 + push 0 + int 3 + pop rax + int 3 + pop rbx + int 3 + pop rcx + int 3 + pop rdx + int 3 + mov rax,[value] + int 3 + sub rsp,0418h + int 3 + mov [rsp+0410h],rbx + int 3 + mov [rsp+0408h],rsi + int 3 + mov [rsp+0400h],rdi + int 3 + mov [rsp+03f8h],r12 + int 3 + mov [rsp+03f0h],r13 + int 3 + mov [rsp+03e8h],r14 + int 3 + mov [rsp+03e0h],r15 + int 3 + add [rax],al ; 0000 + int 3 + add [rcx],al ; 0001 + int 3 + add [rbx],al ; 0003 + int 3 + add [rax+rax],al ; 000400 + int 3 + add [rdi],al ; 0007 + int 3 + add [rax],cl ; 0008 + int 3 + add [rdi],cl ; 000f + int 3 + add [rax],dl ; 0010 + int 3 + add [rdi],bl ; 001f + int 3 + add [rax],ah ; 0020 + int 3 + add [rdi],bh ; 003f + int 3 + add [rax+03bh],cl ; 00483b + int 3 + add [rdi],bh ; 007f00 + int 3 + add [rax+040000000h],al ; 008000000040 + int 3 + add bh,bh ; 00ff + int 3 + add [rax],eax ; 0100 + int 3 + add al,[rax] ; 0200 + int 3 + add eax,06603ebc3h ; 05c3eb0366 + int 3 + syscall ; 0f05 + int 3 + prefetchw byte ptr [rcx] ; 0f0d09 + int 3 + prefetchnta byte ptr [rcx] ; 0f1801 + int 3 + prefetchnta byte ptr [rax+rdx] ; 0f180410 + int 3 + jb again ; 0f8247070000 + int 3 + jnb again ; 0f8306050000 + int 3 + je again ; 0f8432010000 + int 3 + jne again ; 0f8508010000 + int 3 + jnbe again ; 0f878a000000 + int 3 + ldmxcsr dword ptr [rcx+034h] ; 0fae5134 + int 3 + stmxcsr dword ptr [rcx+034h] ; 0fae5934 + int 3 + and ecx,[rdx+rbx*4] ; 230c9a + int 3 + xor eax,eax ; 33c0 + int 3 + xor ecx,ecx ; 33c9 + int 3 + xor edx,ecx ; 33d1 + int 3 + xor edx,edx ; 33d2 + int 3 + add r10d,010001h ; 4181c201000100 + int 3 + and r11d,0ffffh ; 4181e3ffff0000 + int 3 + mov eax,r8d ; 418bc0 + int 3 + mov byte ptr [r11],00h ; 41c60300 + int 3 + call qword ptr [r9+030h] ; 41ff5130 + int 3 + call qword ptr [r9+r8*8] ; 43ff14c1 + int 3 + mov [rcx+034h],r8d ; 44894134 + int 3 + mov [rsp+030h],r9d ; 44894c2430 + int 3 + mov r8d,[rcx] ; 448b01 + int 3 + mov r9d,[rcx] ; 448b09 + int 3 + mov r8d,[rax+058h] ; 448b4058 + int 3 + mov r8d,[rsp+02ch] ; 448b44242c + int 3 + mov r8d,eax ; 448bc0 + int 3 + mov r8d,edx ; 448bc2 + int 3 + xor r8b,r8b ; 4532c0 + int 3 + mov r9d,r8d ; 458bc8 + int 3 + lea r11d,[r9+rax] ; 458d1c01 + int 3 + add rdx,rcx ; 4803d1 + int 3 + or rsi,rdx ; 480bf2 + int 3 + movnti [rcx],rax ; 480fc301 + int 3 + and rax,0fe000000h ; 4825000000fe + int 3 + sub rax,rcx ; 482bc1 + int 3 + sub rdx,rcx ; 482bd1 + int 3 + cmp rdi,rbp ; 483bfd + int 3 + push rbp ; 4855 + int 3 + add rcx,03d0h ; 4881c1d0030000 + int 3 + add rsp,0c8h ; 4881c4c8000000 + int 3 + and rdx,0fe000000h ; 4881e2000000fe + int 3 + sub rsp,0c8h ; 4881ecc8000000 + int 3 + sub rsp,03d0h ; 4881ecd0030000 + int 3 + add rax,040h ; 4883c040 + int 3 + add rcx,08h ; 4883c108 + int 3 + add rcx,040h ; 4883c140 + int 3 + add rsp,08h ; 4883c408 + int 3 + add rsi,09h ; 4883c609 + int 3 + add rdi,01h ; 4883c701 + int 3 + and rcx,0f8h ; 4883e1f8 + int 3 + sub rax,040h ; 4883e840 + int 3 + sub rdx,08h ; 4883ea08 + int 3 + sub rdx,040h ; 4883ea40 + int 3 + sub rsp,08h ; 4883ec08 + int 3 + sub rsi,08h ; 4883ee08 + int 3 + sub rdi,01h ; 4883ef01 + int 3 + test rax,rax ; 4885c0 + int 3 + test rdx,rdx ; 4885d2 + int 3 + mov [rsp],rax ; 48890424 + int 3 + mov [rsp],rbp ; 48892c24 + int 3 + mov [rsp],rsi ; 48893424 + int 3 + mov [rsp],rdi ; 48893c24 + int 3 + mov [rcx+08h],rax ; 48894108 + int 3 + mov [rcx+078h],rax ; 48894178 + int 3 + mov [rcx-08h],rax ; 488941f8 + int 3 + mov [rsp+018h],rax ; 4889442418 + int 3 + mov [rcx+010h],rdx ; 48895110 + int 3 + mov [rsp+08h],rbx ; 48895c2408 + int 3 + mov [rsp+018h],rsi ; 4889742418 + int 3 + mov [rsp+08h],rdi ; 48897c2408 + int 3 + mov [rsp+010h],rdi ; 48897c2410 + int 3 + mov [rcx+098h],rax ; 48898198000000 + int 3 + mov [rcx+080h],rcx ; 48898980000000 + int 3 + mov [rcx+088h],rdx ; 48899188000000 + int 3 + mov [rcx+090h],rbx ; 48899990000000 + int 3 + mov [rcx+0a0h],rbp ; 4889a9a0000000 + int 3 + mov [rcx+0a8h],rsi ; 4889b1a8000000 + int 3 + mov [rcx+0b0h],rdi ; 4889b9b0000000 + int 3 + mov rax,[rcx] ; 488b01 + int 3 + mov rax,[rcx+rdx] ; 488b0411 + int 3 + mov rax,[value] ; 488b05318c0100 + int 3 + mov rcx,[rsp] ; 488b0c24 + int 3 + mov rsi,[rsp] ; 488b3424 + int 3 + mov rdi,[rsp] ; 488b3c24 + int 3 + mov rax,[rax+018h] ; 488b4018 + int 3 + mov rax,[rcx+078h] ; 488b4178 + int 3 + mov rax,[rdx+020h] ; 488b4220 + int 3 + mov rax,[rsp+08h] ; 488b442408 + int 3 + mov rcx,[rcx+08h] ; 488b4908 + int 3 + mov rcx,[rsp+020h] ; 488b4c2420 + int 3 + mov rdx,[rsp+08h] ; 488b542408 + int 3 + mov rdi,[rsp+08h] ; 488b7c2408 + int 3 + mov rax,[rcx+098h] ; 488b8198000000 + int 3 + mov rax,[rcx+0f8h] ; 488b81f8000000 + int 3 + cmp ebx,0 ; + int 3 + cmp rbx,0 ; + int 3 + cmp byte ptr [value],77h ; 803d........77 + int 3 + cmp dword ptr [value],77h ; 833d........77 + int 3 + cmp qword ptr [value],77h ; 48833d........77 + int 3 + cmp dword ptr [value],77777777h ; 813d........77777777 + int 3 + cmp qword ptr [value],77777777h ; 48813d........77777777 + int 3 +nearby: + jo nearby ; 70xx + int 3 + jno nearby ; 71xx + int 3 + jb nearby ; 72xx + int 3 + jae nearby ; 73xx + int 3 + je nearby ; 74xx + int 3 + jne nearby ; 75xx + int 3 + jbe nearby ; 76xx + int 3 + ja nearby ; 77xx + int 3 + js nearby ; 78xx + int 3 + jns nearby ; 79xx + int 3 + jp nearby ; 7axx + int 3 + jnp nearby ; 7bxx + int 3 + jl nearby ; 7cxx + int 3 + jge nearby ; 7dxx + int 3 + jle nearby ; 7exx + int 3 + jg nearby ; 7fxx + int 3 + jmp nearby ; ebxx + + int 3 + jo faraway ; 0f80xxxxxxxx + int 3 + jno faraway ; 0f81xxxxxxxx + int 3 + jb faraway ; 0f82xxxxxxxx + int 3 + jae faraway ; 0f83xxxxxxxx + int 3 + je faraway ; 0f84xxxxxxxx + int 3 + jne faraway ; 0f85xxxxxxxx + int 3 + jbe faraway ; 0f86xxxxxxxx + int 3 + ja faraway ; 0f87xxxxxxxx + int 3 + js faraway ; 0f88xxxxxxxx + int 3 + jns faraway ; 0f89xxxxxxxx + int 3 + jp faraway ; 0f8axxxxxxxx + int 3 + jnp faraway ; 0f8bxxxxxxxx + int 3 + jl faraway ; 0f8cxxxxxxxx + int 3 + jge faraway ; 0f8dxxxxxxxx + int 3 + jle faraway ; 0f8exxxxxxxx + int 3 + jg faraway ; 0f8fxxxxxxxx + int 3 + jmp faraway ; e9xxxxxxxx + + int 3 + lea rax,[rsp] ; 488d0424 + int 3 + mov rcx,0BADC0DEBA5Eh ; 48b95ebadec0ad0b0000 + int 3 + cmp rax,rcx ; 483bc1 + + int 3 + sub rsp, 28h + int 3 + add rsp,28h + int 3 + ret + int 3 + + +;; The list is terminated by two "int 3" in a row. +again: + int 3 + int 3 +TestCodes ENDP + +value QWORD 0 + +_TEXT ENDS +END |