flat assembler
Message board for the users of flat assembler.

Index > Macroinstructions > Help with the structure

Author
Thread Post new topic Reply to topic
bober132



Joined: 19 Nov 2014
Posts: 6
bober132 11 Sep 2015, 06:01
Hello! Need your help on working with structures. How can I make this code work? Is it possible to add some sort of macro and fix the code? Thank you in advance!

Code:
struct kernel32API 
        ...
        GetLastError            dd      ?
ends
...
struct API kernel32API user32API ;... - error here
        delta           dd              ?
...
ends

mov eax,[esi+API.GetLastError   ];not working
    


Code:
struct kernel32API 
        ...
        GetLastError            dd      ?
ends
...
struct API
        delta           dd      ?
        kernel32API <>
        advapi32API     <>
...
ends

mov eax,[esi+API.GetLastError   ];not working
    
Post 11 Sep 2015, 06:01
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20448
Location: In your JS exploiting you and your system
revolution 11 Sep 2015, 06:12
I don't know about the first code you posted but the second is like this:
Code:
struct kernel32API 
        ...
        GetLastError            dd      ?
ends
...
struct API
        delta  dd      ?
        k32API kernel32API
        a32API advapi32API
...
ends

mov eax,[esi+API.k32API.GetLastError] ;specify all the structure layers.    
Post 11 Sep 2015, 06:12
View user's profile Send private message Visit poster's website Reply with quote
bober132



Joined: 19 Nov 2014
Posts: 6
bober132 11 Sep 2015, 06:50
revolution, Your code is not suitable, the call should take place via a common list of API.
examples:
Code:
mov eax, [esi + API.ExitThread]
mov eax, [esi + API.LookupPrivilegeValueA]
mov eax, [esi + API.MessageBoxA]
....
    
Post 11 Sep 2015, 06:50
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20448
Location: In your JS exploiting you and your system
revolution 11 Sep 2015, 07:44
Now that we know what you want, you can make it a macro:
Code:
macro kernel32API {
        ...
        GetLastError            dd      ?
}
struct API
        delta  dd      ?
        kernel32API
...
ends    
Post 11 Sep 2015, 07:44
View user's profile Send private message Visit poster's website Reply with quote
bober132



Joined: 19 Nov 2014
Posts: 6
bober132 11 Sep 2015, 08:40
revolution, Good idea, thank you! How to know the size of the data of the macro?
example:
sizeof.kernel32API
Post 11 Sep 2015, 08:40
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20448
Location: In your JS exploiting you and your system
revolution 11 Sep 2015, 08:49
Code:
virtual at 0
  kernel32API
  sizeof.kernel32API = $
end virtual    
Post 11 Sep 2015, 08:49
View user's profile Send private message Visit poster's website Reply with quote
bober132



Joined: 19 Nov 2014
Posts: 6
bober132 11 Sep 2015, 10:00
revolution, Almost got it! I can not fix the last error:
Code:
macro my_struct name{
        common name dd 0 dup(?)
        name#API
        virtual at 0 
                name#API; error here
                sizeof.#name = $ 
        end virtual
}
macro gdiplusAPI {
...
        GdipSaveImageToStream dd        ?
        GdiplusStartup dd       ?
}
struct API
        delta           dd              ?
        my_struct gdiplus
ends
    
Post 11 Sep 2015, 10:00
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20448
Location: In your JS exploiting you and your system
revolution 11 Sep 2015, 10:10
You can't use virtual inside the struct macro.
Post 11 Sep 2015, 10:10
View user's profile Send private message Visit poster's website Reply with quote
bober132



Joined: 19 Nov 2014
Posts: 6
bober132 11 Sep 2015, 10:16
And now what can I do? it can be fixed?
Post 11 Sep 2015, 10:16
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20448
Location: In your JS exploiting you and your system
revolution 11 Sep 2015, 10:18
Just put your virtual outside of any struct macros.
Code:
macro gdiplusAPI {
...
        GdipSaveImageToStream dd        ?
        GdiplusStartup dd       ?
}
virtual at 0
  gdiplusAPI
  sizeof.gdiplusAPI= $
end virtual
struct API
        delta           dd              ?
        gdiplusAPI
ends    
Post 11 Sep 2015, 10:18
View user's profile Send private message Visit poster's website Reply with quote
bober132



Joined: 19 Nov 2014
Posts: 6
bober132 14 Sep 2015, 04:19
It works, thank you!
Post 14 Sep 2015, 04:19
View user's profile Send private message Reply with quote
JohnFound



Joined: 16 Jun 2003
Posts: 3499
Location: Bulgaria
JohnFound 14 Sep 2015, 04:41
revolution wrote:
You can't use virtual inside the struct macro.


This statement is a little bit not true.

_________________
Tox ID: 48C0321ADDB2FE5F644BB5E3D58B0D58C35E5BCBC81D7CD333633FEDF1047914A534256478D9
Post 14 Sep 2015, 04:41
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.