flat assembler
Message board for the users of flat assembler.

Index > Windows > invalid use of symbol

Author
Thread Post new topic Reply to topic
HarryTuttle



Joined: 26 Sep 2003
Posts: 211
Location: Poland
HarryTuttle 12 Jan 2004, 09:36
what do I wrong?

Code:
include '%fasminc%/win32ax.inc'

.code
start:
call prg2
db 'user32',0
prg2:
call 0x77e9fee8
push MB_OK
call prg3
db 'test',0
prg3:
call prg4
db 'Hello Word!',0
prg4:
push 0
call 0x77e34066
push 0
call 0x77ea6542
.end start   
    


regards,
h

_________________
Microsoft: brings power of yesterday to computers of today.
Post 12 Jan 2004, 09:36
View user's profile Send private message Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 8359
Location: Kraków, Poland
Tomasz Grysztar 12 Jan 2004, 09:58
http://board.flatassembler.net/topic.php?t=37
(this is exactly the same problem and the same solution applies).
Post 12 Jan 2004, 09:58
View user's profile Send private message Visit poster's website Reply with quote
roticv



Joined: 19 Jun 2003
Posts: 374
Location: Singapore
roticv 12 Jan 2004, 13:07
[offtopic]hmm the code does not work across all variant of windows[/offtopic]
Post 12 Jan 2004, 13:07
View user's profile Send private message Visit poster's website MSN Messenger Reply with quote
HarryTuttle



Joined: 26 Sep 2003
Posts: 211
Location: Poland
HarryTuttle 12 Jan 2004, 13:19
the code does not work if you have different version of dll.
test your dll's function offsets and add to the base adres:

4 example the kernel32.dll base is:77e80000h and offsets may be different. Exchange the right value of all hard-coded adresses and run:

Code:
format PE GUI 4.0    ;or console /as you wish
include '%fasminc%/win32a.inc'

entry go

section '.data' data readable writeable
form db '%s%x',10,0
hexa db 'addres: ',0

;*************************************************
section '.code' code readable writeable executable
go:
call go1
db 'user32.dll',0
go1:
mov eax,77e9fee8h  ;LoadLibraryA ;your maybe 77e8a254
call eax
cinvoke printf,form,hexa,eax
cinvoke printf,form,hexa,[ExitProcess]
push 0
call stp1
db 'Test OK !',0
stp1:
call stp2
db 'Hello World!',0
stp2:
push 0
mov eax,77e33256h  ;MessageBoxA your maybe 77e375d5
call eax
push 1
mov eax,77ea6542h   ;ExitProcess ,yours 77e98f94 ???
call eax
;**********************************************
section '.idata' import data readable writeable

library kernel32,'KERNEL32.dll',\
        crtdll,'crtdll.dll'
import kernel32,\
             ExitProcess,'ExitProcess'
import crtdll,\
       printf,'printf'
                        
    


I still have no idea why the code will be not work if I cut :
Code:
cinvoke printf,form,hexa,eax
cinvoke printf,form,hexa,[ExitProcess]
    

maybe U know?
regards,
h

_________________
Microsoft: brings power of yesterday to computers of today.
Post 12 Jan 2004, 13:19
View user's profile Send private message Reply with quote
roticv



Joined: 19 Jun 2003
Posts: 374
Location: Singapore
roticv 12 Jan 2004, 13:44
My point would be that you should not be hardcoding the address of function from kernel32.dll. In fact, some examples of address whereby user32.dll is maped onto is

Win95 (3rd release?) - 0xBFF70000
Win98 (1st and 2nd editions) - 0xBFF70000
WinME - 0xBFF60000
WinNT4 (service pack 4 and 5) - 0x77F00000

I grabbed it from somewhere. So don't blame me if the values are wrong.

I think it does not work because you are using windows 2k (correct me if i am wrong with that assumption). Under 2k, it is not allowed for an exe to run if it does not have any imports.
Post 12 Jan 2004, 13:44
View user's profile Send private message Visit poster's website MSN Messenger Reply with quote
HarryTuttle



Joined: 26 Sep 2003
Posts: 211
Location: Poland
HarryTuttle 12 Jan 2004, 14:02
U R absolutely right, the first example does not work, that's why I post it!
The code even can't be compiled.
I improved it but like most of the time, something's going wrong.
My system is 2K(bingo roticv!) with all security patches are aviable from the MS.
Before patching the addresses of procs were different Confused


best regards,
h
4 the people who want to know that address:
To display yours image base address of Kernel32.dll run this:

Code:
include '%fasminc%/win32ax.inc'

.data
szKer db 'kernel32 image base is: ',10
szBuffer rb 9
db 0
forma db '0x%x',0
addresKern dd ?
.code
start:
call go
db 'kernel32.dll',0
go:
call [LoadLibrary]
mov [addresKern],eax
invoke wsprintf,szBuffer,forma,[addresKern]
invoke MessageBox,0,szKer,szBuffer,0
invoke ExitProcess,0
.end start
    

_________________
Microsoft: brings power of yesterday to computers of today.
Post 12 Jan 2004, 14:02
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.