flat assembler
Message board for the users of flat assembler.

Index > Windows > NewBie migrating from MASM...

Goto page 1, 2  Next
Author
Thread Post new topic Reply to topic
Zani



Joined: 26 Mar 2005
Posts: 21
Zani
First of all i want to say hello to all of you of FASM comunity...

Well heres my problem...

Im porting some of my masm codes to fasm and nasm... and this one is really making me crazy cause i really cant make it work.....

The code is:

Code:

proc Adciona[,lpWndCap,lpBaseAddress,lpBuffer,nToAdd]

        invoke  FindWindowExA,0,0,0,[lpWndCap]
        invoke  GetWindowThreadProcessId,eax,0

        invoke  OpenProcess,PROCESS_ALL_ACCESS,FALSE,0
        mov     [hProcess],eax
        cmp  eax,0
        je err_open


        invoke  ReadProcessMemory,eax,[lpBaseAddress],[lpBuffer],4,0
        cmp  eax,0
        je err_read


        mov     ecx,[nToAdd]
        mov     ebx,[lpBuffer]
        add     [ebx],ecx


        invoke  WriteProcessMemory,[hProcess],[lpBaseAddress],[lpBuffer],4,0
        cmp  eax,0
        je err_write

        invoke  CloseHandle,hProcess
        err_read:
        invoke  MessageBox,0,Err_Read,_title,MB_ICONERROR
        jmp fim
        err_write:
        invoke  MessageBox,0,Err_patch,_title,MB_ICONERROR
        jmp fim
        err_open:
        invoke  MessageBox,0,Err_open,_title,MB_ICONERROR
        fim:
        return

endp                                   

    



And im calling it using:

Code:
invoke  Adciona,[WndCap], 508718h, 0,5000
    


it should add 5000 to the memory address 508718h of the window WndCap...but it retuns an error on the endp line:



Erro: Extra characters on line

Can someone please help me on this... i have tried everything... Sad


Tnx in advance Wink
Post 26 Mar 2005, 23:59
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
coconut



Joined: 02 Apr 2004
Posts: 326
Location: usa
coconut
you dont need the [ ] on top

Code:
proc Adciona,lpWndCap,lpBaseAddress,lpBuffer,nToAdd
    
Post 27 Mar 2005, 00:02
View user's profile Send private message Reply with quote
Zani



Joined: 26 Mar 2005
Posts: 21
Zani
Tnx for the answer coconut....

But a new error have showed up :

Error: Invalid size of operand

on line:

Code:
 invoke  Adciona,[WndCap], 508718h, 0,5000
    


refering to WndCap wich is declared as:

Code:
WndCap  db "Brood War",0
    


tnx in advance...
Post 27 Mar 2005, 00:10
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
coconut



Joined: 02 Apr 2004
Posts: 326
Location: usa
coconut


Last edited by coconut on 27 Mar 2005, 01:42; edited 1 time in total
Post 27 Mar 2005, 00:33
View user's profile Send private message Reply with quote
coconut



Joined: 02 Apr 2004
Posts: 326
Location: usa
coconut
i believe an error is is OpenProcess call, the processid is not being specified. should check to see if GetWindowThreadProcessId is returning a valid handle
Post 27 Mar 2005, 00:40
View user's profile Send private message Reply with quote
Zani



Joined: 26 Mar 2005
Posts: 21
Zani
Here even taking of the WndCap from the proc it still showing the error:

Erro: operand size not specified.


Someone can tell what is wrong?
Post 27 Mar 2005, 00:46
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
Zani



Joined: 26 Mar 2005
Posts: 21
Zani
I cant even get it to compile!
Post 27 Mar 2005, 00:47
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
Zani



Joined: 26 Mar 2005
Posts: 21
Zani
Try this:

Code:
proc Adciona,lpWndCap,lpBaseAddress,lpBuffer,nToAdd

        invoke  FindWindowExA,0,0,0,[lpWndCap]
        invoke  GetWindowThreadProcessId,eax,dummy

        invoke  OpenProcess,PROCESS_ALL_ACCESS,FALSE,[dummy]
        mov     [hProcess],eax
        cmp  eax,0
        je err_open


        invoke  ReadProcessMemory,eax,[lpBaseAddress],[lpBuffer],4,[dummy]
        cmp  eax,0
        je err_read


        mov     ecx,[nToAdd]
        mov     ebx,[lpBuffer]
        add     [ebx],ecx


        invoke  WriteProcessMemory,[hProcess],[lpBaseAddress],[lpBuffer],4,[dummy]
        cmp  eax,0
        je err_write

        invoke  CloseHandle,hProcess
        err_read:
        invoke  MessageBox,0,Err_Read,_title,MB_ICONERROR
        jmp fim
        err_write:
        invoke  MessageBox,0,Err_patch,_title,MB_ICONERROR
        jmp fim
        err_open:
        invoke  MessageBox,0,Err_open,_title,MB_ICONERROR
        fim:
        return

endp                       
    


declare dummy as :

Code:
dummy dd 0
    


.... still give me the same error....
Post 27 Mar 2005, 00:51
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
coconut



Joined: 02 Apr 2004
Posts: 326
Location: usa
coconut
so far this.. with the same calling method as up top. errors on reading now. let me ask what is it youre trying to do here? if youre writing to the memory, why do you need to read it first? i see nowhere where you use the return value from ReadProcessMemory, is it necessary? commenting out the reading part crashes the program

ok i see it now, youre adding on to the value that is read there. let me try something else

Code:
proc writemem,baseaddr,buffer,toadd
        invoke  FindWindow,0,_notepad
        push    eax
        or      eax,eax
        jz      .not_found
        pop     eax

        invoke  GetWindowThreadProcessId,eax,processid
        push    eax
        or      eax,eax
        jz      .invalid_process_id
        pop     eax

        invoke  OpenProcess,PROCESS_ALL_ACCESS,FALSE,[processid]
        mov     [hprocess],eax
        or      eax,eax
        jz      .err_open

        invoke  ReadProcessMemory,[hprocess],[baseaddr],[buffer],4,0
        or      eax,eax
        jz      .err_read

        mov     ecx,[toadd]
        mov     ebx,[buffer]
        add     [ebx],ecx
        invoke  WriteProcessMemory,[hprocess],[baseaddr],[buffer],4,0
        cmp     eax,0
        je      .err_write

        invoke  CloseHandle,hprocess
        invoke  MessageBox,0,_success,_title,0
        jmp     .finish

  .invalid_process_id:
        invoke  MessageBox,0,_invalid_id,_title,0
        jmp     .finish
  .err_read:
        invoke  MessageBox,0,_read,_title,0
        jmp     .finish
  .err_write:
        invoke  MessageBox,0,_write,_title,0
        jmp     .finish
  .err_open:
        invoke  MessageBox,0,_open,_title,0
        jmp     .finish
  .not_found:
        invoke  MessageBox,0,_notfound,_title,0
  .finish:
        return
endp
    


Last edited by coconut on 27 Mar 2005, 00:59; edited 1 time in total
Post 27 Mar 2005, 00:53
View user's profile Send private message Reply with quote
Zani



Joined: 26 Mar 2005
Posts: 21
Zani
This proc is part of a game trainer engine.... and i need to read memory first to sum with the desired val..... this proc is used to Add a value to memory not Write...



I cant even compile it here..... do you have an idea of why?


Last edited by Zani on 27 Mar 2005, 01:00; edited 1 time in total
Post 27 Mar 2005, 00:56
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
coconut



Joined: 02 Apr 2004
Posts: 326
Location: usa
coconut
i use [processid] instead of dummy yes
Post 27 Mar 2005, 01:00
View user's profile Send private message Reply with quote
coconut



Joined: 02 Apr 2004
Posts: 326
Location: usa
coconut
should not we be storing the bytes read in a buffer? the way its being called now the buffer is 0
Post 27 Mar 2005, 01:01
View user's profile Send private message Reply with quote
coconut



Joined: 02 Apr 2004
Posts: 326
Location: usa
coconut
im trying. your original code has some syntax errors which is why you cannot compile.. perhaps you arent too familiar with fasm syntax yet, neither am i. i have gotten it to work up to the WriteProcessMemory call, however first im trying to verify the bytes read are correct. im having trouble doing this as im not familiar with the *ProcessMemory functions, nor wsprintf
Post 27 Mar 2005, 01:15
View user's profile Send private message Reply with quote
Zani



Joined: 26 Mar 2005
Posts: 21
Zani
where?
Post 27 Mar 2005, 01:15
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
coconut



Joined: 02 Apr 2004
Posts: 326
Location: usa
coconut
i dont have much experience with assembly, but i think this is the problem here:

Code:
        mov     ecx,[toadd] 
        mov     ebx,[buffer] 
        add     [ebx],ecx 
        invoke  WriteProcessMemory,[hprocess],[baseaddr],[buffer],4,0 
        cmp     eax,0 
        je      .err_write 
    


the WriteProcessMemory will write the [buffer] to the [baseaddr] of the [hprocess]. however the adding code there does not update [buffer] so in effect you are writing the same value you read back
Post 27 Mar 2005, 01:23
View user's profile Send private message Reply with quote
Zani



Joined: 26 Mar 2005
Posts: 21
Zani
In MASM the code works fine and look like this:

Code:

mov     ecx,nToAdd     ; put number to be add to ecx                                
mov     ebx,dword ptr [lpBuffer]  ; move the address where Buffer resides to ebx ... not its val                   
add     dword ptr [ebx],ecx  ; add ecx(nToAdd) to the address where lpBuffer resides

invoke  WriteProcessMemory,hProcess,lpBaseAddress,lpBuffer,4,ADDR Dummy ; write the value of buffer to process


    
Post 27 Mar 2005, 01:34
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
coconut



Joined: 02 Apr 2004
Posts: 326
Location: usa
coconut
ok i see it now. let me try and modify the code to make this work
Post 27 Mar 2005, 01:35
View user's profile Send private message Reply with quote
coconut



Joined: 02 Apr 2004
Posts: 326
Location: usa
coconut
try this: it gives me a write error but i cannot determine if it is notepad related due to the address you provided
Code:

; Template for program using standard Win32 headers

format PE GUI 4.0
entry start

include '%fasminc%\win32a.inc'

section '.data' data readable writeable

  _title db 'Win32 program template',0
  _class db 'FASMWIN32',0

  _notepad db 'Untitled - Notepad',0
  _success db 'success',0
  _read db 'read error',0
  _open db 'open error',0
  _write db 'write error',0
  _notfound db 'window not found',0
  _invalid_id db 'invalid process id',0

  _temp db 'tempstring',0

  _buffer rb 4

  mainhwnd dd ?
  hinstance dd ?

  hprocess dd ?
  processid dd ?

  msg MSG
  wc WNDCLASS

section '.code' code readable executable

  start:

        invoke  GetModuleHandle,0
        mov     [hinstance],eax
        invoke  LoadIcon,0,IDI_APPLICATION
        mov     [wc.hIcon],eax
        invoke  LoadCursor,0,IDC_ARROW
        mov     [wc.hCursor],eax
        mov     [wc.style],0
        mov     [wc.lpfnWndProc],WindowProc
        mov     [wc.cbClsExtra],0
        mov     [wc.cbWndExtra],0
        mov     eax,[hinstance]
        mov     [wc.hInstance],eax
        mov     [wc.hbrBackground],COLOR_BTNFACE+1
        mov     [wc.lpszMenuName],0
        mov     [wc.lpszClassName],_class
        invoke  RegisterClass,wc

        invoke  CreateWindowEx,0,_class,_title,WS_VISIBLE+WS_DLGFRAME+WS_SYSMENU,128,128,192,192,NULL,NULL,[hinstance],NULL
        mov     [mainhwnd],eax

  msg_loop:
        invoke  GetMessage,msg,NULL,0,0
        or      eax,eax
        jz      end_loop
        invoke  TranslateMessage,msg
        invoke  DispatchMessage,msg
        jmp     msg_loop

  end_loop:
        invoke  ExitProcess,[msg.wParam]

proc WindowProc, hwnd,wmsg,wparam,lparam
        push    ebx esi edi
        cmp     [wmsg],WM_DESTROY
        je      wmdestroy
        cmp     [wmsg],WM_CREATE
        je      wmcreate
  defwndproc:
        invoke  DefWindowProc,[hwnd],[wmsg],[wparam],[lparam]
        jmp     finish
  wmdestroy:
        invoke  PostQuitMessage,0
        xor     eax,eax
        jmp     finish
  wmcreate:
        push    5000
        push    _buffer
        push    508718h
        call    writemem
        xor     eax,eax
  finish:
        pop     edi esi ebx
        return
endp

proc writemem,baseaddr,buffer,toadd
        invoke  FindWindow,0,_notepad
        push    eax
        or      eax,eax
        jz      .not_found
        pop     eax

        invoke  GetWindowThreadProcessId,eax,processid
        or      eax,eax
        jz      .invalid_process_id

        invoke  OpenProcess,PROCESS_ALL_ACCESS,0,[processid]
        mov     [hprocess],eax
        or      eax,eax
        jz      .err_open

        invoke  ReadProcessMemory,[hprocess],[baseaddr],[buffer],4,0
        or      eax,eax
        jz      .err_read

        mov     ecx,[toadd]
        lea     ebx,[buffer]
        add     [ebx],ecx
        invoke  WriteProcessMemory,[hprocess],[baseaddr],[buffer],4,0
        or      eax,eax
        jz      .err_write

        invoke  CloseHandle,[hprocess]
        invoke  MessageBox,0,_success,_title,0
        jmp     .finish

  .invalid_process_id:
        invoke  MessageBox,0,_invalid_id,_title,0
        jmp     .finish
  .err_read:
        invoke  MessageBox,0,_read,_title,0
        jmp     .finish
  .err_write:
        invoke  MessageBox,0,_write,_title,0
        jmp     .finish
  .err_open:
        invoke  MessageBox,0,_open,_title,0
        jmp     .finish
  .not_found:
        invoke  MessageBox,0,_notfound,_title,0
  .finish:
        return
endp

section '.idata' import data readable writeable

  library kernel32,'KERNEL32.DLL',\
          user32,'USER32.DLL'

  include '%fasminc%\apia\kernel32.inc'
  include '%fasminc%\apia\user32.inc'
    


after more testing i think the implementation of the buffer i added is incorrect. let me see the entire masm code, i should be able to translate it to fasm syntax
Post 27 Mar 2005, 01:41
View user's profile Send private message Reply with quote
Zani



Joined: 26 Mar 2005
Posts: 21
Zani
i cant try it cause my code wont compile....

show me an error on line

Code:
invoke  addval,WndCap,508718h,buffer,5000 
    


error:operand size not specified

any idea?
Post 27 Mar 2005, 01:49
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
coconut



Joined: 02 Apr 2004
Posts: 326
Location: usa
coconut
i got that same error, nothing i tried could correct it. that is why i used the push/call convention, it seems to work then. push the parameters in reverse and call addval
Post 27 Mar 2005, 01:57
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page 1, 2  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on GitHub, YouTube, Twitter.

Website powered by rwasa.