flat assembler
Message board for the users of flat assembler.

Index > Windows > Iczelion's Tutorial #2 Win64 fasm format

Author
Thread Post new topic Reply to topic
yeohhs



Joined: 19 Jan 2004
Posts: 195
Location: N 5.43564° E 100.3091°
yeohhs 04 Jan 2018, 05:40
Code:

format PE64 GUI 5.0
entry start

include 'win64a.inc'

section '.text' code readable executable

  start:
        sub     rsp,8*5
        invoke  MessageBox, NULL, MsgBoxText, MsgCaption, MB_OK
        invoke  ExitProcess, NULL

section '.data' data readable writeable

  MsgCaption db "Iczelion's Tutorial #2",0
  MsgBoxText db "Win64 Assembly is Great!",0

section '.idata' import data readable writeable

  library kernel32,'KERNEL32.DLL',\
          user32,'USER32.DLL'

  include 'api\kernel32.inc'
  include 'api\user32.inc'
    
Post 04 Jan 2018, 05:40
View user's profile Send private message Visit poster's website Reply with quote
Mikl___



Joined: 30 Dec 2014
Posts: 129
Location: Russian Federation, Irkutsk
Mikl___ 01 May 2018, 23:36
Code:
format binary as "exe"
include "d:\fasm\include\win64a.inc"
struc dbs [data]
{ 
  common 
  . db data 
  .size = $ - . 
}

IMAGE_DOS_SIGNATURE             equ 5A4Dh
IMAGE_NT_SIGNATURE              equ 00004550h
PROCESSOR_AMD_X8664             equ 8664h
IMAGE_SCN_CNT_CODE              equ 00000020h
IMAGE_SCN_MEM_WRITE             equ 80000000h
IMAGE_SCN_MEM_READ              equ 40000000h
IMAGE_SCN_CNT_INITIALIZED_DATA  equ 00000040h
IMAGE_SUBSYSTEM_WINDOWS_GUI     equ 2
IMAGE_NT_OPTIONAL_HDR64_MAGIC   equ 20Bh
IMAGE_FILE_RELOCS_STRIPPED      equ 1
IMAGE_FILE_EXECUTABLE_IMAGE     equ 2
IMAGE_BASE                      equ 0x400000
align1                          equ 4
use64
org 0
;--------DOS-stub-------------------------------
Signature               dw IMAGE_DOS_SIGNATURE,0
;-------PE-заголовок--------------------------------------------------
ntHeader                dd IMAGE_NT_SIGNATURE;'PE'
;image_header----Файловый заголовок
Machine                 dw PROCESSOR_AMD_X8664;7Ch;Тип центрального процессора
Count_of_section        dw 1;7Eh;Количество секций
TimeStump               dd 0;80h;Информация о времени, когда был собран данный PE-файл
Symbol_table_offset     dd 0;84h;Указатель на размер отладочной информации
Symbol_table_count      dd 0;88h;Указатель на COFF-таблицу символов PE-формата
Size_of_optional_header dw section_table-optional_header;F0;8Ch;Размер опционального заголовка
Characteristics         dw IMAGE_FILE_RELOCS_STRIPPED or IMAGE_FILE_EXECUTABLE_IMAGE;3;7Eh;Атрибуты файла
;-------Стандартные поля NT
optional_header:
Magic_optional_header   dw IMAGE_NT_OPTIONAL_HDR64_MAGIC;20Bh;90h;Состояние отображаемого файла
Linker_version_major_and_minor db 14,11;92h;Содержат версию линковщика, создавшего данный файл
Size_of_code            dd Import_Table-begin;60h;94h;230h-1D0h;Суммарный размер секций кода
Size_of_init_data       dd 0x70;Суммарный размер инициализированных данных
Size_of_uninit_data     dd 0;Суммарный размер неинициализированных данных
entry_point             dd start;20Ah;0A0h
base_of_code            dd begin;1D0h;0A4h
;------Дополнительные поля NT-----------------------------------------------
image_base              dq IMAGE_BASE;0A8
section_alignment       dd align1;10h;0B0h
file_alignment          dd ntHeader;align1;10h;0B4h
OS_version_major_minor  dw 6,0;0B8h
image_version_major_minor dd 0;0BCh
subsystem_version_major_minor dw 6,0;0C0h
Win32_version           dd 0;0C4h
size_of_image           dd end_import;0C8h
size_of_header          dd begin;1D0h;0CCh
checksum                dd 0;0D0h
subsystem               dw IMAGE_SUBSYSTEM_WINDOWS_GUI;0D4h
DLL_flag                dw 8100h;0D6h;8000h;IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
Stack_allocation        dq 0x100000;0D8h
Stack_commit            dq 0x1000;0E0h
Heap_allocation         dq 0x100000;0E8h
Heap_commit             dq 0x1000;0F0h
loader_flag             dd 0;0F8h
number_of_dirs          dd 2;0FCh
export_RVA_size         dq 0;100h
import_RVA_size         dd _import,0x3C;end_import-import
;------------------------------------------------
section_table           dq ".text";180h
.virtual_size           dd  a0-begin;51h;188h;0x57
.virtual_address        dd begin;1D0h;18Ch
.Physical_size          dd Import_Table-begin;60h;190h
.Physical_offset        dd begin;1D0h;194h
.Relocations_and_Linenumbers dq 0;198h
.Relocations_and_Linenumbers_count dd 0;1A0h
.Attributes             dd 80000020h;1A4;IMAGE_SCN_MEM_WRITE or IMAGE_SCN_CNT_CODE;0x80000020
;--------данные и код-----------------------------------------
begin:          ;1D0h
MsgBoxText      dbs "Win64 Assembly is Great!",0;1D0h
MsgCaption      db "Uncle Remus tales: #1 MessageBox",0;1E9h
start:          ;20Ah
        push rbp                     ;55h
        mov edx,MsgBoxText+IMAGE_BASE;BAD0014000
        lea r8d,[rdx+MsgBoxText.size];448D4219
        xor ecx,ecx                  ;33C9
        xor r9d,r9d                  ;4533C9
        call [MessageBox]            ;FF1511000000
        pop rbp                      ;5D
        retn                         ;C3
a0:
;---------секция импорта---------------------------------------
Import_Table:
user32_table:
MessageBox  dq _MessageBox
_import:
dd 0,0,0,user32_dll,user32_table,0
user32_dll db "user32"
dd 0
_MessageBox             db 0,0,"MessageBoxA"

end_import:    
The size of exe-file is 332 bytes
Post 01 May 2018, 23:36
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.