flat assembler
Message board for the users of flat assembler.

Index > Windows > using printf in GUI application

Goto page 1, 2  Next
Author
Thread Post new topic Reply to topic
sleepsleep



Joined: 05 Oct 2006
Posts: 12938
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 0010456
sleepsleep 10 Mar 2014, 10:53
i am wondering,
what happened to those printf calls in GUI application?

assume that we use printf as a method to diagnose if we set application into console mode.
Post 10 Mar 2014, 10:53
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20430
Location: In your JS exploiting you and your system
revolution 10 Mar 2014, 12:03
GUI processes can open console windows and read and write them in the same way that a console process can open GUI windows and interact with the user. Console processes can also detach from the console and continue with just using a GUI. You can even close all console and GUI windows and have the process run in stealth mode (perhaps with just a tray icon to show current status).


Last edited by revolution on 10 Mar 2014, 13:48; edited 1 time in total
Post 10 Mar 2014, 12:03
View user's profile Send private message Visit poster's website Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 12938
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 0010456
sleepsleep 10 Mar 2014, 12:52
so, what happened if you use printf in GUI windows application,
since there is not output console.
Post 10 Mar 2014, 12:52
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20430
Location: In your JS exploiting you and your system
revolution 10 Mar 2014, 13:46
Try it and tell us what happens.
Post 10 Mar 2014, 13:46
View user's profile Send private message Visit poster's website Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 12938
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 0010456
sleepsleep 10 Mar 2014, 14:13
well,
i tried, using the template.asm provided in FASM example folder.

Code:
format PE GUI 4.0
entry start

include '%include%\win32ax.inc'

section '.text' code readable executable

  start:
        cinvoke printf,<'hello world',0>
        invoke  GetModuleHandle,0
    


if you change the application type to console,
a hello world will get printed out,

now, if it is GUI 4.0
i am curious, as what happened inside when there is no standard output stream.
Post 10 Mar 2014, 14:13
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20430
Location: In your JS exploiting you and your system
revolution 10 Mar 2014, 14:20
Check the error code. You should be doing this anyway as part of normal the programming procedure. Ignoring error codes is a great way to have bugs
Post 10 Mar 2014, 14:20
View user's profile Send private message Visit poster's website Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 12938
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 0010456
sleepsleep 10 Mar 2014, 14:38
revolution wrote:
Check the error code. You should be doing this anyway as part of normal the programming procedure. Ignoring error codes is a great way to have bugs


i don't get it?
what should i check after using printf?
Post 10 Mar 2014, 14:38
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20430
Location: In your JS exploiting you and your system
revolution 10 Mar 2014, 14:41
sleepsleep wrote:
what should i check after using printf?
The error code.

Doesn't the C-library return error codes? I've never used it so I don't know what it does to indicate errors, but I assume there is something. If I am wrong and it has no error code to check then C is more broken that I thought.
Post 10 Mar 2014, 14:41
View user's profile Send private message Visit poster's website Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 12938
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 0010456
sleepsleep 10 Mar 2014, 14:49
http://msdn.microsoft.com/en-us/library/aa272863%28v=vs.60%29.aspx
Quote:

Return Value
Each of these functions returns the number of characters printed, or a negative value if an error occurs.
Post 10 Mar 2014, 14:49
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 12938
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 0010456
sleepsleep 10 Mar 2014, 14:50
i guess,
i would get negative value, just curious what happened when you do printf in GUI 4.0...
Post 10 Mar 2014, 14:50
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20430
Location: In your JS exploiting you and your system
revolution 10 Mar 2014, 14:52
Tell us what error code you get. Why all the guessing when you have a computer right there in front of you?
Post 10 Mar 2014, 14:52
View user's profile Send private message Visit poster's website Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 12938
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 0010456
sleepsleep 10 Mar 2014, 15:05
ok, i am wrong,
and we got surprise,
Code:
section '.text' code readable executable

  start:
        cinvoke printf,<'hello world',0>
        cinvoke wsprintf,b1,<'ret = %ld',0>,eax
        invoke  MessageBox,NULL,b1,b1,MB_OK
        invoke  GetModuleHandle,0

section '.data' data readable writeable
  b1 rb 0xFF

    


Image
Post 10 Mar 2014, 15:05
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20430
Location: In your JS exploiting you and your system
revolution 10 Mar 2014, 15:18
So maybe your message was sent to the NSA. I hope you said nice things to them.

Anyhow, it appears as though the C-library is very broken in this respect since it returns success for something that clearly failed.

BTW: No need for the zero terminators in the strings. The macros insert them automatically.
Post 10 Mar 2014, 15:18
View user's profile Send private message Visit poster's website Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 12938
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 0010456
sleepsleep 10 Mar 2014, 15:47
revolution wrote:

BTW: No need for the zero terminators in the strings. The macros insert them automatically.

oh, great, thanks, never knew this before, keep on putting 0 for a while already.
Post 10 Mar 2014, 15:47
View user's profile Send private message Reply with quote
Heskeutz



Joined: 25 Feb 2014
Posts: 12
Heskeutz 10 Mar 2014, 16:25
revolution wrote:
Anyhow, it appears as though the C-library is very broken in this respect since it returns success for something that clearly failed.
Why do you say so? Didn't it print "hello world" to stdout? Confused
Post 10 Mar 2014, 16:25
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 12938
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 0010456
sleepsleep 10 Mar 2014, 16:40
Heskeutz wrote:
revolution wrote:
Anyhow, it appears as though the C-library is very broken in this respect since it returns success for something that clearly failed.
Why do you say so? Didn't it print "hello world" to stdout? Confused


nope in GUI 4.0
Post 10 Mar 2014, 16:40
View user's profile Send private message Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4624
Location: Argentina
LocoDelAssembly 11 Mar 2014, 00:34
Tried the following code:
Code:
format pe gui
include 'win32ax.inc'

  cinvoke printf, msg
  invoke  ExitProcess, 0

msg TCHAR "Hello World", 10, 0
align 4 ; Just to be safe
data import 
  library kernel32, 'kernel32.dll',\
          msvcrt,'msvcrt.dll'

  include 'api/kernel32.inc'

  import msvcrt,\
         printf, 'printf'
end data    
Then when running from cmd.exe I got this:
Code:
C:\Escritorio\Assembly\snippets>console.exe

C:\Escritorio\Assembly\snippets>console.exe > test.txt

C:\Escritorio\Assembly\snippets>type test.txt
Hello World    
Assignment: Find documentation about default STD_OUTPUT_HANDLE on GUI programs Smile (No, I don't know this)
Post 11 Mar 2014, 00:34
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 12938
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 0010456
sleepsleep 11 Mar 2014, 18:24
yeah, interesting,
maybe there is a hidden STD_OUTPUT_HANDLE for GUI application, not sure how big the buffer size before overflow, doesn't seem documented anywhere after a series of google.

by logic then, a hidden STD_INPUT_HANDLE would be available too.
Post 11 Mar 2014, 18:24
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20430
Location: In your JS exploiting you and your system
revolution 11 Mar 2014, 23:22
sleepsleep wrote:
maybe there is a hidden STD_OUTPUT_HANDLE for GUI application, not sure how big the buffer size before overflow, doesn't seem documented anywhere after a series of google.
I wonder how large the buffer is for /dev/null? Perhaps one day it will overflow? Maybe it goes to NSA so they can back it up for you?
Post 11 Mar 2014, 23:22
View user's profile Send private message Visit poster's website Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 12938
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 0010456
sleepsleep 12 Mar 2014, 01:14
i guess,
as you said,
maybe it really ends up in \Device\Null

Quote:
In the Windows NT system and its successors, it is named \Device\Null internally, and the DOS NUL is an alias for it. However, at the command prompt, \\.\Null is not a valid destination, since the command prompt can only access a device through an alias. (Windows Fundamentals for Legacy PCs, a derivative of Windows XP, does not include NUL: in its default installation, which breaks some programs; however, it can easily be added by copying the device driver file null.sys from a full XP install.)


Code:
        cinvoke printf,<'hello world',0>
        cinvoke wsprintf,b1,<'ret = %ld',0>,eax
        invoke  MessageBox,NULL,b1,b1,MB_OK
        cinvoke scanf,'%s',b1
        invoke  MessageBox,NULL,b1,b1,MB_OK
        invoke  GetModuleHandle,0
    

template.exe < hello.txt

hello.txt got string hello world

result
Image
where the word, "world" gone?
Post 12 Mar 2014, 01:14
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page 1, 2  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.