flat assembler
Message board for the users of flat assembler.

Index > Windows > mix use16 with use32

Author
Thread Post new topic Reply to topic
luish



Joined: 26 Jan 2018
Posts: 13
luish 06 Feb 2018, 07:59
How to mix 16-bit code in a and 32-bit program withe use16 and use32?
Post 06 Feb 2018, 07:59
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 06 Feb 2018, 09:19
In Windows you can but it is tricky. Windows doesn't officially support it so earlier/later versions might do different things, but basically you need to manipulate the segment registers. It is not for the faint-of-heart, it requires some degree of finesse and a lot of debugging to get it right.
Post 06 Feb 2018, 09:19
View user's profile Send private message Visit poster's website Reply with quote
luish



Joined: 26 Jan 2018
Posts: 13
luish 06 Feb 2018, 09:27
revolution wrote:
In Windows you can but it is tricky. Windows doesn't officially support it so earlier/later versions might do different things, but basically you need to manipulate the segment registers. It is not for the faint-of-heart, it requires some degree of finesse and a lot of debugging to get it right.

i only want know how to create 16/32 bits segments with use16 and use32
Post 06 Feb 2018, 09:27
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 06 Feb 2018, 09:30
In Windows you can't create segments, but there are existing selectors that are predefined that you can use. NTVDM uses these to run 16-bit code. So you can set CS to select the 16-bit selector.
Post 06 Feb 2018, 09:30
View user's profile Send private message Visit poster's website Reply with quote
luish



Joined: 26 Jan 2018
Posts: 13
luish 06 Feb 2018, 09:32
for example:
Code:
section ".code" code executable readable writeable
use32
main:
CALL PROCEDURE
ret
section ".code16" code executable readable writeable
use16
proc keylogger
in al,60h
...
    
Post 06 Feb 2018, 09:32
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20451
Location: In your JS exploiting you and your system
revolution 06 Feb 2018, 09:35
You would need a far call to set CS to a new value. And the IN/OUT instructions are trapped in the OS so you won't get any real values from them. Plus you will need 32-bit code to handle the trap exceptions that Windows passes on to you.

But you can't run a keylogger in 16-bit code. Windows runs in protected mode so interrupts and hardware access won't ever go to user mode code. You will need a signed driver to load code into the kernel space. Or you can start your system in unsigned-driver mode and load an unsigned kernel mode driver.
Post 06 Feb 2018, 09:35
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.