flat assembler
Message board for the users of flat assembler.
Index
> Windows > GetCommandLine & ShellExecute Goto page 1, 2 Next |
Author |
|
semiono 17 Aug 2010, 12:36
How to check a string?
cmp byte [ebx],' -help' cmp byte [ebx],' -options' cmp byte [ebx],' --n' cmp byte [ebx],' /x' etc. Please? :\ |
|||
17 Aug 2010, 12:36 |
|
Tyler 17 Aug 2010, 21:26
Code: ; edi = str1 ; esi = str2 ; returns same as strcmp in libc strcmp: lodsb and eax, 0xff movzx byte[edi], ebx add edi, 1 sub eax, ebx jne .done cmp eax, 0 ; Does jne trash eflags? If not, this line can be removed. je strcmp .done: ret |
|||
17 Aug 2010, 21:26 |
|
vid 17 Aug 2010, 22:04
Quote: cmp byte [ebx],' -help' "cmp byte [ebx], value" compares single byte at ebx with value. In (ANSI) string, each character is a byte. So, straightforward way would be: Code: cmp byte [ebx], '-' jne not_help cmp byte [ebx+1], 'h' jne not_help cmp byte [ebx+2], 'e' jne not_help cmp byte [ebx+3], 'l' jne not_help cmp byte [ebx+4], 'p' jne not_help cmp byte [ebx+5], 0 ;end of string is marked by byte with value zero jne not_help ;here, string at memory pointed by ebx is "-help" ... not_help: ... Of course, this is tedious, that's why people use functions such as strcmp. |
|||
17 Aug 2010, 22:04 |
|
Tyler 18 Aug 2010, 05:53
Sorry. I should've explained the theory behind it, like vid did.
|
|||
18 Aug 2010, 05:53 |
|
sinsi 18 Aug 2010, 06:09
You can use 'GetCommandLineW' then 'CommandLineToArgvW' which gives you a pointer to a list of pointers to each string from the command line, and how many there are. Then you can use 'lstrcmpW' to compare.
|
|||
18 Aug 2010, 06:09 |
|
semiono 18 Aug 2010, 09:33
I have some example, but it running with errors.
Code: call GetCommandLineW push offset numArgs push EAX call CommandLineToArgvW mov EDI, EAX push EDI mov ECX, numArgs @showArgs: mov EAX, [EDI] push ECX push 0 push 0 push EAX push 0 call MessageBoxW pop ECX add EDI, 4 loop @showArgs call GlobalFree + invoke ExitProcess,NULL Is it need to be compiled with 'win32wx.inc' ? What could be a problems is here? --- an example more... Code: include '%fasm%\win32ax.inc' start: invoke GetCommandLine push eax pop esi cmp [esi],byte 0x00000022 jz @i @i2: inc esi cmp [esi],byte 0x00000020 jz @i1 jmp @i2 @i: inc esi cmp [esi],byte 0x00000022 jz @i1 jmp @i @i1: inc esi invoke MessageBox,NULL,esi,'Done...',MB_OK exit: invoke ExitProcess,NULL .end start section '.rsrc' resource readable directory RT_MANIFEST,_manifest resource _manifest,1,LANG_NEUTRAL,manifest resdata manifest file '%fasm%\manifest32.xml' endres empty commandline without switcher - why output with ierogliph ? Tyler, vid, sinsi... thanks!... |
|||
18 Aug 2010, 09:33 |
|
vid 18 Aug 2010, 10:14
Code: push eax pop esi You can just use "mov esi, eax". Code: cmp [esi],byte 0x00000022 What is this supposed to do? By the way, maximal value of byte is 0xFF, so those initial 6 nulls are always gonna be there, and so there is no reason to write them. Just use "cmp [esi], byte 0x22", or "cmp byte [esi], 0x22". |
|||
18 Aug 2010, 10:14 |
|
vid 18 Aug 2010, 10:16
I almost forgot - did you try to use debugger? You can trace your code step-by-step and see what's happening after every instruction. Get OllyDbg at http://www.ollydbg.de/
|
|||
18 Aug 2010, 10:16 |
|
semiono 18 Aug 2010, 15:48
vid wrote: Get OllyDbg at http://www.ollydbg.de/ I'm afraid of debuggers By the way, why the debugger allways complains with code section Code: ...
section '.code' executable
... Is it OllyDbg 2 good for first steps, is it stable? I try to use OllyDbg1.10 now. _________________ Windows 9, FL Studio 19 |
|||
18 Aug 2010, 15:48 |
|
LocoDelAssembly 18 Aug 2010, 18:30
Quote:
Jcc does not alter the flags so yes, you can remove it. BTW, do you realize that your code is destroying one of the strings and that probably it is not returning in EAX the correct answer? |
|||
18 Aug 2010, 18:30 |
|
vid 18 Aug 2010, 19:46
semiono: both Olly 1.10 and 2.0 are good to use, no reason to be afraid. You can ignore that warning too.
|
|||
18 Aug 2010, 19:46 |
|
MHajduk 18 Aug 2010, 21:19
semiono wrote: By the way, why the debugger allways complains with code section Code: section '.code' code executable |
|||
18 Aug 2010, 21:19 |
|
Tyler 19 Aug 2010, 02:27
LocoDelAssembly wrote:
Oops. Code: ; esi = str1 ; edi = str2 ; returns same as strcmp in libc strcmp: lodsb movzx ebx, byte[edi] add edi, 1 sub eax, ebx jne .done cmp ebx, 0 jne strcmp .done: ret Better? [/code] |
|||
19 Aug 2010, 02:27 |
|
LocoDelAssembly 19 Aug 2010, 02:48
Yep, it seems it does its job this time. There is a minor detail though, if strcmp is defined to return an integer and not a char (i.e. the result is extracted from EAX and not AL alone), then the upper 24 bits are unintended garbage and should be corrected.
Code: strcmp: lodsb mov dl, [edi] inc edi sub al, dl jnz .done cmp dl, 0 jne strcmp .done: movsx eax, al ret PS: Well, now that I look more carefully, your code would fail if EAX[31:8] is not zero at entry. |
|||
19 Aug 2010, 02:48 |
|
semiono 19 Aug 2010, 12:43
MHajduk wrote: semiono, you forgot to specify type of the section. section '.data' readable section '.code' executable I don't forgot. I try it experimental and fasm accept with it. If it need for debugger I improve it. _________________ Windows 9, FL Studio 19 |
|||
19 Aug 2010, 12:43 |
|
MHajduk 19 Aug 2010, 20:05
semiono, the name between quotes doesn't determine type of the section. This string can be empty
Code: section '' code readable executable Code: section 'i3jwaGzb' code readable executable If the name of the section isn't followed by the one of the flags 'code' or 'data', compiler, by default, assumes that this is a data section (please, correct me here if I'm wrong). In such case Olly shows the warning message presented above ("entry point outside the code"). section directive defines a new section, it should be followed by quoted string defining the name of section, then one or more section flags can follow. Available flags are: code, data, readable, writeable, executable, shareable, discardable, notpageable. The origin of section is aligned to page (4096 bytes). Example declaration of PE section: |
|||
19 Aug 2010, 20:05 |
|
semiono 27 Aug 2010, 15:03
Code: include '%fasm%\win32ax.inc' section '.code' code executable ; readable writable start: invoke GetCommandLine mov ebx,eax cmp byte [ebx],' ' ; 0x20 jne msg cmp byte [ebx+1],'x' ; 0x78 jne msg calc: invoke ShellExecute,NULL,NULL,'calc.exe',NULL,NULL,SW_NORMAL jmp exit msg: invoke MessageBox,NULL,ebx,'--->8---',MB_OK exit: invoke ExitProcess,NULL .end start nothing work. i cry. ((( |
|||
27 Aug 2010, 15:03 |
|
MHajduk 27 Aug 2010, 17:20
semiono, check this, works on my machine:
Code: include '%fasm%\win32ax.inc' section '.code' code executable ; readable writable start: invoke GetCommandLine mov ebx, eax OmitName: cmp byte [ebx], 0 je msg cmp byte [ebx], ' ' je OmitSpaces inc ebx jmp OmitName OmitSpaces: inc ebx cmp byte [ebx], ' ' je OmitSpaces x: cmp byte [ebx], 'x' ; 0x78 jne msg calc: invoke ShellExecute, NULL, NULL, 'calc.exe', NULL, NULL, SW_NORMAL jmp exit msg: invoke MessageBox, NULL, ebx, '--->8---', MB_OK exit: invoke ExitProcess, NULL .end start |
|||
27 Aug 2010, 17:20 |
|
semiono 27 Aug 2010, 17:45
COOL! It's great! Thanks!
I try now to add more events for jump.. ShellExecute1 ShellExecute2 etc. Good start for me! Thanks for help! --- And this work additional with any inputs like "*%" COOL! Good cycle! |
|||
27 Aug 2010, 17:45 |
|
Goto page 1, 2 Next < Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.