flat assembler
Message board for the users of flat assembler.

Index > Main > How to change base of image?

Author
Thread Post new topic Reply to topic
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz 28 Sep 2011, 20:45
Hey, I have little question. I'm interested, how can I change entry point in program ? I mean, when I do something like ..
Code:
section '.text' code readable executable
junk code ;<-- starts from 0x401000    

how can I modify it ? for example, if I want start code for example, from 513000.. Thanks.


Last edited by Overflowz on 30 Sep 2011, 08:33; edited 1 time in total
Post 28 Sep 2011, 20:45
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
typedef 28 Sep 2011, 21:00
Can you restate your question and or visual aid please?
Post 28 Sep 2011, 21:00
View user's profile Send private message Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4624
Location: Argentina
LocoDelAssembly 28 Sep 2011, 21:12
Use a label to indicate where you want the entry point, then in any place of the source (but preferably just after "format pe ...") use "entry your_label_to_your_entry".

If you are using win*x*.inc, then .end macro expects as an argument the entry point so you can specify it like ".end your_kabel_to_your_entry".
Post 28 Sep 2011, 21:12
View user's profile Send private message Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz 28 Sep 2011, 21:15
LocoDelAssembly
can you write little example please ? I don't get it.
typedef
use debugger. I suck at English right now, cause I'm really tired.
Post 28 Sep 2011, 21:15
View user's profile Send private message Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4624
Location: Argentina
LocoDelAssembly 28 Sep 2011, 22:42
Code:
format pe gui 4.0
entry start ; Specifies the entry point

section '.code' code readable executable
db 'LOCO'; junk code

start: ;entry point
ret    
Post 28 Sep 2011, 22:42
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
typedef 28 Sep 2011, 23:41
^^Seriously this is what he was asking for ? LOL, I've seen him do that 1K times.

Code:
section '.code' code readable executable ;writeable (I like to enable this flag )
    
Post 28 Sep 2011, 23:41
View user's profile Send private message Reply with quote
ProphetOfDoom



Joined: 08 Aug 2008
Posts: 120
Location: UK
ProphetOfDoom 29 Sep 2011, 00:21
I suspect he's referring to changing the image base (where the executable is loaded in virtual memory) which would in turn affect where the entry point is. Question I don't know how you do it in fasm but the linker I use (GoLink) has a /base option which lets you specify the base in hex.
Post 29 Sep 2011, 00:21
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
typedef 29 Sep 2011, 00:43
ProphetOfDoom ?

Who the eF are you ? Are you really the Prophet of Doom ? If so tell me when it will occur because I'm tired of this economic turmoil.
Post 29 Sep 2011, 00:43
View user's profile Send private message Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz 29 Sep 2011, 00:50
LocoDelAssembly
Oh, I'm sorry. I asked wrong question, ProphetOfDoom is right, I need to change base address of image. Sorry.. Smile
Post 29 Sep 2011, 00:50
View user's profile Send private message Reply with quote
addes3



Joined: 09 May 2011
Posts: 29
addes3 29 Sep 2011, 18:17
[tt]format pe gui at 513000h[/tt]
Post 29 Sep 2011, 18:17
View user's profile Send private message Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz 29 Sep 2011, 20:26
addes3
it says, invalid Win32 file.
Post 29 Sep 2011, 20:26
View user's profile Send private message Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4624
Location: Argentina
LocoDelAssembly 29 Sep 2011, 21:38
Odd, I thought ProphetOfDoom answered the question but now I look again he only clarified Overflowz's question.

Anyway, the solution is the one provided by addes3, but perhaps you'll need to add version and also subtract 0x1000 (check with OllyDbg to see where your first section starts).

Also, when doing this, make sure you executable is importing KERNEL32.DLL (or another DLL which directly or indirectly imports such DLL), because if it doesn't then you may get problems on some Windows versions.

PS: I forgot to copy this link: http://flatassembler.net/docs.php?article=manual#2.4.2
Post 29 Sep 2011, 21:38
View user's profile Send private message Reply with quote
Overflowz



Joined: 03 Sep 2010
Posts: 1046
Overflowz 30 Sep 2011, 08:33
Thank you ! I figured out. Smile
Post 30 Sep 2011, 08:33
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.