flat assembler
Message board for the users of flat assembler.
Index
> Windows > error: undefined symbol 'LoadLibraryA'. |
Author |
|
revolution 05 Aug 2016, 10:01
You will have to define "LoadLibraryA" somewhere. fasm needs to be told what it is.
And indeed you will also need to include an import section in there somewhere else Windows won't load you code even if it did compile. Have a look at the working example files in the download. They show how to make import sections. |
|||
05 Aug 2016, 10:01 |
|
kerr 07 Aug 2016, 05:31
revolution wrote: You will have to define "LoadLibraryA" somewhere. fasm needs to be told what it is. oh no!friends i use the dynamic call system function, can not import resource table file *.inc. _________________ I hope we will be good friends. |
|||
07 Aug 2016, 05:31 |
|
revolution 07 Aug 2016, 07:33
Without a definition for LoadLibraryA you won't be able to compile the code.
And without an import section in your executable you will have trouble to convince the OS to load your exe. |
|||
07 Aug 2016, 07:33 |
|
JohnFound 07 Aug 2016, 07:43
kerr, IMHO, you are trying to write program that is far out of your current level of competence. (For example defining data after the "start" label is obvious and gross mistake).
Simply restart your learning process from the examples included in the FASM packages and don't continue further before fully understand how they work and what is the meaning of every program line. |
|||
07 Aug 2016, 07:43 |
|
ProMiNick 07 Aug 2016, 07:49
Code: format pe entry start ; uncomment next lines for win10 (I think target OS is win10 as OS of the most modern PCs) ; LoadLibraryA = 78D37070h ; GetProcAddress = 78D43630h ; or for win xp sp3 ; LoadLibraryA = 7C801D7Bh ; GetProcAddress = 7C80AE30h ; other win ver - other offsets section '.text' code readable executable start: jmp @f dll db 'user32.dll',0 api db 'MessageBoxA',0 @@: push ebx lea ebx,[dll] push ebx test eax,0 ; test for what? Is eax result of previously call? Where is that call? jnz @@getapi ; lea ebx,[dll] push ebx call LoadLibraryA @@getapi: lea ebx,[api] push ebx push eax call GetProcAddress push 0 push 0 push 0 push 0 call eax pop ebx _________________ I don`t like to refer by "you" to one person. My soul requires acronim "thou" instead. |
|||
07 Aug 2016, 07:49 |
|
kerr 08 Aug 2016, 04:26
revolution wrote: Without a definition for LoadLibraryA you won't be able to compile the code. En Yes! You Speak very good! But I follow masm grammar write fasm complie shellcode code. eg: Code: .data xdll db 'user32.dll',0 xapi db 'MessageBoxA',0 .code start: push ebx lea ebx,xdll push ebx call GetModuleHandle test eax,0 ;LoadLibraryA jnz @@getapi lea ebx,xdll push ebx call LoadLibraryA @@getapi: lea ebx,xapi push ebx push eax call GetProcAddress push 0 push 0 push 0 push 0 call eax ;CALL MessageBoxA pop ebx end start _________________ I hope we will be good friends. |
|||
08 Aug 2016, 04:26 |
|
kerr 08 Aug 2016, 04:38
JohnFound wrote: kerr, IMHO, you are trying to write program that is far out of your current level of competence. (For example defining data after the "start" label is obvious and gross mistake). Hi friends Thanks for your support and guidance With my current technology is indeed very poor, it is far beyond my ability. But people are learning to make progress, and I don't want to stop all the time. _________________ I hope we will be good friends. |
|||
08 Aug 2016, 04:38 |
|
kerr 08 Aug 2016, 04:53
ProMiNick wrote:
I refer to is masm syntax fasm compile shellcode.. Code: .data xdll db 'user32.dll',0 xapi db 'MessageBoxA',0 .code start: push ebx lea ebx,xdll push ebx call GetModuleHandle test eax,0 ;LoadLibraryA jnz @@getapi lea ebx,xdll push ebx call LoadLibraryA @@getapi: lea ebx,xapi push ebx push eax call GetProcAddress push 0 push 0 push 0 push 0 call eax ;CALL MessageBoxA pop ebx end start But fasm cannot compile asm file .. I want speak is I Logical thinking wrong _________________ I hope we will be good friends. |
|||
08 Aug 2016, 04:53 |
|
ProMiNick 08 Aug 2016, 08:52
deleted
|
|||
08 Aug 2016, 08:52 |
|
kerr 13 Aug 2016, 01:38
ProMiNick wrote: deleted what ? hello can you help me ? _________________ I hope we will be good friends. |
|||
13 Aug 2016, 01:38 |
|
kerr 13 Aug 2016, 01:41
revolution wrote: Without a definition for LoadLibraryA you won't be able to compile the code. Yes this is very trouble! _________________ I hope we will be good friends. |
|||
13 Aug 2016, 01:41 |
|
Walter 13 Aug 2016, 03:51
This one I found interesting.
Code: ;******************** ;* MyMessageBox.asm * ;******************** ; http://www.rohitab.com/discuss/topic/38717-quick-tutorial-finding-kernel32-base-and-walking-its-export-table/ ; http://blog.harmonysecurity.com/2009_06_01_archive.html format PE GUI 4.0 entry start section '.text' code readable executable start: pushad call CodeStart CodeStart: pop ebp sub ebp,CodeStart ; delta offset shit mov ebx,[FS:0x30] ; get a pointer to the PEB mov ebx,[ebx+0x0C] ; get PEB->Ldr mov ebx,[ebx+0x14] ; get PEB->Ldr.InMemoryOrderModuleList.Flink (1st entry) mov ebx,[ebx] ; 2nd Entry mov ebx,[ebx] ; 3rd Entry mov ebx,[ebx+0x10] ; Get Kernel32 Base mov [ebp+dwKernelBase],ebx add ebx,[ebx+0x3C] ; Start of PE header mov ebx,[ebx+0x78] ; RVA of export dir add ebx,[ebp+dwKernelBase] ; VA of export dir mov [ebp+dwExportDirectory],ebx lea edx,[ebp+api_GetProcAddress] mov ecx,[ebp+len_GetProcAddress] call GetFunctionAddress mov [ebp+AGetProcAddressA],eax lea edx,[ebp+api_LoadLibrary] push edx push dword [ebp+dwKernelBase] call eax mov [ebp+ALoadLibraryA],eax lea edx,[ebp+szUser32] push edx call eax lea edx,[ebp+api_MessageBoxA] push edx push eax mov ebx,[ebp+AGetProcAddressA] call ebx mov [ebp+AMessageBoxAA],eax push 0 lea edx,[ebp+szTitle] push edx lea edx,[ebp+szMsg] push edx push 0 call eax popad push 0xBBBBBBBB ;OEP retn GetFunctionAddress: push ebx push esi push edi mov esi, [ebp+dwExportDirectory] mov esi, [esi+0x20] ;RVA of ENT add esi, [ebp+dwKernelBase] ;VA of ENT xor ebx,ebx cld looper: inc ebx lodsd add eax,[ebp+dwKernelBase] ;eax now points to the string of a function push esi ;preserve it for the outer loop mov esi,eax mov edi,edx cld push ecx repe cmpsb pop ecx pop esi jne looper dec ebx mov eax,[ebp+dwExportDirectory] mov eax,[eax+0x24] ;RVA of EOT add eax,[ebp+dwKernelBase] ;VA of EOT movzx eax , word [ebx*2+eax] ;eax now holds the ordinal of our function mov ebx,[ebp+dwExportDirectory] mov ebx,[ebx+0x1C] ;RVA of EAT add ebx,[ebp+dwKernelBase] ;VA of EAT mov ebx,[eax*4+ebx] add ebx,[ebp+dwKernelBase] mov eax,ebx pop edi pop esi pop ebx ret section '.data' data readable writeable szTitle db "Caption",0 szMsg db "Text.",0 szUser32 db "User32.dll",0 AGetProcAddressA dd 0 api_GetProcAddress db "GetProcAddress" len_GetProcAddress dd $-api_GetProcAddress ALoadLibraryA dd 0 api_LoadLibrary db "LoadLibraryA",0 AMessageBoxAA dd 0 api_MessageBoxA db "MessageBoxA",0 dwKernelBase dd 0 dwExportDirectory dd 0 |
|||
13 Aug 2016, 03:51 |
|
Walter 13 Aug 2016, 04:35
ProMiNick's example on Windows 10.
Code: format PE GUI 4.0 entry start ; These values worked for me on Windows 10 LoadLibraryA = 73F98500h GetProcAddress = 73F8A200h start: jmp @f strCaption db 'Caption',0 strText db 'Text.',0 dll db 'user32.dll',0 api db 'MessageBoxA',0 @@: push ebx lea ebx,[dll] push ebx test eax,0 ; test for what? Is eax result of previously call? Where is that call? jnz @@getapi ; lea ebx,[dll] push ebx call LoadLibraryA @@getapi: lea ebx,[api] push ebx push eax call GetProcAddress push 0 push strCaption push strText push 0 call eax |
|||
13 Aug 2016, 04:35 |
|
kerr 16 Aug 2016, 01:59
Walter wrote: This one I found interesting. Yes,Yes,Yes this is my want . thank you Okami . Can you say something about it? Method for realizing this program . _________________ I hope we will be good friends. |
|||
16 Aug 2016, 01:59 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.