MAKE BY DAVIDE CHIAPPETTA
I made this note on the notes of "With A Little Help From My Friends" of Joe Cooker (Woodstock)
(disassembling GetTickCount with ollydbg)
kernel32.GetTickCount:
7C80932E MOV EDX,7FFE0000
7C809333 MOV EAX,[EDX]
7C809335 MUL DWORD PTR [EDX+4]
7C809338 SHRD EAX,EDX,18
7C80933C RETN
************************************************************
** memory: address 7FFE0000 (alias struct for C/C++ SYSTEMTIME)
** values change every microsecond of the time, try to see with any debugger
(address) (value hex)
7FFE0000 00224D66 seconds
7FFE0004 0FA00000
7FFE0008 C87E31C6 milliseconds,seconds,minute
7FFE000C 00000051
7FFE0010 00000051
7FFE0014 29DE5648 milliseconds,seconds,minute
7FFE0018 01CC6F3A days, months and years
7FFE001C 01CC6F3A days, months and years
code C (+ inline assembly) alternative simple a GetTickCount()
#include <stdio.h></stdio.h>
int main () {
int n=0;
long timer1,timer2;
_asm
{
mov eax, 0x7FFE0008 //We need only milliseconds.
push [eax]
pop timer1
}
for (n=0;n
{
}
_asm{
mov eax, 0x7FFE0008 //We need only milliseconds.
push [eax]
pop timer2
}
printf("%d",timer2-timer1); //idem GetTickCount() - oldTimer
return 0;
}
By Davide Chiappetta
I made this note on the notes of "With A Little Help From My Friends" of Joe Cooker (Woodstock)
(disassembling GetTickCount with ollydbg)
kernel32.GetTickCount:
7C80932E MOV EDX,7FFE0000
7C809333 MOV EAX,[EDX]
7C809335 MUL DWORD PTR [EDX+4]
7C809338 SHRD EAX,EDX,18
7C80933C RETN
************************************************************
** memory: address 7FFE0000 (alias struct for C/C++ SYSTEMTIME)
** values change every microsecond of the time, try to see with any debugger
(address) (value hex)
7FFE0000 00224D66 seconds
7FFE0004 0FA00000
7FFE0008 C87E31C6 milliseconds,seconds,minute
7FFE000C 00000051
7FFE0010 00000051
7FFE0014 29DE5648 milliseconds,seconds,minute
7FFE0018 01CC6F3A days, months and years
7FFE001C 01CC6F3A days, months and years
code C (+ inline assembly) alternative simple a GetTickCount()
#include <stdio.h></stdio.h>
int main () {
int n=0;
long timer1,timer2;
_asm
{
mov eax, 0x7FFE0008 //We need only milliseconds.
push [eax]
pop timer1
}
for (n=0;n
{
}
_asm{
mov eax, 0x7FFE0008 //We need only milliseconds.
push [eax]
pop timer2
}
printf("%d",timer2-timer1); //idem GetTickCount() - oldTimer
return 0;
}
By Davide Chiappetta
molto interessante, comunque credo, correggimi se sbaglio, che 0x7FFE0008 sia un indirizzo hardcodato che varia da service pack a service pack, da quello che vedo cmq penso sia il s.o. windows xp
RispondiEliminaesatto, è una dimostrazione, se uno vuole proprio usarlo (ma non serve perchè non gestisce errori etc.) deve prima creare una funzione per sapere che s.o. usa e quale sp.
RispondiElimina