WinDbg神断点

https://blogs.msdn.microsoft.com/alejacma/2007/10/31/cryptoapi-tracer-script/

 

我得多少年才能学会这种写法。

 

实际上也没用多少年。

 

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
************************************************************************
* CRYPTO API TRACER by ALEJANDRO CAMPOS MAGENCIO (BETA)
************************************************************************
*
* DISCLAIMER
*
* This sample script is not supported under any Microsoft standard
* support program or service.
* The sample script is provided as it is without warranty of any kind.
* Microsoft further disclaims all implied warranties including, without
* limitation, any implied warranties of merchantability or of fitness
* for a particular purpose.
* The entire risk arising out of the use or performance of the sample
* script remains with you. In no event shall Microsoft, its authors, or
* anyone else involved in the creation, production, or delivery of the
* script be liable for any damages whatsoever (including, without
* limitation, damages for loss of business profits, business
* interruption, loss of business information, or other pecuniary loss)
* arising out of the use of or inability to use the sample script, even
* if Microsoft has been advised of the possibility of such damages.
*
* PREREQUISITES:
*
* 1) Download the latest version of "Debugging Tools for Windows"
*    https://www.microsoft.com/whdc/devtools/debugging/installx86.mspx
*
* 2) Install the tools in any machine, and copy the directory with the
*    tools to the target machine (they don't need to be installed in the
*    target machine). We will use "cdb.exe" to run the script.
*
* HOW TO TRACE an already running application:
*
* -  Run the following command to attach the "cdb.exe" debugger to the
*    application and run the script:
*    "
*    cdb.exe -pn application.exe -cf "PathToScript\script.txt"
*    "
*
*    Note: You may target the application by PID by using "-p PID"
*          instead of "-pn application.exe".
*    Note: All traces will be written to log.txt in the current
*          directory. You may change the path to the log file at the end
*          of the script.
*
* HOW TO FINISH the tracing:
*
* A) If the application has finished execution, enter the "q" command on
*    "cdb.exe" to quit the debugger.
*
* B) If the application is still running, press "Ctrl+Break" to break
*    into "cdb.exe" and pause the application. Enter the "qd" command to
*    detach and quit the debugger (it won't kill the target app which
*    will resume execution) or "q" to just quit (it will kill the target
*    app).
*
************************************************************************
 
************************************************************************
* DEFAULT TRACERS
************************************************************************
 
* Remove * to enable
*bm Advapi32!Crypt* ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\n(%#x)\\n\\n\", @$tid;    .echo CALL;kb 1;    bp /t @$thread poi(@esp) \"    .echo;.echo RESULT; .printf \\\"%#x\\\\n\\\\n\\\", @eax; !gle;    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
* Remove * to enable
*bm Crypt32!Crypt* ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\n(%#x)\\n\\n\", @$tid;    .echo CALL;kb 1;    bp /t @$thread poi(@esp) \"    .echo;.echo RESULT; .printf \\\"%#x\\\\n\\\\n\\\", @eax; !gle;    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
* Remove * to enable
*bm Crypt32!Cert* ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\n(%#x)\\n\\n\", @$tid;    .echo CALL;kb 1;    bp /t @$thread poi(@esp) \"    .echo;.echo RESULT; .printf \\\"%#x\\\\n\\\\n\\\", @eax; !gle;    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
************************************************************************
* ADVAPI32!CRYPT* TRACERS
************************************************************************
 
bm Advapi32!CryptAcquireContextW ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptAcquireContextW (%#x)\\n\", @$tid;    .echo;.echo IN;    .echo pszContainer; .if(poi(@esp+8)=0) {.echo NULL} .else {du poi(@esp+8)};    .echo;.echo pszProvider; .if(poi(@esp+c)=0) {.echo NULL} .else {du poi(@esp+c)};    .echo;.echo dwProvType; .if(poi(@esp+10)=1) {.echo PROV_RSA_FULL} .elsif(poi(@esp+10)=0x18) {.echo PROV_RSA_AES} .else {.printf \"%d\\n\", poi(@esp+10)};    .printf \"\\ndwFlags\\n%#x\\n\", poi(@esp+14); .if((poi(@esp+14)&0x0`F0000000)=0x0`F0000000) {.echo CRYPT_VERIFYCONTEXT(0xf0000000)}; .if((poi(@esp+14)&0x0`00000008)=0x0`00000008){.echo CRYPT_NEWKEYSET(0x8)}; .if((poi(@esp+14)&0x0`00000010)=0x0`00000010) {.echo CRYPT_DELETEKEYSET(0x10)}; .if((poi(@esp+14)&0x0`00000020)=0x0`00000020) {.echo CRYPT_MACHINE_KEYSET(0x20)}; .if((poi(@esp+14)&0x0`00000040)=0x0`00000040) {.echo CRYPT_SILENT(0x40)};     bp /t @$thread poi(@esp) \"    .echo;.echo OUT;    .if(poi(@esp-14)=0) {.echo phProv;.echo NULL} .else {.echo hProv; .if(poi(poi(@esp-14))=0) {.echo NULL} .else {.printf \\\"%#x\\\\n\\\", poi(poi(@esp-14))} };    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptAcquireContextW (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptAcquireContextW (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Advapi32!CryptAcquireContextA ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptAcquireContextA (%#x)\\n\", @$tid;    .echo;.echo IN;    .echo pszContainer; .if(poi(@esp+8)=0) {.echo NULL} .else {da poi(@esp+8)};    .echo;.echo pszProvider; .if(poi(@esp+c)=0) {.echo NULL} .else {da poi(@esp+c)};    .echo;.echo dwProvType; .if(poi(@esp+10)=1) {.echo PROV_RSA_FULL} .elsif(poi(@esp+10)=24) {.echo PROV_RSA_AES} .else {.printf \"%d\\n\", poi(@esp+10)};    .printf \"\\ndwFlags\\n%#x\\n\", poi(@esp+14); .if((poi(@esp+14)&0x0`F0000000)=0x0`F0000000){.echo CRYPT_VERIFYCONTEXT(0xf0000000)}; .if((poi(@esp+14)&0x0`00000008)=0x0`00000008){.echo CRYPT_NEWKEYSET(0x8)}; .if((poi(@esp+14)&0x0`00000010)=0x0`00000010) {.echo CRYPT_DELETEKEYSET(0x10)}; .if((poi(@esp+14)&0x0`00000020)=0x0`00000020) {.echo CRYPT_MACHINE_KEYSET(0x20)}; .if((poi(@esp+14)&0x0`00000040)=0x0`00000040) {.echo CRYPT_SILENT(0x40)};    bp /t @$thread poi(@esp) \"    .echo;.echo OUT;    .if(poi(@esp-14)=0) {.echo phProv;.echo NULL} .else {.echo hProv; .if(poi(poi(@esp-14))=0) {.echo NULL} .else {.printf \\\"%#x\\\\n\\\", poi(poi(@esp-14))} };    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptAcquireContextA (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptAcquireContextA (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Advapi32!CryptGetProvParam ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptGetProvParam (%#x)\\n\", @$tid;    .echo;.echo IN;    .printf \"hProv\\n%#x\\n\\n\", poi(@esp+4);    .echo dwParam; .if(poi(@esp+8)=0x16) {.echo PP_ENUMALGS_EX} .else {.printf \"%#x\\n\", poi(@esp+8)};    .echo;.echo pbData; .if(poi(@esp+c)=0) {.echo NULL} .else {.printf \"%#x\\n\", poi(@esp+c)};    .printf \"\\ndwDataLen\\n%d\\n\", poi(poi(@esp+10));        .printf \"\\ndwFlags\\n%#x\\n\", poi(@esp+14);    bp /t @$thread poi(@esp) \"   .echo;.echo OUT;    .if((poi(@esp-c)!=0) & (poi(poi(@esp-8))!=0)) {r $t0=(poi(poi(@esp-8))+3)/4; .echo bData; dd poi(@esp-c) l@$t0; .echo};    .printf \\\"dwDataLen\\\\n%d\\\\n\\\", poi(poi(@esp-8));    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptGetProvParam (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptGetProvParam (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Advapi32!CryptGenRandom ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptGenRandom (%#x)\\n\", @$tid;    .echo;.echo IN;    .printf \"hProv\\n%#x\\n\\n\", poi(@esp+4);    .printf \"dwLen\\n%d\\n\", poi(@esp+8);    r $t0=(poi(@esp+8)+3)/4; .echo;.echo bBuffer; dd poi(@esp+c) l@$t0;    bp /t @$thread poi(@esp) \"    .echo;.echo OUT;    r $t0=(poi(@esp-8)+3)/4; .echo bBuffer; dd poi(@esp-4) l@$t0;    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptGenRandom (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptGenRandom (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Advapi32!CryptReleaseContext ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptReleaseContext (%#x)\\n\", @$tid;    .echo;.echo IN;    .printf \"hProv\\n%#x\\n\\n\", poi(@esp+4);    .printf \"dwFlags\\n%#x\\n\", poi(@esp+8);    bp /t @$thread poi(@esp) \"    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptReleaseContext (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptReleaseContext (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Advapi32!CryptCreateHash ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptCreateHash (%#x)\\n\", @$tid;    .echo;.echo IN;    .printf \"hProv\\n%#x\\n\\n\", poi(@esp+4);    .echo Algid; .if(poi(@esp+8)=0x00008004) {.echo CALG_SHA} .elsif(poi(@esp+8)=0x00008003) {.echo CALG_MD5} .else {.printf \"%#x\\n\", poi(@esp+8)};    .printf \"\\nhKey\\n%#x\\n\\n\", poi(@esp+c);    .printf \"dwFlags\\n%#x\\n\", poi(@esp+10);    bp /t @$thread poi(@esp) \"    .echo;.echo OUT;    .printf \\\"hHash\\\\n%#x\\\\n\\\", poi(poi(@esp-4));    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptCreateHash (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptCreateHash (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
 
bm Advapi32!CryptHashData ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptHashData (%#x)\\n\", @$tid;    .echo;.echo IN;    .printf \"hHash\\n%#x\\n\\n\", poi(@esp+4);    r $t0=(poi(@esp+c)+3)/4; .echo bData;dd poi(@esp+8) l@$t0;    .printf \"\\ndwDataLen\\n%d\\n\\n\", poi(@esp+c);    .printf \"dwFlags\\n%#x\\n\", poi(@esp+10);    bp /t @$thread poi(@esp) \"    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptHashData (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptHashData (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Advapi32!CryptDestroyHash ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptDestroyHash (%#x)\\n\", @$tid;    .echo;.echo IN;    .printf \"hHash\\n%#x\\n\", poi(@esp+4);    bp /t @$thread poi(@esp) \"    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptDestroyHash (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptDestroyHash (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Advapi32!CryptGetHashParam ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptGetHashParam (%#x)\\n\", @$tid;    .echo;.echo IN;    .printf \"hHash\\n%#x\\n\", poi(@esp+4);    .echo;.echo dwParam; .if(poi(@esp+8)=0x1) {.echo HP_ALGID} .elsif(poi(@esp+8)=0x2) {.echo HP_HASHVAL} .elsif(poi(@esp+8)=0x4) {.echo HP_HASHSIZE} .else {.printf \"%#x\\n\", poi(@esp+8)};    .echo;.echo pbData; .if(poi(@esp+c)=0) {.echo NULL} .else {.printf \"%#x\\n\", poi(@esp+c)};    .printf \"\\ndwDataLen\\n%d\\n\", poi(poi(@esp+10));    .printf \"\\ndwFlags\\n%#x\\n\", poi(@esp+14);    bp /t @$thread poi(@esp) \"    .echo;.echo OUT;    .if((poi(@esp-c)!=0) & (poi(poi(@esp-8))!=0)) {r $t0=(poi(poi(@esp-8))+3)/4; .echo bData; dd poi(@esp-c) l@$t0; .echo};    .printf \\\"dwDataLen\\\\n%d\\\\n\\\", poi(poi(@esp-8));    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptGetHashParam (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptGetHashParam (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Advapi32!CryptGetUserKey ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptGetUserKey (%#x)\\n\", @$tid;    .echo;.echo IN;    .printf \"hProv\\n%#x\\n\\n\", poi(@esp+4);    .echo dwKeySpec; .if(poi(@esp+8)=0x1) {.echo AT_KEYEXCHANGE} .elsif(poi(@esp+8)=0x2) {.echo AT_SIGNATURE} .else {.printf \"%#x\\n\", poi(@esp+8)};    bp /t @$thread poi(@esp) \"    .echo;.echo OUT;    .printf \\\"hUserKey\\\\n%#x\\\\n\\\", poi(poi(@esp-4));    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptGetUserKey (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptGetUserKey (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Advapi32!CryptGenKey ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptGenKey (%#x)\\n\", @$tid;    .echo;.echo IN;    .printf \"hProv\\n%#x\\n\\n\", poi(@esp+4);    .echo Algid; .if(poi(@esp+8)=0x1) {.echo AT_KEYEXCHANGE} .elsif(poi(@esp+8)=0x2) {.echo AT_SIGNATURE} .elsif(poi(@esp+8)=0x00008004) {.echo CALG_SHA} .else {.printf \"%#x\\n\", poi(@esp+8)};    .printf \"\\ndwFlags\\n%#x\\n\", poi(@esp+c); r $t0=(poi(@esp+c))>>10; .printf \"Key Size(%d)\\n\", @$t0; .if((poi(@esp+c)&0x0`00000001)=0x0`00000001) {.echo CRYPT_EXPORTABLE(0x1)};    bp /t @$thread poi(@esp) \"    .echo;.echo OUT;    .printf \\\"hKey\\\\n%#x\\\\n\\\", poi(poi(@esp-4));    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptGenKey (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptGenKey (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Advapi32!CryptGetKeyParam ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptGetKeyParam (%#x)\\n\", @$tid;    .echo;.echo IN;    .printf \"hKey\\n%#x\\n\\n\", poi(@esp+4);    .echo dwParam; .if(poi(@esp+8)=0x7) {.echo KP_ALGID} .elsif(poi(@esp+8)=0x9) {.echo KP_KEYLEN} .else {.printf \"%#x\\n\", poi(@esp+8)};    .echo;.echo pbData; .if(poi(@esp+c)=0) {.echo NULL} .else {.printf \"%#x\\n\", poi(@esp+c)};    .printf \"\\ndwDataLen\\n%d\\n\", poi(poi(@esp+10));    .printf \"\\ndwFlags\\n%#x\\n\", poi(@esp+14);    bp /t @$thread poi(@esp) \"   .echo;.echo OUT;    .if((poi(@esp-c)!=0) & (poi(poi(@esp-8))!=0)) {r $t0=(poi(poi(@esp-8))+3)/4; .echo bData; dd poi(@esp-c) l@$t0; .echo};    .printf \\\"dwDataLen\\\\n%d\\\\n\\\", poi(poi(@esp-8));    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptGetKeyParam (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptGetKeyParam (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Advapi32!CryptDestroyKey ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptDestroyKey (%#x)\\n\", @$tid;    .echo;.echo IN;    .printf \"hKey\\n%#x\\n\", poi(@esp+4);   bp /t @$thread poi(@esp) \"    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptDestroyKey (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptDestroyKey (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Advapi32!CryptEncrypt ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptEncrypt (%#x)\\n\", @$tid;    .echo;.echo IN;    .printf \"hKey\\n%#x\\n\\n\", poi(@esp+4);    .printf \"hHash\\n%#x\\n\\n\", poi(@esp+8);    .echo Final; .if(poi(@esp+c)=0) {.echo FALSE} .else {.echo TRUE};    .echo;.echo dwFlags; .if(poi(@esp+10)=0x40) {.echo CRYPT_OAEP} .else {.printf \"%#x\\n\", poi(@esp+10)}; .echo;    .if((poi(@esp+14)!=0) & (poi(poi(@esp+18))!=0)) {r $t0=(poi(poi(@esp+18))+3)/4; .echo bData; dd poi(@esp+14) l@$t0} .elsif(poi(@esp+14)=0) {.echo pbData;.echo NULL} .else {.printf \"pbData\\n%#x\\n\", poi(@esp+14)}; .echo;    .printf \"dwDataLen\\n%d\\n\\n\", poi(poi(@esp+18));    .printf \"dwBufLen\\n%d\\n\", poi(@esp+1c);    bp /t @$thread poi(@esp) \"   .echo;.echo OUT;    .if((poi(@esp-c)!=0) & (poi(poi(@esp-8))!=0)) {r $t0=(poi(poi(@esp-8))+3)/4; .echo bData; dd poi(@esp-c) l@$t0; .echo};    .printf \\\"dwDataLen\\\\n%d\\\\n\\\", poi(poi(@esp-8));    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptEncrypt (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptEncrypt (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Advapi32!CryptDecrypt ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptDecrypt (%#x)\\n\", @$tid;    .echo;.echo IN;    .printf \"hKey\\n%#x\\n\\n\", poi(@esp+4);    .printf \"hHash\\n%#x\\n\\n\", poi(@esp+8);   .echo Final; .if(poi(@esp+c)=0) {.echo FALSE} .else {.echo TRUE};    .echo;.echo dwFlags; .if(poi(@esp+10)=0x40) {.echo CRYPT_OAEP} .else {.printf \"%#x\\n\", poi(@esp+10)}; .echo;    .if((poi(@esp+14)!=0) & (poi(poi(@esp+18))!=0)) {r $t0=(poi(poi(@esp+18))+3)/4; .echo bData; dd poi(@esp+14) l@$t0; .echo} .elsif(poi(@esp+14)=0) {.echo pbData;.echo NULL;.echo};    .printf \"dwDataLen\\n%d\\n\\n\", poi(poi(@esp+18));    bp /t @$thread poi(@esp) \"   .echo;.echo OUT;    .if((poi(@esp-8)!=0) & (poi(poi(@esp-4))!=0)) {r $t0=(poi(poi(@esp-4))+3)/4; .echo bData; dd poi(@esp-8) l@$t0; .echo};    .printf \\\"dwDataLen\\\\n%d\\\\n\\\", poi(poi(@esp-4));    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptDecrypt (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptDecrypt (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Advapi32!CryptSetHashParam ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptSetHashParam (%#x)\\n\", @$tid;    .echo;.echo IN;    .printf \"hHash\\n%#x\\n\", poi(@esp+4);    .echo;.echo dwParam; .if(poi(@esp+8)=0x2) {.echo HP_HASHVAL} .elsif(poi(@esp+8)=0x5) {.echo HP_HMAC_INFO} .else {.printf \"%#x\\n\", poi(@esp+8)};    .echo; .if(poi(@esp+c)=0) {.echo pbData;.echo NULL} .else {.echo bData;dd poi(@esp+c)};     .printf \"\\ndwFlags\\n%#x\\n\", poi(@esp+10);    bp /t @$thread poi(@esp) \"    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptSetHashParam (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptSetHashParam (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Advapi32!CryptSignHashW ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\CryptSignHashW (%#x)\\n\", @$tid;    .echo;.echo IN;    .printf \"hHash\\n%#x\\n\", poi(@esp+4);    .echo;.echo dwKeySpec; .if (poi(@esp+8)=0x1) {.echo AT_KEYEXCHANGE} .elsif (poi(@esp+8)=0x2) {.echo AT_SIGNATURE} .else {.printf \"%#x\\n\", poi(@esp+8)};    .echo;.echo sDescription; .if (poi(@esp+c)=0) {.echo NULL} .else {du poi(@esp+c)};    .printf \"dwFlags\\n%#x\\n\", poi(@esp+10);        .echo;.echo pbSignature; .if (poi(@esp+14)=0) {.echo NULL} .else {.printf \"%#x\\n\", poi(@esp+14)};    .printf \"\\ndwSigLen\\n%d\\n\", poi(poi(@esp+18));    bp /t @$thread poi(@esp) \"    .echo;.echo OUT;    .if((poi(@esp-8)!=0) & (poi(poi(@esp-4))!=0)) {r $t0=(poi(poi(@esp-4))+3)/4; .echo bSignature; dd poi(@esp-8) l@$t0; .echo};    .printf \\\"dwSigLen\\\\n%d\\\\n\\\", poi(poi(@esp-4));    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptSignHashW (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptSignHashW (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Advapi32!CryptSignHashA ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptSignHashA (%#x)\\n\", @$tid;    .echo;.echo IN;    .printf \"hHash\\n%#x\\n\", poi(@esp+4);    .echo;.echo dwKeySpec; .if (poi(@esp+8)=0x1) {.echo AT_KEYEXCHANGE} .elsif (poi(@esp+8)=0x2) {.echo AT_SIGNATURE} .else {.printf \"%#x\\n\", poi(@esp+8)};    .echo;.echo sDescription; .if (poi(@esp+c)=0) {.echo NULL} .else {da poi(@esp+c)};    .printf \"\\ndwFlags\\n%#x\\n\", poi(@esp+10);        .echo;.echo pbSignature; .if (poi(@esp+14)=0) {.echo NULL} .else {.printf \"%#x\\n\", poi(@esp+14)};    .printf \"\\ndwSigLen\\n%d\\n\", poi(poi(@esp+18));    bp /t @$thread poi(@esp) \"    .echo;.echo OUT;    .if((poi(@esp-8)!=0) & (poi(poi(@esp-4))!=0)) {r $t0=(poi(poi(@esp-4))+3)/4; .echo bSignature; dd poi(@esp-8) l@$t0; .echo};    .printf \\\"dwSigLen\\\\n%d\\\\n\\\", poi(poi(@esp-4));    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptSignHashA (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptSignHashA (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Advapi32!CryptVerifySignatureW ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptVerifySignatureW (%#x)\\n\", @$tid;    .echo;.echo IN;    .printf \"hHash\\n%#x\\n\\n\", poi(@esp+4);    .if((poi(@esp+8)!=0) & (poi(@esp+c)!=0)) {r $t0=(poi(@esp+c)+3)/4; .echo bSignature; dd poi(@esp+8) l@$t0;} .elsif(poi(@esp+8)=0) {.echo pbSignature;.echo NULL;} .else {.printf \"pbSignature\\n%#x\\n\", poi(@esp+8)};    .printf \"\\ndwSigLen\\n%d\\n\\n\", poi(@esp+c);    .printf \"hPubKey\\n%#x\\n\", poi(@esp+10);    .echo;.echo sDescription; .if (poi(@esp+14)=0) {.echo NULL} .else {du poi(@esp+14)};    .printf \"\\ndwFlags\\n%#x\\n\", poi(@esp+18);    bp /t @$thread poi(@esp) \"    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptVerifySignatureW (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptVerifySignatureW (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Advapi32!CryptVerifySignatureA ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptVerifySignatureA (%#x)\\n\", @$tid;    .echo;.echo IN;    .printf \"hHash\\n%#x\\n\\n\", poi(@esp+4);    .if((poi(@esp+8)!=0) & (poi(@esp+c)!=0)) {r $t0=(poi(@esp+c)+3)/4; .echo bSignature; dd poi(@esp+8) l@$t0;} .elsif(poi(@esp+8)=0) {.echo pbSignature;.echo NULL;} .else {.printf \"pbSignature\\n%#x\\n\", poi(@esp+8)};    .printf \"\\ndwSigLen\\n%d\\n\\n\", poi(@esp+c);    .printf \"hPubKey\\n%#x\\n\", poi(@esp+10);    .echo;.echo sDescription; .if (poi(@esp+14)=0) {.echo NULL} .else {da poi(@esp+14)};    .printf \"\\ndwFlags\\n%#x\\n\", poi(@esp+18);    bp /t @$thread poi(@esp) \"    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptVerifySignatureA (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptVerifySignatureA (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Advapi32!CryptImportKey ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptImportKey (%#x)\\n\", @$tid;    .echo;.echo IN;    .printf \"hProv\\n%#x\\n\\n\", poi(@esp+4);    .if((poi(@esp+8)!=0) & (poi(@esp+c)!=0)) {r $t0=(poi(@esp+c)+3)/4; .echo bData; dd poi(@esp+8) l@$t0;} .elsif(poi(@esp+8)=0) {.echo pbData;.echo NULL;} .else {.printf \"pbData\\n%#x\\n\", poi(@esp+8)};    .printf \"\\ndwDataLen\\n%d\\n\\n\", poi(@esp+c);    .printf \"hPubKey\\n%#x\\n\\n\", poi(@esp+10);    .printf \"dwFlags\\n%#x\\n\", poi(@esp+14); .if((poi(@esp+14)&0x0`00000001)=0x0`00000001) {.echo CRYPT_EXPORTABLE(0x1)};    bp /t @$thread poi(@esp) \"    .echo;.echo OUT; .printf \\\"hKey\\\\n%#x\\\\n\\\", poi(poi(@esp-4));    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptImportKey (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptImportKey (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Advapi32!CryptExportKey ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptExportKey (%#x)\\n\", @$tid;    .echo;.echo IN;    .printf \"hKey\\n%#x\\n\\n\", poi(@esp+4);    .printf \"hExpKey\\n%#x\\n\\n\", poi(@esp+8);    .echo dwBlobType; .if(poi(@esp+c)=0x7) {.echo PRIVATEKEYBLOB} .else {.printf \"%#x\\n\", poi(@esp+c)};    .printf \"\\ndwFlags\\n%#x\\n\", poi(@esp+10); .if((poi(@esp+10)&0x0`00000040)=0x0`00000040) {.echo CRYPT_OAEP(0x40)};    .echo;.echo pbData; .if(poi(@esp+14)=0) {.echo NULL} .else {.printf \"%#x\\n\", poi(@esp+14)};    .printf \"\\ndwDataLen\\n%d\\n\", poi(poi(@esp+18));    bp /t @$thread poi(@esp) \"    .echo;.echo OUT;    .if((poi(@esp-8)!=0) & (poi(poi(@esp-4))!=0)) {r $t0=(poi(poi(@esp-4))+3)/4; .echo bData; dd poi(@esp-8) l@$t0; .echo};    .printf \\\"dwDataLen\\\\n%d\\\\n\\\", poi(poi(@esp-4));    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptExportKey (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptExportKey (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
************************************************************************
* CRYPT32!CRYPT* TRACERS
************************************************************************
 
bm Crypt32!CryptProtectData ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptProtectData (%#x)\\n\", @$tid;    .echo;.echo IN;    .if (poi(@esp+4)=0) {.echo pDataIn;.echo NULL} .else {.printf \"pDataIn->cbData\\n%d\\n\\n\", poi(poi(@esp+4)); r $t0=(poi(poi(@esp+4))+3)/4;.if(@$t0 > 40){r $t0=40}; .echo pDataIn->pbData;dd poi(poi(@esp+4)+4) l@$t0};    .echo;.echo szDataDescr; .if(poi(@esp+8)=0) {.echo NULL} .else {du poi(@esp+8)};    .echo; .if (poi(@esp+c)=0) {.echo pOptionalEntropy;.echo NULL} .else { .printf \"pOptionalEntropy->cbData\\n%d\\n\", poi(poi(@esp+c)); r $t0=(poi(poi(@esp+c))+3)/4;.if(@$t0 > 40){r $t0=40}; .echo;.echo pOptionalEntropy->pbData;dd poi(poi(@esp+c)+4) l@$t0};    .echo;.echo vReserved; .if (poi(@esp+10)=0) {.echo NULL} .else {.printf\"%#x\\n\", poi(@esp+10)};    .echo; .if (poi(@esp+14)=0) {.echo pPromptStruct;.echo NULL} .else {.printf \"pPromptStruct->cbSize\\n%d\\n\\n\", poi(poi(@esp+14)); .printf \"pPromptStruct->dwPromptFlags\\n%#x\\n\", poi(poi(@esp+14)+4); .if((poi(poi(@esp+14)+4)&0x0`00000001)=0x0`00000001) {.echo CRYPTPROTECT_PROMPT_ON_UNPROTECT(0x1)}; .if((poi(poi(@esp+14)+4)&0x0`00000002)=0x0`00000002) {.echo CRYPTPROTECT_PROMPT_ON_PROTECT(0x2)}; .printf \"\\npPromptStruct->hwndApp\\n%#x\\n\\n\", poi(poi(@esp+14)+8); .echo pPromptStruct->szPrompt; .if(poi(poi(@esp+14)+c)=0) {.echo NULL} .else {du poi(poi(@esp+14)+c)} };    .echo; .printf \"dwFlags\\n%#x\\n\", poi(@esp+18); .if((poi(@esp+18)&0x0`00000004)=0x0`00000004) {.echo CRYPTPROTECT_LOCAL_MACHINE(0x4)}; .if((poi(@esp+18)&0x0`00000001)=0x0`00000001) {.echo CRYPTPROTECT_UI_FORBIDDEN(0x1)}; .if((poi(@esp+18)&0x0`00000010)=0x0`00000010) {.echo CRYPTPROTECT_AUDIT(0x10)}; .if((poi(@esp+18)&0x0`00000040)=0x0`00000040) {.echo CRYPTPROTECT_VERIFY_PROTECTION(0x40)};    bp /t @$thread poi(@esp) \"    .echo;.echo OUT;    .if (poi(@esp-4)=0) {.echo pDataOut;.echo NULL} .else {.printf \\\"pDataOut->cbData\\\\n%d\\\\n\\\", poi(poi(@esp-4)); r $t0=(poi(poi(@esp-4))+3)/4;.if(@$t0 > 40){r $t0=40}; .echo;.echo pDataOut->pbData;dd poi(poi(@esp-4)+4) l@$t0};    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptProtectData (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptProtectData (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Crypt32!CryptUnprotectData ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptUnprotectData (%#x)\\n\", @$tid;    .echo;.echo IN;    .if (poi(@esp+4)=0) {.echo pDataIn;.echo NULL} .else {.printf \"pDataIn->cbData\\n%d\\n\\n\", poi(poi(@esp+4)); r $t0=(poi(poi(@esp+4))+3)/4;.if(@$t0 > 40){r $t0=40}; .echo pDataIn->pbData;dd poi(poi(@esp+4)+4) l@$t0};    .echo; .if (poi(@esp+c)=0) {.echo pOptionalEntropy;.echo NULL} .else { .printf \"pOptionalEntropy->cbData\\n%d\\n\", poi(poi(@esp+c)); r $t0=(poi(poi(@esp+c))+3)/4;.if(@$t0 > 40){r $t0=40}; .echo;.echo pOptionalEntropy->pbData;dd poi(poi(@esp+c)+4) l@$t0};    .echo;.echo vReserved; .if (poi(@esp+10)=0) {.echo NULL} .else {.printf\"%#x\\n\", poi(@esp+10)};    .echo; .if (poi(@esp+14)=0) {.echo pPromptStruct;.echo NULL} .else {.printf \"pPromptStruct->cbSize\\n%d\\n\\n\", poi(poi(@esp+14)); .printf \"pPromptStruct->dwPromptFlags\\n%#x\\n\", poi(poi(@esp+14)+4); .if((poi(poi(@esp+14)+4)&0x0`00000001)=0x0`00000001) {.echo CRYPTPROTECT_PROMPT_ON_UNPROTECT(0x1)}; .if((poi(poi(@esp+14)+4)&0x0`00000002)=0x0`00000002) {.echo CRYPTPROTECT_PROMPT_ON_PROTECT(0x2)}; .printf \"\\npPromptStruct->hwndApp\\n%#x\\n\\n\", poi(poi(@esp+14)+8); .echo pPromptStruct->szPrompt; .if(poi(poi(@esp+14)+c)=0) {.echo NULL} .else {du poi(poi(@esp+14)+c)} };    .echo; .printf \"dwFlags\\n%#x\\n\", poi(@esp+18); .if((poi(@esp+18)&0x0`00000001)=0x0`00000001) {.echo CRYPTPROTECT_UI_FORBIDDEN(0x1)};    bp /t @$thread poi(@esp) \"    .echo;.echo OUT;    .if(poi(@esp-18)=0) {.echo ppszDataDescr;.echo NULL} .else {.echo szDataDescr; .if(poi(poi(@esp-18))=0) {.echo NULL} .else {du poi(poi(@esp-18))} };    .echo; .if (poi(@esp-4)=0) {.echo pDataOut;.echo NULL} .else {.printf \\\"pDataOut->cbData\\\\n%d\\\\n\\\", poi(poi(@esp-4)); r $t0=(poi(poi(@esp-4))+3)/4;.if(@$t0 > 40){r $t0=40}; .echo;.echo pDataOut->pbData;dd poi(poi(@esp-4)+4) l@$t0};    .echo;.echo RESULT;    .if(@eax=1) {.printf \\\"CryptUnprotectData (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptUnprotectData (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Crypt32!CryptMemAlloc ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptMemAlloc (%#x)\\n\", @$tid;    .echo;.echo IN;    .printf \"cbSize\\n%d\\n\", poi(@esp+4);    bp /t @$thread poi(@esp) \"    .echo;.echo RESULT; .printf \\\"%#x\\\\n\\\\n\\\", @eax; .if(@eax!=0) {.printf \\\"CryptMemAlloc (%#x) SUCCEEDED\\\\n\\\", @$tid} .else {.printf \\\"CryptMemAlloc (%#x) FAILED\\\\n\\\", @$tid;!gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
bm Crypt32!CryptMemFree ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCryptMemFree (%#x)\\n\", @$tid;    .echo;.echo IN;    .printf \"pv\\n%#x\\n\", poi(@esp+4);    bp /t @$thread poi(@esp) \"    .echo;.echo RESULT;    .printf \\\"CryptMemFree (%#x) SUCCEEDED\\\\n\\\", @$tid;    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
 
************************************************************************
* CRYPT32!CERT* TRACERS
************************************************************************
 
bm Crypt32!CertOpenStore ".printf \"\\n>>>>>>>>>>>>>>>>>>>>>>\\n\\nCertOpenStore (%#x)\\n\", @$tid;    .echo;.echo IN;    .echo lpszStoreProvider; .if(poi(@esp+4)=0) {.echo NULL} .elsif(poi(@esp+4)=0x1) {.echo CERT_STORE_PROV_MSG} .elsif(poi(@esp+4)=0x2) {.echo CERT_STORE_PROV_MEMORY} .elsif(poi(@esp+4)=0xa) {.echo CERT_STORE_PROV_SYSTEM_W} .elsif(poi(@esp+4)=0xb) {.echo CERT_STORE_PROV_COLLECTION} .elsif(poi(@esp+4)=0xd) {.echo CERT_STORE_PROV_SYSTEM_REGISTRYW} .else {da poi(@esp+4)}; .echo;    .printf \"dwMsgAndCertEncodingType\\n%#x\\n\", poi(@esp+8); .if((poi(@esp+8)&0x0`00000001)=0x0`00000001) {.echo X509_ASN_ENCODING(0x1)}; .if((poi(@esp+8)&0x0`00010000)=0x0`00010000) {.echo PKCS_7_ASN_ENCODING(0x10000)}; .echo;    .echo hCryptProv; .if(poi(@esp+c)=0) {.echo NULL} .else {.printf \"%#x\\n\", poi(@esp+c)}; .echo;    .printf \"dwFlags\\n%#x\\n\", poi(@esp+10); .if((poi(@esp+10)&0x0`00000001)=0x0`00000001) {.echo CERT_STORE_NO_CRYPT_RELEASE_FLAG(0x1)}; .if((poi(@esp+10)&0x0`00000004)=0x0`00000004) {.echo CERT_STORE_DEFER_CLOSE_UNTIL_LAST_FREE_FLAG(0x4)}; .if((poi(@esp+10)&0x0`00000080)=0x0`00000080) {.echo CERT_STORE_SHARE_CONTEXT_FLAG(0x80)}; .if((poi(@esp+10)&0x0`00000400)=0x0`00000400) {.echo CERT_STORE_UPDATE_KEYID_FLAG(0x400)}; .if((poi(@esp+10)&0x0`00001000)=0x0`00001000) {.echo CERT_STORE_MAXIMUM_ALLOWED_FLAG(0x1000)}; .if((poi(@esp+10)&0x0`FFFF0000)=0x0`00010000) {.echo CERT_SYSTEM_STORE_CURRENT_USER(0x10000)} .elsif((poi(@esp+10)&0x0`FFFF0000)=0x0`00020000) {.echo CERT_SYSTEM_STORE_LOCAL_MACHINE(0x20000)} .elsif((poi(@esp+10)&0x0`FFFF0000)=0x0`00040000) {.echo CERT_SYSTEM_STORE_CURRENT_SERVICE(0x40000)} .elsif((poi(@esp+10)&0x0`FFFF0000)=0x0`00050000) {.echo CERT_SYSTEM_STORE_SERVICES(0x50000)} .elsif((poi(@esp+10)&0x0`FFFF0000)=0x0`00060000) {.echo CERT_SYSTEM_STORE_USERS(0x60000)} .elsif((poi(@esp+10)&0x0`FFFF0000)=0x0`00070000) {.echo CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY(0x70000)} .elsif((poi(@esp+10)&0x0`FFFF0000)=0x0`00080000) {.echo CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY(0x80000)} .elsif((poi(@esp+10)&0x0`FFFF0000)=0x0`00090000) {.echo CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE(0x90000)};    .echo; .if(poi(@esp+14)=0) {.echo pvPara; .echo NULL} .else {.echo vPara; dd poi(@esp+14)};    bp /t @$thread poi(@esp) \"    .echo;.echo RESULT; .if(@eax!=0) {.printf \\\"%#x\\\\n\\\\nCertOpenStore (%#x) SUCCEEDED\\\\n\\\", @eax, @$tid;} .else {.printf \\\"NULL\\\\n\\\\nCertOpenStore (%#x) FAILED\\\\n\\\", @$tid; !gle};    .echo;.echo <<<<<<<<<<<<<<<<<<<<<<;    G;\";    G;";
  
************************************************************************
* LET'S GO AND TRACE!!!
************************************************************************
 
* Don't want any output but my own
*
!sym quiet;
.srcnoisy 0;
sxi ld
.outmask- 0xFFFFFFEE  $$ .outmask /d restores the output mask to default
 
* Create the log and begin
*
.logopen "log.txt";
G

  

posted @   穷到底  阅读(147)  评论(0编辑  收藏  举报
编辑推荐:
· 记一次.NET内存居高不下排查解决与启示
· 探究高空视频全景AR技术的实现原理
· 理解Rust引用及其生命周期标识(上)
· 浏览器原生「磁吸」效果!Anchor Positioning 锚点定位神器解析
· 没有源码,如何修改代码逻辑?
阅读排行:
· 全程不用写代码,我用AI程序员写了一个飞机大战
· MongoDB 8.0这个新功能碉堡了,比商业数据库还牛
· 记一次.NET内存居高不下排查解决与启示
· 白话解读 Dapr 1.15:你的「微服务管家」又秀新绝活了
· DeepSeek 开源周回顾「GitHub 热点速览」
点击右上角即可分享
微信分享提示