flat assembler
Message board for the users of flat assembler.

Index > Windows > Winsock, problem with send (SOLVED)

Author
Thread Post new topic Reply to topic
AlexMihaj



Joined: 19 Dec 2006
Posts: 5
AlexMihaj 19 Dec 2006, 01:13
I'm writing code to the end of an existing executable. This code
is supposed to create a socket, connect to my server, send some data
and disconnect.

I've got all parts working except the send part. Whatever I do
I only receive zeros at the server end. Both if I send from stack
(which I use to store my data in since I'm not really supposed to be there)
or from a data section.

What could I be doing wrong? Any ideas?

edx is 0 so flags = none
ebx is my socket handle
Code:
push    edx
push    dword 9
push    dword 0x5A1160
push    ebx
call    [0x58D614]      ;call    [WS2_32.dll!WS2_32.19]
    


Thanks in advance


Last edited by AlexMihaj on 21 Dec 2006, 02:04; edited 1 time in total
Post 19 Dec 2006, 01:13
View user's profile Send private message Reply with quote
coconut



Joined: 02 Apr 2004
Posts: 326
Location: US
coconut 19 Dec 2006, 01:35
maybe tomasz' quetannon example can help; look at examples page
Post 19 Dec 2006, 01:35
View user's profile Send private message Reply with quote
kohlrak



Joined: 21 Jul 2006
Posts: 1421
Location: Uncle Sam's Pad
kohlrak 19 Dec 2006, 02:39
I guess here would be a good place to ask instead of creating my own thread and clutter up stuff...... Does anyone happen to have a decent tutorial to other features of winsocks rather than just the TCP example uses? Since TCP is supposed to allow only one connection at a time, i'd like to learn a little about UDP as well. I've started to read that winsocks tutorial that comes with fasm, but it seems to not be going anywhere except explaining all the features of winsocks2.
Post 19 Dec 2006, 02:39
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger Reply with quote
coconut



Joined: 02 Apr 2004
Posts: 326
Location: US
coconut 19 Dec 2006, 03:01
Post 19 Dec 2006, 03:01
View user's profile Send private message Reply with quote
kohlrak



Joined: 21 Jul 2006
Posts: 1421
Location: Uncle Sam's Pad
kohlrak 19 Dec 2006, 03:32
Thank you.
Post 19 Dec 2006, 03:32
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger Reply with quote
AlexMihaj



Joined: 19 Dec 2006
Posts: 5
AlexMihaj 19 Dec 2006, 06:11
coconut wrote:
maybe tomasz' quetannon example can help; look at examples page
I don't think that example could help me. I've looked at it but
didn't understand a thing. It looks quite cluttered to my eyes.

Anyway I already know how to use the Winsock API. What I need is
something that can explain why I only receive zeros when really
send something different.

Are there any rules about what I may or may not use as a buffer
when sending?
Post 19 Dec 2006, 06:11
View user's profile Send private message Reply with quote
RedGhost



Joined: 18 May 2005
Posts: 443
Location: BC, Canada
RedGhost 19 Dec 2006, 08:38
Code injection + sockets, oh my Wink

_________________
redghost.ca
Post 19 Dec 2006, 08:38
View user's profile Send private message AIM Address MSN Messenger Reply with quote
AlexMihaj



Joined: 19 Dec 2006
Posts: 5
AlexMihaj 19 Dec 2006, 14:54
RedGhost wrote:
Code injection + sockets, oh my Wink

Yep that's right Wink

Got any tips?
This is kind of a first try for me.
Post 19 Dec 2006, 14:54
View user's profile Send private message Reply with quote
RedGhost



Joined: 18 May 2005
Posts: 443
Location: BC, Canada
RedGhost 19 Dec 2006, 22:00
AlexMihaj wrote:
RedGhost wrote:
Code injection + sockets, oh my Wink

Yep that's right Wink

Got any tips?
This is kind of a first try for me.


Since the programme has loaded the .dll you require, enumerate its EAT via ReadProcessMemory( ) to get the proper address of the function(s) you want rather than rely on a constant to ensure compatibility.

_________________
redghost.ca
Post 19 Dec 2006, 22:00
View user's profile Send private message AIM Address MSN Messenger Reply with quote
AlexMihaj



Joined: 19 Dec 2006
Posts: 5
AlexMihaj 19 Dec 2006, 23:00
RedGhost wrote:
AlexMihaj wrote:
RedGhost wrote:
Code injection + sockets, oh my Wink

Yep that's right Wink

Got any tips?
This is kind of a first try for me.


Since the programme has loaded the .dll you require, enumerate its EAT via ReadProcessMemory( ) to get the proper address of the function(s) you want rather than rely on a constant to ensure compatibility.

I don't get it. Compatibility with what?

I call the functions just like it's done in the rest of the program:
Code:
call [address_to_an_entry_in_some_table]    

Why should I use ReadProcessMemory? Can't I just read
from memory the "normal" way? After all, my code is part of the app Wink
Post 19 Dec 2006, 23:00
View user's profile Send private message Reply with quote
kohlrak



Joined: 21 Jul 2006
Posts: 1421
Location: Uncle Sam's Pad
kohlrak 19 Dec 2006, 23:05
i don't know much about winsocks, but the DLL is part of the OS, so if it has security things that disable doign things the normal way, you'll have to do it another way.
Post 19 Dec 2006, 23:05
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger Reply with quote
AlexMihaj



Joined: 19 Dec 2006
Posts: 5
AlexMihaj 21 Dec 2006, 02:13
This is so embarrasing... Embarassed
When pushing 0 dwords I cleared the EDX reg and pushed it.
Everything to save space. Wink
However after calling connect I "forgot" to clear it again so instead
of 0 I passed god knows what as flags. No wonder it failed.
I fixed it by using ESI as my 0 dword instead.

Thanks for your attempts to help me Smile

Good bye
Post 21 Dec 2006, 02:13
View user's profile Send private message Reply with quote
RedGhost



Joined: 18 May 2005
Posts: 443
Location: BC, Canada
RedGhost 21 Dec 2006, 03:24
AlexMihaj wrote:
This is so embarrasing... Embarassed
When pushing 0 dwords I cleared the EDX reg and pushed it.
Everything to save space. Wink
However after calling connect I "forgot" to clear it again so instead
of 0 I passed god knows what as flags. No wonder it failed.
I fixed it by using ESI as my 0 dword instead.

Thanks for your attempts to help me Smile

Good bye


The winsock DLL's are not loaded by every single process like ntdll.dll and kernel32.dll, there is no guarantee the functions reside at the same addresses and the dll's have the same base address in every process.

_________________
redghost.ca
Post 21 Dec 2006, 03:24
View user's profile Send private message AIM Address MSN Messenger Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.