flat assembler
Message board for the users of flat assembler.

Index > Windows > Hang on windows startup

Author
Thread Post new topic Reply to topic
mangler



Joined: 02 Mar 2015
Posts: 6
mangler
hi there,
here is what i got :
my app starts as usual app and works great while i start it with my hand, but when it is started by windows start-up or from code (for ex. C#) it hangs and crushes

code :


Code:

 dwThread                rd 1 

    invoke CreateThread, NULL, NULL, MyApp, NULL, NULL, dwThread
    test eax, eax
    je @f
 
   invoke WaitForSingleObject, eax, -1
   jmp Exit
 
@@: xor eax, eax
    inc eax
Exit:
    ret 
    


any help is appreciated ^_^[/code]


error:


EAX 00000000
ECX 00000000
EDX 00000000
EBX 00000000
ESP 000CFEFC
EBP 000CFF64
ESI 000CFF40
EDI 00000050
EIP 7795DB5C ntdll.7795DB5C
C 0 ES 002B 32bit 0(FFFFFFFF)
P 1 CS 0023 32bit 0(FFFFFFFF)
A 0 SS 002B 32bit 0(FFFFFFFF)
Z 0 DS 002B 32bit 0(FFFFFFFF)
S 0 FS 0053 32bit 7FFDD000(FFF)
T 1 GS 002B 32bit 0(FFFFFFFF)
D 0
O 0 LastErr ERROR_SXS_KEY_NOT_FOUND (000036B7)
EFL 00000306 (NO,NB,NE,A,NS,PE,GE,G)
ST0 empty 0.0
ST1 empty 0.0
ST2 empty 0.0
ST3 empty 0.0
ST4 empty 0.0
ST5 empty 0.0
ST6 empty 0.0
ST7 empty 0.0
3 2 1 0 E S P U O Z D I
FST 0000 Cond 0 0 0 0 Err 0 0 0 0 0 0 0 0 (GT)
FCW 027F Prec NEAR,53 Mask 1 1 1 1 1 1
Post 18 Mar 2015, 06:46
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17492
Location: In your JS exploiting you and your system
revolution
Is that you entire code? If so then there are some problems.

1) No "format ..." is specified so you get 16-bit code as a raw binary file (similar to a .com file).
2) No entry point is specficed so it starts executing the "dwThread rd 1" as the first instruction.
3) No call to ExitProcess (a "ret" does not always do what you might expect, and a 16-bit com program should use "int 0x20" or other DOS exit function).

If that is not your whole code then we can't test what you haven't given us. At least make a short example that compiles and runs without us having to go to extra effort and make assumptions about what you are doing.
Post 18 Mar 2015, 08:17
View user's profile Send private message Visit poster's website Reply with quote
HaHaAnonymous



Joined: 02 Dec 2012
Posts: 1180
Location: Unknown
HaHaAnonymous
Quote:

Is that you entire code?

No.

Not sure.
Post 18 Mar 2015, 14:08
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
CreateThread's last parameter:

64bit: QWORD
32bit: DWORD

Is this 32bit or 64bit code?
Post 20 Mar 2015, 02:17
View user's profile Send private message Reply with quote
HaHaAnonymous



Joined: 02 Dec 2012
Posts: 1180
Location: Unknown
HaHaAnonymous
Quote:

Is this 32bit or 64bit code?

32bit.

Not sure.
Post 20 Mar 2015, 02:38
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
1. Make sure dwThread is in a readable+writeable section.

2. Use a debugger
Post 21 Mar 2015, 12:59
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on YouTube, Twitter.

Website powered by rwasa.