flat assembler
Message board for the users of flat assembler.

Index > Windows > Size Question..

Author
Thread Post new topic Reply to topic
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz
Hello everyone.. I got stuck about size thing.. I'm trying following but I can't understand how to do that.. here's example:
Code:
format PE GUI 4.0
include 'WIN32A.INC'
entry main
section '.data' data readable writeable
lpBuffer rb 256
szBuffer rb 256
section '.text' code readable executable
proc main
invoke GetCurrentDirectory,256,lpBuffer
mov ecx,-1
mov edi,lpBuffer
xor al,al
cld
repne scasb
not ecx
dec ecx
mov dword[szBuffer],ecx
mov edi,szBuffer+lpBuffer ; <--------- Problem is here.
mov al,5ch
stosb
invoke MessageBox,0,lpBuffer,szBuffer,MB_OK
invoke ExitProcess,0
endp
section '.idata' import data readable
library user32,'user32.dll',kernel32,'kernel32.dll'
include 'API\USER32.INC'
include 'API\KERNEL32.INC'
section '.reloc' fixups data discardable    

I am trying to store '\' on lpBuffer's last string. I mean:
if GetCurrentDirectory = C:\Users\User\Desktop
it should store byte here = C:\Users\User\Desktop\ <
someone can explain me how to do that ? Thanks.
Post 22 Oct 2010, 09:41
View user's profile Send private message Reply with quote
pearlz



Joined: 07 Jun 2010
Posts: 55
Location: Viet Nam
pearlz
that's mean S=S1+S2 (S: String) as VB, C, ............ ?
Post 22 Oct 2010, 09:59
View user's profile Send private message Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz
Nope, lpBuffer = Current Path and szBuffer = Size of Path.
Post 22 Oct 2010, 10:01
View user's profile Send private message Reply with quote
pearlz



Joined: 07 Jun 2010
Posts: 55
Location: Viet Nam
pearlz
Code:
mov edi,szBuffer
add edi,dword[lpBuffer]
add edi,1
mov edi,'\'
add edi
mov edi,0
    

it's true?
Post 22 Oct 2010, 10:06
View user's profile Send private message Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz
Nope.. Do you tested it before you post ? >.> Cause it doesn't work for me. and also "add edi" = syntax error. removed that and not working also. and why mov edi,szBuffer and then add edi,dword[lpbuffer] ? it should result for example size is 25, it will be 25C:\users... not the 25+C:\Users... and BTW It should be CHAR string for MessageBox API.
Post 22 Oct 2010, 10:14
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17279
Location: In your JS exploiting you and your system
revolution
Try this:
Code:
format PE GUI 4.0

include 'WIN32A.INC'

entry main

section '.data' data readable writeable
  lpBuffer rb 256
;;   szBuffer rb 256         ;not needed

section '.text' code readable executable

proc main
      invoke  GetCurrentDirectory,256,lpBuffer
    mov     ecx,-1
      mov     edi,lpBuffer
        xor     al,al
       cld
 repne   scasb
       not     ecx
 dec     ecx
;;       mov     dword[szBuffer],ecx             ;not needed
 lea     edi,[lpBuffer+ecx]
  mov     al,5ch
      stosb
       mov     al,0                            ;null terminate
     stosb
       invoke  MessageBox,0,lpBuffer,lpBuffer,MB_OK
        invoke  ExitProcess,0
endp

section '.idata' import data readable
        library user32,'user32.dll',kernel32,'kernel32.dll'
     include 'API\USER32.INC'
 include 'API\KERNEL32.INC'

section '.reloc' fixups data discardable    
Post 22 Oct 2010, 10:38
View user's profile Send private message Visit poster's website Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz
Worked Fine! Thank you! BTW I don't understand whats difference between LEA and MOV ? I can't understand on sites what difference is there.. can you tell me please ?
Post 22 Oct 2010, 10:45
View user's profile Send private message Reply with quote
pearlz



Joined: 07 Jun 2010
Posts: 55
Location: Viet Nam
pearlz
my way!
Code:
proc main
invoke GetCurrentDirectory,256,lpBuffer
mov esi,lpBuffer
mov edi,szBuffer
.count:
  lodsb
  stosb
  test al,al
  jnz  .count
sub esi,1
mov byte [esi],'\'
add esi,1
mov byte[esi],0
invoke MessageBox,0,lpBuffer,szBuffer,MB_OK
invoke ExitProcess,0
endp
    
Post 22 Oct 2010, 10:47
View user's profile Send private message Reply with quote
pearlz



Joined: 07 Jun 2010
Posts: 55
Location: Viet Nam
pearlz
that's true?
Post 22 Oct 2010, 10:50
View user's profile Send private message Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz
Yes it is. Thanks Smile
Post 22 Oct 2010, 10:53
View user's profile Send private message Reply with quote
pearlz



Joined: 07 Jun 2010
Posts: 55
Location: Viet Nam
pearlz
if not copy
Code:
format PE GUI 4.0
include 'WIN32A.INC'
entry main
section '.data' data readable writeable
  lpBuffer rb 256
section '.text' code readable executable
proc main
  invoke GetCurrentDirectory,256,lpBuffer
  mov esi,lpBuffer
  .count:
    lodsb
    test al,al
    jnz  .count
  sub esi,1
  mov byte [esi],'\'
  add esi,1
  mov byte[esi],0
  invoke MessageBox,0,lpBuffer,lpBuffer,MB_OK
  invoke ExitProcess,0
endp
section '.idata' import data readable
library user32,'user32.dll',\
        kernel32,'kernel32.dll'
include 'API\USER32.INC'
include 'API\KERNEL32.INC'
section '.reloc' fixups data discardable
    
Post 22 Oct 2010, 10:53
View user's profile Send private message Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz
Works fine. Thank you Smile btw nice logic u have !
Post 22 Oct 2010, 10:56
View user's profile Send private message Reply with quote
shoorick



Joined: 25 Feb 2005
Posts: 1605
Location: Ukraine
shoorick
lea lets to provide address calculation (sometimes used not only for address):
lea esi,[eax] = mov esi,eax
lea esi,[eax + edx*4 + 5] has no mov equivalent
if you have in ebx pointer to array of dwords and in ecx current element, you can load pointer to this element into esi with this way:
lea esi,[ebx + ecx*4] ; (4 - size of dword, maximal multiplicator for lea is 8 )
--------------
btw, instruction mnemonics have sence. LEA means Load Effective Address.


Last edited by shoorick on 22 Oct 2010, 11:00; edited 1 time in total
Post 22 Oct 2010, 10:57
View user's profile Send private message Visit poster's website Reply with quote
pearlz



Joined: 07 Jun 2010
Posts: 55
Location: Viet Nam
pearlz
or
Code:
  sub esi,1
  mov word[esi],0x005c
    
Post 22 Oct 2010, 10:59
View user's profile Send private message Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz
shoorick, thanks that was pretty new good example for me.
pearlz, I understand other thanks Smile
Post 22 Oct 2010, 11:03
View user's profile Send private message Reply with quote
baldr



Joined: 19 Mar 2008
Posts: 1651
baldr
Overflowz,

GetCurrentDirectory() returns number of characters (i.e. words for Unicode flavor) that are written to lpBuffer.
Code:
        include "Win32WX.Inc"; Win32AX works too
        .code
here:   invoke  GetCurrentDirectory, sizeof.buffer, buffer
if 1=sizeof.TCHAR
        mov     word [buffer+sizeof.TCHAR*eax], '\'; ANSI
else
        mov     dword [buffer+sizeof.TCHAR*eax], '\'; Unicode
end if
        invoke  MessageBox, HWND_DESKTOP, buffer, NULL, MB_OK
        ret

        .data
sizeof.buffer = MAX_PATH
buffer  TCHAR   sizeof.buffer dup ?

        .end    here    
GetCurrentDirectory() can return other values too: 0 if an error occurs, >nBufferLength when buffer isn't large enough.
Post 22 Oct 2010, 13:13
View user's profile Send private message Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz
hmm interesting but thats not for me.. Razz Thanks anyway Smile)
Post 22 Oct 2010, 20:21
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar.

Powered by rwasa.