flat assembler
Message board for the users of flat assembler.

Index > Tutorials and Examples > A Win32 console keypress example (Updated)

Goto page Previous  1, 2
Author
Thread Post new topic Reply to topic
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20215
Location: In your JS exploiting you and your system
revolution 02 Apr 2024, 11:04
This might help.
Code:
struc   COORD {
        .x      dw      ?
        .y      dw      ?
}struct COORD

struc   UCHAR {
    virtual
        .AsciiChar      db      ?
    end virtual
        .UnicodeChar    dw      ?
}struct UCHAR

struc   KEY_EVENT_RECORD {
        .bKeyDown               dd      ?
        .wRepeatCount           dw      ?
        .wVirtualKeyCode        dw      ?
        .wVirtualScanCode       dw      ?
        .uChar                  UCHAR
        .dwControlKeyState      dd      ?
}struct KEY_EVENT_RECORD

struc   MOUSE_EVENT_RECORD {
        .dwMousePosition        COORD
        .dwButtonState          dd      ?
        .dwControlKeyState      dd      ?
        .dwEventFlags           dd      ?
}struct MOUSE_EVENT_RECORD

struc   WINDOW_BUFFER_SIZE_RECORD {
        .dwSize COORD
}struct WINDOW_BUFFER_SIZE_RECORD

struc   MENU_EVENT_RECORD {
        .dwCommandId    dd      ?
}struct MENU_EVENT_RECORD

struc   FOCUS_EVENT_RECORD {
        .bSetFocus      dd      ?
}struct FOCUS_EVENT_RECORD

struc   IREVENT {
    virtual
        .MouseEvent             MOUSE_EVENT_RECORD
        .WindowBufferSizeEvent  WINDOW_BUFFER_SIZE_RECORD
        .MenuEvent              MENU_EVENT_RECORD
        .FocusEvent             FOCUS_EVENT_RECORD
    end virtual
        .KeyEvent               KEY_EVENT_RECORD
}struct IREVENT

struc   INPUT_RECORD {
        .EventType      dw      ?,?
        .Event          IREVENT
}struct INPUT_RECORD    
Post 02 Apr 2024, 11:04
View user's profile Send private message Visit poster's website Reply with quote
MatQuasar



Joined: 25 Oct 2023
Posts: 105
MatQuasar 02 Apr 2024, 16:28
revolution wrote:
This might help.
Code:
struc   COORD {
        .x      dw      ?
        .y      dw      ?
}struct COORD

struc   UCHAR {
    virtual
        .AsciiChar      db      ?
    end virtual
        .UnicodeChar    dw      ?
}struct UCHAR

struc   KEY_EVENT_RECORD {
        .bKeyDown               dd      ?
        .wRepeatCount           dw      ?
        .wVirtualKeyCode        dw      ?
        .wVirtualScanCode       dw      ?
        .uChar                  UCHAR
        .dwControlKeyState      dd      ?
}struct KEY_EVENT_RECORD

struc   MOUSE_EVENT_RECORD {
        .dwMousePosition        COORD
        .dwButtonState          dd      ?
        .dwControlKeyState      dd      ?
        .dwEventFlags           dd      ?
}struct MOUSE_EVENT_RECORD

struc   WINDOW_BUFFER_SIZE_RECORD {
        .dwSize COORD
}struct WINDOW_BUFFER_SIZE_RECORD

struc   MENU_EVENT_RECORD {
        .dwCommandId    dd      ?
}struct MENU_EVENT_RECORD

struc   FOCUS_EVENT_RECORD {
        .bSetFocus      dd      ?
}struct FOCUS_EVENT_RECORD

struc   IREVENT {
    virtual
        .MouseEvent             MOUSE_EVENT_RECORD
        .WindowBufferSizeEvent  WINDOW_BUFFER_SIZE_RECORD
        .MenuEvent              MENU_EVENT_RECORD
        .FocusEvent             FOCUS_EVENT_RECORD
    end virtual
        .KeyEvent               KEY_EVENT_RECORD
}struct IREVENT

struc   INPUT_RECORD {
        .EventType      dw      ?,?
        .Event          IREVENT
}struct INPUT_RECORD    


Good!
Post 02 Apr 2024, 16:28
View user's profile Send private message Reply with quote
MatQuasar



Joined: 25 Oct 2023
Posts: 105
MatQuasar 13 Apr 2024, 15:25
Another example modified from code posted by a 'fasm' Discord user.

GetKeyState API function : "Press "0" to quit"

Code:
format PE console
include 'win32a.inc'

msg db 'Key pressed',13,10
len = $ - msg
msgg db 'Press 0 to quit',13,10
lenn = $ - msgg
stdout dd ?

entry $

  invoke GetStdHandle,STD_OUTPUT_HANDLE
  mov [stdout],eax

  invoke WriteConsole,[stdout], msgg, lenn, 0, 0
  mov ebx, '0'

.again:
  invoke GetKeyState,ebx

  bt eax,15
  jnc .again

  invoke WriteConsole,[stdout], msg, len, 0, 0
  invoke ExitProcess,0

data import
library kernel,'kernel32.dll',user32,'user32.dll'
import  kernel, WriteConsole,'WriteConsoleA',GetStdHandle,'GetStdHandle', ExitProcess, 'ExitProcess'
import  user32, GetKeyState,'GetKeyState',GetAsyncKeyState,'GetAsyncKeyState'
end data

    
Post 13 Apr 2024, 15:25
View user's profile Send private message Reply with quote
bitRAKE



Joined: 21 Jul 2003
Posts: 3977
Location: vpcmipstrm
bitRAKE 28 Apr 2024, 09:26
MatQuasar wrote:
Two undefined "db ? " added. Is it because needed by alignment , which is 32-bit?
Yeap. My example has complete console API definitions, but in this specific case the UNION contains a DWORD - which forces the alignment.
MatQuasar wrote:
And what about this:
Code:
00000000 _KEY_EVENT_RECORD::$0E79EC4DAC98A4AB202537FA8C3F69FC union ; (sizeof=0x2, align=0x2, copyof_156)
00000000                                         ; XREF: KEY_EVENT_RECORD/r
00000000 UnicodeChar     dw ?
00000000 AsciiChar       db ?
00000000 _KEY_EVENT_RECORD::$0E79EC4DAC98A4AB202537FA8C3F69FC ends    

Is the size of struct 3 bytes or 4 bytes?
UNION is only as large as the biggest entry - in this case - only two bytes:
Code:
struct KEY_EVENT_RECORD
        bKeyDown                dd ?
        wRepeatCount            dw ?
        wVirtualKeyCode         dw ?
        wVirtualScanCode        dw ?
        union
                UnicodeChar     dw ?
                AsciiChar       db ?
        ends
        dwControlKeyState       dd ?
ends    
... note the offsets - both values start on the same (relative) byte (0).

_________________
¯\(°_o)/¯ “languages are not safe - uses can be” Bjarne Stroustrup
Post 28 Apr 2024, 09:26
View user's profile Send private message Visit poster's website Reply with quote
bitRAKE



Joined: 21 Jul 2003
Posts: 3977
Location: vpcmipstrm
bitRAKE 28 Apr 2024, 09:35
Note: revolution's structure isn't correct:
Code:
struc   IREVENT {
    virtual
        .MouseEvent             MOUSE_EVENT_RECORD
        .WindowBufferSizeEvent  WINDOW_BUFFER_SIZE_RECORD
        .MenuEvent              MENU_EVENT_RECORD
        .FocusEvent             FOCUS_EVENT_RECORD
    end virtual
        .KeyEvent               KEY_EVENT_RECORD
}struct IREVENT    
... each of these event items would need to be in their own VIRTUAL (except the largest one) because they overlap on the same space.

That's why I produced a comprehensive example to demonstrate the errors or validity of my understanding.
Post 28 Apr 2024, 09:35
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20215
Location: In your JS exploiting you and your system
revolution 28 Apr 2024, 09:46
Thanks. The virtual blocks should be independent.
Code:
struc   IREVENT {
    virtual
        .MouseEvent             MOUSE_EVENT_RECORD
    end virtual
    virtual
        .WindowBufferSizeEvent  WINDOW_BUFFER_SIZE_RECORD
    end virtual
    virtual
        .MenuEvent              MENU_EVENT_RECORD
    end virtual
    virtual
        .FocusEvent             FOCUS_EVENT_RECORD
    end virtual
        .KeyEvent               KEY_EVENT_RECORD
}struct IREVENT    
Post 28 Apr 2024, 09:46
View user's profile Send private message Visit poster's website Reply with quote
MatQuasar



Joined: 25 Oct 2023
Posts: 105
MatQuasar 28 Apr 2024, 10:08
bitRAKE wrote:
Yeap. My example has complete console API definitions, but in this specific case the UNION contains a DWORD - which forces the alignment.


Thank you so much, for confirming my doubts. I always think it is best to refer to the structure disassembled by a disassembler such as IDA Freeware.

bitRAKE wrote:
That's why I produced a comprehensive example to demonstrate the errors or validity of my understanding.


That is a fine example although I don't understand macro. I am impressed with your "never-say-die" attitude in the console event examples (two of them).
Post 28 Apr 2024, 10:08
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.