flat assembler
Message board for the users of flat assembler.
Index
> Windows > NewBie migrating from MASM... Goto page 1, 2 Next |
Author |
|
coconut 27 Mar 2005, 00:02
you dont need the [ ] on top
Code: proc Adciona,lpWndCap,lpBaseAddress,lpBuffer,nToAdd |
|||
27 Mar 2005, 00:02 |
|
Zani 27 Mar 2005, 00:10
Tnx for the answer coconut....
But a new error have showed up : Error: Invalid size of operand on line: Code: invoke Adciona,[WndCap], 508718h, 0,5000 refering to WndCap wich is declared as: Code: WndCap db "Brood War",0 tnx in advance... |
|||
27 Mar 2005, 00:10 |
|
coconut 27 Mar 2005, 00:33
Last edited by coconut on 27 Mar 2005, 01:42; edited 1 time in total |
|||
27 Mar 2005, 00:33 |
|
coconut 27 Mar 2005, 00:40
i believe an error is is OpenProcess call, the processid is not being specified. should check to see if GetWindowThreadProcessId is returning a valid handle
|
|||
27 Mar 2005, 00:40 |
|
Zani 27 Mar 2005, 00:46
Here even taking of the WndCap from the proc it still showing the error:
Erro: operand size not specified. Someone can tell what is wrong? |
|||
27 Mar 2005, 00:46 |
|
Zani 27 Mar 2005, 00:47
I cant even get it to compile!
|
|||
27 Mar 2005, 00:47 |
|
Zani 27 Mar 2005, 00:51
Try this:
Code: proc Adciona,lpWndCap,lpBaseAddress,lpBuffer,nToAdd invoke FindWindowExA,0,0,0,[lpWndCap] invoke GetWindowThreadProcessId,eax,dummy invoke OpenProcess,PROCESS_ALL_ACCESS,FALSE,[dummy] mov [hProcess],eax cmp eax,0 je err_open invoke ReadProcessMemory,eax,[lpBaseAddress],[lpBuffer],4,[dummy] cmp eax,0 je err_read mov ecx,[nToAdd] mov ebx,[lpBuffer] add [ebx],ecx invoke WriteProcessMemory,[hProcess],[lpBaseAddress],[lpBuffer],4,[dummy] cmp eax,0 je err_write invoke CloseHandle,hProcess err_read: invoke MessageBox,0,Err_Read,_title,MB_ICONERROR jmp fim err_write: invoke MessageBox,0,Err_patch,_title,MB_ICONERROR jmp fim err_open: invoke MessageBox,0,Err_open,_title,MB_ICONERROR fim: return endp declare dummy as : Code:
dummy dd 0
.... still give me the same error.... |
|||
27 Mar 2005, 00:51 |
|
coconut 27 Mar 2005, 00:53
so far this.. with the same calling method as up top. errors on reading now. let me ask what is it youre trying to do here? if youre writing to the memory, why do you need to read it first? i see nowhere where you use the return value from ReadProcessMemory, is it necessary? commenting out the reading part crashes the program
ok i see it now, youre adding on to the value that is read there. let me try something else Code: proc writemem,baseaddr,buffer,toadd invoke FindWindow,0,_notepad push eax or eax,eax jz .not_found pop eax invoke GetWindowThreadProcessId,eax,processid push eax or eax,eax jz .invalid_process_id pop eax invoke OpenProcess,PROCESS_ALL_ACCESS,FALSE,[processid] mov [hprocess],eax or eax,eax jz .err_open invoke ReadProcessMemory,[hprocess],[baseaddr],[buffer],4,0 or eax,eax jz .err_read mov ecx,[toadd] mov ebx,[buffer] add [ebx],ecx invoke WriteProcessMemory,[hprocess],[baseaddr],[buffer],4,0 cmp eax,0 je .err_write invoke CloseHandle,hprocess invoke MessageBox,0,_success,_title,0 jmp .finish .invalid_process_id: invoke MessageBox,0,_invalid_id,_title,0 jmp .finish .err_read: invoke MessageBox,0,_read,_title,0 jmp .finish .err_write: invoke MessageBox,0,_write,_title,0 jmp .finish .err_open: invoke MessageBox,0,_open,_title,0 jmp .finish .not_found: invoke MessageBox,0,_notfound,_title,0 .finish: return endp Last edited by coconut on 27 Mar 2005, 00:59; edited 1 time in total |
|||
27 Mar 2005, 00:53 |
|
Zani 27 Mar 2005, 00:56
This proc is part of a game trainer engine.... and i need to read memory first to sum with the desired val..... this proc is used to Add a value to memory not Write...
I cant even compile it here..... do you have an idea of why? Last edited by Zani on 27 Mar 2005, 01:00; edited 1 time in total |
|||
27 Mar 2005, 00:56 |
|
coconut 27 Mar 2005, 01:00
i use [processid] instead of dummy yes
|
|||
27 Mar 2005, 01:00 |
|
coconut 27 Mar 2005, 01:01
should not we be storing the bytes read in a buffer? the way its being called now the buffer is 0
|
|||
27 Mar 2005, 01:01 |
|
coconut 27 Mar 2005, 01:15
im trying. your original code has some syntax errors which is why you cannot compile.. perhaps you arent too familiar with fasm syntax yet, neither am i. i have gotten it to work up to the WriteProcessMemory call, however first im trying to verify the bytes read are correct. im having trouble doing this as im not familiar with the *ProcessMemory functions, nor wsprintf
|
|||
27 Mar 2005, 01:15 |
|
Zani 27 Mar 2005, 01:15
where?
|
|||
27 Mar 2005, 01:15 |
|
coconut 27 Mar 2005, 01:23
i dont have much experience with assembly, but i think this is the problem here:
Code: mov ecx,[toadd] mov ebx,[buffer] add [ebx],ecx invoke WriteProcessMemory,[hprocess],[baseaddr],[buffer],4,0 cmp eax,0 je .err_write the WriteProcessMemory will write the [buffer] to the [baseaddr] of the [hprocess]. however the adding code there does not update [buffer] so in effect you are writing the same value you read back |
|||
27 Mar 2005, 01:23 |
|
Zani 27 Mar 2005, 01:34
In MASM the code works fine and look like this:
Code: mov ecx,nToAdd ; put number to be add to ecx mov ebx,dword ptr [lpBuffer] ; move the address where Buffer resides to ebx ... not its val add dword ptr [ebx],ecx ; add ecx(nToAdd) to the address where lpBuffer resides invoke WriteProcessMemory,hProcess,lpBaseAddress,lpBuffer,4,ADDR Dummy ; write the value of buffer to process |
|||
27 Mar 2005, 01:34 |
|
coconut 27 Mar 2005, 01:35
ok i see it now. let me try and modify the code to make this work
|
|||
27 Mar 2005, 01:35 |
|
coconut 27 Mar 2005, 01:41
try this: it gives me a write error but i cannot determine if it is notepad related due to the address you provided
Code: ; Template for program using standard Win32 headers format PE GUI 4.0 entry start include '%fasminc%\win32a.inc' section '.data' data readable writeable _title db 'Win32 program template',0 _class db 'FASMWIN32',0 _notepad db 'Untitled - Notepad',0 _success db 'success',0 _read db 'read error',0 _open db 'open error',0 _write db 'write error',0 _notfound db 'window not found',0 _invalid_id db 'invalid process id',0 _temp db 'tempstring',0 _buffer rb 4 mainhwnd dd ? hinstance dd ? hprocess dd ? processid dd ? msg MSG wc WNDCLASS section '.code' code readable executable start: invoke GetModuleHandle,0 mov [hinstance],eax invoke LoadIcon,0,IDI_APPLICATION mov [wc.hIcon],eax invoke LoadCursor,0,IDC_ARROW mov [wc.hCursor],eax mov [wc.style],0 mov [wc.lpfnWndProc],WindowProc mov [wc.cbClsExtra],0 mov [wc.cbWndExtra],0 mov eax,[hinstance] mov [wc.hInstance],eax mov [wc.hbrBackground],COLOR_BTNFACE+1 mov [wc.lpszMenuName],0 mov [wc.lpszClassName],_class invoke RegisterClass,wc invoke CreateWindowEx,0,_class,_title,WS_VISIBLE+WS_DLGFRAME+WS_SYSMENU,128,128,192,192,NULL,NULL,[hinstance],NULL mov [mainhwnd],eax msg_loop: invoke GetMessage,msg,NULL,0,0 or eax,eax jz end_loop invoke TranslateMessage,msg invoke DispatchMessage,msg jmp msg_loop end_loop: invoke ExitProcess,[msg.wParam] proc WindowProc, hwnd,wmsg,wparam,lparam push ebx esi edi cmp [wmsg],WM_DESTROY je wmdestroy cmp [wmsg],WM_CREATE je wmcreate defwndproc: invoke DefWindowProc,[hwnd],[wmsg],[wparam],[lparam] jmp finish wmdestroy: invoke PostQuitMessage,0 xor eax,eax jmp finish wmcreate: push 5000 push _buffer push 508718h call writemem xor eax,eax finish: pop edi esi ebx return endp proc writemem,baseaddr,buffer,toadd invoke FindWindow,0,_notepad push eax or eax,eax jz .not_found pop eax invoke GetWindowThreadProcessId,eax,processid or eax,eax jz .invalid_process_id invoke OpenProcess,PROCESS_ALL_ACCESS,0,[processid] mov [hprocess],eax or eax,eax jz .err_open invoke ReadProcessMemory,[hprocess],[baseaddr],[buffer],4,0 or eax,eax jz .err_read mov ecx,[toadd] lea ebx,[buffer] add [ebx],ecx invoke WriteProcessMemory,[hprocess],[baseaddr],[buffer],4,0 or eax,eax jz .err_write invoke CloseHandle,[hprocess] invoke MessageBox,0,_success,_title,0 jmp .finish .invalid_process_id: invoke MessageBox,0,_invalid_id,_title,0 jmp .finish .err_read: invoke MessageBox,0,_read,_title,0 jmp .finish .err_write: invoke MessageBox,0,_write,_title,0 jmp .finish .err_open: invoke MessageBox,0,_open,_title,0 jmp .finish .not_found: invoke MessageBox,0,_notfound,_title,0 .finish: return endp section '.idata' import data readable writeable library kernel32,'KERNEL32.DLL',\ user32,'USER32.DLL' include '%fasminc%\apia\kernel32.inc' include '%fasminc%\apia\user32.inc' after more testing i think the implementation of the buffer i added is incorrect. let me see the entire masm code, i should be able to translate it to fasm syntax |
|||
27 Mar 2005, 01:41 |
|
Zani 27 Mar 2005, 01:49
i cant try it cause my code wont compile....
show me an error on line Code: invoke addval,WndCap,508718h,buffer,5000 error:operand size not specified any idea? |
|||
27 Mar 2005, 01:49 |
|
coconut 27 Mar 2005, 01:57
i got that same error, nothing i tried could correct it. that is why i used the push/call convention, it seems to work then. push the parameters in reverse and call addval
|
|||
27 Mar 2005, 01:57 |
|
Goto page 1, 2 Next < Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.