flat assembler
Message board for the users of flat assembler.

Index > Windows > A little help with illegal instruction

Goto page 1, 2  Next
Author
Thread Post new topic Reply to topic
mangoe



Joined: 31 Mar 2022
Posts: 8
mangoe 31 Mar 2022, 14:35
hi guys, i am new to asembly language and when i try to run this code it gives me illegal instruction in line 22 " user, 'user32.dll' ",what can i do?


Description:
Filesize: 102.15 KB
Viewed: 13276 Time(s)

a.png


Description:
Filesize: 48.15 KB
Viewed: 13276 Time(s)

b.png


Post 31 Mar 2022, 14:35
View user's profile Send private message Reply with quote
ProMiNick



Joined: 24 Mar 2012
Posts: 821
Location: Russian Federation, Sochi
ProMiNick 31 Mar 2022, 14:54
Code:
  library kernel,'KERNEL32.DLL',
          user,'USER32.DLL'    

missed symbol "\" that concatenates line with next line
Code:
  library kernel,'KERNEL32.DLL',\
          user,'USER32.DLL'    
Post 31 Mar 2022, 14:54
View user's profile Send private message Send e-mail Reply with quote
Ali.Z



Joined: 08 Jan 2018
Posts: 822
Ali.Z 31 Mar 2022, 18:30
also ExitProcess requires an argument to be passed, refer to https://docs.microsoft.com/en-us/windows/win32/api/processthreadsapi/nf-processthreadsapi-exitprocess

edit:
or clear EAX and use RET instruction.

_________________
Asm For Wise Humans
Post 31 Mar 2022, 18:30
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20753
Location: In your JS exploiting you and your system
revolution 31 Mar 2022, 20:01
Ali.Z wrote:
also ExitProcess requires an argument to be passed, refer to https://docs.microsoft.com/en-us/windows/win32/api/processthreadsapi/nf-processthreadsapi-exitprocess
This isn't so important. All that happens is the result from the previous call is used for the exit status. In some cases this is exactly what you might want.
Ali.Z wrote:
... use RET instruction.
No, please don't do this. There is no documentation guaranteeing this works. It might work now only by happy accident.
Post 31 Mar 2022, 20:01
View user's profile Send private message Visit poster's website Reply with quote
macomics



Joined: 26 Jan 2021
Posts: 1197
Location: Russia
macomics 31 Mar 2022, 23:05
Ali.Z wrote:
also ExitProcess requires an argument to be passed, refer to https://docs.microsoft.com/en-us/windows/win32/api/processthreadsapi/nf-processthreadsapi-exitprocess

edit:
or clear EAX and use RET instruction.
MessageBox has 4 arguments, and 5 values are pushed into the stack before calling it, i.e. the argument for ExitProcess is pushed into the stack before calling MessageBox. Wink
Post 31 Mar 2022, 23:05
View user's profile Send private message Reply with quote
mangoe



Joined: 31 Mar 2022
Posts: 8
mangoe 01 Apr 2022, 01:13
ProMiNick wrote:
Code:
  library kernel,'KERNEL32.DLL',
          user,'USER32.DLL'    

missed symbol "\" that concatenates line with next line
Code:
  library kernel,'KERNEL32.DLL',\
          user,'USER32.DLL'    

i try and it gave me "Error: write failed" warning, so confusing. Does it case sensitive?
Post 01 Apr 2022, 01:13
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20753
Location: In your JS exploiting you and your system
revolution 01 Apr 2022, 01:17
You get "Error: write failed" if the target exe is open. Windows locks the file.

So you need to either save as a new name. Or close the app before re-assembling.
Post 01 Apr 2022, 01:17
View user's profile Send private message Visit poster's website Reply with quote
mangoe



Joined: 31 Mar 2022
Posts: 8
mangoe 01 Apr 2022, 01:24
Ali.Z wrote:
also ExitProcess requires an argument to be passed, refer to https://docs.microsoft.com/en-us/windows/win32/api/processthreadsapi/nf-processthreadsapi-exitprocess

edit:
or clear EAX and use RET instruction.

i think that you assumed me to have some experience with programing. To be honest i am also new with programing too, in fact i am cosidering a carres change, that why i am learning C and asembly at the moment. Can you make it more detail what i need to do? Question Question Question
Post 01 Apr 2022, 01:24
View user's profile Send private message Reply with quote
mangoe



Joined: 31 Mar 2022
Posts: 8
mangoe 01 Apr 2022, 02:55
revolution wrote:
You get "Error: write failed" if the target exe is open. Windows locks the file.

So you need to either save as a new name. Or close the app before re-assembling.


I save it with a same name but into different folder and it works. Thank you very much. However i still don't know how it work, can you explain to me? I have no background on programing though.
Post 01 Apr 2022, 02:55
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20753
Location: In your JS exploiting you and your system
revolution 01 Apr 2022, 03:03
If you have "firefox.exe" open then Windows will lock the file so you can't write to it. This is the same for your app. If you have it open, Windows prevents you from writing to it. So fasm can't update app.exe while it is running. Close it before updating.
Post 01 Apr 2022, 03:03
View user's profile Send private message Visit poster's website Reply with quote
macomics



Joined: 26 Jan 2021
Posts: 1197
Location: Russia
macomics 01 Apr 2022, 05:41
revolution wrote:
If you have "firefox.exe" open then Windows will lock the file so you can't write to it. This is the same for your app. If you have it open, Windows prevents you from writing to it. So fasm can't update app.exe while it is running. Close it before updating.
Look into the processes and search by name. It is possible that one of the previously launched programs remained stuck in memory and terminate all such hung programs. After that, try to assemble again. Or close all currently open MessageBox that are still hanging visible. In the case of console programs, sometimes it is necessary to restart the opened console.
Post 01 Apr 2022, 05:41
View user's profile Send private message Reply with quote
mangoe



Joined: 31 Mar 2022
Posts: 8
mangoe 01 Apr 2022, 09:40
Ah i see it now, so i need to clear my previous run out of memory before starting a new one. Thank for all the help.
Post 01 Apr 2022, 09:40
View user's profile Send private message Reply with quote
Ali.Z



Joined: 08 Jan 2018
Posts: 822
Ali.Z 01 Apr 2022, 16:41
mangoe wrote:
Can you make it more detail what i need to do? Question Question Question

Sorry, I did not open my eyes wide open; you can safely ignore my useless post.

_________________
Asm For Wise Humans
Post 01 Apr 2022, 16:41
View user's profile Send private message Reply with quote
macomics



Joined: 26 Jan 2021
Posts: 1197
Location: Russia
macomics 01 Apr 2022, 17:12
I haven't looked into the IDE for Windows before, but there is a suggestion. Add a setting that allows you to specify the path and name of the debugger program and the menu item that runs the program in the debugger.

Otherwise, newcomers will have similar incidents. Processes will hang in memory if they did not terminate on their own.
Post 01 Apr 2022, 17:12
View user's profile Send private message Reply with quote
ProMiNick



Joined: 24 Mar 2012
Posts: 821
Location: Russian Federation, Sochi
ProMiNick 01 Apr 2022, 19:23
If newcomer can`t detect hang of compilled program or can`t destroy such app via Taskmgr he is not skilled enought to start programming from windows environment at all, even more he is not skilled enought to be user of such OS.
Post 01 Apr 2022, 19:23
View user's profile Send private message Send e-mail Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20753
Location: In your JS exploiting you and your system
revolution 01 Apr 2022, 20:10
ProMiNick wrote:
If newcomer can`t detect hang of compilled program or can`t destroy such app via Taskmgr he is not skilled enought to start programming from windows environment at all, even more he is not skilled enought to be user of such OS.
We all have to start somewhere. Give people a chance.
Post 01 Apr 2022, 20:10
View user's profile Send private message Visit poster's website Reply with quote
macomics



Joined: 26 Jan 2021
Posts: 1197
Location: Russia
macomics 01 Apr 2022, 21:22
ProMiNick wrote:
If newcomer can`t detect hang of compilled program or can`t destroy such app via Taskmgr he is not skilled enought to start programming from windows environment at all, even more he is not skilled enought to be user of such OS.
I'm talking about improvement and creation, and they're about their own shortcomings and pessimism.
Post 01 Apr 2022, 21:22
View user's profile Send private message Reply with quote
ProMiNick



Joined: 24 Mar 2012
Posts: 821
Location: Russian Federation, Sochi
ProMiNick 01 Apr 2022, 22:10
there is no sense in talking about improvement and creation.
Willing to improve? - do it.
The main problem is what? failed compilation if output is locked by exe execution.
So in moment where output name of compilation is resolved (somewhere before write from fasm.inc called) there could be forced try of taskkill of process that could exist & lock output.
but if fasm will start to kill processes it will be classified as attacking software. And this feature could be exploited in abnormal way.
Post 01 Apr 2022, 22:10
View user's profile Send private message Send e-mail Reply with quote
mangoe



Joined: 31 Mar 2022
Posts: 8
mangoe 02 Apr 2022, 03:31
ProMiNick wrote:
If newcomer can`t detect hang of compilled program or can`t destroy such app via Taskmgr he is not skilled enought to start programming from windows environment at all, even more he is not skilled enought to be user of such OS.


Well as i said i have no background in Computer science at all and i want a career change that why i want to learn about programing. But you are right i am not skilled enought to be user and to start programing in Window enviroment, that's why i am learning because i'm always curious about how computer and programing work. Be patient man or you can just ignore my post from now on cause i gonna ask millions more stupid questions about flat and asembly.
Post 02 Apr 2022, 03:31
View user's profile Send private message Reply with quote
mangoe



Joined: 31 Mar 2022
Posts: 8
mangoe 02 Apr 2022, 03:35
Ali.Z wrote:
mangoe wrote:
Can you make it more detail what i need to do? Question Question Question

Sorry, I did not open my eyes wide open; you can safely ignore my useless post.


That's my fault. Thank you for your time answering my post.
Post 02 Apr 2022, 03:35
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page 1, 2  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.