flat assembler
Message board for the users of flat assembler.
Index
> Windows > Windows Includes - The Final Solution: |
Author |
|
bitRAKE 24 Apr 2021, 00:28
https://github.com/microsoft/win32metadata
When I first learnt about this project I was quite frustrated because I had been working on some automation to grok Windows APIs; and it was clear this project was positioned to stomp on my face. Additionally, I have basically steered clear of DotNet for years, and didn't want to do anything with it. Because this effort aggregates work from many programming communities, I believe it should become the canonical standard for anyone wishing to interoperate with the Windows API. I've began working on a tool to create projections for fasmg from the .winmd files. It also has the added benefit of dropping a lot of legacy definitions. (Although there is talk about adding deprecated interfaces so they wouldn't be completely abandoned.) I would go as far as to say that any interface which wants to work on Windows should produce a .winmd file for programmers. All the languages with tools connecting to this project instantly gain use of these interfaces - not just the Win32 API. Although the .winmd files use the CLI metadata to define interfaces, it's not specifically biased to DotNet, imho. DotNet languages still need to produce projections for those language rather than use .winmd files directly through reflection. Other programming tools can also benefit from the .winmd files: editors, language servers, linters, etc. ECMA-335 is a wordy spec with errors, but my file reader is progressing nicely. Is anyone else interested in this to maybe produce includes for fasm1? To check on other projects using the metadata: https://github.com/microsoft/win32metadata/blob/master/docs/projections.md https://github.com/microsoft/win32metadata/network/dependents https://github.com/microsoft/win32metadata/network _________________ ¯\(°_o)/¯ “languages are not safe - uses can be” Bjarne Stroustrup Last edited by bitRAKE on 24 Apr 2021, 14:40; edited 1 time in total |
|||
24 Apr 2021, 00:28 |
|
bitRAKE 24 Apr 2021, 11:41
Here is the front-end .winmd reader. It has been created to follow the spec as closely as possible with no assumption regarding the projections being produced. This is important because the parent project is so new and changing.
A quick example of accessing the tables is like: Code: display 10,'Debug (TypeRef Table):',10 repeat rows.TypeRef Read.TypeRef R,(%-1) match any,R.Scope repeat 1,a:R.TypeName,b:R.TypeNamespace,c:R.ScopeIndex display 9,'TypeName: ',R.TypeNameString,' (',`a,')',10 display 9,'TypeNamespace: ',R.TypeNamespaceString,' (',`b,')',10 display 9,'Scope: ',`any,' (',`c,')',10,10 end repeat end match end repeat Code: caution: stream_tables size mismatch in virtualization. (7141122 not 7141124, respectively) Only the .winmd file is needed to use this. There are some in /Baseline, no need to have Visual Studio or build the parent project.
_________________ ¯\(°_o)/¯ “languages are not safe - uses can be” Bjarne Stroustrup |
|||||||||||
24 Apr 2021, 11:41 |
|
bitRAKE 24 Apr 2021, 14:35
revolution wrote: I don't like the idea of of forcing all new code to force users to use the latest and worst versions of Windows. If a user wants legacy Windows then a .winmd can be produced for that, and programmers can still use modern tools. It's not an either/or option. Clearly I'm writing for the future which no doubt will include some legacy stuff. _________________ ¯\(°_o)/¯ “languages are not safe - uses can be” Bjarne Stroustrup |
|||
24 Apr 2021, 14:35 |
|
revolution 24 Apr 2021, 19:29
Maybe we are talking about different things?
If you drop support for legacy than all your generated code will force users to "upgrade" if they need to run it. Example: fasmw still runs on Win95. There is no need to change that. But if you say no to legacy and start using all the new shiny APis "for performance" or "for security" or "to satisfy google ranking" then all users will be required to update to the latest privacy killing Win10. And for what? The only winner is MS. Everyone else loses. |
|||
24 Apr 2021, 19:29 |
|
bitRAKE 24 Apr 2021, 20:25
You grabbed a fragment of a sentence to change the topic.
https://board.flatassembler.net/topic.php?t=17713 I'm talking about the topic of this post. fasmg runs on Win95, too. So, if you have an interest in this topic then running Win95 is not a hindrance. Yet, if your only interesting is in fasmw and Win95 then I wonder why you'd be interested in this topic? This topic is about a language neutral representation of the Windows API, and projections to custom languages. _________________ ¯\(°_o)/¯ “languages are not safe - uses can be” Bjarne Stroustrup Last edited by bitRAKE on 03 May 2021, 18:18; edited 1 time in total |
|||
24 Apr 2021, 20:25 |
|
revolution 24 Apr 2021, 21:01
But your "language neutral representation of the Windows API" won't have legacy definitions. Hence the problem. It becomes more like "language neutral representation of only the latest Windows APIs".
|
|||
24 Apr 2021, 21:01 |
|
bitRAKE 24 Apr 2021, 21:48
It's true that the finer details of the project are difficult to know without digging deeper. MS doesn't have an internal database of APIs - the source code is the last word in documentation - has been that way all along. So, the internal tools scrape source and object files to discover as much as possible. This is augmented by hand-tuning.
The internal tools can be applied more generally and there will be multiple .winmd files. The project is only a couple months old and it's bucking the tread at MS, so maybe it will die - who knows? I just see it much more differently than the surface understanding. Seems like other people do, too. (This might be because I was doing a similar thing when I came across this.) _________________ ¯\(°_o)/¯ “languages are not safe - uses can be” Bjarne Stroustrup Last edited by bitRAKE on 03 May 2021, 18:17; edited 1 time in total |
|||
24 Apr 2021, 21:48 |
|
ProMiNick 24 Apr 2021, 23:39
latest windows api always could be passed via delay import, not one windows provide, but own implementation.
look this: Code: ; Example of making 32-bit PE program as raw code and data format PE GUI entry start include 'win32a.inc' section '.text' code readable executable virtual at 0 dd custldr end virtual customloader: invoke LoadLibrary,delaykernel32.%name test eax,eax jz .fail mov edx,[ExitProcess+(delaykernel32.lookup-delaykernel32.address)] add edx,2+$-rva $ ;mov edx,_test invoke GetProcAddress,eax,edx test eax,eax jnz .ret .fail: dec eax .ret: mov [ExitProcess],eax ret start: .testExit: cmp [ExitProcess],0 jg .callExit js .couldntrunExit call customloader jmp .testExit .couldntrunExit: invoke MessageBox,0,_message1,_caption,0 ret .callExit: invoke MessageBox,0,_message2,_caption,0 invoke ExitProcess,0 section '.data' data readable writeable _caption db 'Win32 assembly program',0 _message1 db 'Inalid kernel32 delay lookup',0 _message2 db 'Valid kernel32 delay lookup',0 section '.idata' import data readable writeable library kernel32,'KERNEL32.DLL',\ delaykernel32,kernel32,\ user32,'USER32.DLL',\ pedemo,'' include 'os_specs/windows/api/x86/kernel32.inc' include 'os_specs/windows/api/x86/user32.inc' customimport delaykernel32,ExitProcess,'ExitProcessDD';customimport delaykernel32,ExitProcess,'ExitProcess' customimport pedemo,custldr,'customloader' section '.reloc' fixups data readable discardable ; needed for Win32s in addition to Code: ; Macroinstructions for making import section macro library [name,string] { common import.data: forward if defined name#.address if name#.address-name#.lookup dd RVA name#.lookup,0,0,RVA name#.%name,RVA name#.address end if end if name#.referred = 1 common dd 0,0,0,0,0 forward if defined name#.address if name#.address-name#.lookup if string eqtype '' name#.%name db string,0 rb RVA $ and 1 else name#.%name = string#.%name end if end if end if } macro import name,[label,string] { common rb (- rva $) and 3 if defined name#.referred name#.lookup: forward if used label if ~ defined delayed.#label if string eqtype '' local _label dd RVA _label else dd 80000000h + string end if end if end if common if $ > name#.lookup dd 0 end if name#.address: forward if used label if ~ defined delayed.#label if string eqtype '' label dd RVA _label else label dd 80000000h + string end if end if end if common if $ > name#.address dd 0 end if forward if used label & string eqtype '' _label dw 0 db string,0 rb RVA $ and 1 end if common end if if defined import_extension extend_import label end if } this Code: macro customimport name,[label,string] { common rb (- rva $) and 3 if defined name#.referred name#.lookup: forward if (label eqtype [*]) | used label if string eqtype '' local _label dd RVA _label else dd 80000000h + string end if end if common if $ > name#.lookup dd 0 end if name#.address: forward if label eqtype [*] dd 0 else if used label delayed.#label: if ~definite label label dd 0 end if end if end if common if $ > name#.address dd 0 end if forward if ((label eqtype [*]) | used label) & string eqtype '' _label dw 0 db string,0 rb RVA $ and 1 end if common end if } and because my build environment specific (universal version compilable with any assembler in any environment): Code: db $4D,$5A,$80,$00,$01,$00,$00,$00,$04,$00,$10,$00,$FF,$FF,$00,$00 db $40,$01,$00,$00,$00,$00,$00,$00,$40,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$80,$00,$00,$00 db $0E,$1F,$BA,$0E,$00,$B4,$09,$CD,$21,$B8,$01,$4C,$CD,$21,$54,$68 db $69,$73,$20,$70,$72,$6F,$67,$72,$61,$6D,$20,$63,$61,$6E,$6E,$6F db $74,$20,$62,$65,$20,$72,$75,$6E,$20,$69,$6E,$20,$44,$4F,$53,$20 db $6D,$6F,$64,$65,$2E,$0D,$0A,$24,$00,$00,$00,$00,$00,$00,$00,$00 db $50,$45,$00,$00,$4C,$01,$04,$00,$AA,$A2,$84,$60,$00,$00,$00,$00 db $00,$00,$00,$00,$E0,$00,$0E,$01,$0B,$01,$01,$49,$00,$02,$00,$00 db $00,$06,$00,$00,$00,$00,$00,$00,$2E,$10,$00,$00,$00,$10,$00,$00 db $00,$20,$00,$00,$00,$00,$40,$00,$00,$10,$00,$00,$00,$02,$00,$00 db $01,$00,$00,$00,$00,$00,$00,$00,$03,$00,$0A,$00,$00,$00,$00,$00 db $00,$50,$00,$00,$00,$04,$00,$00,$E3,$BB,$00,$00,$02,$00,$40,$00 db $00,$10,$00,$00,$00,$10,$00,$00,$00,$00,$01,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$10,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$30,$00,$00,$28,$01,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$40,$00,$00,$24,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$2E,$74,$65,$78,$74,$00,$00,$00 db $71,$00,$00,$00,$00,$10,$00,$00,$00,$02,$00,$00,$00,$04,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$20,$00,$00,$60 db $2E,$64,$61,$74,$61,$00,$00,$00,$50,$00,$00,$00,$00,$20,$00,$00 db $00,$02,$00,$00,$00,$06,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$40,$00,$00,$C0,$2E,$69,$64,$61,$74,$61,$00,$00 db $28,$01,$00,$00,$00,$30,$00,$00,$00,$02,$00,$00,$00,$08,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$40,$00,$00,$C0 db $2E,$72,$65,$6C,$6F,$63,$00,$00,$24,$00,$00,$00,$00,$40,$00,$00 db $00,$02,$00,$00,$00,$0A,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$40,$00,$00,$42,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $68,$64,$30,$40,$00,$FF,$15,$90,$30,$40,$00,$85,$C0,$74,$18,$8B db $15,$E8,$30,$40,$00,$81,$C2,$02,$00,$40,$00,$52,$50,$FF,$15,$8C db $30,$40,$00,$85,$C0,$75,$01,$48,$A3,$F0,$30,$40,$00,$C3,$83,$3D db $F0,$30,$40,$00,$00,$7F,$1E,$78,$07,$E8,$C2,$FF,$FF,$FF,$EB,$EE db $6A,$00,$68,$00,$20,$40,$00,$68,$17,$20,$40,$00,$6A,$00,$FF,$15 db $D0,$30,$40,$00,$C3,$6A,$00,$68,$00,$20,$40,$00,$68,$34,$20,$40 db $00,$6A,$00,$FF,$15,$D0,$30,$40,$00,$6A,$00,$FF,$15,$F0,$30,$40 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $57,$69,$6E,$33,$32,$20,$61,$73,$73,$65,$6D,$62,$6C,$79,$20,$70 db $72,$6F,$67,$72,$61,$6D,$00,$49,$6E,$61,$6C,$69,$64,$20,$6B,$65 db $72,$6E,$65,$6C,$33,$32,$20,$64,$65,$6C,$61,$79,$20,$6C,$6F,$6F db $6B,$75,$70,$00,$56,$61,$6C,$69,$64,$20,$6B,$65,$72,$6E,$65,$6C db $33,$32,$20,$64,$65,$6C,$61,$79,$20,$6C,$6F,$6F,$6B,$75,$70,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $80,$30,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$64,$30,$00,$00 db $8C,$30,$00,$00,$E8,$30,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $64,$30,$00,$00,$F0,$30,$00,$00,$C8,$30,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$72,$30,$00,$00,$D0,$30,$00,$00,$08,$31,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$7E,$30,$00,$00,$10,$31,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$4B,$45,$52,$4E,$45,$4C,$33,$32,$2E,$44,$4C,$4C db $00,$00,$55,$53,$45,$52,$33,$32,$2E,$44,$4C,$4C,$00,$00,$00,$00 db $A6,$30,$00,$00,$B8,$30,$00,$00,$00,$00,$00,$00,$A6,$30,$00,$00 db $B8,$30,$00,$00,$00,$00,$00,$00,$00,$00,$45,$78,$69,$74,$50,$72 db $6F,$63,$65,$73,$73,$00,$00,$00,$47,$65,$74,$50,$72,$6F,$63,$41 db $64,$64,$72,$65,$73,$73,$00,$00,$00,$00,$4C,$6F,$61,$64,$4C,$69 db $62,$72,$61,$72,$79,$41,$00,$00,$D8,$30,$00,$00,$00,$00,$00,$00 db $D8,$30,$00,$00,$00,$00,$00,$00,$00,$00,$4D,$65,$73,$73,$61,$67 db $65,$42,$6F,$78,$41,$00,$00,$00,$F8,$30,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$45,$78,$69,$74,$50,$72 db $6F,$63,$65,$73,$73,$44,$44,$00,$18,$31,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$63,$75,$73,$74,$6F,$6D db $6C,$6F,$61,$64,$65,$72,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$10,$00,$00,$24,$00,$00,$00,$01,$30,$07,$30,$11,$30,$17,$30 db $1F,$30,$29,$30,$30,$30,$43,$30,$48,$30,$50,$30,$58,$30,$5D,$30 db $65,$30,$6D,$30,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 db $00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00,$00 as result program has importsthat are not exist in current OS version but PE is succesfully executed in every windows version. customimport has few differences (name#.address - table of zeroes) from import that makes import not required and delayable. New functional is always good but it should be in delay import with manual LoadLibrary & GetProcAddress and not in one MS provided. |
|||
24 Apr 2021, 23:39 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.