var text

var NanoDW



var RegECX

var RegEDX

var RegEBX

var RegESP

var RegEBP

var RegESI

var RegEDI



var HBPEip

var HBPEip2



var ActEip

var EipBytes



var VACont

var VACont2

var VANanTypTab

var VAFlagsTab



var NanoCount



var LogBP

var LogBP2

var LogBP3

var LogBP4



dbh

mov NanoDW, 0

eoe LABEL

eob BABEL

run



BABEL:

cob

bphwc eip



mov RegECX, ecx

mov RegEDX, edx

mov RegEBX, ebx

mov RegESP, esp

mov RegEBP, ebp

mov RegESI, esi

mov RegEDI, edi



msgyn "Nanotypes DWORD = SI  ||  Nanotypes BYTE = NO"

cmp $RESULT, 0

je NanB00

mov NanoDW, 1



mov HBPEip, eip

sub HBPEip, 0E7

fill HBPEip, 0E7, 90

sub eip, 0E4

mov HBPEip2, eip

jmp NanDW00



NanB00:

mov HBPEip, eip

sub HBPEip, 0E1

fill HBPEip, 0E1, 90

sub eip, 0DE

mov HBPEip2, eip



NanDW00:

asm eip, "push 0"

add eip, $RESULT

asm eip, "push 80"

add eip, $RESULT

asm eip, "push 3"

add eip, $RESULT

asm eip, "push 0"

add eip, $RESULT

asm eip, "push 0"

add eip, $RESULT

asm eip, "push 80000000"

add eip, $RESULT



ask "VA base?"

cmp $RESULT, 0

je NoVA

mov text, $RESULT



sub eip, 80

mov ActEip, eip

mov EipBytes, [eip]

add eip, 80

exec

pushad

pushfd

push {ActEip}

push 40

push 20000

push {text}

call VirtualProtect

popfd

popad

ende

mov [ActEip], EipBytes



mov VACont, text

mov VANanTypTab, VACont

add VANanTypTab, 20

log VANanTypTab



mov [VANanTypTab], "C:\Documents and Settings\tenketsu\Escritorio\nano_tpor.hex"



eval "push {VANanTypTab}"

asm eip, $RESULT

add eip, $RESULT

asm eip, "call CreateFileA"

add eip, $RESULT



mov text, VANanTypTab

add text, 300

eval "mov [{text}], eax"

asm eip, $RESULT

add eip, $RESULT



add text, 0A

eval "push {text}"

asm eip, $RESULT

add eip, $RESULT



asm eip, "push eax"

add eip, $RESULT

asm eip, "call GetFileSize"

add eip, $RESULT



eval "mov [{VACont}], eax"

asm eip, $RESULT

add eip, $RESULT



asm eip, "push 0"

add eip, $RESULT

asm eip, "push 0"

add eip, $RESULT

asm eip, "push 0"

add eip, $RESULT

asm eip, "push 2"

add eip, $RESULT

asm eip, "push 0"

add eip, $RESULT



sub text, 0A

eval "push [{text}]"

asm eip, $RESULT

add eip, $RESULT



asm eip, "call CreateFileMappingA"

add eip, $RESULT



asm eip, "push 0"

add eip, $RESULT

asm eip, "push 0"

add eip, $RESULT

asm eip, "push 0"

add eip, $RESULT

asm eip, "push 4"

add eip, $RESULT

asm eip, "push eax"

add eip, $RESULT

asm eip, "call MapViewOfFile"

add eip, $RESULT



eval "push [{VACont}]"

asm eip, $RESULT

add eip, $RESULT



asm eip, "push eax"

add eip, $RESULT



eval "push {VANanTypTab}"

asm eip, $RESULT

add eip, $RESULT



asm eip, "call RtlMoveMemory"

add eip, $RESULT



cmp NanoDW, 0

je NanB01



eval "shr dword [{VACont}], 2"

asm eip, $RESULT

add eip, $RESULT



NanB01:

asm eip, "nop"

add eip, $RESULT



mov HBPEip, eip



add VACont, 10

mov VACont2, VACont

add VACont2, 4

eval "mov ecx, [{VACont}]"

asm eip, $RESULT

add eip, $RESULT



cmp NanoDW, 1

je NanDW01



asm eip, "xor eax, eax"

add eip, $RESULT



NanDW01:

mov eax, VACont

add eax, 10

mov VANanTypTab, eax



cmp NanoDW, 0

je NanB02



eval "mov eax, [ecx*4+{VANanTypTab}]"

jmp NanDW02



NanB02:

eval "mov al, byte [ecx+{VANanTypTab}]"



NanDW02:

asm eip, $RESULT

add eip, $RESULT



asm eip, "nop"

add eip, $RESULT



eval "mov ecx, [{VACont2}]"

asm eip, $RESULT

add eip, $RESULT



mov VAFlagsTab, VANanTypTab

add VAFlagsTab, 3000



eval "mov edx, [ecx*4+{VAFlagsTab}]"

asm eip, $RESULT

add eip, $RESULT



mov [VAFlagsTab], #02020000#

add VAFlagsTab, 4

mov [VAFlagsTab], #03020000#

add VAFlagsTab, 4

mov [VAFlagsTab], #06020000#

add VAFlagsTab, 4

mov [VAFlagsTab], #42020000#

add VAFlagsTab, 4

mov [VAFlagsTab], #82020000#

add VAFlagsTab, 4

mov [VAFlagsTab], #D7070000#

add VAFlagsTab, 4

mov [VAFlagsTab], #020A0000#

add VAFlagsTab, 4

mov [VAFlagsTab], #820A0000#

add VAFlagsTab, 4

mov [VAFlagsTab], #570F0000#

add VAFlagsTab, 4

mov [VAFlagsTab], #960F0000#

add VAFlagsTab, 4

mov [VAFlagsTab], #970F0000#

add VAFlagsTab, 4

mov [VAFlagsTab], #D30F0000#

add VAFlagsTab, 4

mov [VAFlagsTab], #D60F0000#



mov NanoCount, eip



cmp NanoDW, 0

je NanB03



add NanoCount, 03B

jmp NanDW03



NanB03:

add NanoCount, 0BF



NanDW03:

mov NanoCount, [NanoCount]

add NanoCount, RegEBP

eval "mov [{NanoCount}], edx"

asm eip, $RESULT

add eip, $RESULT



asm eip, "nop"

add eip, $RESULT



eval "mov ecx, {RegECX}"

asm eip, $RESULT

add eip, $RESULT

eval "mov edx, {RegEDX}"

asm eip, $RESULT

add eip, $RESULT

eval "mov ebx, {RegEBX}"

asm eip, $RESULT

add eip, $RESULT

eval "mov esp, {RegESP}"

asm eip, $RESULT

add eip, $RESULT

eval "mov ebp, {RegEBP}"

asm eip, $RESULT

add eip, $RESULT

eval "mov esi, {RegESI}"

asm eip, $RESULT

add eip, $RESULT

eval "mov edi, {RegEDI}"

asm eip, $RESULT

add eip, $RESULT



cmp NanoDW, 0

je NanB04



add eip, 74

jmp NanDW04



NanB04:

add eip, 0F6



NanDW04:

asm eip, "nop"

add eip, $RESULT



asm eip, "nop"

add eip, $RESULT



eval "mov ecx, [{VACont2}]"

asm eip, $RESULT

add eip, $RESULT



asm eip, "inc ecx"

add eip, $RESULT



eval "mov [{VACont2}], ecx"

asm eip, $RESULT

add eip, $RESULT



asm eip, "cmp ecx, 0D"

add eip, $RESULT



eval "jnz {HBPEip}"

asm eip, $RESULT

add eip, $RESULT



eval "mov dword [{VACont2}], 0"

asm eip, $RESULT

add eip, $RESULT



eval "mov ecx, [{VACont}]"

asm eip, $RESULT

add eip, $RESULT



asm eip, "inc ecx"

add eip, $RESULT



eval "mov [{VACont}], ecx"

asm eip, $RESULT

add eip, $RESULT



mov text, VACont

sub text, 10

eval "mov eax, [{text}]"

asm eip, $RESULT

add eip, $RESULT



asm eip, "cmp ecx, eax"

add eip, $RESULT



eval "jnz {HBPEip}"

asm eip, $RESULT

add eip, $RESULT



asm eip, "nop"

add eip, $RESULT

asm eip, "nop"

add eip, $RESULT

asm eip, "nop"



bphws eip, "x"



sub eip, 41

mov LogBP, eip



cmp NanoDW, 0

je NanB05



bpl eip, "edx"



sub eip, 61

mov LogBP2, eip

bpl eip, "ecx"

jmp NanDW05



NanB05:

bpl eip, "eax"



sub eip, 1

mov LogBP2, eip

bpl eip, "eax"



sub eip, 5E

mov LogBP3, eip

bpl eip, "edx"



NanDW05:

sub eip, 6

asm eip, "nop"

add eip, $RESULT

asm eip, "nop"

add eip, $RESULT

asm eip, "nop"

add eip, $RESULT

asm eip, "nop"

add eip, $RESULT

asm eip, "nop"

add eip, $RESULT

asm eip, "nop"

add eip, $RESULT



cmp NanoDW, 0

je NanB06



sub eip, 12

mov LogBP3, eip

jmp NanDW06



NanB06:

sub eip, 96

mov LogBP4, eip



NanDW06:

bpl eip, "eax"



mov eip, HBPEip2



eob BABEL2

run

jmp BABEL



BABEL2:

bphwc eip

bc LogBP

bc LogBP2

bc LogBP3



cmp NanoDW, 1

je NanDW07



bc LogBP4



NanDW07:

msg "Comprobacin de nanotypes terminada, guarda el Log y cierra el Olly."

ret



LABEL:

esto

jmp LABEL



NoVA:

msg "No se ha especificado una VA base para las tablas, script terminado."

ret