flat assembler
Message board for the users of flat assembler.

Index > Windows > Why FASM not supports import like masm/MSVC ?

Author
Thread Post new topic Reply to topic
Aster!x



Joined: 16 Jul 2004
Posts: 26
Aster!x 04 Feb 2010, 16:48
Why FASM not supports import like masm/VSVC with OriginalFirstThunk and FirstThunk arrays?
I try do it manually, but fasm wrong calculate IMAGE_DIRECTORY_ENTRY_IMPORT(RVA, and size) and not
calculate IMAGE_DIRECTORY_ENTRY_IAT :(
Post 04 Feb 2010, 16:48
View user's profile Send private message Reply with quote
Aster!x



Joined: 16 Jul 2004
Posts: 26
Aster!x 04 Feb 2010, 19:36
for example something like this:
Code:
IAT:
FirstThunk:
FirstThunk_kernel32:
    GetModuleFileName dd rva _GetModuleFileNameA
    ExitProcess dd rva _ExitProcess
    dd 0
FirstThunk_user32:
    MessageBox dd rva _MessageBoxA
    dd 0
IAT_SIZE = $ - IAT

IMPORT:
IMAGE_IMPORT_DESCRIPTOR:
    dd rva OriginalFirstThunk_kernel32,0,0,rva kernel32_name, rva FirstThunk_kernel32
    dd rva OriginalFirstThunk_user32,0,0,rva user32_name, rva FirstThunk_user32
    dd 0,0,0,0,0
IMPORT_SIZE = $ - IMPORT

OriginalFirstThunk:
OriginalFirstThunk_kernel32:
    dd rva _GetModuleFileNameA
    dd rva _ExitProcess
    dd 0
OriginalFirstThunk_user32:
    dd rva _MessageBoxA
    dd 0

_align 2,0
_ExitProcess dw 0  ; Hint
    db 'ExitProcess',0
_GetModuleFileNameA dw 0  ; Hint
    db 'GetModuleFileNameA',0

_align 4,0
kernel32_name db 'kernel32.dll',0

_align 2,0
_MessageBoxA dw 0  ; Hint
    db 'MessageBoxA',0

_align 4,0
user32_name db 'user32.dll',0    
Post 04 Feb 2010, 19:36
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20454
Location: In your JS exploiting you and your system
revolution 05 Feb 2010, 00:56
You can use the 'data' directive to place the tables.
data directive begins the definition of special PE data, it should be followed by one of the data identifiers (export, import, resource or fixups) or by the number of data entry in PE header. The data should be defined in next lines, ended with end data directive. When fixups data definition is chosen, they are generated automatically and no more data needs to be defined there. The same applies to the resource data when the resource identifier is followed by from operator and quoted file name - in such case data is taken from the given resource file.
When all else fails, read the manual.
Post 05 Feb 2010, 00:56
View user's profile Send private message Visit poster's website Reply with quote
Aster!x



Joined: 16 Jul 2004
Posts: 26
Aster!x 05 Feb 2010, 11:59
revolution

Thanks. That is works.
Post 05 Feb 2010, 11:59
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.