flat assembler
Message board for the users of flat assembler.
Index
> Windows > DLL Creation Error |
Author |
|
okasvi 06 Aug 2006, 22:27
you were trying to export CloseHandle where you should have imported it, and anyway it had '.' instead of ',' and line before it was missing ,\
I didnt test this, but I believe this works: Code: ; TPacker Library for Win32 Platform format PE GUI 4.0 DLL entry DllEntryPoint include 'win32ax.inc' section '.code' code readable executable proc DllEntryPoint hinstDLL,fdwReason,lpvReserved mov eax,TRUE ret endp proc TPackerW_New file invoke CreateFile, [file], GENERIC_WRITE, 0, 0, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, 0 cmp eax, INVALID_HANDLE_VALUE je .error invoke WriteFile, [eax], __tpack_head, __tpack_head_z, 0 cmp eax, 0 je .error2 .error: mov eax, TPACK_CREATION_ERROR jmp .ret .error2: mov eax, TPACK_WRITE_HEAD_ERROR .ret: ret endp proc TPackerW_End fd invoke CloseHandle, [fd] ret endp section '.data' readable writable ; Internal Data __tpack_head db "tpack2.0",0 __tpack_head_z = $-__tpack_head-1 ; Error constants TPACK_CREATION_ERROR equ 1 TPACK_WRITE_HEAD_ERROR equ 2 section '.idata' import data readable writeable library kernel32,'KERNEL32.DLL' import kernel32,\ CreateFile,'CreateFileA',\ WriteFile,'WriteFile',\ CloseHandle,'CloseHandle' section '.edata' export data readable export 'TPacker.dll',\ TPackerW_New,'tpackw.new',\ TPackerW_End,'tpackw.end' section '.reloc' fixups data discardable edit: code fixed(?) Last edited by okasvi on 06 Aug 2006, 23:22; edited 1 time in total |
|||
06 Aug 2006, 22:27 |
|
Thaorius 06 Aug 2006, 22:39
I get the same message .
Why else it could be? Thanks |
|||
06 Aug 2006, 22:39 |
|
okasvi 06 Aug 2006, 23:25
changed the code above, try again, I was skipping everything else expect the obvious last time...
when you import in your other app where you use this dll from, use these as function names: 'tpackw.new' & 'tpackw.end' |
|||
06 Aug 2006, 23:25 |
|
UCM 07 Aug 2006, 00:07
Plus you have to move the error constants before the functions, or declare them with '=' instead of 'equ'.
|
|||
07 Aug 2006, 00:07 |
|
Thaorius 07 Aug 2006, 00:11
I did the both things, now it works in some way. The file is created without troubles but the head "tpack2.0" is never written.
The code, after a the changes is this: Code: ; TPacker Library for Win32 Platform format PE GUI 4.0 DLL entry DllEntryPoint include 'win32ax.inc' section '.data' readable writable ; Internal Data __tpack_head db "tpack2.0",0 __tpack_head_z = $-__tpack_head-1 ; Error constants TPACK_CREATION_ERROR equ 1 TPACK_WRITE_HEAD_ERROR equ 2 section '.idata' import data readable writeable library kernel32,'KERNEL32.DLL' import kernel32,\ CreateFile,'CreateFileA',\ WriteFile,'WriteFile',\ CloseHandle,'CloseHandle' section '.code' code readable executable proc DllEntryPoint hinstDLL,fdwReason,lpvReserved mov eax,TRUE ret endp proc TPackerW_New file invoke CreateFile, [file], GENERIC_WRITE, 0, 0, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, 0 cmp eax, INVALID_HANDLE_VALUE je .error invoke WriteFile, eax, __tpack_head, __tpack_head_z, 0 cmp eax, 0 je .error2 .error: mov eax, TPACK_CREATION_ERROR jmp .ret .error2: mov eax, TPACK_WRITE_HEAD_ERROR .ret: ret endp proc TPackerW_End fd invoke CloseHandle, [fd] ret endp section '.edata' export data readable export 'TPacker.dll',\ TPackerW_New,'TPackerW_New',\ TPackerW_End,'TPackerW_End' section '.reloc' fixups data discardable I'm testing it with this: Code: format PE GUI 4.0 entry start include 'win32a.inc' section '.code' code readable executable start: invoke TPackerW_New, _path invoke TPackerW_End, eax invoke ExitProcess,0 section '.data' readable writeable _path db "C:\file.file",0 section '.idata' import data readable writeable library kernel,'KERNEL32.DLL',\ tpacker,'TPacker.dll' import kernel,\ ExitProcess,'ExitProcess' import tpacker,\ TPackerW_New,'TPackerW_New',\ TPackerW_End,'TPackerW_End' I'm making bad use of WriteFile api? Thanks |
|||
07 Aug 2006, 00:11 |
|
UCM 07 Aug 2006, 14:15
Code: invoke WriteFile, eax, __tpack_head, __tpack_head_z, 0 you need to have 1 more parameter.. You will have to specify the address of a 32-bit variable right before the '0' (to receive the number of bytes written). However, if you don't need it, considering you are using win32ax, you can use this: Code: invoke WriteFile, eax, __tpack_head, __tpack_head_z, addr esp-4, 0 |
|||
07 Aug 2006, 14:15 |
|
vid 07 Aug 2006, 14:21
UCM wrote:
but don't forget that value remains pushed on stack then, so better use it liek this: Code: invoke WriteFile, eax, __tpack_head, __tpack_head_z, addr esp-4, 0 add esp,4 and then, you don't need to obfuscate code: Code: push dword 0 invoke WriteFile, eax, __tpack_head, __tpack_head_z, addr esp-4 add esp,4 btw, i am not sure if "addr esp-4" shouldn't be just "addr esp" |
|||
07 Aug 2006, 14:21 |
|
UCM 07 Aug 2006, 15:50
vid: Sorry, my method was slightly incorrect, but your last one is even more so, since the stack will be imbalanced.
|
|||
07 Aug 2006, 15:50 |
|
Thaorius 07 Aug 2006, 19:56
Wow, I have it like this right now
Code: ; TPacker Library for Win32 Platform format PE GUI 4.0 DLL entry DllEntryPoint include 'win32ax.inc' section '.data' readable writable ; Internal Data __tpack_head db "tpack2.0",0 __tpack_head_z = $-__tpack_head-1 __tpack_ehead db "epack",0 __tpack_ehead_z = $-__tpack_ehead-1 __tpack_handler dd 0 __tpack_write_report dd 0 ; Error constants TPACK_CREATION_ERROR equ 1 TPACK_WRITE_HEAD_ERROR equ 2 TPACK_WRITE_EHEAD_ERROR equ 3 TPACK_FD_CLODE_ERROR equ 4 section '.idata' import data readable writeable library kernel32,'KERNEL32.DLL' import kernel32,\ CreateFile,'CreateFileA',\ WriteFile,'WriteFile',\ CloseHandle,'CloseHandle' section '.code' code readable executable ;=========================================================================== proc DllEntryPoint hinstDLL,fdwReason,lpvReserved mov eax,TRUE ret endp ;=========================================================================== ; HANDLE TPacker_New(char *file); ;=========================================================================== proc TPackerW_New file invoke CreateFile, [file], GENERIC_WRITE, 0, 0, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, 0 cmp eax, INVALID_HANDLE_VALUE je .error mov [__tpack_handler], eax invoke WriteFile, eax, __tpack_head, __tpack_head_z, __tpack_write_report, 0 cmp [__tpack_write_report], __tpack_head_z je .error2 cmp eax, 0 je .error2 mov eax, [__tpack_handler] jmp .ret .error: mov eax, TPACK_CREATION_ERROR jmp .ret .error2: mov eax, TPACK_WRITE_HEAD_ERROR .ret: ret endp ;=========================================================================== ; int TPacker_End(HANDLE fd); ;=========================================================================== proc TPackerW_End fd invoke WriteFile, addr fd, __tpack_ehead, __tpack_ehead_z, __tpack_write_report, 0 cmp [__tpack_write_report], __tpack_ehead_z je .error cmp eax, 0 je .error invoke CloseHandle, [fd] cmp eax, TPACK_FD_CLODE_ERROR je .error2 mov eax, dword 0 jmp .ret .error: mov eax, TPACK_WRITE_EHEAD_ERROR jmp .ret .error2: mov eax, TPACK_FD_CLODE_ERROR .ret: ret endp ;=========================================================================== ;=========================================================================== ;=========================================================================== ;=========================================================================== ;=========================================================================== ;=========================================================================== ;=========================================================================== ;=========================================================================== ;=========================================================================== ;=========================================================================== ;=========================================================================== ;=========================================================================== ;=========================================================================== ;=========================================================================== section '.edata' export data readable export 'TPacker.dll',\ TPackerW_New,'TPackerW_New',\ TPackerW_End,'TPackerW_End' section '.reloc' fixups data discardable Now it write all the data, but when i call TPackerW_End it doesn't write the 'epack' and the hadnle is closed(see my test application avobe). Thanks |
|||
07 Aug 2006, 19:56 |
|
UCM 07 Aug 2006, 20:38
You don't use 'addr fd', but instead 'fd', since 'addr fd' is the pointer to the handle. (In the TPackerW_End) You got it right with CloseHandle, though.
|
|||
07 Aug 2006, 20:38 |
|
Thaorius 07 Aug 2006, 20:59
No changes , it still doesn't write the header :sniff:
Any other idea? Thanks |
|||
07 Aug 2006, 20:59 |
|
okasvi 07 Aug 2006, 23:22
try this:
Code: ;.... proc TPackerW_End fd invoke WriteFile, [fd], __tpack_ehead, __tpack_ehead_z, __tpack_write_report, 0 ;.... |
|||
07 Aug 2006, 23:22 |
|
Thaorius 08 Aug 2006, 01:41
2 Things:
1) okasvi: I have it just like that 2) I also make a copy of the FileWrite call in TPackerW_New and put one call and in the next line the other: Code: proc TPackerW_New file invoke CreateFile, [file], GENERIC_WRITE, 0, 0, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, 0 cmp eax, INVALID_HANDLE_VALUE je .error mov [__tpack_handler], eax invoke WriteFile, eax, __tpack_head, __tpack_head_z, __tpack_write_report, 0 invoke WriteFile, eax, __tpack_head, __tpack_head_z, __tpack_write_report, 0 cmp [__tpack_write_report], __tpack_head_z je .error2 cmp eax, 0 je .error2 mov eax, [__tpack_handler] jmp .ret .error: mov eax, TPACK_CREATION_ERROR jmp .ret .error2: mov eax, TPACK_WRITE_HEAD_ERROR .ret: ret endp But it doesn't write, it just write the first time :S :S :S Is possible that the __tpack_write_report once is used it can't be reused? or simething like that? Thanks |
|||
08 Aug 2006, 01:41 |
|
Thaorius 08 Aug 2006, 02:01
I been testing, and if i put inteast of __tpack_head, __tpack_ehead in TPackerW_New then it write 2 times 'epack'(1xfunction) wich is ok, but if i put __tpack_head it doesn't, later I put the inmediate values inteast of storing them on buffer's, like:
Code: invoke WriteFile, eax, "tpackv2.0", 9, __tpack_write_report, 0 Later i figured that if i put just the size in numerical mode it write everything ok: Code: invoke WriteFile, [fd], __tpack_ehead, 5, __tpack_write_report, 0 P/D: If i take out the '-1' at the end of __tpack_head_z and __tpack_ehead_z there are no changes. Suggestions? |
|||
08 Aug 2006, 02:01 |
|
vid 08 Aug 2006, 07:20
UCM, whoops, i thought that WriteFile takes 4 params, not 5, and you were using last "0" to define stack variable for "bytes writen" variable, like this:
Code: invoke WriteFile, ebx, edu, ecx, addr esp+4, 0, 0 ;last 0 is stack variable definition cmp [esp], ecx pushf add esp,4 popf ...etc... sorry for confusion |
|||
08 Aug 2006, 07:20 |
|
UCM 08 Aug 2006, 13:10
Thaorius: You must remember, the Win32 API functions only save ebx,esi,edi and ebp. So, when you WriteFile the second time, 'eax' was already overwritten with the first WriteFile's return value.
|
|||
08 Aug 2006, 13:10 |
|
Thaorius 08 Aug 2006, 13:37
Yes thats true(it explain about the 2 calls), but why it write one time in the first funcion and not in the second function? But if I specify the size's with a number inteast of the __tpack_head_z and __tpack_ehead_z it write everything ok
Thanks |
|||
08 Aug 2006, 13:37 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.