jixunmoe/NT88.asm

## NT88.asm
format PE GUI 4.0 DLL
entry DllMain
include 'win32ax.inc'

section '.text' code readable executable

; 入口函数
proc DllMain hinstDLL,fdwReason,lpvReserved
  mov al, 1
  ret
endp

; 读取狗数据
; int NTRead(int address, int endAddress, char* pDataBuffer);
proc NTRead address,endAddress,pDataBuffer
  local oldProtect:DWORD
  push esi
  push edi

  mov ecx, [endAddress]
  mov esi, [address]
  sub ecx, esi
  push ecx
  mov edi, [pDataBuffer]

  lea eax, [oldProtect]
  push eax                      ; OldProtect
  push PAGE_READWRITE              ; New Protect
  push ecx                      ; Size
  push edi                      ; Source Address
  call [VirtualProtect]

  ; 回写数据
  mov ecx, [esp]              ; pop ecx  &  push ecx
  mov esi, _dogData              ; 指向模拟狗的数据
  add esi, [address]
  cld
  rep movsb

  pop ecx
  lea eax, [oldProtect]
  push eax                      ; OldProtect
  push [oldProtect]              ; New Protect
  push ecx                      ; Size
  sub edi, ecx                      ; edi 会增加, 所以改回去
  push edi                      ; Source Address
  call [VirtualProtect]
  pop edi
  pop esi

  xor eax, eax
  ret
endp

; 填充用函数 - 3 参数
proc NT3Arg a1, a2, a3
  xor eax, eax
  ret
endp

; 填充用函数 - 1 参数
proc NT1Arg a1
  xor eax, eax
  ret
endp

; 填充用函数 - 0 参数
proc NT0Arg
  xor eax, eax
  retn
endp

; 狗数据
section '.data' data readable writeable
  _dogData db 'azmap09.........-1'

; 导入表
section '.idata' import data readable writeable
  library kernel,'KERNEL32.DLL'
  import kernel,\
    VirtualProtect, 'VirtualProtect'

; 导出表
section '.edata' export data readable
  export 'NT88.DLL',\
    NT3Arg,'NT3DESCBCDecrypt',\
    NT3Arg,'NT3DESCBCEncrypt',\
    NT1Arg,'NTCheckLicense',\
    NT1Arg,'NTFindFirst',\
    NT1Arg,'NTGetHardwareID',\
    NT1Arg,'NTLogin',\
    NT0Arg,'NTLogout',\
    NTRead,'NTRead',\
    NT3Arg,'NTWrite'

section '.reloc' fixups data readable discardable
	format PE GUI 4.0 DLL
	entry DllMain
	include 'win32ax.inc'

	section '.text' code readable executable

	; 入口函数
	proc DllMain hinstDLL,fdwReason,lpvReserved
	mov al, 1
	ret
	endp

	; 读取狗数据
	; int NTRead(int address, int endAddress, char* pDataBuffer);
	proc NTRead address,endAddress,pDataBuffer
	local oldProtect:DWORD
	push esi
	push edi

	mov ecx, [endAddress]
	mov esi, [address]
	sub ecx, esi
	push ecx
	mov edi, [pDataBuffer]

	lea eax, [oldProtect]
	push eax ; OldProtect
	push PAGE_READWRITE ; New Protect
	push ecx ; Size
	push edi ; Source Address
	call [VirtualProtect]

	; 回写数据
	mov ecx, [esp] ; pop ecx & push ecx
	mov esi, _dogData ; 指向模拟狗的数据
	add esi, [address]
	cld
	rep movsb

	pop ecx
	lea eax, [oldProtect]
	push eax ; OldProtect
	push [oldProtect] ; New Protect
	push ecx ; Size
	sub edi, ecx ; edi 会增加, 所以改回去
	push edi ; Source Address
	call [VirtualProtect]
	pop edi
	pop esi

	xor eax, eax
	ret
	endp

	; 填充用函数 - 3 参数
	proc NT3Arg a1, a2, a3
	xor eax, eax
	ret
	endp

	; 填充用函数 - 1 参数
	proc NT1Arg a1
	xor eax, eax
	ret
	endp

	; 填充用函数 - 0 参数
	proc NT0Arg
	xor eax, eax
	retn
	endp

	; 狗数据
	section '.data' data readable writeable
	_dogData db 'azmap09.........-1'

	; 导入表
	section '.idata' import data readable writeable
	library kernel,'KERNEL32.DLL'
	import kernel,\
	VirtualProtect, 'VirtualProtect'

	; 导出表
	section '.edata' export data readable
	export 'NT88.DLL',\
	NT3Arg,'NT3DESCBCDecrypt',\
	NT3Arg,'NT3DESCBCEncrypt',\
	NT1Arg,'NTCheckLicense',\
	NT1Arg,'NTFindFirst',\
	NT1Arg,'NTGetHardwareID',\
	NT1Arg,'NTLogin',\
	NT0Arg,'NTLogout',\
	NTRead,'NTRead',\
	NT3Arg,'NTWrite'

	section '.reloc' fixups data readable discardable