flat assembler
Message board for the users of flat assembler.
Index
> Windows > Viewing register values |
Author |
|
Commodity 07 Sep 2007, 18:15
I have made a few small changes to example "SEH/Hardware Breakpoint in Win32" to make it easier for me to understand. It does exactly what I wanted now
Maybe someone else may want this too so here's the code: Code: ;Based on "SEH/Hardware Breakpoint in Win32" example by Bryan Power/RedGhost on FASM website include 'seh_data.inc' include 'win32ax.inc' .data _title db 'Debug Data', $0 _format db 'Exception Info', $D, $A, $D, $A,\ 'Exception Code:', $9, '0x%X', $D, $A,\ 'Exception Address:', $9, '0x%X', $D, $A, $D, $A,\ 'Register Values On Exception', $D, $A, $D, $A,\ 'eax:', $9, '0x%X', $D, $A,\ 'ebx:', $9, '0x%X', $D, $A,\ 'ecx:', $9, '0x%X', $D, $A,\ 'edx:', $9, '0x%X', $D, $A,\ 'edi:', $9, '0x%X', $D, $A,\ 'esi:', $9, '0x%X', $D, $A,\ 'ebp:', $9, '0x%X', $D, $A,\ 'esp:', $9, '0x%X', $D, $A,\ 'eip:', $9, '0x%X', $0 _buf rb $100 .code start: ;start exception handler invoke SetUnhandledExceptionFilter, exception_handler ;show debug info int3 ;clear registers xor eax, eax xor ebx, ebx xor ecx, ecx xor edx, edx ;show debug info once more int3 invoke ExitProcess,$0 exception_handler: push ebp mov ebp, esp push ebx edi ; get the EXCEPTION_POINTERS structure mov eax, [ebp+$8] mov ebx, [eax+EXCEPTION_POINTERS.ExceptionRecord] mov edi, [eax+EXCEPTION_POINTERS.ContextRecord] ; format the display string push dword [edi+CONTEXT.Eip] push dword [edi+CONTEXT.Esp] push dword [edi+CONTEXT.Ebp] push dword [edi+CONTEXT.Esi] push dword [edi+CONTEXT.Edi] push dword [edi+CONTEXT.Edx] push dword [edi+CONTEXT.Ecx] push dword [edi+CONTEXT.Ebx] push dword [edi+CONTEXT.Eax] push dword [ebx+EXCEPTION_RECORD.ExceptionAddress] push dword [ebx+EXCEPTION_RECORD.ExceptionCode] push _format push _buf call [wsprintfA] add esp, $34 ; display the info invoke MessageBox,HWND_DESKTOP, _buf,_title,MB_OK ; increment EIP to skip the int3 instruction inc dword [edi+CONTEXT.Eip] mov eax, EXCEPTION_CONTINUE_EXECUTION pop edi ebx mov esp, ebp pop ebp ret $4 .end start |
|||
07 Sep 2007, 18:15 |
|
handyman 10 Sep 2007, 14:38
I strongly recommend that you use a debugger. Ollydbg is a VERY good one, free, and easy to install, and easy to use. You can easily link in Ollydbg to Explorer using the Options menu in Ollydbg. This enables you to start the debugger using the right click menu over the EXE files and it allows you to see EVERYTHING that is going on in the program without adding the complexity of extra code.
|
|||
10 Sep 2007, 14:38 |
|
Commodity 10 Sep 2007, 15:14
Thanks for your input. I'll look into it =)
I've only been playing around with fasm for a few days now an I'm loving asm. Its actually not that much more complex then a language like C. Honestly I feel like some things would take me longer in C. When I start doing more complex things I'll probably need to install Ollydbg. |
|||
10 Sep 2007, 15:14 |
|
handyman 10 Sep 2007, 22:16
You'll like it once you start using it, even for simple small projects. You cannot beat a good debugger when doing assembly programming, even with small projects. The info it gives you about what the program is doing is really amazing. I would install sooner then later, you will be glad you did. It will help with learning asm since you can see what happens at every instruction step as the program runs. It will show you all register values, stack, memory states, and much more. A lot of this information is shown on the screen at the same time. As a learning tool it is very helpful.
|
|||
10 Sep 2007, 22:16 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.