flat assembler
Message board for the users of flat assembler.

Home Search Register
Log in to check your private messages Log in

Index > Windows > Use UCRTBASE.dll
Author
Thread Post new topic Reply to topic
Aditya J



Joined: 17 Feb 2024
Posts: 6
Location: home
Aditya J 18 Feb 2024, 13:00
As an alt to MSVCRT trying to use UCRTBASE.DLL
but calling the __stdio_common_vfprintf(UCRT version of printf) crashes the program
Help plz
Post 18 Feb 2024, 13:00
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20628
Location: In your JS exploiting you and your system
revolution 18 Feb 2024, 13:28
Show an example of the code.
Post 18 Feb 2024, 13:28
View user's profile Send private message Visit poster's website Reply with quote
Aditya J



Joined: 17 Feb 2024
Posts: 6
Location: home
Aditya J 19 Feb 2024, 09:18
Code:
format PE64 console
entry start

include 'WIN64A.inc'

section '.text' code readable executable

start:
push rbp
mov rbp, rsp
and rsp, 0xFFFFFFFFFFFFFFF0

cinvoke print, intfmt, 123
add rsp,0

mov rsp, rbp
pop rbp;


invoke  exit, rax
section '.data' data readable writeable
intfmt db '%d',0
doublefmt db '%f',0





section '.idata' import data readable writeable
library kernel, 'KERNEL32.DLL', \ucrt, 'UCRTBASE.DLL'
import kernel,\exit,'ExitProcess'
import ucrt,\print, '__stdio_common_vfprintf',\scanf, 'scanf'
Post 19 Feb 2024, 09:18
View user's profile Send private message Visit poster's website Reply with quote
macomics



Joined: 26 Jan 2021
Posts: 1155
Location: Russia
macomics 19 Feb 2024, 12:50
You precisely pass args to function in accordance with its prototype?
Code:
__inline unsigned __int64* __CRTDECL __local_stdio_printf_options(void)
{
    static unsigned __int64 _OptionsStorage;
    return &_OptionsStorage;
}

#define _CRT_INTERNAL_LOCAL_PRINTF_OPTIONS (*__local_stdio_printf_options())

_CRT_STDIO_INLINE int __CRTDECL _vfprintf_l(
    _Inout_  FILE*       const _Stream,
    _In_z_   char const* const _Format,
    _In_opt_ _locale_t   const _Locale,
             va_list           _ArgList
    )
{
    return __stdio_common_vfprintf(_CRT_INTERNAL_LOCAL_PRINTF_OPTIONS, _Stream, _Format, _Locale, _ArgList);
}
In C++, it is used with another prototype.
Post 19 Feb 2024, 12:50
View user's profile Send private message Reply with quote
Aditya J



Joined: 17 Feb 2024
Posts: 6
Location: home
Aditya J 19 Feb 2024, 19:54
ohh dang i guessed it was like a renamed printf function
that will solve the issue... THANKS
Post 19 Feb 2024, 19:54
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20628
Location: In your JS exploiting you and your system
revolution 19 Feb 2024, 20:08
You should also call exit with the stack aligned.
Code:
mov rsp, rbp ; this is okay but not needed
pop rbp; ; don't do this, stack is now unaligned


invoke  exit, rax ; stack is unaligned here!
Post 19 Feb 2024, 20:08
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Main index Download Documentation Examples Message board

Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.