flat assembler
Message board for the users of flat assembler.

Index > Windows > Code Explaination Please (Listing Drives)

Author
Thread Post new topic Reply to topic
Nameless



Joined: 30 Apr 2010
Posts: 95
Nameless 30 Apr 2010, 05:45
i just started FASM, and i put up this code from random places, it works, but i dunno how it works Surprised

i was wondering if anyone can explain what each line does, i know it looks for #0 char and replace/skip it, but how?

Oh, also, how can i declare a long string?
i use 'Buf rb 429496', but its not good i guess

here is the code:
Code:
format PE GUI 4.0
include 'win32ax.inc'

.data
 Drive             db ?, ':\ ', 0
 ldstrings     db 128 dup(?)
 TheStr        db 128 dup (?)
 
start:
 invoke GetLogicalDriveStrings, 128, ldstrings
 mov  ebx, ldstrings
 
 enum_drives:
    mov     dl, byte[ebx]
       mov     [Drive],dl
  invoke  lstrcat, TheStr, Drive
      jz      next_drive
 
 next_drive:
 add     ebx,4
       cmp     byte[ebx], 0
        jne     enum_drives
 jmp     endcall

 endcall:
        invoke  MessageBox, 0, TheStr, "Drives :", 0

.end start
    


cheers, thanks alot
Post 30 Apr 2010, 05:45
View user's profile Send private message Reply with quote
baldr



Joined: 19 Mar 2008
Posts: 1651
baldr 30 Apr 2010, 08:47
Nameless,

GetLogicalDriveStrings() returns in lpBuffer something like
Code:
db "A:\", 0
db "C:\", 0
db "D:\", 0
db 0    
enum_drives: loop concatenates those strings into TheStr;
MessageBox() shows them.

Then we get access violation (MessageBox() returns IDOK==1, 00 00 is decoded by CPU as add [eax], al and byte at address 1 is inaccessible).
Post 30 Apr 2010, 08:47
View user's profile Send private message Reply with quote
Nameless



Joined: 30 Apr 2010
Posts: 95
Nameless 30 Apr 2010, 08:58
im very sorry to disappoint u but.....
im a total n00b XD

can u tell me how it did this? like what does ' mov dl, byte[ebx]' do?
and 'mov [Drive],dl' ? and the rest of those?

thats my problem, im a delphi coder btw, and i know some C, so anything after invoke is ok with me
the rest is the problem

thanks
Post 30 Apr 2010, 08:58
View user's profile Send private message Reply with quote
ass0



Joined: 31 Dec 2008
Posts: 518
Location: ( . Y . )
ass0 30 Apr 2010, 09:31

_________________
Image
Nombre: Aquiles Castro.
Location2: about:robots
Post 30 Apr 2010, 09:31
View user's profile Send private message Reply with quote
Nameless



Joined: 30 Apr 2010
Posts: 95
Nameless 30 Apr 2010, 10:56
which part should i look for? keywords plz?
Post 30 Apr 2010, 10:56
View user's profile Send private message Reply with quote
baldr



Joined: 19 Mar 2008
Posts: 1651
baldr 30 Apr 2010, 13:31
Nameless,

Google: assembly OR assembler tutorial. Look for those which are focused on 32-bit programming and Windows.
Post 30 Apr 2010, 13:31
View user's profile Send private message Reply with quote
Nameless



Joined: 30 Apr 2010
Posts: 95
Nameless 30 Apr 2010, 14:55
ok, i messed with it a bit more
when i changed ebx to ecx it showed nothing, just froze
switched back to ebx it showed all of them

y did this happen?
arent they same type "General Purpose Registers" ? and same size "32bits"?
Post 30 Apr 2010, 14:55
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20459
Location: In your JS exploiting you and your system
revolution 30 Apr 2010, 15:12
invoke lstrcat won't preserve eax, ecx, edx or the flags.
Post 30 Apr 2010, 15:12
View user's profile Send private message Visit poster's website Reply with quote
Nameless



Joined: 30 Apr 2010
Posts: 95
Nameless 30 Apr 2010, 16:04
now a smarter question
how should i know what function preserves what and doesnt preserver what?
Post 30 Apr 2010, 16:04
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20459
Location: In your JS exploiting you and your system
revolution 30 Apr 2010, 16:22
Windows API uses Standard Call convention. All functions (with only two special exceptions) use stdcall.
Post 30 Apr 2010, 16:22
View user's profile Send private message Visit poster's website Reply with quote
Nameless



Joined: 30 Apr 2010
Posts: 95
Nameless 30 Apr 2010, 18:13
i mean how should i know that lstrcat wont use ebx and will use the others?
Post 30 Apr 2010, 18:13
View user's profile Send private message Reply with quote
bitshifter



Joined: 04 Dec 2007
Posts: 796
Location: Massachusetts, USA
bitshifter 30 Apr 2010, 19:03
It called ABI. (application binary interface)
Register useage is a small part of this convention.
Post 30 Apr 2010, 19:03
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.