flat assembler
Message board for the users of flat assembler.

Index > Main > Virtual directive

Author
Thread Post new topic Reply to topic
RKT878



Joined: 05 May 2012
Posts: 2
RKT878 07 May 2012, 13:34
Hello, I have recently started writing in FASM and I haven't understood yet how "Virtual" directive exactly works. I believe it is just a... *virtual* directive to help programmer use stuff from registers/pointers (like in "virtual at eax a1 db 1 a2 db 2 end virtual" a2 points to [eax+1]).
But whats the difference between
Code:
virtual at eax
a1 db 12 dup(?)
end virtual
    

and
Code:
virtual at eax
a1 rb 12
end virtual
    
?
And I am encountering the problem with it at the moment: lets say I want to get UserName without using actual variables:
Code:
format PE GUI 4.0
include 'win32ax.inc'
virtual at ebp
usrn db 128 dup(?)
usrn2 db 128 dup(?)
end virtual
section '.code' code readable writeable  executable 
start:
invoke GlobalAlloc,GPTR,1024
push dword[eax]
invoke GetUserName,  dword[usrn], usrnsz
invoke MessageBox,0,dword[usrn],dword[usrn2],MB_OK
endl:
invoke ExitProcess,0
endcl:
usrnsz dd 127
.end start
    

It works "ok", but if I use the latter "variable" (usrn2) it leads to application crash.
Post 07 May 2012, 13:34
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20299
Location: In your JS exploiting you and your system
revolution 07 May 2012, 13:45
If you want to push the address of a pointer then you would not place it in brackets.
Code:
invoke MessageBox,0,addr usrn,addr usrn2,MB_OK    
Note the use of the addr prefix to allow the invoke macro to properly generate the ebp based address.

Also when using ebp in a virtual block you will need to make memory space for it somewhere else you risk overwriting the stack.
Code:
sub esp,256 ;make space for our structure
mov ebp,esp ;set ebp to point to our allocated memory    
Post 07 May 2012, 13:45
View user's profile Send private message Visit poster's website Reply with quote
RKT878



Joined: 05 May 2012
Posts: 2
RKT878 07 May 2012, 14:15
Thanks Revolution, it took me some time experimentating though, but it works now.
Sorry for taking your time Smile
Post 07 May 2012, 14:15
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.