雨律在线 - 第43页


玩转MAPI发送HTML邮件经验 2/25

因为MAPI没有导出参数支持HTML格式邮件,所以我们只能用附件带HTML文件来实现了。
然而在HTML文件中怎么附带图片呢?(编辑HTML使用DHTMLEdit控件,支持即…既…)
经过研究得知,发送HTML邮件的原理是用BASE64编码,那么很容易想到……
那就是在HTML文件中可以直接镶入图片,也是用BASE64编码的方法,在FireFox浏览器中“img对象可以直接使用data协议”,也就是说可以直接解析BASE64编码为图片,但是我在IE7上却调试不成功。
不过经过长时间人肉搜索发现,可以自定义解析,方法如下:

A modified "data" URL for DeleGate which is prefixed with "/-/" to the original URL:
SRC="/-/data:image/gif;base64,R0lGODdhMAAwAPAAAAAAAP///ywAAAAAMAAw AAAC8IyPqcvt3wCcDkiLc7C0qwyGHhSWpjQu5yqmCYsapyuvUUlvONmOZtfzgFz ByTB10QgxOR0TqBQejhRNzOfkVJ+5YiUqrXF5Y5lKh/DeuNcP5yLWGsEbtLiOSp a/TPg7JpJHxyendzWTBfX0cxOnKPjgBzi4diinWGdkF8kjdfnycQZXZeYGejmJl ZeGl9i2icVqaNVailT6F5iJ90m6mvuTS4OK05M0vDk0Q4XUtwvKOzrcd3iq9uis F81M1OIcR7lEewwcLp7tuNNkM3uNna3F2JQFo97Vriy/Xl4/f1cf5VWzXyym7PH hhx4dbgYKAAA7" ALT="Larry">



在火狐浏览器中可以直接使用下面的代码,IE不行(网上说的保存为MHT也不行)。
SRC="data:image/gif;base64,R0lGODdhMAAwAPAAAAAAAP///ywAAAAAMAAw AAAC8IyPqcvt3wCcDkiLc7C0qwyGHhSWpjQu5yqmCYsapyuvUUlvONmOZtfzgFz ByTB10QgxOR0TqBQejhRNzOfkVJ+5YiUqrXF5Y5lKh/DeuNcP5yLWGsEbtLiOSp a/TPg7JpJHxyendzWTBfX0cxOnKPjgBzi4diinWGdkF8kjdfnycQZXZeYGejmJl ZeGl9i2icVqaNVailT6F5iJ90m6mvuTS4OK05M0vDk0Q4XUtwvKOzrcd3iq9uis F81M1OIcR7lEewwcLp7tuNNkM3uNna3F2JQFo97Vriy/Xl4/f1cf5VWzXyym7PH hhx4dbgYKAAA7" ALT="Larry">


这里提供自己解析的一个工具:
http://www.delegate.org/delegate/
http://www.delegate.org/delegate/download/
http://www.delegate.org/delegate/sample/data-url.html

#########################################################################################


Option Explicit

'需要引用Microsoft XML, v3.0
Private Function Encode(iArray() As Byte) As String
Dim iXml As New MSXML2.DOMDocument30
With iXml.createElement("Encoder")
.dataType = "bin.base64"
.nodeTypedValue = iArray()
Encode = .Text
End With
End Function


Private Function Decode(ByVal iStrbase64 As String) As Byte()
Dim strXML As String
strXML = "& Chr(34) & "urn:schemas-microsoft-com:datatypes" & Chr(34) & " dt:dt=" & Chr(34) & "bin.base64" & Chr(34) & ">" & iStrbase64 & ""
With New MSXML2.DOMDocument30
.loadXML strXML
Decode = .selectSingleNode("DECODER").nodeTypedValue
End With
End Function



Public Function EncodeBase64(ByVal vsFullPathname As String) As String
'For Encoding BASE64
Dim b As Integer
Dim Base64Tab As Variant
Dim bin(3) As Byte
Dim s As String
Dim l As Long
Dim i As Long
Dim FileIn As Long
Dim sResult As String
Dim n As Long

'Base64Tab=>tabla de tabulaci髇
Base64Tab = Array("A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "a
", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "+", "/")

Erase bin
l = 0: i = 0: FileIn = 0: b = 0:
s = ""

'Gets the next free filenumber
FileIn = FreeFile

'Open Base64 Input File
Open vsFullPathname For Binary As FileIn

sResult = s & vbCrLf
s = ""

l = LOF(FileIn) - (LOF(FileIn) Mod 3)

For i = 1 To l Step 3

'Read three bytes
Get FileIn, , bin(0)
Get FileIn, , bin(1)
Get FileIn, , bin(2)

'Always wait until there're more then 64 characters
If Len(s) > 64 Then

s = s & vbCrLf
sResult = sResult & s
s = ""

End If

'Calc Base64-encoded char
b = (bin(n) \ 4) And &H3F 'right shift 2 bits (&H3F=111111b)
s = s & Base64Tab(b) 'the character s holds the encoded chars

b = ((bin(n) And &H3) * 16) Or ((bin(1) \ 16) And &HF)
s = s & Base64Tab(b)

b = ((bin(n + 1) And &HF) * 4) Or ((bin(2) \ 64) And &H3)
s = s & Base64Tab(b)

b = bin(n + 2) And &H3F
s = s & Base64Tab(b)

Next i

'Now, you need to check if there is something left
If Not (LOF(FileIn) Mod 3 = 0) Then

'Reads the number of bytes left
For i = 1 To (LOF(FileIn) Mod 3)
Get FileIn, , bin(i - 1)
Next i

'If there are only 2 chars left
If (LOF(FileIn) Mod 3) = 2 Then
b = (bin(0) \ 4) And &H3F 'right shift 2 bits (&H3F=111111b)
s = s & Base64Tab(b)


b = ((bin(0) And &H3) * 16) Or ((bin(1) \ 16) And &HF)
s = s & Base64Tab(b)

b = ((bin(1) And &HF) * 4) Or ((bin(2) \ 64) And &H3)
s = s & Base64Tab(b)

s = s & "="

Else 'If there is only one char left
b = (bin(0) \ 4) And &H3F 'right shift 2 bits (&H3F=111111b)
s = s & Base64Tab(b)

b = ((bin(0) And &H3) * 16) Or ((bin(1) \ 16) And &HF)
s = s & Base64Tab(b)

s = s & "=="
End If
End If

'Send the characters left
If s <> "" Then
s = s & vbCrLf
sResult = sResult & s
End If

'Send the last part of the MIME Body
s = ""

Close FileIn
EncodeBase64 = sResult

End Function


阅读全文


QQ群发器 2/25

这个东西难度不大,调用了QQ自带的timwp.exe程序,实现起来就很容易了,下面是代码部分,建立一个模块:

Option Explicit
Public Const WM_KEYDOWN = &H100
Public Const WM_KEYUP = &H101
Const WM_CLOSE = &H10

'注册表操作
Private Const HKEY_LOCAL_MACHINE = &H80000002
Private Declare Function RegOpenKey Lib "advapi32.dll" Alias "RegOpenKeyA" _
(ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long
Private Declare Function RegQueryValueEx Lib "advapi32.dll" Alias "RegQueryValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal lpReserved As Long, lpType As Long, lpData As Any, lpcbData As Long) As Long
Private Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As Long
'-------------------------------------------------
Declare Function SendMessageA Lib "user32" (ByVal Hwnd As Long, ByVal wMsg As Long, _
ByVal wParam As Long, lParam As Any) As Long
Public Declare Function PostMessage Lib "user32" Alias "PostMessageA" (ByVal Hwnd As Long, ByVal wMsg As Long, ByVal wParam As Long, ByVal lParam As Long) As Long
Public Declare Function FindWindowEx Lib "user32" Alias "FindWindowExA" (ByVal hWnd1 As Long, ByVal hWnd2 As Long, ByVal lpsz1 As String, ByVal lpsz2 As String) As Long
Public Declare Function GetWindowText Lib "user32" Alias "GetWindowTextA" (ByVal Hwnd As Long, ByVal lpString As String, ByVal cch As Long) As Long
Public Declare Function GetWindow Lib "user32" (ByVal Hwnd As Long, ByVal wCmd As Long) As Long
Public Declare Function GetClassName Lib "user32" Alias "GetClassNameA" (ByVal Hwnd As Long, ByVal lpClassName As String, ByVal nMaxCount As Long) As Long
Public Declare Function SendMessage Lib "user32" (ByVal Hwnd As Long, ByVal wMsg As Long, ByVal wParam As Long, lParam As Any) As Long
Public Const GW_HWNDFIRST = 0 '第一个
Public Const GW_HWNDNEXT = 2 '下一个
Publi
c Const DVASPECT_CONTENT = 1
Public Const WM_USER = &H400
Public Const EM_PASTESPECIAL = WM_USER + 64
Public Const CF_TEXT = 1
Const EM_REPLACESEL = &HC2
Const BM_CLICK = &HF5

Public Type QQWindowHwnd
WindowHwnd As Long
TxtHwnd As Long
SendButtonHwnd As Long
CloseButtonHwnd As Long
End Type

Public Type repastespecial
dwAspect As Long
dwParam As Long
End Type

Private QQpath As String
Public QQExePath As String

Public Sub main()
QQpath = getQqPath
If QQpath = "" Then
QQpath = InputBox("请填写QQ的安装路径", "QQ路径", "N")
End If
If QQpath = "N" Then End
QQExePath = QQpath & "timwp.exe " + "Tencent://Message/?Menu=YES&Exe=&Uin="
FrmMain.Show
End Sub

Private Function getQqPath() As String '获取QQ注册表路径
Dim ret, lenData, hKey As Long
Dim sValue As String
Dim name As String

sValue = Space(255)
Const REG_SZ = 1&

lenData = 255
name = "Install"
ret = 1
ret = RegOpenKey(HKEY_LOCAL_MACHINE, "SOFTWARE\Tencent\QQ", hKey)
If ret = 0 Then '正确返回0,不正确返回错误编号
ret = RegQueryValueEx(hKey, name, 0, REG_SZ, ByVal sValue, lenData)
ret = InStr(1, sValue, "QQ\")
getQqPath = Left(sValue, ret + 2)
End If
ret = RegCloseKey(hKey)
End Function

Public Function FindQQ(ByVal Hwnd As Long) As Long
Dim strName As String * 255
Dim className As String * 255
Dim Q_hwnd As Long
Q_hwnd = GetWindow(Hwnd, GW_HWNDFIRST)
Do While Q_hwnd <> 0
GetWindowText Q_hwnd, strName, 255
GetClassName Q_hwnd, className, 255
If ((InStr(strName, "聊天中") > 0) or (InStr(strName, "会话中") > 0)) And (InStr(className, "#32770") > 0) Then
FindQQ = Q_hwnd
Exit Function
End If
Q_hwnd = GetWindow(Q_hwnd, GW_HWNDNEXT)
Loop
End Function

Public Function getQQHwnd(ByVal Hwnd As Long) As QQWindowHwnd
Dim tmphwnd As Long
getQQHwnd.WindowHwnd = FindWindowEx(Hwnd, 0, "#32770", vbNullString)
tmphwnd = FindWindowEx(getQQHwnd.WindowHwnd, 0, "Afxwnd42", vbNullString)
tmphwnd = FindWindowEx(getQQHwnd.WindowHwnd, tmphwnd, "afxwnd42", "")
getQQHwnd.TxtHwnd = FindWindowEx(tmphwnd, 0, "richedit20A", vbNullString)
getQQHwnd.SendButtonHwnd = FindWindowEx(getQQHwnd.WindowHwnd, 0, "button", "发送(&S)")
getQQHwnd.CloseButtonHwnd = FindWindowEx(getQQHwnd.WindowHwnd, 0 ="#000000">, "button", "关闭(&C)")
End Function

Public Sub SendQQMessage(ByRef QQhwnd As QQWindowHwnd, ByVal sTText As String)
SendMessageA QQhwnd.TxtHwnd, EM_REPLACESEL, 0, ByVal sTText
SendMessageA QQhwnd.SendButtonHwnd, BM_CLICK, 0, ByVal 0
SendMessageA QQhwnd.CloseButtonHwnd, BM_CLICK, 0, ByVal 0
End Sub


再建立一个窗体,窗体上放2个文本框,text1和text2,再放一个按钮,text1用于填写QQ号码,text2用于填写想要发送的内容

Option Explicit
Private delayNum As Long

Private Sub Command1_Click()
Shell QQExePath & Text1.Text
Call delay(10)
Dim QQhwnd As Long
QQhwnd = FindQQ(Me.Hwnd)
Dim x As QQWindowHwnd
x = ModConst.getQQHwnd(QQhwnd)
SendQQMessage x, Text2.Text
End Sub

Private Sub delay(ByVal sTime As Long)
delayNum = sTime
Timer1.Enabled = True
Do
DoEvents
Loop While Timer1.Enabled = True
End Sub

Private Sub Timer1_Timer()
Static I As Integer
I = I + 1
If I > delayNum Then
I = 0
Timer1.Enabled = False
End If
End Sub


好了,运行试试

阅读全文


VB 实现汇编的比较成熟的类 2/25

使用此类不需要任何第三方软件支持,并且开源~~~
内带两个实例,一个是网游诛仙CALL的注入,还有一个是演示如何操作汇编指令
汇编基础类里基本包含了常用的汇编指令,如果用户觉得不够可以使用OD等有汇编
功能的软件提取机械吗添加类内..

对于那个 clsASM, 我只能说: 很好, 很强大~

使用示例:

Private Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (Destination As Any, Source As Any, ByVal Length As Long)
Function Float2Int(Ans As Single) As Long '浮点转整形
CopyMemory Float2Int, Ans, 4
End Function

Sub Call_RunTO(dx As Single, dy As Single, dz As Single, dm As Long)
Dim asm As New clsASM '自动寻路
With asm ' asm
.Pushad ' pushad
.Mov_EAX_DWORD_Ptr &H90664C ' mov eax,[&H90664C]
.Mov_EAX_DWORD_Ptr_EAX_Add &H8 ' mov eax,[eax+&H8]
.Mov_EAX_DWORD_Ptr_EAX_Add &H88 ' mov eax,[eax+&H88]
.Push dm ' mov eax,[base]
.Mov_EAX Float2Int(dx) ' mov eax, x
.Mov_DWORD_Ptr_EAX &H908A88 ' mov [&H908a88], eax
.Mov_EAX Float2Int(dz) ' mov eax, z
.Mov_DWORD_Ptr_EAX &H908A8C ' mov [&H908a8c], eax
.Mov_EAX Float2Int(dy) ' mov eax, y
.Mov_DWORD_Ptr_EAX &H908A90 ' mov [&H908a90], eax
.Mov_EAX_DWORD_Ptr &H90664C ' mov eax, dword ptr [&H90664C]
.Mov_EAX_DWORD_Ptr_EAX_Add &H28 ' mov eax, dword ptr [eax+&H28]
.Lea_EAX_DWORD_EAX_Add &H3C ' lea eax, dword ptr [eax+&H3c]
.Push &H908A88 ' push &H908a88
.Push_EAX ' PUSH eax
.Mov_ECX &H902AF0 ' mov ecx, &H90664C
.Mov_EAX &H42ABF0 ' mov eax, &H42abf0
.Call_EAX ' Call eax
.Popad ' popad
.ret ' ret
End With ' end
asm.Run_ASM h
End Sub

Sub Call_TAB()
Dim asm As New clsASM 'TAB
With asm ' asm
.Pushad ' pushad
.Mov_EAX_DWORD_Ptr &H902B3C ' mov eax,dword ptr ds:[&H902b3c]
.Mov_EAX_DWORD_Ptr_EAX_Add &H1C ' mov eax,dword ptr ds:[eax+&H1c]
.Mov_EAX_DWORD_Ptr_EAX_Add &H28 ' mov eax,dword ptr ds:[eax+&H28]
.Mov_ECX_EAX ' mov ecx, eax;
.Push 0 ' push 0
.Mov_EBX &H45F590 ' mov ebx,&H45F59
.Call_EBX ' call EBX
.Popad ' popad
.Ret
End With ' end
asm.Run_ASM h
End Sub

Sub Call_Attack()
Dim asm As New clsASM '普通攻击
With asm ' asm
.Pushad ' pushad
.Mov_EAX &H5A1F70 ' Mov EAX,&H5A2170
.Call_EAX ' call pointer(eax)
.Popad ' popad
.Ret
End With ' end
asm.Run_ASM h
End Sub


以下为 clsASM.cls 内容:

Option Explicit
Private Decla
re Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function CreateRemoteThread Lib "kernel32" (ByVal hProcess As Long, lpThreadAttributes As Any, ByVal dwStackSize As Long, lpStartAddress As Long, lpParameter As Any, ByVal dwCreationFlags As Long, lpThreadId As Long) As Long
Private Declare Function VirtualFreeEx Lib "kernel32" (ByVal hProcess As Long, lpAddress As Any, ByVal dwSize As Long, ByVal dwFreeType As Long) As Long
Private Declare Function VirtualAllocEx Lib "kernel32" (ByVal hProcess As Long, lpAddress As Any, ByVal dwSize As Long, ByVal flAllocationType As Long, ByVal flProtect As Long) As Long
Private Declare Function CallWindowProc Lib "user32" Alias "CallWindowProcA" (ByVal lpPrevWndFunc As Long, ByVal hWnd As Long, ByVal Msg As Long, ByVal wParam As Long, ByVal lParam As Long) As Long
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long

Const PAGE_EXECUTE_READWRITE = &H40
Const MEM_COMMIT = &H1000
Const MEM_RELEASE = &H8000
Const MEM_DECOMMIT = &H4000
Const PROCESS_ALL_ACCESS = &H1F0FFF
Dim OPcode As String

Function Get_Result() As String
Dim i As Long
ReDim AsmCode(Len(OPcode) / 2 - 1) As Byte
For i = 0 To UBound(AsmCode)
AsmCode(i) = CByte("&H" & Mid(OPcode, i * 2 + 1, 2))
Next
Get_Result = CallWindowProc(VarPtr(AsmCode(0)), 0, 0, 0, 0)
End Function

Function Get_Code() As String
Get_Code = OPcode
End Function

Function Run_ASM(pid As Long) As Long
Dim i As Long, tmp_Addr As Long, RThwnd As Long, h As Long
ReDim AsmCode(Len(OPcode) / 2 - 1) As Byte
For i = 0 To UBound(AsmCode)
AsmCode(i) = CByte("&H" & Mid(OPcode, i * 2 + 1, 2))
Next
h = OpenProcess(PROCESS_ALL_ACCESS, False, pid)
tmp_Addr = VirtualAllocEx(h, ByVal 0&, UBound(AsmCode) + 1, MEM_COMMIT, PAGE_EXECUTE_READWRITE)
WriteProcessMemory h, ByVal tmp_Addr, ByVal VarPtr(AsmCode(0)), UBound(AsmCode) + 1, ByVal 0&
RThwnd = CreateRemoteThread(h, ByVal 0&, 0, ByVal tmp_Addr, ByVal 0&, ByVal 0&, ByVal 0&)
VirtualFreeEx h, tmp_Addr, UBound(AsmCode) + 1, MEM_RELEASE
CloseHandle RThwnd
CloseHandle h

OPcode = ""
End Function

Function Int2Hex(Value As Long, n As Long) As String '高地位互换
Dim tmp1 As String, tmp2 As String, i As Long
tmp1 = Right("0000000" + Hex(Value), n)
For i = 0 To Len(tmp1) / 2 - 1
tmp2 = tmp2 + Mid(tmp1, Len(tmp1) - 1 - 2 * i, 2)
Next i
Int2Hex = tmp2
End Function

Function Leave() As Long
OPcode = OPcode + "C9"
End Function

Function Pushad() As Long
OPcode = OPcode + "60"
End Function

Function Popad() As Long
OPcode = OPcode + "61"
End Function

Function Nop() As Long
OPcode = OPcode + "90"
End Function

Function Ret() As Long
OPcode = OPcode + "C3"
End Function

Function RetA(i As Long) As Long
OPcode = OPcode + Int2Hex(i, 4)
End Function

Function IN_AL_DX() As Long
OPcode = OPcode + "EC"
End Function

Function TEST_EAX_EAX() As Long
OPcode = OPcode + "85C0"
End Function

'Add
'+++++++++++++++++++++++++++++++++++
Function Add_EAX_EDX() As Long
OPcode = OPcode + "03C2"
End Function

Function Add_EBX_EAX() As Long
OPcode = OPcode + "03D8"
End Function

Function Add_EAX_DWORD_Ptr(i As Long) As Long
OPcode = OPcode + "0305" + Int2Hex(i, 8)
End Function

Function Add_EBX_DWORD_Ptr(i As Long) As Long
OPcode = OPcode + "031D" + Int2Hex(i, 8)
End Function

Function Add_EBP_DWORD_Ptr(i As Long) As Long
OPcode = OPcode + "032D" + Int2Hex(i, 8)
End Function

Function Add_EAX(i As Long) As Long
OPcode = OPcode + "05" + Int2Hex(i, 8)
End Function

Function Add_EBX(i As Long) As Long
OPcode = OPcode + "83C3" + Int2Hex(i, 8)
End Function

Function Add_ECX(i As Long) As Long
OPcode = OPcode + "83C1" + Int2Hex(i, 8)
End Function

Function Add_EDX(i As Long) As Long
OPcode = OPcode + "83C2" + Int2Hex(i, 8)
End Function

Function Add_ESI(i As Long) As Long
OPcode = OPcode + "83C6" + Int2Hex(i, 8)
End Function

Function Add_ESP(i As Long) As Long
OPcode = OPcode + "83C4" + Int2Hex(i, 8)
End Function

'Call
'+++++++++++++++++++++++++++++++++++
Function Call_EAX() As Long
OPcode = OPcode + "FFD0"
End Function

Function Call_EBX() As Long
OPcode = OPcode + "FFD3"
End Function

Function Call_ECX() As Long
OPcode = OPcode + "FFD1"
End Function

Function Call_EDX() As Long
OPcode = OPcode + "FFD2"
End Function

Function Call_ESI() As Long
OPcode = OPcode + "FFD2"
End Function

Function Call_ESP() As Long
OPcode = OPcode + "FFD4"
End Function

Function Call_EBP() As Long
OPcode = OPcode + "FFD5"
End Function

Function Call_EDI() As Long
OPcode = OPcode + "FFD7"
End Function

Function Call_DWORD_Ptr(i As Long) As Long
OPcode = OPcode + "FF15" + Int2Hex(i, 8)
End Function

Function Call_DWORD_Ptr_EAX() As Long
OPcode = OPcode + "FF10"
End Function

Function Call_DWORD_Ptr_EBX() As Long
OPcode = OPcode + "FF13"
End Function

'Cmp
'+++++++++++++++++++++++++++++++++++
Function Cmp_EAX(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "83F8" + Int2Hex(i, 2)
Else
OPcode = OPcode + "3D" + Int2Hex(i, 8)
End If
End Function

Function Cmp_EAX_EDX() As Long
OPcode = OPcode + "3BC2"
End Function

Function Cmp_EAX_DWORD_Ptr(i As Long) As Long
OPcode = OPcode + "3B05" + Int2Hex(i, 8)
End Function

Function Cmp_DWORD_Ptr_EAX(i As Long) As Long
OPcode = OPcode + "3905" + Int2Hex(i, 8)
End Function

'DEC
'+++++++++++++++++++++++++++++++++++
Function Dec_EAX() As Long
OPcode = OPcode + "48"
End Function

Function Dec_EBX() As Long
OPcode = OPcode + "4B"
End Function

Function Dec_ECX() As Long
OPcode = OPcode + "49"
End Function

Function Dec_EDX() As Long
OPcode = OPcode + "4A"
End Function

'Idiv
'+++++++++++++++++++++++++++++++++++
Function Idiv_EAX() As Long
OPcode = OPcode + "F7F8"
End Function

Function Idiv_EBX() As Long
OPcode = OPcode + "F7FB"
End Function

Function Idiv_ECX() As Long
OPcode = OPcode + "F7F9"
End Function

Function Idiv_EDX() As Long
OPcode = OPcode + "F7FA"
End Function

'Imul
'+++++++
++++++++++++++++++++++++++++
Function Imul_EAX_EDX() As Long
OPcode = OPcode + "0FAFC2"
End Function

Function Imul_EAX(i As Long) As Long
OPcode = OPcode + "6BC0" + Int2Hex(i, 2)
End Function

Function ImulB_EAX(i As Long) As Long
OPcode = OPcode + "69C0" + Int2Hex(i, 8)
End Function

'INC
'+++++++++++++++++++++++++++++++++++
Function Inc_EAX() As Long
OPcode = OPcode + "40"
End Function

Function Inc_EBX() As Long
OPcode = OPcode + "43"
End Function

Function Inc_ECX() As Long
OPcode = OPcode + "41"
End Function

Function Inc_EDX() As Long
OPcode = OPcode + "42"
End Function

Function Inc_EDI() As Long
OPcode = OPcode + "47"
End Function

Function Inc_ESI() As Long
OPcode = OPcode + "46"
End Function

Function Inc_DWORD_Ptr_EAX() As Long
OPcode = OPcode + "FF00"
End Function

Function Inc_DWORD_Ptr_EBX() As Long
OPcode = OPcode + "FF03"
End Function

Function Inc_DWORD_Ptr_ECX() As Long
OPcode = OPcode + "FF01"
End Function

Function Inc_DWORD_Ptr_EDX() As Long
OPcode = OPcode + "FF02"
End Function

'JMP/JE/JNE
'+++++++++++++++++++++++++++++++++++
Function JMP_EAX() As Long
OPcode = OPcode + "FFE0"
End Function

'Mov
Function Mov_DWORD_Ptr_EAX(i As Long) As Long
OPcode = OPcode + "A3" + Int2Hex(i, 8)
End Function

Function Mov_EAX(i As Long) As Long
OPcode = OPcode + "B8" + Int2Hex(i, 8)
End Function

Function Mov_EBX(i As Long) As Long
OPcode = OPcode + "BB" + Int2Hex(i, 8)
End Function

Function Mov_ECX(i As Long) As Long
OPcode = OPcode + "B9" + Int2Hex(i, 8)
End Function

Function Mov_EDX(i As Long) As Long
OPcode = OPcode + "BA" + Int2Hex(i, 8)
End Function

Function Mov_ESI(i As Long) As Long
OPcode = OPcode + "BE" + Int2Hex(i, 8)
End Function

Function Mov_ESP(i As Long) As Long
OPcode = OPcode + "BC" + Int2Hex(i, 8)
End Function

Function Mov_EBP(i As Long) As Long
OPcode = OPcode + "BD" + Int2Hex(i, 8)
End Function

Function Mov_EDI(i As Long) As Long
OPcode = OPcode + "BF" + Int2Hex(i, 8)
End Function

Function Mov_EBX_DWORD_Ptr(i As Long) As Long
OPcode = OPcode + "8B1D" + Int2Hex(i, 8)
End Function

Function Mov_ECX_DWORD_Ptr(i As Long) As Long
OPcode = OPcode + "8B0D" + Int2Hex(i, 8)
End Function

Function Mov_EAX_DWORD_Ptr(i As Long) As Long
OPcode = OPcode + "A1" + Int2Hex(i, 8)
End Function

Function Mov_EDX_DWORD_Ptr(i As Long) As Long
OPcode = OPcode + "8B15" + Int2Hex(i, 8)
End Function

Function Mov_ESI_DWORD_Ptr(i As Long) As Long
OPcode = OPcode + "8B35" + Int2Hex(i, 8)
End Function

Function Mov_ESP_DWORD_Ptr(i As Long) As Long
OPcode = OPcode + "8B25" + Int2Hex(i, 8)
End Function

Function Mov_EBP_DWORD_Ptr(i As Long) As Long
OPcode = OPcode + "8B2D" + Int2Hex(i, 8)
End Function

Function Mov_EAX_DWORD_Ptr_EAX() As Long
OPcode = OPcode + "8B00"
End Function

Function Mov_EAX_DWORD_Ptr_EBP() As Long
OPcode = OPcode + "8B4500"
End Function

Function Mov_EAX_DWORD_Ptr_EBX() As Long
OPcode = OPcode + "8B03"
End Function

Function Mov_EAX_DWORD_Ptr_ECX() As Long
OPcode = OPcode + "8B01"
End Function

Function Mov_EAX_DWORD_Ptr_EDX() As Long
OPcode = OPcode + "8B02"
End Function

Function Mov_EAX_DWORD_Ptr_EDI() As Long
OPcode = OPcode + "8B07"
End Function

Function Mov_EAX_DWORD_Ptr_ESP() As Long
OPcode = OPcode + "8B0424"
End Function

Function Mov_EAX_DWORD_Ptr_ESI() As Long
OPcode = OPcode + "8B06"
End Function

Function Mov_EAX_DWORD_Ptr_EAX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B40" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B80" + Int2Hex(i, 8)
End If
End Function

Function Mov_EAX_DWORD_Ptr_ESP_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B4424" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B8424" + Int2Hex(i, 8)
End If
End Function

Function Mov_EAX_DWORD_Ptr_EBX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B43" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B83" + Int2Hex(i, 8)
End If
End Function

Function Mov_EAX_DWORD_Ptr_ECX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B41" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B81" + Int2Hex(i, 8)
End If
End Function

Function Mov_EAX_DWORD_Ptr_EDX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B42" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B82" + Int2Hex(i, 8)
End If
End Function

Function Mov_EAX_DWORD_Ptr_EDI_Add(i As Long) As Long
If i <= 255 Then
OPcod
e = OPcode + "8B47" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B87" + Int2Hex(i, 8)
End If
End Function

Function Mov_EAX_DWORD_Ptr_EBP_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B45" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B85" + Int2Hex(i, 8)
End If
End Function

Function Mov_EAX_DWORD_Ptr_ESI_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B46" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B86" + Int2Hex(i, 8)
End If
End Function

Function Mov_EBX_DWORD_Ptr_EAX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B58" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B98" + Int2Hex(i, 8)
End If
End Function

Function Mov_EBX_DWORD_Ptr_ESP_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B5C24" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B9C24" + Int2Hex(i, 8)
End If
End Function

Function Mov_EBX_DWORD_Ptr_EBX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B5B" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B9B" + Int2Hex(i, 8)
End If
End Function

Function Mov_EBX_DWORD_Ptr_ECX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B59" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B99" + Int2Hex(i, 8)
End If
End Function

Function Mov_EBX_DWORD_Ptr_EDX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B5A" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B9A" + Int2Hex(i, 8)
End If
End Function

Function Mov_EBX_DWORD_Ptr_EDI_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B5F" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B9F" + Int2Hex(i, 8)
End If
End Function

Function Mov_EBX_DWORD_Ptr_EBP_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B5D" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B9D" + Int2Hex(i, 8)
End If
End Function

Function Mov_EBX_DWORD_Ptr_ESI_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B5E" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B9E" + Int2Hex(i, 8)
End If
End Function

Function Mov_ECX_DWORD_Ptr_EAX_Add(i As Long "#000000">) As Long
If i <= 255 Then
OPcode = OPcode + "8B48" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B88" + Int2Hex(i, 8)
End If
End Function

Function Mov_ECX_DWORD_Ptr_ESP_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B4C24" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B8C24" + Int2Hex(i, 8)
End If
End Function

Function Mov_ECX_DWORD_Ptr_EBX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B4B" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B8B" + Int2Hex(i, 8)
End If
End Function

Function Mov_ECX_DWORD_Ptr_ECX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B49" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B89" + Int2Hex(i, 8)
End If
End Function

Function Mov_ECX_DWORD_Ptr_EDX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B4A" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B8A" + Int2Hex(i, 8)
End If
End Function

Function Mov_ECX_DWORD_Ptr_EDI_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B4F" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B8F" + Int2Hex(i, 8)
End If
End Function

Function Mov_ECX_DWORD_Ptr_EBP_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B4D" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B8D" + Int2Hex(i, 8)
End If
End Function

Function Mov_ECX_DWORD_Ptr_ESI_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B4E" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B8E" + Int2Hex(i, 8)
End If
End Function

Function Mov_EDX_DWORD_Ptr_EAX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B50" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B90" + Int2Hex(i, 8)
End If
End Function

Function Mov_EDX_DWORD_Ptr_ESP_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B5424" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B9424" + Int2Hex(i, 8)
End If
End Function

Function Mov_EDX_DWORD_Ptr_EBX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B53" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B93" + Int2Hex(i, 8 "#000000">)
End If
End Function

Function Mov_EDX_DWORD_Ptr_ECX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B51" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B91" + Int2Hex(i, 8)
End If
End Function

Function Mov_EDX_DWORD_Ptr_EDX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B52" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B92" + Int2Hex(i, 8)
End If
End Function

Function Mov_EDX_DWORD_Ptr_EDI_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B57" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B97" + Int2Hex(i, 8)
End If
End Function

Function Mov_EDX_DWORD_Ptr_EBP_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B55" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B95" + Int2Hex(i, 8)
End If
End Function

Function Mov_EDX_DWORD_Ptr_ESI_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8B56" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8B96" + Int2Hex(i, 8)
End If
End Function

Function Mov_EBX_DWORD_Ptr_EAX() As Long
OPcode = OPcode + "8B18"
End Function

Function Mov_EBX_DWORD_Ptr_EBP() As Long
OPcode = OPcode + "8B5D00"
End Function

Function Mov_EBX_DWORD_Ptr_EBX() As Long
OPcode = OPcode + "8B1B"
End Function

Function Mov_EBX_DWORD_Ptr_ECX() As Long
OPcode = OPcode + "8B19"
End Function

Function Mov_EBX_DWORD_Ptr_EDX() As Long
OPcode = OPcode + "8B1A"
End Function

Function Mov_EBX_DWORD_Ptr_EDI() As Long
OPcode = OPcode + "8B1F"
End Function

Function Mov_EBX_DWORD_Ptr_ESP() As Long
OPcode = OPcode + "8B1C24"
End Function

Function Mov_EBX_DWORD_Ptr_ESI() As Long
OPcode = OPcode + "8B1E"
End Function
Function Mov_ECX_DWORD_Ptr_EAX() As Long
OPcode = OPcode + "8B08"
End Function

Function Mov_ECX_DWORD_Ptr_EBP() As Long
OPcode = OPcode + "8B4D00"
End Function

Function Mov_ECX_DWORD_Ptr_EBX() As Long
OPcode = OPcode + "8B0B"
End Function

Function Mov_ECX_DWORD_Ptr_ECX() As Long
OPcode = OPcode + "8B09"
End Function

Function Mov_ECX_DWORD_Ptr_EDX() As Long
OPcode = OPcode + "8B0A"
End Function

Function Mov_ECX_DWORD_Ptr_EDI() As Long
OPcode = OPcode + "8B0F"
End Function

Function Mov_ECX_DWORD_Ptr_ESP() As Long
OPcode = OPcode + "8B0C24"
End Function

Function Mov_ECX_DWORD_Ptr_ESI() As Long
OPcode = OPcode + "8B0E"
End Function

Function Mov_EDX_DWORD_Ptr_EAX() As Long
OPcode = OPcode + "8B10"
End Function

Function Mov_EDX_DWORD_Ptr_EBP() As Long
OPcode = OPcode + "8B5500"
 t color="#0000FF">End Function

Function Mov_EDX_DWORD_Ptr_EBX() As Long
OPcode = OPcode + "8B13"
End Function

Function Mov_EDX_DWORD_Ptr_ECX() As Long
OPcode = OPcode + "8B11"
End Function

Function Mov_EDX_DWORD_Ptr_EDX() As Long
OPcode = OPcode + "8B12"
End Function

Function Mov_EDX_DWORD_Ptr_EDI() As Long
OPcode = OPcode + "8B17"
End Function

Function Mov_EDX_DWORD_Ptr_ESI() As Long
OPcode = OPcode + "8B16"
End Function

Function Mov_EDX_DWORD_Ptr_ESP() As Long
OPcode = OPcode + "8B1424"
End Function

Function Mov_EAX_EBP() As Long
OPcode = OPcode + "8BC5"
End Function

Function Mov_EAX_EBX() As Long
OPcode = OPcode + "8BC3"
End Function

Function Mov_EAX_ECX() As Long
OPcode = OPcode + "8BC1"
End Function

Function Mov_EAX_EDI() As Long
OPcode = OPcode + "8BC7"
End Function

Function Mov_EAX_EDX() As Long
OPcode = OPcode + "8BC2"
End Function

Function Mov_EAX_ESI() As Long
OPcode = OPcode + "8BC6"
End Function

Function Mov_EAX_ESP() As Long
OPcode = OPcode + "8BC4"
End Function

Function Mov_EBX_EBP() As Long
OPcode = OPcode + "8BDD"
End Function

Function Mov_EBX_EAX() As Long
OPcode = OPcode + "8BD8"
End Function

Function Mov_EBX_ECX() As Long
OPcode = OPcode + "8BD9"
End Function

Function Mov_EBX_EDI() As Long
OPcode = OPcode + "8BDF"
End Function

Function Mov_EBX_EDX() As Long
OPcode = OPcode + "8BDA"
End Function

Function Mov_EBX_ESI() As Long
OPcode = OPcode + "8BDE"
End Function

Function Mov_EBX_ESP() As Long
OPcode = OPcode + "8BDC"
End Function

Function Mov_ECX_EBP() As Long
OPcode = OPcode + "8BCD"
End Function

Function Mov_ECX_EAX() As Long
OPcode = OPcode + "8BC8"
End Function

Function Mov_ECX_EBX() As Long
OPcode = OPcode + "8BCB"
End Function

Function Mov_ECX_EDI() As Long
OPcode = OPcode + "8BCF"
End Function

Function Mov_ECX_EDX() As Long
OPcode = OPcode + "8BCA"
End Function

Function Mov_ECX_ESI() As Long
OPcode = OPcode + "8BCE"
End Function

Function Mov_ECX_ESP() As Long
OPcode = OPcode + "8BCC"
End Function

Function Mov_EDX_EBP() As Long
OPcode = OPcode + "8BD5"
End Function

Function Mov_EDX_EBX() As Long
OPcode = OPcode + "8BD3"
End Function

Function Mov_EDX_ECX() As Long
OPcode = OPcode + "8BD1"
End Function

Function Mov_EDX_EDI() As Long
OPcode = OPcode + "8BD7"
End Function

Function Mov_EDX_EAX() As Long
OPcode = OPcode + "8BD0"
End Function

Function Mov_EDX_ESI() As Long
OPcode = OPcode + "8BD6"
End Function

Function Mov_EDX_ESP() As Long
OPcode = OPcode + "8BD4"
End Function

Function Mov_ESI_EBP() As Long
OPcode = OPcode + "8BF5"
End Function

Func
tion Mov_ESI_EBX() As Long
OPcode = OPcode + "8BF3"
End Function

Function Mov_ESI_ECX() As Long
OPcode = OPcode + "8BF1"
End Function

Function Mov_ESI_EDI() As Long
OPcode = OPcode + "8BF7"
End Function

Function Mov_ESI_EAX() As Long
OPcode = OPcode + "8BF0"
End Function

Function Mov_ESI_EDX() As Long
OPcode = OPcode + "8BF2"
End Function

Function Mov_ESI_ESP() As Long
OPcode = OPcode + "8BF4"
End Function

Function Mov_ESP_EBP() As Long
OPcode = OPcode + "8BE5"
End Function

Function Mov_ESP_EBX() As Long
OPcode = OPcode + "8BE3"
End Function

Function Mov_ESP_ECX() As Long
OPcode = OPcode + "8BE1"
End Function

Function Mov_ESP_EDI() As Long
OPcode = OPcode + "8BE7"
End Function

Function Mov_ESP_EAX() As Long
OPcode = OPcode + "8BE0"
End Function

Function Mov_ESP_EDX() As Long
OPcode = OPcode + "8BE2"
End Function

Function Mov_ESP_ESI() As Long
OPcode = OPcode + "8BE6"
End Function

Function Mov_EDI_EBP() As Long
OPcode = OPcode + "8BFD"
End Function

Function Mov_EDI_EAX() As Long
OPcode = OPcode + "8BF8"
End Function

Function Mov_EDI_EBX() As Long
OPcode = OPcode + "8BFB"
End Function

Function Mov_EDI_ECX() As Long
OPcode = OPcode + "8BF9"
End Function

Function Mov_EDI_EDX() As Long
OPcode = OPcode + "8BFA"
End Function

Function Mov_EDI_ESI() As Long
OPcode = OPcode + "8BFE"
End Function

Function Mov_EDI_ESP() As Long
OPcode = OPcode + "8BFC"
End Function
Function Mov_EBP_EDI() As Long
OPcode = OPcode + "8BDF"
End Function

Function Mov_EBP_EAX() As Long
OPcode = OPcode + "8BE8"
End Function

Function Mov_EBP_EBX() As Long
OPcode = OPcode + "8BEB"
End Function

Function Mov_EBP_ECX() As Long
OPcode = OPcode + "8BE9"
End Function

Function Mov_EBP_EDX() As Long
OPcode = OPcode + "8BEA"
End Function

Function Mov_EBP_ESI() As Long
OPcode = OPcode + "8BEE"
End Function

Function Mov_EBP_ESP() As Long
OPcode = OPcode + "8BEC"
End Function
'Push
'+++++++++++++++++++++++++++++++++++
Function Push(i As Long) As Long
'If i <= 255 Then
'OPcode = OPcode + "6A" + Int2Hex(i, 2)
'Else
OPcode = OPcode + "68" + Int2Hex(i, 8)
'End If
End Function

Function Push_DWORD_Ptr(i As Long) As Long
OPcode = OPcode + "FF35" + Int2Hex(i, 8)
End Function

Function Push_EAX() As Long
OPcode = OPcode + "50"
End Function

Function Push_ECX() As Long
OPcode = OPcode + "51"
End Function

Function Push_EDX() As Long
OPcode = OPcode + "52"
End Function

Function Push_EBX() As Long
OPcode = OPcode + "53"
End Function
Function ont color="#000000">Push_ESP() As Long
OPcode = OPcode + "54"
End Function

Function Push_EBP() As Long
OPcode = OPcode + "55"
End Function

Function Push_ESI() As Long
OPcode = OPcode + "56"
End Function

Function Push_EDI() As Long
OPcode = OPcode + "57"
End Function
'LEA
Function Lea_EAX_DWORD_Ptr_EAX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D40" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D80" + Int2Hex(i, 8)
End If
End Function

Function Lea_EAX_DWORD_Ptr_EBX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D43" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D83" + Int2Hex(i, 8)
End If
End Function

Function Lea_EAX_DWORD_Ptr_ECX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D41" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D81" + Int2Hex(i, 8)
End If
End Function

Function Lea_EAX_DWORD_Ptr_EDX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D42" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D82" + Int2Hex(i, 8)
End If
End Function

Function Lea_EAX_DWORD_Ptr_ESI_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D46" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D86" + Int2Hex(i, 8)
End If
End Function

Function Lea_EAX_DWORD_Ptr_ESP_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D40" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D80" + Int2Hex(i, 8)
End If
End Function

Function Lea_EAX_DWORD_Ptr_EBP_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D4424" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D8424" + Int2Hex(i, 8)
End If
End Function

Function Lea_EAX_DWORD_Ptr_EDI_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D47" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D87" + Int2Hex(i, 8)
End If
End Function

Function Lea_EBX_DWORD_Ptr_EAX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D58" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D98" + Int2Hex(i, 8)
End If
End Function

Function Lea_EBX_DWORD_Ptr_ESP_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D5C24" olor="#000000">+ Int2Hex(i, 2)
Else
OPcode = OPcode + "8D9C24" + Int2Hex(i, 8)
End If
End Function

Function Lea_EBX_DWORD_Ptr_EBX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D5B" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D9B" + Int2Hex(i, 8)
End If
End Function

Function Lea_EBX_DWORD_Ptr_ECX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D59" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D99" + Int2Hex(i, 8)
End If
End Function

Function Lea_EBX_DWORD_Ptr_EDX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D5A" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D9A" + Int2Hex(i, 8)
End If
End Function

Function Lea_EBX_DWORD_Ptr_EDI_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D5F" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D9F" + Int2Hex(i, 8)
End If
End Function

Function Lea_EBX_DWORD_Ptr_EBP_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D5D" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D9D" + Int2Hex(i, 8)
End If
End Function

Function Lea_EBX_DWORD_Ptr_ESI_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D5E" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D9E" + Int2Hex(i, 8)
End If
End Function

Function Lea_ECX_DWORD_Ptr_EAX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D48" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D88" + Int2Hex(i, 8)
End If
End Function

Function Lea_ECX_DWORD_Ptr_ESP_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D4C24" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D8C24" + Int2Hex(i, 8)
End If
End Function

Function Lea_ECX_DWORD_Ptr_EBX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D4B" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D8B" + Int2Hex(i, 8)
End If
End Function

Function Lea_ECX_DWORD_Ptr_ECX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D49" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D89" + Int2Hex(i, 8)
End If
End Function

Function Lea_ECX_DWORD_Ptr_EDX_Add(i As Long) As Long
If t>i <= 255 Then
OPcode = OPcode + "8D4A" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D8A" + Int2Hex(i, 8)
End If
End Function

Function Lea_ECX_DWORD_Ptr_EDI_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D4F" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D8F" + Int2Hex(i, 8)
End If
End Function

Function Lea_ECX_DWORD_Ptr_EBP_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D4D" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D8D" + Int2Hex(i, 8)
End If
End Function

Function Lea_ECX_DWORD_Ptr_ESI_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D4E" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D8E" + Int2Hex(i, 8)
End If
End Function

Function Lea_EDX_DWORD_Ptr_EAX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D50" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D90" + Int2Hex(i, 8)
End If
End Function

Function Lea_EDX_DWORD_Ptr_ESP_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D5424" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D9424" + Int2Hex(i, 8)
End If
End Function

Function Lea_EDX_DWORD_Ptr_EBX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D53" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D93" + Int2Hex(i, 8)
End If
End Function

Function Lea_EDX_DWORD_Ptr_ECX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D51" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D91" + Int2Hex(i, 8)
End If
End Function

Function Lea_EDX_DWORD_Ptr_EDX_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D52" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D92" + Int2Hex(i, 8)
End If
End Function

Function Lea_EDX_DWORD_Ptr_EDI_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D57" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D97" + Int2Hex(i, 8)
End If
End Function

Function Lea_EDX_DWORD_Ptr_EBP_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D55" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D95" + Int2Hex(i, 8)
End If
End Funct
ion

Function Lea_EDX_DWORD_Ptr_ESI_Add(i As Long) As Long
If i <= 255 Then
OPcode = OPcode + "8D56" + Int2Hex(i, 2)
Else
OPcode = OPcode + "8D96" + Int2Hex(i, 8)
End If
End Function

'POP
Function Pop_EAX() As Long
OPcode = OPcode + "58"
End Function

Function Pop_EBX() As Long
OPcode = OPcode + "5B"
End Function

Function Pop_ECX() As Long
OPcode = OPcode + "59"
End Function

Function Pop_EDX() As Long
OPcode = OPcode + "5A"
End Function

Function Pop_ESI() As Long
OPcode = OPcode + "5E"
End Function

Function Pop_ESP() As Long
OPcode = OPcode + "5C"
End Function

Function Pop_EDI() As Long
OPcode = OPcode + "5F"
End Function

Function Pop_EBP() As Long
OPcode = OPcode + "5D"
End Function


阅读全文


VB 模拟鼠标滚轮事件 2/25

Option Explicit

Public Declare Sub mouse_event Lib "user32" (ByVal dwFlags As Long, ByVal dx As Long, ByVal dy As Long, ByVal cButtons As Long, ByVal dwExtraInfo As Long)
Public Const MOUSEEVENTF_ABSOLUTE = &H8000 ' absolute move
Public Const MOUSEEVENTF_LEFTDOWN = &H2 ' left button down
Public Const MOUSEEVENTF_LEFTUP = &H4 ' left button up
Public Const MOUSEEVENTF_MIDDLEDOWN = &H20 ' middle button down
Public Const MOUSEEVENTF_MIDDLEUP = &H40 ' middle button up
Public Const MOUSEEVENTF_MOVE = &H1 ' mouse move
Public Const MOUSEEVENTF_RIGHTDOWN = &H8 ' right button down
Public Const MOUSEEVENTF_RIGHTUP = &H10 ' right button up
Public Const MOUSEEVENTF_WHEEL = &H800

Private Sub Command1_Click()
Timer1.Interval = 5000
Timer1.Enabled = True
End Sub

Private Sub Timer1_Timer()
Dim i As Integer
For i = 0 To 100
DoEvents
mouse_event MOUSEEVENTF_WHEEL, 0, 0, 10, 0
Next
For i = 0 To 100
DoEvents
mouse_event MOUSEEVENTF_WHEEL, 0, 0, -10, 0
Next
End Sub


阅读全文


VB 实现保存 Direct3D 游戏截图 2/25

Written By Microsoft MVP: Eric DeBrosse
In this article, I will explain how to save a screen shot from a Visual Basic 6 Direct3D8 application. This could be difficult to figure out on your own, since the VB SDK documentation does not mention the SaveSurfaceToFile method of the D3DX8 class. One thing that seems to cause confusion is the SrcPalette parameter. Even if you are not using indexed colors, you must still pass an un-initialized PALETTEENTRY structure to the SaveSurfaceToFile function. Passing Nothing will cause the function to fail.
Have a look at a simple function:

Public Sub SaveScreenShot(ByVal sFilename As String)
Dim oSurface As Direct3DSurface8
Dim SrcPalette As PALETTEENTRY
Dim SrcRect As RECT
Dim DispMode As D3DDISPLAYMODE

'get display dimensions
g_oDevice.GetDisplayMode DispMode

'create a surface to put front buffer on,
'GetFrontBuffer always returns D3DFMT_A8R8G8B8
Set oSurface = g_oDevice.CreateImageSurface(DispMode.Width, _
DispMode.Height, _
D3DFMT_A8R8G8B8)

'get data from front buffer
g_oDevice.GetFrontBuffer oSurface

'we are saving entire area of this surface
With SrcRect
.Left = 0
.Right = DispMode.Width
.Top = 0
.Bottom = DispMode.Height
End With

'save this surface to a BMP file
g_oD3DX.SaveSurfaceToFile sFilename, _
D3DXIFF_BMP, _
oSurface, _
SrcPalette, _
SrcRect
End Sub


The above function assumes g_oDevice is a valid Direct3DDevice8 object and g_oD3DX is a valid D3DX8 object.
First, we need to get the dimensions of the screen. If we were to use the GetViewport method to get the dimensions, it would fail on a device created with the D3DCreate_PUREDEVICE flag. Since GetFrontBuffer() always needs an image surface the size of the screen, (even when in windowed mode) the GetDisplayMode method is used and should not be an issue with pure devices.
Next, we create a new surface using the dimensions of our screen. The surface should be created using the D3DFMT_A8R8G8B8 format, because the GetFrontBuffer method always returns this format; regardless of the current back buffer format. We are using the GetFrontBuffer method to capture our screen shot, since it is the only way to capture anti-aliased output. The final call to SaveSurfaceToFile writes the entire captured surface to the specified bitmap file.
Notes: This function does not check for any errors! You should always set up some kind of error trap in any DirectX application, it makes it so much easier to debug. You could, for instance, validate the path and filename before actually trying to save the file. The function could also be easily modified to return a result code.

阅读全文


Vista 下以管理员权限运行程序 2/25

1、在Vista里, 你可以用鼠标右击某个应用程序(例如cmd.exe), 再选择"Run As Administrator"(在旧版本里是"Run Elevated")来以管理员权限运行它.
2、在程序(或其快捷方式)的属性Compatibility中选择Run this program as an administrator来运行
3、代码中
下面的C#代码会以管理员权限运行c:\test\script.cmd, 当然你会看到一个UAC对话框, 让你确认.

ProcessStartInfo startInfo = new ProcessStartInfo();
startInfo.FileName = "cmd.exe";
startInfo.Arguments = "/c c:\\test\\script.cmd";
startInfo.UseShellExecute = true;
startInfo.Verb = "RunAs";
Process process = new Process();
process.StartInfo = startInfo;
process.Start();


C/C++里, 可用ShellExecute或ShellExecuteEx, 把lpOperation/lpVerb设成"RunAs"就可
4、在应用程序rc中加入RT_MANIFEST类型资源,ID号为1.内容为

xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">

xmlns="urn:schemas-microsoft-com:asm.v3">


level="requireAdministrator" uiAccess="false"/>



也可以直接给程序添加一个如上的manifest文件,使程序以管理员权限运行。

另附微软官方UAC编程文档:(Windows Vista Application Development Requirements for User Account Control CompatibilityWindows Vista Application Development Requirements for User Account Control Compatibility)
http://www.microsoft.com/downloads/details.aspx?FamilyID=ba73b169-a648-49af-bc5e-a2eebb74c16b&DisplayLang=en

阅读全文


[最强] 获取类模块中指定的函数地址 2/25

大多数的编程语言都可以获取真实的函数地址,在汇编中,这个根本就不是问题,是正当的编程手段之一,windows也经常会应用这个称为回调

函数的东西,但VB编程受限制,只能获取标准模块中的函数地址,而且该函数地址不可在运行时获取属于静态连接

在进行对象编程时,经常用到类模块,最简单的类模块应用就是包装代码了,但遇到类似处理子类化窗口函数时经常会让你觉得很累,无法获取

类模块中指定的函数地址,于是... 你不得不绕到模块中,通过动态调用的方式实现回调函数,比起 SetWindowLong xxx,xxx,any proc address

简直太费脑筋了,而且很多新手还不能理解这种编程思路.也无法应用, 有些汇编高手开始从对象的底层做起一步一步的探索找到了 Thunk 的

解决方法,其实这个方法是MS首先做出来的,只不过被coders们加强了

利用所学的有限的知识我也做一下,争取解决他吧:


Private Function GetClassProcAddress(ByVal SinceCount As Long) As Long
'***************************************************************************************************
' VB6 历史上最简单的获取类中指定函数地址的函数诞生了,can be get address of property to value ,too
'***************************************************************************************************
Dim i As Long, jmpAddress As Long
CopyMemory i, ByVal ObjPtr(Me), 4 ' get vtable
CopyMemory i, ByVal i + (SinceCount - 1) * 4 + &H1C, 4 ' 查表
CopyMemory jmpAddress, ByVal i + 1, 4 ' 获取的函数地址实际还是一个表,是一个跳转表
GetClassProcAddress = i + jmpAddress + 5 ' 计算跳转相对偏移取实际地址
End Function


调用方法:

类模块中指定的函数地址 = GetClassProcAddress( 第几个函数 )

oo" 代码很少... 他能行吗? 没问题... 找到指定的函数地址是没问题的...

解释下这个函数,

参数 SinceCount , 是从某个类模块中最顶端的函数或属性算起,他是第几个函数

这个参数有讲究...
1. 当被查找的函数为 公用函数时,它的值就是自顶端算起的第几个函数,比如你在类模块中最顶端写的一个公用函数 WndProc,那么就传 1
如果是第2个公用函数或属性那么就传 2 依次... 注意,计算的时候要算上公用属性,公用属性也要算上,当他是函数,算做一个

2. 当被查找的函数为 局部函数时,也就是说如果是 Private 修饰的函数,则此参数值为 所有公用函数个数 + 这是第 N 个私有函数
也是从顶端算起,同样包括属性

说下原理,
对象是什么? 对象实际就是一个结构,VB,甚至 C++ 都不一定能让你真正深刻的理解最底层的对象构造,如果说 VB 能让你懂得什么叫继承

则 C++ 能让你知道对象还可以变异....对象原来是那么简单实现了那么高级的技术

再向底层看,用汇编构造对象,你就可以看到,对象原来就是一个结构,结构中包括所有公用函数,属性的地址指针,和连接,销毁函数指针等

那么,在返回到 VB,ObjPtr 可以得到对象的 vTable 指针,通过查询 vTable 就可以得到我们想要的函数指针,前提是我们要知道编译器是

按照什么样的顺序放置属性函数指针的,现在经过查询资料和测试,已经知道了,那就是 基址 + &H1C 所谓的基址其实就是vTable, &H1C就

是VB给结构添加的和必要的函数指针所占用的空间, 从vTable+&H1C 开始存储我们的函数地址,存储顺序如何,可以参照上面对 GetClassProcAddress

的参数 SinceCount 的解释.VB 把所有模块都单独的建立了一个表,每个表中又有单独的表表示他所包含的函数地址.

好了,函数和原理解释已经差不多了,再说说应用

很不幸的我要说,直接应用价值基本 = 0 , 郁闷啊... 为什么呢? 因为... 对象的函数他的第1个参数是vTable指针,第2个(暂时忘了,想起来再补)

于是你构造的函数有4个参数,但编译后该函数将有6个参数,那如果直接交给别人用,比如 APi 那还不出事吗...

会出事,但又不是不能弥补,加上少量的内嵌汇编代码,从新构造一个小函数,就可以完美的运行了,o... 还是很不错的选择

说了很多, 我也累了,就先打住了,总结起来,就是成功的用最简单的代码获取了类模块中指定的函数地址,从这个角度来说此文应该还是一精华文章吧?

等我有时间了,我会将弥补的汇编函数和 GetClassProcAddress 相结合,构造一个最简单化的代码,实现真正的类模块回调函数

阅读全文


智能手机必备软件 - 3G坛(随时随地泡论坛) 2/25

  “3G坛”是一款浏览和使用各种互联网论坛以及资讯的免费手机软件。

  “3G坛”让您可以随时随地访问和使用各种互联网论坛,与使用电脑一样实现各种论坛的注册,登录,发帖,回复等功能,并可以结合手机的拍照功能等,上传手机上的文件到各个论坛。可以浏览海量互联网新闻,体育,娱乐,名人博客等资讯。

软件特色:
1.支持各种验证方式,注册登陆论坛更畅通
2.结合手机拍照功能,照片即拍即发
3.独创的浮动工具条看帖回贴一气呵成
4.图片和文字完美结合,浏览资讯更顺畅
5.首创双向菜单设计,各种功能一键搞定
6.专业数据处理技术浏览速度更快、更省

阅读全文


近日未备案网站大量关停,10万网站遭致命打击! 2/24

  据熟悉情况的IDC业内人士透露,由于信产部及上级部门最近展开网站清理及备案专项行动,近期将会有大量网站被关停,一些中小IDC企业的机房、服务器等也将被关闭。

  据透露,日前相关部门下发了《关于集中开展全量网站清理及备案专项行动的通知》。通知要求IDC企业将所有于2月24日16:00前尚未获得备案号的网站进行关闭处理,保证网站在获得备案号前一律不得擅自接入等。

  柯雅通信的工作人员透露,这次备案检查将有将近超过10万的网站被关闭,目前已经有12家电信机房因为监管不力而关闭。

  该人士表示,目前网站进行备案需要20天,如果备案信息有错误退回再修改的周期大约60天,而且目前工信部备案网站访问速度缓慢,造成各网站无法在24日16点之前提交网站备案信息,因此这次将有大批量的网站被关闭。

  该人士称,“很多IDC企业也可能会遭遇致命的打击。根据我们的统计,柯雅通信大概需要关闭将近40%的客户网站,其中10%是等待备案的企业网站,其余的30%要么不再做站要么流向了国外空间。”

  “如果客户流失40%,对于一家小的IDC企业来说非常严重”,万网一位市场人士向TechWeb分析称,“虽然这次备案非常严格,但大的IDC企业肯多没有什么影响,洗牌的基本都是中小IDC企业”。

  上述柯雅通信人士表示,目前公司已经对很多客户进行了退款,公司也为后半年发展作出了详细的规划,并且可能会裁减2/3的员工以面对低迷的市场状况。

  但他同时强调,柯雅通信并非个例。“目前来看,因为被关闭机房而宣布倒闭或者发布公告想被收购的公司大概有十余家”。

阅读全文


SQL查询分析器 - VBS强大版 2/24

'代码源于海阳顶端2006的SQL模块,这里改成VBS版。功能和海阳顶端里面是一模一样的,用起来可能会没有ASP版的舒服,不过这个可以在DOS下用,方便渗透内网时用哈。

if (lcase(right(wscript.fullname,11))="wscript.exe") then
echo "Execute it under the cmd.exe Plz! Thx."
echo "code by lcx"
wscript.quit
end If

if wscript.arguments.count<1 then
echo "Usage: cscript sql.vbs showTables e:\hytop.mdb或sql:Provider=SQLOLEDB.1;Server=localhost;User ID=sa;Password=haiyangtop;Database=bbs;"
echo "usage: cscript sql.vbs query 连接字符串 <表名=default:""""> sql语句 <页数=default:1>"
echo "exp:cscript sql.vbs showTables "&Chr(34)&"sql:Provider=SQLOLEDB.1;Server=localhost;User ID=sa;Password=haiyangtop;Database=bbs"&Chr(34)
echo "exp:cscript sql.vbs query "&Chr(34)&"sql:Provider=SQLOLEDB.1;Server=localhost;User ID=sa;Password=haiyangtop;Database=bbs"&Chr(34)&Space(1) &Chr(34)&Chr(34)&Space(1)&Chr(34)&"select * from name"&chr(34)&Space(1) & 1
echo "exp:cscript sql.vbs query "&Chr(34)&"sql:Provider=SQLOLEDB.1;Server=localhost;User ID=sa;Password=haiyangtop;Database=bbs"&Chr(34)&Space(1) &Chr(34)&Chr(34)&Space(1)&Chr(34)&"update....."&chr(34)&Space(1) & 1
echo "exp:cscript sql.vbs query "&Chr(34)&"sql:Provider=SQLOLEDB.1;Server=localhost;User ID=sa;Password=haiyangtop;Database=bbs"&Chr(34)&Space(1) &Chr(34)&Chr(34)&Space(1)&Chr(34)&"exec master.dbo.xp_cmdshell 'net user ice hacker /add'--"&chr(34)&Space(1) & 1
end If

Sub chkErr(Err)
If Err Then
echo "错误: " & Err.Description & "错误源: " & Err.Source & vbcrlf
Err.Clear
wscript.quit
End If
End Sub


Sub echo(str)
wscript.echo str
End Sub

Function fixNull(str)
If IsNull(str) Then
str = " "
End If
fixNull = str
End Function

Sub showErr(str)
Dim i, arrayStr
arrayStr = Split(str, "$$")
echo "出错信息:"&vbcrlf
For i = 0 To UBound(arrayStr)
echo (i + 1) & ". " & arrayStr(i) & "
"
Next
echo vbcrlf
wscript.quit
End Sub

Rem =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Rem 下面是程序模块选择部分
Rem =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


PageMsDataBase()



Sub pageMsDataBase()
Dim theAct, sqlStr
theAct = Wscript.Arguments(0)
sqlStr = Wscript.Arguments(1)

Select Case theAct
Case "showTables"
showTables()
Case "query"
showQuery()

End Select

End Sub

Sub showTables()

Dim conn, sqlStr, rsTable, rsColumn, connStr, tablesStr
sqlStr = Wscript.Arguments(1)
If LCase(Left(sqlStr, 4)) = "sql:" Then
connStr = Mid(sqlStr, olor="#800080">5)
Else
connStr = "Provider=Microsoft.Jet.Oledb.4.0;Data Source=" & sqlStr
End If
Set conn = CreateObject("Adodb.Connection")

conn.Open connStr
chkErr(Err)

tablesStr = getTableList(conn, sqlStr, rsTable)


echo tablesStr & "================================================="


Do Until rsTable.Eof
Set rsColumn = conn.OpenSchema(4, Array(Empty, Empty, rsTable("Table_Name").value))
echo rsTable("Table_Name") &vbcrlf

Do Until rsColumn.Eof

echo "字段名:" & rsColumn("Column_Name")&vbclrf
echo "类型:" & getDataType(rsColumn("Data_Type")) & vbclrf
echo "大小:" & rsColumn("Character_Maximum_Length") & vbclrf
echo "精度:" & rsColumn("Numeric_Precision") & vbclrf
echo "允许为空:" & rsColumn("Is_Nullable") & vbclrf
echo "默认值:" & rsColumn("Column_Default") & vbclrf&vbclrf
rsColumn.MoveNext

Loop

rsTable.MoveNext
echo vbcrlf
Loop

echo "==============================================================="

conn.Close
Set conn = Nothing
Set rsTable = Nothing
Set rsColumn = Nothing
End Sub

Sub showQuery()

Dim i, j, rs, sql, page, conn, sqlStr, connStr, rsTable, tablesStr, theTable

sqlStr = Wscript.Arguments(1)
theTable = Wscript.Arguments(2)
sql=Wscript.Arguments(3)
page=Wscript.Arguments(4)

If Not IsNumeric(page) or page = "" Then
page = 1
End If


If LCase(Left(sqlStr, 4)) = "sql:" Then
connStr = Mid(sqlStr, 5)
Else
connStr = "Provider=Microsoft.Jet.Oledb.4.0;Data Source=" & sqlStr
End If
Set rs = CreateObject("Adodb.RecordSet")
Set conn = CreateObject("Adodb.Connection")

conn.Open connStr
chkErr(Err)

tablesStr = getTableList(conn, sqlStr, rsTable)

echo "数据库表结构查看:"
echo tablesStr & "========================================================"
echo ">SQL命令执行及查看<:"&vbcrlf
If sql <> "" And Left(LCase(sql), 7) = "select " Then
rs.Open sql, conn, 1, 1
chkErr(Err)
rs.PageSize = 20
If Not rs.Eof Then
rs.AbsolutePage = page
End If
If rs.Fields.Count>0 Then
echo "SQL操作 - 执行结果"&vbcrlf
echo "===================="&theTable&"列名如下========================================"
For j = 0 To rs.Fields.Count-1
echo rs.Fields(j).Name & vbcrlf
Next
For i = 1 To 20
If rs.Eof Then
Exit For
End If


For j = 0 To rs.Fields.Count-1
echo fixNull(rs(j))& vbcrlf
Next

rs.MoveNext
Next
End If
echo "================================================================="
echo " 共有"&rs.Fields.Count&"列" & vbcrlf
For i = 1 To rs.PageCount
page=i

Next
t>echo " 共有" & page & "页"
rs.Close
Else
If sql <> "" Then
conn.Execute(sql)
chkErr(Err)
echo "执行完毕!"&vbcrlf
End If
End If



conn.Close
Set rs = Nothing
Set conn = Nothing
Set rsTable = Nothing
End Sub

Function getDataType(typeId)
Select Case typeId
Case 130
getDataType = "文本"
Case 2
getDataType = "整型"
Case 3
getDataType = "长整型"
Case 7
getDataType = "日期/时间"
Case 5
getDataType = "双精度型"
Case 11
getDataType = "是/否"
Case 128
getDataType = "OLE 对象"
Case Else
getDataType = typeId
End Select
End Function

Function getTableList(conn, sqlStr, rsTable)
Set rsTable = conn.OpenSchema(20, Array(Empty, Empty, Empty, "table"))
echo "存在以下表名:"
Do Until rsTable.Eof
getTableList = getTableList & "["& rsTable("Table_Name") & "]"&vbcrlf
rsTable.MoveNext
Loop
rsTable.MoveFirst
End Function


阅读全文