mbr.asm

;记得2007年潜心研究mbr，曾经手工分析过，现在连格式都忘了。
;今天有幸在win32下搞一个程序，没啥！很简单，没有技术含量。
;不足之处，请多多指教：
;QQ:112426112
;Email:leguanyuan@126.com
;Websites:http://correy.webs.com
;ml /coff mbr.asm /link /subsystem:windows
.386
.model flat, stdcall
option casemap:none
include kernel32.inc
include user32.inc
includelib kernel32.lib
includelib user32.lib
.data
dn db "
correy db "made by correy",0
noo db "建立对象失败",0
errored db "读取内容失败！",0
.data?
x dd ?
buffer db 1024 DUP (?);不能定义的太小。
buffer2 db 512 DUP (?);不能定义的太小。
nc db 2 dup (?)
.code
showeax proc
local bufferp[9]:byte
pushad
mov cx,2
xor esi,esi
againp:
dec cx
rol al,4
push ax
and ax,0Fh
cmp ax,9
jg big
add ax,30h
mov [nc+esi],al
;inc esi
;mov [bufferp+esi],20h
pop ax
inc esi
cmp cx,0
jne againp
je showp
big:
add ax,37h
mov [nc+esi],al
;inc esi
;mov [bufferp+esi],20h
pop ax
inc esi
cmp cx,0
jne againp
showp:;
inc esi
mov [nc+esi],20h
;invoke MessageBox,NULL,addr bufferp,0,0
popad
ret
showeax endp
start:invoke CreateFile,addr dn,80000000h,1,0,3,0,0
cmp eax,-1
je no
invoke ReadFile,eax,addr buffer2,512,addr x,0
cmp eax,0
je err

mov ecx,512
lea esi,buffer2
mov edi,offset buffer
as:mov al,byte ptr [esi]
call showeax
mov dx,word ptr [nc]
mov word ptr [edi],dx
add edi,2
mov word ptr [edi],20h
inc edi
inc esi
dec ecx
cmp ecx,0
jne as
invoke MessageBox,0,addr buffer,addr correy,0
jmp exit
no:invoke MessageBox,0,addr noo,addr correy,0
jmp exit
err:invoke MessageBox,0,addr errored,addr correy,0
exit:invoke ExitProcess, 0
end start
;made at 2010.06.03