前几天在网上看见某大牛使用汇编语言写的通过WMI获取BIOS,主板,硬盘,CPU,网卡的信息的一篇文章,发现真是写的太棒了,最近正好想要用汇编写点东西,就拿着作者的源码修改了点东西,来实现自己的需求,我是在RadASM下编译使用的,大牛的解决方法正好给我提供了许多思路,也让我学到了很多,下面就是我修改后的源代码:
.586.MODEL FLAT,STDCALLOPTION CASEMAP:NONEINCLUDE windows.incINCLUDE kernel32.incINCLUDELIB kernel32.libINCLUDE ole32.incINCLUDELIB ole32.libINCLUDE user32.incINCLUDELIB user32.libINCLUDE masm32.incINCLUDELIB masm32.libGetWmiInfo proto :LPWSTR, :LPSTR, :LPSTRg_debug equ 0; located in ObjIdl.hEOAC_NONE EQU 0COINIT_MULTITHREADED equ 00h; located in RpcDce.hRPC_C_AUTHN_LEVEL_DEFAULT EQU 0RPC_C_IMP_LEVEL_DEFAULTEQU 0RPC_C_IMP_LEVEL_IMPERSONATE EQU 3GUID2 STRUCTdd1 DWORD ?dw1 WORD ?dw2 WORD ?db1 BYTE ?db2 BYTE ?db3 BYTE ?db4 BYTE ?db5 BYTE ?db6 BYTE ?db7 BYTE ?db8 BYTE ?GUID2 ENDSIWbemLocator STRUCTlpVtbl DWORD ?IWbemLocator ENDSIWbemLocatorVtbl STRUCTQueryInterface DWORD ?AddRef DWORD ?Release DWORD ?ConnectServer DWORD ?IWbemLocatorVtbl ENDSIWbemServices STRUCTlpVtbl DWORD ?IWbemServices ENDSIWbemServicesVtbl STRUCTQueryInterface DWORD ?AddRef DWORD ?ReleaseDWORD ?OpenNamespace DWORD ?CancelAsyncCall DWORD ?QueryObjectSink DWORD ?GetObject DWORD ?GetObjectAsync DWORD ?PutClass DWORD ?PutClassAsync DWORD ?DeleteClassDWORD ?DeleteClassAsync DWORD ?CreateClassEnum DWORD ?CreateClassEnumAsync DWORD ?PutInstanceDWORD ?PutInstanceAsync DWORD ?DeleteInstance DWORD ?DeleteInstanceAsync DWORD ?CreateInstanceEnum DWORD ?CreateInstanceEnumAsync DWORD ?ExecQuery DWORD ?ExecQueryAsync DWORD ?ExecNotificationQueryDWORD ?ExecNotificationQueryAsync DWORD ?ExecMethod DWORD ?ExecMethodAsync DWORD ?IWbemServicesVtbl ENDSIEnumWbemClassObject STRUCTlpVtblDWORD ?IEnumWbemClassObject ENDSIEnumWbemClassObjectVtbl STRUCTQueryInterface DWORD ?AddRef DWORD ?Release DWORD ?ResetDWORD ?Next DWORD ?NextAsyncDWORD ?CloneDWORD ?Skip DWORD ?IEnumWbemClassObjectVtbl ENDSIWbemClassObject STRUCTlpVtbl DWORD ?IWbemClassObject ENDSIWbemClassObjectVtbl STRUCTQueryInterfaceDWORD ?AddRef DWORD ?Release DWORD ?GetQualifierSet DWORD ?Get DWORD ?Put DWORD ?Delete DWORD ?GetNamesDWORD ?BeginEnumeration DWORD ?NextDWORD ?EndEnumerationDWORD ?GetPropertyQualifierSet DWORD ?GetObjectText DWORD ?SpawnDerivedClass DWORD ?SpawnInstance DWORD ?CompareToDWORD ?GetPropertyOrigin DWORD ?InheritsFrom DWORD ?GetMethodDWORD ?PutMethodDWORD ?DeleteMethod DWORD ?BeginMethodEnumeration DWORD ?NextMethod DWORD ?EndMethodEnumeration DWORD ?GetMethodQualifierSet DWORD ?GetMethodOrigin DWORD ?IWbemClassObjectVtbl ENDSSAFEARRAYBOUND structcElements dd ? ;这一维有多少个元素?lLbounddd ? ;它的索引从几开始?SAFEARRAYBOUND endsSAFEARRAY structcDims dw ? ;Count of dimensions in this array.这个数组有几维?fFeatures dw ? ;Flags used by the SafeArray routines documented below. 数组有什么特性?cbElements dd ? ;Size of an element of the array. Does not include size of pointed-to data.;数组的每个元素有多大?cLocksdd ? ;Number of times the array has been locked without corresponding unlock.;这个数组被锁定过几次?pvDatadd ? ;Pointer to the data. 数组里的数据放在什么地方?rgsabound SAFEARRAYBOUND <> ;One bound for each dimension.真数组SAFEARRAY ends;ssssssssssssssssssssssss.DATA;ssssssssssssssssssssssssg_wszSelect WORD "S","E","L","E","C","T"," ","*"," ","F","R","O","M"," ", 0g_szBiosVerion db 0dh, 0ah, "BIOS版本信息:", 0g_wszWin32_BIOS word "W", "i", "n", "3", "2", "_", "B", "I", "O", "S", 0g_wszBIOSVerstion word "B", "I", "O", "S", "V", "e", "r", "s", "i", "o", "n", 0g_szBiosSerialNumber db 0dh, 0ah, "BIOS序列号:", 0g_szHDDSerialNum db 0dh, 0ah, "硬盘序列号:", 0g_wszWin32_PhysicalMedia word "W", "i", "n", "3", "2", "_"WORD "P", "h", "y", "s", "i", "c", "a", "l", "M", "e", "d", "i", "a", 0g_wszSerialNumber word "S", "e", "r", "i", "a", "l", "N", "u", "m", "b", "e", "r", 0g_szBaseBoardSerialNum db 0dh, 0ah, "主板序列号:", 0g_wszWin32_BaseBoard word "W", "i", "n", "3", "2", "_", "B", "a", "s", "e", "B", "o", "a", "r", "d", 0g_szCpuId db 0dh, 0ah, "CPU ID:", 0g_wszWin32_Processor word "W", "i", "n", "3", "2", "_", "P", "r", "o", "c", "e", "s", "s", "o", "r", 0g_wszProcessorId word "P", "r", "o", "c", "e", "s", "s", "o", "r", "I", "d", 0g_szNidMac db 0dh, 0ah, "网卡 MAC:", 0g_wszWin32_NetworkAdapter word "W", "i", "n", "3", "2", "_"WORD "N", "e", "t", "w", "o", "r", "k", "A", "d", "a", "p", "t", "e", "r", 0g_wszMACAddress word "M", "A", "C", "A", "d", "d", "r", "e", "s", "s", 0g_wszNameSpace word "r", "o", "o", "t", "\", "c", "i", "m", "v", "2", 0g_wszQueryLanguage word "W", "Q", "L", 0g_szAppInfo db "通过WMI获取硬件信息", 0dh ,0ahdb "小哈龙", 0dh ,0ah, 0g_szPerSCr db "%S"g_szCrLf db 0dh, 0ah, 0g_szFail db "Fail", 0szone db "我的测试",0szoption db "标题",0; located in WbemCli.hWBEM_FLAG_CONNECT_USE_MAX_WAIT EQU80hWBEM_FLAG_FORWARD_ONLYEQU20hWBEM_INFINITE EQU-1WBEM_E_INVALID_QUERY EQU80041017hWBEM_E_INVALID_QUERY_TYPE EQU80041018hIID_IWbemLocatorGUID2 <0dc12a687h,0737fh,011cfh,088h,04dh,000h,0aah,000h,04bh,02eh,024h>IID_IEnumWbemClassObject GUID2 <027947e1h,0d731h,011ceh,0a3h,057h,000h,000h,000h,000h,000h,001h>IID_IWbemClassObject GUID2 <0dc12a681h,0737fh,011cfh,088h,04dh,000h,0aah,000h,04bh,02eh,024h>; located in WbemProv.hCLSID_WbemAdministrativeLocator GUID2 <0cb8555cch,09128h,011d1h,0adh,09bh,000h,0c0h,04fh,0d8h,0fdh,0ffh>locatorIWbemLocator <>serviceIWbemServices <>enumerator IEnumWbemClassObject <>processor IWbemClassObject <>retCount DWORD ?var_valDWORD ?DWORD ?DWORD ?DWORD ?wszQuery WORD 256 dup(?)g_szBuf512 byte 512 dup(?);ssssssssssssssssssssssss.CODE;ssssssssssssssssssssssssstart:invoke CoInitializeEx, NULL, COINIT_MULTITHREADEDinvoke CoInitializeSecurity, NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_DEFAULT,\RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE, NULLinvoke CoCreateInstance, ADDR CLSID_WbemAdministrativeLocator, NULL,\CLSCTX_INPROC_SERVER, ADDR IID_IWbemLocator, ADDR locatorinvoke StdOut, ADDR g_szAppInfoinvoke StdOut, ADDR g_szBiosVerionmov byte ptr g_szBuf512, NULLinvoke GetWmiInfo, ADDR g_wszWin32_BIOS, ADDR g_wszBIOSVerstion, ADDR g_szBuf512.if byte ptr g_szBuf512 != NULLinvoke StdOut, ADDR g_szBuf512invoke MessageBox,NULL,addr g_szBuf512,offset g_szBiosVerion,MB_OK.elseinvoke StdOut, ADDR g_szFail .endifinvoke StdOut, ADDR g_szBiosSerialNumbermov byte ptr g_szBuf512, NULLinvoke GetWmiInfo, ADDR g_wszWin32_BIOS, ADDR g_wszSerialNumber, ADDR g_szBuf512.if byte ptr g_szBuf512 != NULLinvoke StdOut, ADDR g_szBuf512.elseinvoke StdOut, ADDR g_szFail .endifinvoke StdOut, ADDR g_szHDDSerialNummov byte ptr g_szBuf512, NULLinvoke GetWmiInfo, ADDR g_wszWin32_PhysicalMedia, ADDR g_wszSerialNumber, ADDR g_szBuf512.if byte ptr g_szBuf512 != NULL invoke StdOut, ADDR g_szBuf512invoke MessageBox,NULL,offset g_szBuf512,offset g_szHDDSerialNum,MB_OK.elseinvoke StdOut, ADDR g_szFail.endifinvoke StdOut, ADDR g_szBaseBoardSerialNummov byte ptr g_szBuf512, NULLinvoke GetWmiInfo, ADDR g_wszWin32_BaseBoard, ADDR g_wszSerialNumber, ADDR g_szBuf512.if byte ptr g_szBuf512 != NULLinvoke MessageBox,NULL,addr g_szBuf512,offset g_szBaseBoardSerialNum,MB_OKinvoke StdOut, ADDR g_szBuf512.elseinvoke StdOut, ADDR g_szFail.endifinvoke StdOut, ADDR g_szCpuIdmov byte ptr g_szBuf512, NULLinvoke GetWmiInfo, ADDR g_wszWin32_Processor, ADDR g_wszProcessorId, ADDR g_szBuf512.if byte ptr g_szBuf512 != NULLinvoke StdOut, ADDR g_szBuf512invoke MessageBox,NULL,offset g_szBuf512,offset g_szCpuId,MB_OK.elseinvoke StdOut, ADDR g_szFail.endifinvoke StdOut, ADDR g_szNidMacmov byte ptr g_szBuf512, NULLinvoke GetWmiInfo, ADDR g_wszWin32_NetworkAdapter, ADDR g_wszMACAddress, ADDR g_szBuf512.if byte ptr g_szBuf512 != NULLinvoke StdOut, ADDR g_szBuf512invoke MessageBox,NULL,offset g_szBuf512,offset g_szNidMac,MB_OK.elseinvoke StdOut, ADDR g_szFail.endifinvoke CoUninitializeinvoke ExitProcess, 0GetWmiInfo proc lpwszType: LPWSTR, lpwszItem: LPSTR, lpszBuf: LPSTRLOCAL wszbuf[256]: wordinvoke lstrcpyW, ADDR wszQuery, ADDR g_wszSelectinvoke lstrcatW, ADDR wszQuery, lpwszTypemov esi, locatorlodsdpush OFFSET servicepush NULLpush NULLpush WBEM_FLAG_CONNECT_USE_MAX_WAITpush NULLpush NULLpush NULLpush OFFSET g_wszNameSpacepush DWORD PTR [locator]call DWORD PTR [eax][IWbemLocatorVtbl.ConnectServer]mov esi, servicelodsdpush OFFSET enumeratorpush NULLpush WBEM_FLAG_FORWARD_ONLYpush OFFSET wszQuerypush OFFSET g_wszQueryLanguagepush DWORD PTR [service]call DWORD PTR [eax][IWbemServicesVtbl.ExecQuery]mov esi, enumeratorlodsdpush OFFSET retCountpush OFFSET processorpush TRUEpush WBEM_INFINITEpush DWORD PTR [enumerator]call DWORD PTR [eax][IEnumWbemClassObjectVtbl.Next]mov esi, processorlodsdpush NULLpush NULLpush OFFSET var_valpush 0push lpwszItempush DWORD PTR [processor]call DWORD PTR [eax][IWbemClassObjectVtbl.Get]if g_debug eq 1jmp @Fg_sz1 db 0dh, 0ah, "eax=%d, ecx=%x, esi=%x, edi=%x", 0dh, 0ah, 0@@:mov esi, [var_val]mov edi, [var_val + 4]mov ecx, [var_val + 8]0mov eax, [var_val + 12]pushadinvoke wsprintf, ADDR wszbuf, ADDR g_sz1, eax, ecx, esi, ediinvoke StdOut, ADDR wszbufpopadendif ;g_debug eq 1mov eax, [var_val]test eax, VT_BSTR.if !ZERO?test eax, VT_ARRAY.IF !ZERO?mov ecx, [var_val + 8]mov esi,[ecx].SAFEARRAY.pvDatamov edi,[ecx].SAFEARRAY.rgsabound.cElementsif g_debug eq 1movzx eax, [ecx].SAFEARRAY.cDimsmov ecx,[ecx].SAFEARRAY.rgsabound.lLboundpushadinvoke wsprintf, ADDR wszbuf, ADDR g_sz1, eax, ecx, esi, ediinvoke StdOut, ADDR wszbufpopadendif ;g_debug eq 1.repeat ; while edipush esipush edimov ecx, [esi]invoke wsprintf, ADDR wszbuf, ADDR g_szPerSCr, ecxinvoke lstrcat, lpszBuf, ADDR wszbufpop edipop esidec ediadd esi,4.until edi==0 ;endw.ELSEinvoke wsprintf, ADDR wszbuf, ADDR g_szPerSCr, [var_val + 8]invoke lstrcat, lpszBuf, ADDR wszbuf.ENDIF.endifretGetWmiInfo endp;======================================================END start
如果觉得《汇编语言通过WMI获取BIOS 主板 硬盘 CPU 网卡的信息》对你有帮助,请点赞、收藏,并留下你的观点哦!
