flat assembler
Message board for the users of flat assembler.

Index > Windows > Random number generation via GetSystemTime()

Author
Thread Post new topic Reply to topic
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz
Hello everyone, I'm trying to make some random numbers from 0 to 9 (for example) and I'm stuck here.. When I wrote program it not generates rly randomly, sometimes it shows same number like 5 or 6 times in a row.. If someone knows better method please post it here. Smile Thank you.
Code:
format PE GUI 4.0

include 'WIN32AX.INC'

section '.data' data readable writeable

junk dd ?
time SYSTEMTIME
timedec rb 20
nullbyte rb 0

section '.text' code readable executable

entry main

proc main

     push 10
     call random
     invoke MessageBox,0,timedec,timedec,MB_OK
     ret

endp

proc random ecx

     invoke GetSystemTime,time      ;get current system time.
     xor eax,eax                    ;zeroing eax for some reasons.
     mov ax,[time.wMilliseconds]    ;saving milliseconds in AX register.
     push eax                       ;saving eax value in stack.
     invoke GetSystemTime,time      ;getting another system time after some millseconds.
     xor eax,eax                    ;zeroing eax again.
     mov ax,[time.wMilliseconds]    ;saving milliseconds in AX register.
     pop edx                        ;poping first milliseconds in edx register
     mul eax                        ;multiplying them.
     mov edi,timedec                ;moving buffer here for conversation (not using here)
     mov ebx,[ecx]                  ;moving in ebx 1 argument (for division)
     xor edx,edx                    ;zeroing edx.
     div ebx                        ;dividing edx:eax to ebx.
     ;add dl,0x30                   ;nothing special here.
     ;mov byte[edi],dl              ;-- --------------------
     ret

endp

section '.idata' import data readable

library kernel32,'kernel32.dll',user32,'user32.dll'

include 'API\USER32.INC'
include 'API\KERNEL32.INC'

section '.reloc' fixups data discardable    
Post 17 Feb 2011, 08:35
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17716
Location: In your JS exploiting you and your system
revolution
Well the system timer is a terrible source for random numbers. Here is a better source:
Code:
proc rand uses ebx,store,length
       local   context:DWORD
   invoke  CryptAcquireContext,addr context,NULL,NULL,PROV_RSA_FULL,CRYPT_VERIFYCONTEXT
        test    eax,eax
     jz      .done
       invoke  CryptGenRandom,[context],[length],[store]
   test    eax,eax
     setz    bl
  invoke  CryptReleaseContext,[context],0
     test    eax,eax
     setz    al
  or      al,bl
       movzx   eax,al
      dec     eax     
    .done:
  ret
endp    
Post 17 Feb 2011, 08:56
View user's profile Send private message Visit poster's website Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz
revolution
Thanks for reply! isn't there any other way to make random number only with using kernel32/user32 libraries ? Cause I'm learning libraries step by step so I'm now only on kernel32, user32 and some from shell32 libs.. Smile Thanks.
Post 17 Feb 2011, 09:20
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17716
Location: In your JS exploiting you and your system
revolution
There are lots and lots of ways to make pseudo random numbers without even using the system APIs. But you already complained about the quality of your simple method, so most of those easy ways won't suit you. Generating good quality randomness is not easy to do and for a beginner the process may appear to be overwhelming in its complexity. The crypto APIs solve this difficult problem and present an easy to use interface to extract good quality randomness.

BTW: The ADVAPI32 is part of the core OS libraries and is always available, just like KERNEL32 and USER32, so don't worry about it not being there.

BTW2: Things like the C rand() function is also a terrible random number generator. It is just a simple LCG algorithm with awful "randomness" properties.
Post 17 Feb 2011, 09:33
View user's profile Send private message Visit poster's website Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz
revolution
Thank you, I'll learn that too.
p.s Dev-C++ algorithm sucks really ^^ when calling only random, first comes 41 every time hehe.
Thanks for useful post!
Post 17 Feb 2011, 10:21
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on GitHub, YouTube, Twitter.

Website powered by rwasa.