flat assembler
Message board for the users of flat assembler.

Index > Main > invoke reg

Author
Thread Post new topic Reply to topic
AE



Joined: 07 Apr 2022
Posts: 70
AE 11 Apr 2022, 20:20
How to use register as procedure address for invoke?
Code:
invoke r12, arg1    

to not get

call[r12]: operand size not specified

And BTW is there a thread for general questions, or is it better to create a topic for each?
Post 11 Apr 2022, 20:20
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20355
Location: In your JS exploiting you and your system
revolution 11 Apr 2022, 20:47
I suspect you want stdcall if r12 is the address of the target, and not a pointer to the address.
Post 11 Apr 2022, 20:47
View user's profile Send private message Visit poster's website Reply with quote
ProMiNick



Joined: 24 Mar 2012
Posts: 802
Location: Russian Federation, Sochi
ProMiNick 11 Apr 2022, 21:01
If actually invoke reg needed:
Code:
format PE64 GUI 5.0
entry start

include 'win64a.inc'

section '.text' code readable executable

  start:
        sub     rsp,8
        mov     r12,ExitProcess
        virtual at r12
                ExitProcess%% dq ?
        end virtual
        invoke  ExitProcess%%,0

section '.idata' import data readable writeable

  library kernel32,'KERNEL32.DLL'

  include 'os_specs/windows/api/x86/kernel32.inc'    


or this
Code:
format PE64 GUI 5.0
entry start

include 'win64a.inc'

virtual at 0
        void dq ?
end virtual

r12.void equ r12+void

section '.text' code readable executable

  start:
        sub     rsp,8
        mov     r12,ExitProcess
        invoke  r12.void,0

section '.idata' import data readable writeable

  library kernel32,'KERNEL32.DLL'

  include 'os_specs/windows/api/x86/kernel32.inc'    

that will call qword[r12] - construct questions correctly - or thou will be surprized with answers)


Last edited by ProMiNick on 11 Apr 2022, 21:07; edited 1 time in total
Post 11 Apr 2022, 21:01
View user's profile Send private message Send e-mail Reply with quote
AE



Joined: 07 Apr 2022
Posts: 70
AE 11 Apr 2022, 21:04
That's informative, thank you very much!
Post 11 Apr 2022, 21:04
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20355
Location: In your JS exploiting you and your system
revolution 11 Apr 2022, 21:47
A more concise way to achieve the invoke is:
Code:
label q12 qword at r12
invoke q12, arg1, ...    
Post 11 Apr 2022, 21:47
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.