flat assembler
Message board for the users of flat assembler.

Index > Windows > Problem Iczelion tutorial #24: Windows Hooks from x86 to x64

Author
Thread Post new topic Reply to topic
Mikl___



Joined: 30 Dec 2014
Posts: 129
Location: Russian Federation, Irkutsk
Mikl___ 19 Jun 2015, 06:48
a program is written exactly as a program for x86, except for passing parameters to procedures, but do not Windows hooks. Why? Help me please...Image
==================================
original text of tutorial #24
dll-txt
Code:
format PE GUI 4.0 DLL
entry DllMain

include '%fasminc%\win32a.inc'

struct MOUSEHOOKSTRUCT
        .pt             POINT
        .hwnd           dd ?
        .wHitTestCode   dd ?
        .dwExtraInfo    dd ?
ends

WMU_MOUSEHOOK equ WM_USER + 6

section '.data' data readable writeable
        insH            dd ?                    ;handle for instance

section '.sdata' readable writeable shareable
        hookH   dd ?
        wndH    dd ?

section '.code' code readable executable
   proc DllMain, hinstDll, fdwReason, lpvReserved
                push [hinstDll]
                pop  [insH]
                mov  eax,TRUE
                return
   endp
        
   proc mouse_procedure,nCode,wParam,lParam
        invoke  CallNextHookEx,[hookH],[nCode],[wParam],[lParam]
                mov  edx,[lParam]
        invoke  WindowFromPoint,[edx + MOUSEHOOKSTRUCT.pt.x],[edx + MOUSEHOOKSTRUCT.pt.y]
        invoke  PostMessage,[wndH],WMU_MOUSEHOOK,eax,0
                xor  eax,eax            ;must clear eax here
                return
   endp
   
   proc mouse_hook_install,wndTempH
                push [wndTempH]
                pop  [wndH]
        invoke  SetWindowsHookEx,WH_MOUSE,mouse_procedure,[insH],NULL
                mov  [hookH],eax
                return
   endp

   proc mouse_hook_uninstall
        invoke  UnhookWindowsHookEx,[hookH]
                return
   endp

section '.idata' import data readable
        library USER32, 'USER32.DLL'

        import  USER32,\
                CallNextHookEx,         'CallNextHookEx',\
                WindowFromPoint,        'WindowFromPoint',\
                PostMessage,            'PostMessageA',\
                SetWindowsHookEx,       'SetWindowsHookExA',\
                UnhookWindowsHookEx,    'UnhookWindowsHookEx'

section '.edata' export data readable
        export  'TUT_24A.DLL',\
                mouse_procedure,        'mouse_procedure',\
                mouse_hook_install,     'mouse_hook_install',\
                mouse_hook_uninstall,   'mouse_hook_uninstall'

section '.reloc' fixups data discardable    
exe-text
Code:
format PE GUI 4.0
entry start

include '%fasminc%\win32a.inc'

WMU_MOUSEHOOK   equ WM_USER + 6
DLG_MAIN        equ 101
EDIT_CLSNAME    equ 1001
EDIT_HANDLE     equ 1002
EDIT_WNDPROC    equ 1003
BTN_HOOK        equ 1004
BTN_EXIT        equ 1005

section '.data' data readable writeable
        insH            dd ?
        wndClsName      db 'TUT_24B',0
        wndTitle        db 'Tutorial 24B',0

        wndCls  WNDCLASS
        wndMsg  MSG
        
        hookFlag        dd FALSE
        hookH           dd ?
        rect            RECT
        txtUnhook       db '&Unhook',0
        txtHook         db '&Hook',0

        buf1    rb 128
        buf2    rb 128
        f1      db '0x%lX',0

section '.code' code readable executable
   start:
        invoke  GetModuleHandle,NULL
                mov  [insH],eax
        invoke  DialogBoxParam,eax,DLG_MAIN,NULL,dialog_procedure,NULL
        invoke  ExitProcess,0

   proc dialog_procedure,hDlg,uMsg,wParam,lParam
                push ebx esi edi
                cmp  [uMsg],WMU_MOUSEHOOK
                je   wmuMOUSEHOOK
                cmp  [uMsg],WM_CLOSE
                je   wmCLOSE
                cmp  [uMsg],WM_INITDIALOG
                je   wmINITDIALOG
                cmp  [uMsg],WM_COMMAND
                je   wmCOMMAND
                jmp  wmBYE

        wmCLOSE:
                        cmp  [hookFlag],TRUE
                        jne  @f
                invoke  mouse_hook_uninstall
                @@:
                invoke  EndDialog,[hDlg],NULL
                        jmp  wmBYE

        wmuMOUSEHOOK:
                invoke  GetDlgItemText,[hDlg],EDIT_HANDLE,buf2,128
                invoke  wsprintf,buf1,f1,[wParam]
                invoke  lstrcmpi,buf1,buf2
                        cmp  eax,0
                        je   @f
                invoke  SetDlgItemText,[hDlg],EDIT_HANDLE,buf1
                @@:
                invoke  GetDlgItemText,[hDlg],EDIT_CLSNAME,buf2,128
                invoke  GetClassName,[wParam],buf1,128
                invoke  lstrcmpi,buf1,buf2
                        cmp  eax,0
                        je   @f
                invoke  SetDlgItemText,[hDlg],EDIT_CLSNAME,buf1
                @@:
                invoke  GetDlgItemText,[hDlg],EDIT_WNDPROC,buf2,128
                invoke  GetClassLong,[wParam],GCL_WNDPROC
                invoke  wsprintf,buf1,f1,eax
                invoke  lstrcmpi,buf1,buf2
                        cmp  eax,0
                        je   @f
                invoke  SetDlgItemText,[hDlg],EDIT_WNDPROC,buf1
                @@:
                        jmp  wmBYE
        wmINITDIALOG:
                invoke  GetWindowRect,[hDlg],rect
                invoke  SetWindowPos,[hDlg],HWND_TOPMOST,[rect.left],[rect.top],[rect.right],[rect.bottom],SWP_SHOWWINDOW
                        jmp  wmBYE

        wmCOMMAND:
                        cmp  [lParam],0
                        je   wmBYE
                        mov  eax,[wParam]
                        mov  edx,eax
                        shr  edx,16
                        cmp  dx,BN_CLICKED
                        jne  wmBYE
                        cmp  ax,BTN_EXIT
                        je   wmCOMMAND_BTN_EXIT
                        jmp  wmCOMMAND_BTN_HOOK

                wmCOMMAND_BTN_EXIT:
                        invoke  SendMessage,[hDlg],WM_CLOSE,0,0
                                jmp  wmBYE
                
                wmCOMMAND_BTN_HOOK:
                                cmp  [hookFlag],TRUE
                                jne  BTN_HOOK_FALSE
                        invoke  mouse_hook_uninstall
                        invoke  SetDlgItemText,[hDlg],BTN_HOOK,txtHook
                                mov  [hookFlag],FALSE
                        invoke  SetDlgItemText,[hDlg],EDIT_CLSNAME,NULL
                        invoke  SetDlgItemText,[hDlg],EDIT_HANDLE,NULL
                        invoke  SetDlgItemText,[hDlg],EDIT_WNDPROC,NULL
                                jmp  wmBYE

                        BTN_HOOK_FALSE:
                                invoke  mouse_hook_install,[hDlg]
                                        cmp  eax,NULL
                                        je   wmBYE
                                        mov  [hookFlag],TRUE
                                invoke  SetDlgItemText,[hDlg],BTN_HOOK,txtUnhook
                                        jmp  wmBYE
                
        wmBYE:
                pop  edi esi ebx
                return
   endp

section '.idata' import data readable
    library     KERNEL32, 'KERNEL32.DLL',\
                USER32,   'USER32.DLL',\
                TUT_24A,  'TUT_24A.DLL'
    
    import      KERNEL32,\
                GetModuleHandle,        'GetModuleHandleA',\
                lstrcmpi,               'lstrcmpiA',\
                ExitProcess,            'ExitProcess'
    import      USER32,\
                RegisterClass,          'RegisterClassA',\
                CreateWindowEx,         'CreateWindowExA',\
                SendMessage,            'SendMessageA',\
                wsprintf,               'wsprintfA',\
                DialogBoxParam,         'DialogBoxParamA',\
                GetWindowRect,          'GetWindowRect',\
                GetClassName,           'GetClassNameA',\
                GetClassLong,           'GetClassLongA',\
                EndDialog,              'EndDialog',\
                GetDlgItemText,         'GetDlgItemTextA',\
                SetDlgItemText,         'SetDlgItemTextA',\
                SetWindowPos,           'SetWindowPos'
   import       TUT_24A,\
                mouse_hook_install,     'mouse_hook_install',\
                mouse_hook_uninstall,   'mouse_hook_uninstall'


section '.rsrc' resource data readable
        directory       RT_DIALOG,appDialog
        
        resource        appDialog,\
                        DLG_MAIN,LANG_NEUTRAL,dlgMain

        dialog dlgMain,'Mouse Hook Demo',0,0,229,85,\
                WS_CAPTION + WS_POPUP + WS_SYSMENU + DS_MODALFRAME
                dialogitem      'BUTTON','Window Information',-1,7,7,214,67,WS_VISIBLE + BS_GROUPBOX
                dialogitem      'STATIC','Class Name :',-1,21,22,42,8,SS_LEFT + WS_VISIBLE
                dialogitem      'EDIT','',EDIT_CLSNAME,69,20,139,12,ES_LEFT + ES_AUTOHSCROLL + ES_READONLY + WS_VISIBLE + WS_BORDER + WS_TABSTOP
                dialogitem      'STATIC','Handle :',-1,36,37,28,8,SS_LEFT + WS_VISIBLE
                dialogitem      'EDIT','',EDIT_HANDLE,69,36,76,12,ES_LEFT + ES_AUTOHSCROLL + ES_READONLY + WS_VISIBLE + WS_BORDER + WS_TABSTOP
                dialogitem      'STATIC','Window Proc :',-1,15,52,48,8,SS_LEFT + WS_VISIBLE
                dialogitem      'EDIT','',EDIT_WNDPROC,69,52,76,12,ES_LEFT + ES_AUTOHSCROLL + ES_READONLY + WS_VISIBLE + WS_BORDER + WS_TABSTOP
                dialogitem      'BUTTON','&Hook',BTN_HOOK,159,35,50,14,BS_DEFPUSHBUTTON + WS_VISIBLE + WS_TABSTOP
                dialogitem      'BUTTON','&Exit',BTN_EXIT,159,51,50,15,BS_PUSHBUTTON + WS_VISIBLE + WS_TABSTOP
        enddialog    

========================================
Win x64 dll-text
Code:
format PE64 GUI 5.0 DLL
entry DllMain

include 'win64a.inc'



WMU_MOUSEHOOK equ WM_USER + 6

section '.data' data readable writeable
        insH            dq ?                    ;handle for instance

section '.sdata' readable writeable shareable
        hookH   dq ?
        wndH    dq ?

section '.code' code readable executable
   proc DllMain, hinstDll, fdwReason, lpvReserved
                mov [insH],rcx
                mov  eax,TRUE
                ret
   endp
        
   proc mouse_procedure,nCode,wParam,lParam
        mov [lParam],r8
        mov [wParam],rdx
        mov [nCode],rcx
        invoke  CallNextHookEx,[hookH],[nCode],[wParam],[lParam]
                mov  rdx,[lParam]
        invoke  WindowFromPoint,[rdx + POINT.x],[rdx + POINT.y]
        invoke  PostMessage,[wndH],WMU_MOUSEHOOK,rax,0
                xor  eax,eax            ;must clear eax here
                ret
   endp
   
   proc mouse_hook_install,wndTempH
                mov [wndH],rcx;push [wndTempH]
                ;pop  [wndH]
        invoke  SetWindowsHookEx,WH_MOUSE,mouse_procedure,[insH],NULL
                mov  [hookH],rax
                ret
   endp

   proc mouse_hook_uninstall
        invoke  UnhookWindowsHookEx,[hookH]
                ret
   endp

section '.idata' import data readable
        library USER32, 'USER32.DLL'

        import  USER32,\
                CallNextHookEx,         'CallNextHookEx',\
                WindowFromPoint,        'WindowFromPoint',\
                PostMessage,            'PostMessageA',\
                SetWindowsHookEx,       'SetWindowsHookExA',\
                UnhookWindowsHookEx,    'UnhookWindowsHookEx'

section '.edata' export data readable
        export  'TUT_24A.DLL',\
                mouse_procedure,        'mouse_procedure',\
                mouse_hook_install,     'mouse_hook_install',\
                mouse_hook_uninstall,   'mouse_hook_uninstall'

section '.reloc' fixups data discardable    
exe-text
Code:
format PE64 GUI 5.0
entry WinMain
include 'win64a.inc'

WMU_MOUSEHOOK   equ WM_USER + 6
DLG_MAIN        equ 101
EDIT_CLSNAME    equ 1001
EDIT_HANDLE     equ 1002
EDIT_WNDPROC    equ 1003
BTN_HOOK        equ 1004
BTN_EXIT        equ 1005

section '.text' code readable writeable executable

        hookFlag        dq FALSE
        hookH           dq ?
        rect            RECT
        txtUnhook       db '&Unhook',0
        txtHook         db '&Hook',0

        buf1    rb 128
        buf2    rb 128
        f1      db '0x%lX',0

proc WinMain
        invoke  DialogBoxParam,400000h,DLG_MAIN,NULL,dialog_procedure,NULL
        invoke  ExitProcess,0
endp
   proc dialog_procedure,hDlg,uMsg,wParam,lParam
                mov [hDlg],rcx
                mov [wParam],r8
                mov [lParam],r9
                cmp  edx,WMU_MOUSEHOOK
                je   wmuMOUSEHOOK
                cmp  edx,WM_CLOSE
                je   wmCLOSE
                cmp  edx,WM_INITDIALOG
                je   wmINITDIALOG
                cmp  edx,WM_COMMAND
                jne  wmBYE
wmCOMMAND:
                        cmp  [lParam],0
                        je   wmBYE
                        mov  rax,[wParam]
                        mov  edx,eax
                        shr  edx,16
                        cmp  dx,BN_CLICKED
                        jne  wmBYE
                        cmp  ax,BTN_EXIT
                        jne wmCOMMAND_BTN_HOOK

                wmCOMMAND_BTN_EXIT:
                        invoke  SendMessage,[hDlg],WM_CLOSE,0,0
                                jmp  wmBYE
                
                wmCOMMAND_BTN_HOOK:
                                cmp  [hookFlag],TRUE
                                jne  BTN_HOOK_FALSE
                        invoke  mouse_hook_uninstall
                        invoke  SetDlgItemText,[hDlg],BTN_HOOK,txtHook
                                mov  [hookFlag],FALSE
                        invoke  SetDlgItemText,[hDlg],EDIT_CLSNAME,NULL
                        invoke  SetDlgItemText,[hDlg],EDIT_HANDLE,NULL
                        invoke  SetDlgItemText,[hDlg],EDIT_WNDPROC,NULL
                                jmp  wmBYE

                        BTN_HOOK_FALSE:
                                invoke  mouse_hook_install,[hDlg]
                                        cmp  eax,NULL
                                        je   wmBYE
                                        mov  [hookFlag],TRUE
                                invoke  SetDlgItemText,[hDlg],BTN_HOOK,txtUnhook
                                        jmp  wmBYE
        wmCLOSE:
                        cmp  [hookFlag],TRUE
                        jne  @f
                invoke  mouse_hook_uninstall
                @@:
                invoke  EndDialog,[hDlg],NULL
                        jmp  wmBYE

        wmuMOUSEHOOK:
                invoke  GetDlgItemText,[hDlg],EDIT_HANDLE,buf2,128
                invoke  wsprintf,buf1,f1,[wParam]
                invoke  lstrcmpi,buf1,buf2
                        cmp  eax,0
                        je   @f
                invoke  SetDlgItemText,[hDlg],EDIT_HANDLE,buf1
                @@:
                invoke  GetDlgItemText,[hDlg],EDIT_CLSNAME,buf2,128
                invoke  GetClassName,[wParam],buf1,128
                invoke  lstrcmpi,buf1,buf2
                        cmp  eax,0
                        je   @f
                invoke  SetDlgItemText,[hDlg],EDIT_CLSNAME,buf1
                @@:
                invoke  GetDlgItemText,[hDlg],EDIT_WNDPROC,buf2,128
                invoke  GetClassLong,[wParam],GCL_WNDPROC
                invoke  wsprintf,buf1,f1,eax
                invoke  lstrcmpi,buf1,buf2
                        cmp  eax,0
                        je   @f
                invoke  SetDlgItemText,[hDlg],EDIT_WNDPROC,buf1
                @@:
                        jmp  wmBYE
        wmINITDIALOG:
                invoke  GetWindowRect,[hDlg],rect
                invoke  SetWindowPos,[hDlg],HWND_TOPMOST,[rect.left],[rect.top],[rect.right],[rect.bottom],SWP_SHOWWINDOW
wmBYE:          xor eax,eax
                ret
   endp

section '.idata' import data readable
    library     KERNEL32, 'KERNEL32.DLL',\
                USER32,   'USER32.DLL',\
                TUT_24A,  'TUT_24A.DLL'
    
    import      KERNEL32,\
                lstrcmpi,               'lstrcmpiA',\
                ExitProcess,            'ExitProcess'
    import      USER32,\
                SendMessage,            'SendMessageA',\
                wsprintf,               'wsprintfA',\
                DialogBoxParam,         'DialogBoxParamA',\
                GetWindowRect,          'GetWindowRect',\
                GetClassName,           'GetClassNameA',\
                GetClassLong,           'GetClassLongA',\
                EndDialog,              'EndDialog',\
                GetDlgItemText,         'GetDlgItemTextA',\
                SetDlgItemText,         'SetDlgItemTextA',\
                SetWindowPos,           'SetWindowPos'
   import       TUT_24A,\
                mouse_hook_install,     'mouse_hook_install',\
                mouse_hook_uninstall,   'mouse_hook_uninstall'


section '.rsrc' resource data readable
        directory       RT_DIALOG,appDialog
        
        resource        appDialog,\
                        DLG_MAIN,LANG_NEUTRAL,dlgMain

        dialog dlgMain,"Iczelion's Tutorial #24:Mouse Hook Demo",0,0,229,85,\
                WS_CAPTION + WS_POPUP + WS_SYSMENU + DS_MODALFRAME
                dialogitem      'BUTTON','Window Information',-1,7,7,214,67,WS_VISIBLE + BS_GROUPBOX
                dialogitem      'STATIC','Class Name :',-1,21,22,42,8,SS_LEFT + WS_VISIBLE
                dialogitem      'EDIT','',EDIT_CLSNAME,69,20,139,12,ES_LEFT + ES_AUTOHSCROLL + ES_READONLY + WS_VISIBLE + WS_BORDER + WS_TABSTOP
                dialogitem      'STATIC','Handle :',-1,36,37,28,8,SS_LEFT + WS_VISIBLE
                dialogitem      'EDIT','',EDIT_HANDLE,69,36,76,12,ES_LEFT + ES_AUTOHSCROLL + ES_READONLY + WS_VISIBLE + WS_BORDER + WS_TABSTOP
                dialogitem      'STATIC','Window Proc :',-1,15,52,48,8,SS_LEFT + WS_VISIBLE
                dialogitem      'EDIT','',EDIT_WNDPROC,69,52,76,12,ES_LEFT + ES_AUTOHSCROLL + ES_READONLY + WS_VISIBLE + WS_BORDER + WS_TABSTOP
                dialogitem      'BUTTON','&Hook',BTN_HOOK,159,35,50,14,BS_DEFPUSHBUTTON + WS_VISIBLE + WS_TABSTOP
                dialogitem      'BUTTON','&Exit',BTN_EXIT,159,51,50,15,BS_PUSHBUTTON + WS_VISIBLE + WS_TABSTOP
        enddialog    
Post 19 Jun 2015, 06:48
View user's profile Send private message Visit poster's website Reply with quote
l_inc



Joined: 23 Oct 2009
Posts: 881
l_inc 20 Jun 2015, 22:06
Mikl___
insH, wndH and hookH as well as the formulation "but do not Windows hooks" make my eyes bleed. Still I had a look at your code in the debugger. The hook works correctly, but your WindowFromPoint invocation is wrong: the function takes one argument, which is the POINT structure by value. In a somewhat dirty way it should look as follows:
Code:
invoke  WindowFromPoint,qword [rdx]    

_________________
Faith is a superposition of knowledge and fallacy
Post 20 Jun 2015, 22:06
View user's profile Send private message Reply with quote
Mikl___



Joined: 30 Dec 2014
Posts: 129
Location: Russian Federation, Irkutsk
Mikl___ 22 Jun 2015, 01:40
l_inc,
thank you very much!
Image
Post 22 Jun 2015, 01:40
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.