Iczelion's Tutorial #2 Win64 fasm format

format PE64 GUI 5.0 entry start include 'win64a.inc' section '.text' code readable executable start: sub rsp,8*5 invoke MessageBox, NULL, MsgBoxText, MsgCaption, MB_OK invoke ExitProcess, NULL section '.data' data readable writeable MsgCaption db "Iczelion's Tutorial #2",0 MsgBoxText db "Win64 Assembly is Great!",0 section '.idata' import data readable writeable library kernel32,'KERNEL32.DLL',\ user32,'USER32.DLL' include 'api\kernel32.inc' include 'api\user32.inc'
Post 04 Jan 2018, 05:40
format binary as "exe" include "d:\fasm\include\win64a.inc" struc dbs [data] { common . db data .size = $ - . } IMAGE_DOS_SIGNATURE equ 5A4Dh IMAGE_NT_SIGNATURE equ 00004550h PROCESSOR_AMD_X8664 equ 8664h IMAGE_SCN_CNT_CODE equ 00000020h IMAGE_SCN_MEM_WRITE equ 80000000h IMAGE_SCN_MEM_READ equ 40000000h IMAGE_SCN_CNT_INITIALIZED_DATA equ 00000040h IMAGE_SUBSYSTEM_WINDOWS_GUI equ 2 IMAGE_NT_OPTIONAL_HDR64_MAGIC equ 20Bh IMAGE_FILE_RELOCS_STRIPPED equ 1 IMAGE_FILE_EXECUTABLE_IMAGE equ 2 IMAGE_BASE equ 0x400000 align1 equ 4 use64 org 0 ;--------DOS-stub------------------------------- Signature dw IMAGE_DOS_SIGNATURE,0 ;-------PE-заголовок-------------------------------------------------- ntHeader dd IMAGE_NT_SIGNATURE;'PE' ;image_header----Файловый заголовок Machine dw PROCESSOR_AMD_X8664;7Ch;Тип центрального процессора Count_of_section dw 1;7Eh;Количество секций TimeStump dd 0;80h;Информация о времени, когда был собран данный PE-файл Symbol_table_offset dd 0;84h;Указатель на размер отладочной информации Symbol_table_count dd 0;88h;Указатель на COFF-таблицу символов PE-формата Size_of_optional_header dw section_table-optional_header;F0;8Ch;Размер опционального заголовка Characteristics dw IMAGE_FILE_RELOCS_STRIPPED or IMAGE_FILE_EXECUTABLE_IMAGE;3;7Eh;Атрибуты файла ;-------Стандартные поля NT optional_header: Magic_optional_header dw IMAGE_NT_OPTIONAL_HDR64_MAGIC;20Bh;90h;Состояние отображаемого файла Linker_version_major_and_minor db 14,11;92h;Содержат версию линковщика, создавшего данный файл Size_of_code dd Import_Table-begin;60h;94h;230h-1D0h;Суммарный размер секций кода Size_of_init_data dd 0x70;Суммарный размер инициализированных данных Size_of_uninit_data dd 0;Суммарный размер неинициализированных данных entry_point dd start;20Ah;0A0h base_of_code dd begin;1D0h;0A4h ;------Дополнительные поля NT----------------------------------------------- image_base dq IMAGE_BASE;0A8 section_alignment dd align1;10h;0B0h file_alignment dd ntHeader;align1;10h;0B4h OS_version_major_minor dw 6,0;0B8h image_version_major_minor dd 0;0BCh subsystem_version_major_minor dw 6,0;0C0h Win32_version dd 0;0C4h size_of_image dd end_import;0C8h size_of_header dd begin;1D0h;0CCh checksum dd 0;0D0h subsystem dw IMAGE_SUBSYSTEM_WINDOWS_GUI;0D4h DLL_flag dw 8100h;0D6h;8000h;IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE Stack_allocation dq 0x100000;0D8h Stack_commit dq 0x1000;0E0h Heap_allocation dq 0x100000;0E8h Heap_commit dq 0x1000;0F0h loader_flag dd 0;0F8h number_of_dirs dd 2;0FCh export_RVA_size dq 0;100h import_RVA_size dd _import,0x3C;end_import-import ;------------------------------------------------ section_table dq ".text";180h .virtual_size dd a0-begin;51h;188h;0x57 .virtual_address dd begin;1D0h;18Ch .Physical_size dd Import_Table-begin;60h;190h .Physical_offset dd begin;1D0h;194h .Relocations_and_Linenumbers dq 0;198h .Relocations_and_Linenumbers_count dd 0;1A0h .Attributes dd 80000020h;1A4;IMAGE_SCN_MEM_WRITE or IMAGE_SCN_CNT_CODE;0x80000020 ;--------данные и код----------------------------------------- begin: ;1D0h MsgBoxText dbs "Win64 Assembly is Great!",0;1D0h MsgCaption db "Uncle Remus tales: #1 MessageBox",0;1E9h start: ;20Ah push rbp ;55h mov edx,MsgBoxText+IMAGE_BASE;BAD0014000 lea r8d,[rdx+MsgBoxText.size];448D4219 xor ecx,ecx ;33C9 xor r9d,r9d ;4533C9 call [MessageBox] ;FF1511000000 pop rbp ;5D retn ;C3 a0: ;---------секция импорта--------------------------------------- Import_Table: user32_table: MessageBox dq _MessageBox _import: dd 0,0,0,user32_dll,user32_table,0 user32_dll db "user32" dd 0 _MessageBox db 0,0,"MessageBoxA" end_import:
The size of exe-file is 332 bytes

Filename: 01.zip
Filesize: 2.22 KB
Downloaded: 30 Time(s)

Post 01 May 2018, 23:36
