flat assembler
Message board for the users of flat assembler.

Index > Windows > Code Explaination Please (Listing Drives)

Author
Thread Post new topic Reply to topic
Nameless



Joined: 30 Apr 2010
Posts: 95
Nameless
i just started FASM, and i put up this code from random places, it works, but i dunno how it works Surprised

i was wondering if anyone can explain what each line does, i know it looks for #0 char and replace/skip it, but how?

Oh, also, how can i declare a long string?
i use 'Buf rb 429496', but its not good i guess

here is the code:
Code:
format PE GUI 4.0
include 'win32ax.inc'

.data
 Drive             db ?, ':\ ', 0
 ldstrings     db 128 dup(?)
 TheStr        db 128 dup (?)
 
start:
 invoke GetLogicalDriveStrings, 128, ldstrings
 mov  ebx, ldstrings
 
 enum_drives:
    mov     dl, byte[ebx]
       mov     [Drive],dl
  invoke  lstrcat, TheStr, Drive
      jz      next_drive
 
 next_drive:
 add     ebx,4
       cmp     byte[ebx], 0
        jne     enum_drives
 jmp     endcall

 endcall:
        invoke  MessageBox, 0, TheStr, "Drives :", 0

.end start
    


cheers, thanks alot
Post 30 Apr 2010, 05:45
View user's profile Send private message Reply with quote
baldr



Joined: 19 Mar 2008
Posts: 1651
baldr
Nameless,

GetLogicalDriveStrings() returns in lpBuffer something like
Code:
db "A:\", 0
db "C:\", 0
db "D:\", 0
db 0    
enum_drives: loop concatenates those strings into TheStr;
MessageBox() shows them.

Then we get access violation (MessageBox() returns IDOK==1, 00 00 is decoded by CPU as add [eax], al and byte at address 1 is inaccessible).
Post 30 Apr 2010, 08:47
View user's profile Send private message Reply with quote
Nameless



Joined: 30 Apr 2010
Posts: 95
Nameless
im very sorry to disappoint u but.....
im a total n00b XD

can u tell me how it did this? like what does ' mov dl, byte[ebx]' do?
and 'mov [Drive],dl' ? and the rest of those?

thats my problem, im a delphi coder btw, and i know some C, so anything after invoke is ok with me
the rest is the problem

thanks
Post 30 Apr 2010, 08:58
View user's profile Send private message Reply with quote
ass0



Joined: 31 Dec 2008
Posts: 521
Location: ( . Y . )
ass0

_________________
Image
Nombre: Aquiles Castro.
Location2: about:robots
Post 30 Apr 2010, 09:31
View user's profile Send private message Reply with quote
Nameless



Joined: 30 Apr 2010
Posts: 95
Nameless
which part should i look for? keywords plz?
Post 30 Apr 2010, 10:56
View user's profile Send private message Reply with quote
baldr



Joined: 19 Mar 2008
Posts: 1651
baldr
Nameless,

Google: assembly OR assembler tutorial. Look for those which are focused on 32-bit programming and Windows.
Post 30 Apr 2010, 13:31
View user's profile Send private message Reply with quote
Nameless



Joined: 30 Apr 2010
Posts: 95
Nameless
ok, i messed with it a bit more
when i changed ebx to ecx it showed nothing, just froze
switched back to ebx it showed all of them

y did this happen?
arent they same type "General Purpose Registers" ? and same size "32bits"?
Post 30 Apr 2010, 14:55
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17716
Location: In your JS exploiting you and your system
revolution
invoke lstrcat won't preserve eax, ecx, edx or the flags.
Post 30 Apr 2010, 15:12
View user's profile Send private message Visit poster's website Reply with quote
Nameless



Joined: 30 Apr 2010
Posts: 95
Nameless
now a smarter question
how should i know what function preserves what and doesnt preserver what?
Post 30 Apr 2010, 16:04
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17716
Location: In your JS exploiting you and your system
revolution
Windows API uses Standard Call convention. All functions (with only two special exceptions) use stdcall.
Post 30 Apr 2010, 16:22
View user's profile Send private message Visit poster's website Reply with quote
Nameless



Joined: 30 Apr 2010
Posts: 95
Nameless
i mean how should i know that lstrcat wont use ebx and will use the others?
Post 30 Apr 2010, 18:13
View user's profile Send private message Reply with quote
bitshifter



Joined: 04 Dec 2007
Posts: 764
Location: Massachusetts, USA
bitshifter
It called ABI. (application binary interface)
Register useage is a small part of this convention.
Post 30 Apr 2010, 19:03
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on GitHub, YouTube, Twitter.

Website powered by rwasa.