flat assembler
Message board for the users of flat assembler.

Index > Windows > Low level 32-bit assembly

Author
Thread Post new topic Reply to topic
crazyperson



Joined: 03 Oct 2007
Posts: 5
crazyperson 07 Oct 2007, 10:18
I'm sorry if this is in the wrong section, but I have a few questions.

Firstly, how can I learn lower level fasm, without the invokes and without all the high level stuff?

For example, how could I do:
invoke AllocConsole

without the "invoke", but in pure low level assembly?

How can I use APIs without invokes? I basically want the longer way, so I can really understand what is going on.
Post 07 Oct 2007, 10:18
View user's profile Send private message Reply with quote
DJ Mauretto



Joined: 14 Mar 2007
Posts: 464
Location: Rome,Italy
DJ Mauretto 07 Oct 2007, 11:17
hello Very Happy

CALL AllocConsole
Post 07 Oct 2007, 11:17
View user's profile Send private message Reply with quote
crazyperson



Joined: 03 Oct 2007
Posts: 5
crazyperson 07 Oct 2007, 12:56
DJ Mauretto wrote:
hello Very Happy

CALL AllocConsole


Do I enter the parameters the same way I do with invoke, when using "call"?
Post 07 Oct 2007, 12:56
View user's profile Send private message Reply with quote
DJ Mauretto



Joined: 14 Mar 2007
Posts: 464
Location: Rome,Italy
DJ Mauretto 07 Oct 2007, 13:27
example with MessageBox
Code:

push uType
push lpCaption
push lpText
push hWnd
call MessageBoxA
    
Post 07 Oct 2007, 13:27
View user's profile Send private message Reply with quote
Mr_Silent



Joined: 25 Apr 2006
Posts: 30
Mr_Silent 07 Oct 2007, 19:15
maybe like this?
Code:
push uType 
push lpCaption 
push lpText 
push hWnd 
call [MessageBoxA]
    
Post 07 Oct 2007, 19:15
View user's profile Send private message Reply with quote
crazyperson



Joined: 03 Oct 2007
Posts: 5
crazyperson 08 Oct 2007, 05:02
Thanks Mr_Silent, it works. I have a few more questions though(more beginner questions).

Obviously I am trying to get as low level as possible, with a lot of control and flexibility.

I have noticed 16-bit assembly gives me just that, but is 16-bit assembly obsolete? Will it be useless soon, and a waste of time to learn? Also, is there a way of doing 32-bit assembly without APIs, similar to 16-bit?

ps What is the difference between 32-bit and 64-bit, and will I have to re-learn everything?
Post 08 Oct 2007, 05:02
View user's profile Send private message Reply with quote
karl



Joined: 07 Feb 2006
Posts: 63
Location: South Africa
karl 08 Oct 2007, 11:35
the apis are just a way to access system functions, something that isn't defined by x86 assembly. in older dos systems you used int 10h or somesuch. you have to use system functions to do most things. like access the screen, get more memory etc.

64bit is basically the same. it's mostly the same instructions but with a different format, and less limitations.

try looking at example code. fasm has quite a few nice ones. i must say, though, you need to know a lot before you start to understand what everything is doing.
Post 08 Oct 2007, 11:35
View user's profile Send private message Reply with quote
karl



Joined: 07 Feb 2006
Posts: 63
Location: South Africa
karl 08 Oct 2007, 11:45
this post by Aux here http://board.flatassembler.net/topic.php?t=7629 explains well:

1. If you are making Windows application (or application for any other protected mode OS like Linux, Mac OS, BeOS and others), then your application CAN NOT DIRECTLY ACCESS ANY HARDWARE! That includes interrupt (both software and hardware), memory, ports and so on. You can use ONLY API of your operating system. This is because applications run in ring3 and all priveleged commands are available ONLY to ring0 applications! No CLI, no INT, no CPUID and so on.

2. In protected mode OSes ONLY OS kernel and kernel-mode drivers run in ring0! And writting windows driver is not so easy and your book will not help you.

3. DOS applications under Windows are running inside NTVDM emulator which EMULATES all hardware stuff! BUT YOU CAN NOT ACCESS HARDWARE DIRECTLY ANYWAYS! You can write DOS application and try to destroy interrupt table or overwrite all memory - it will not happen.

4. Win95/98/Me technically are NOT operating systems, DOS is still under them, so you can destroy interrupt table there. You can even hook TLS/TLD tables and do whatever you want (:

5. DPMI is DOS Protected Mode Interface. It is kind of addon for MS DOS so 32bit apps can run without Windows. And there you have full access for everything. But ONLY when you are running DPMI application inside clean DOS (not NTVDM or DOSBox).

So what can You do? Install DOS and test your apps there. Install DOS inside VMWARE and run your apps there inside emulated environment. Also you can install Win98, but still you will need to write DOS apps. Or you can start learning WinAPI and forget about everything you just read in your book.
Post 08 Oct 2007, 11:45
View user's profile Send private message Reply with quote
crazyperson



Joined: 03 Oct 2007
Posts: 5
crazyperson 08 Oct 2007, 13:42
Thanks, that cleared up a lot of the confusion.
Post 08 Oct 2007, 13:42
View user's profile Send private message Reply with quote
rugxulo



Joined: 09 Aug 2005
Posts: 2341
Location: Usono (aka, USA)
rugxulo 08 Oct 2007, 17:54
Quote:

So what can You do? Install DOS and test your apps there. Install DOS inside VMWARE and run your apps there inside emulated environment. Also you can install Win98, but still you will need to write DOS apps.


http://rugxulo.googlepages.com (FreeDOS mini floppy distro)

Sorry for the plug, but maybe you'll find it useful. Smile
Post 08 Oct 2007, 17:54
View user's profile Send private message Visit poster's website Reply with quote
shakuni



Joined: 11 Oct 2007
Posts: 24
shakuni 17 Oct 2007, 06:48
Quote:

If you are making Windows application (or application for any other protected mode OS like Linux, Mac OS, BeOS and others), then your application CAN NOT DIRECTLY ACCESS ANY HARDWARE!

But I have heard somewhere that there are many tricks that viruses use that involve getting to ring-0.
Post 17 Oct 2007, 06:48
View user's profile Send private message Reply with quote
Aux



Joined: 27 Aug 2007
Posts: 10
Aux 29 Oct 2007, 10:52
Yep, they install drivers, so they get access. In win9x there were os flaws, which allowed to modify TLS and take control, but it is not possible now. But you can still silently install any driver. How? Google!
Post 29 Oct 2007, 10:52
View user's profile Send private message Reply with quote
Dex4u



Joined: 08 Feb 2005
Posts: 1601
Location: web
Dex4u 29 Oct 2007, 11:43
There also hobby OS, like DexOS and BOS that let you program in pmode just like you could in realmode.
Post 29 Oct 2007, 11:43
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.