Index
> Windows > driver in fasm |
| Author |
|
|
asmrox 24 Apr 2008, 01:13
i need an example of .sys wich will just printf smth via DbgPrint, thx.
|
|||
24 Apr 2008, 01:13 |
|
|
AlexP 24 Apr 2008, 12:48
You might be able to find something on the FASM site. I believe there's a native in there.
All I know is 'format PE native' or something  |
|||
|
24 Apr 2008, 12:48 |
|
|
asmrox 25 Apr 2008, 01:59
thers only 'Win64 drivers example'. sorry, im not pro to understand it =/
i just need a simple DbgPrint example. |
|||
|
25 Apr 2008, 01:59 |
|
|
revolution 25 Apr 2008, 02:11
Do you mean OutputDebugString?
|
|||
|
25 Apr 2008, 02:11 |
|
|
asmrox 25 Apr 2008, 02:28
OutputDebugString = wrapper from kernel32...
http://msdn2.microsoft.com/en-us/library/aa363362(VS.85).aspx Quote: Remarks |
|||
|
25 Apr 2008, 02:28 |
|
|
Feryno 25 Apr 2008, 06:52
The FASM forum is really huge collection of amazing things, it's just hard to find them...
for 32 bit sample get the attachment from the last post at http://board.flatassembler.net/topic.php?t=3434 Just note that you need to do hundreds instructions before your driver executes your code. Usual driver has procedures for loading driver, unloading driver and at least 1 procedure for 'communicating' with the driver (e.g. for reading from driver, writing into driver, DeviceIoControl etc). The simplest driver may execute just dbgprint and end itself with the ret instruction. But in this case the driver isn't unloaded, so you can't run it more than once per win session, you need to reboot win or rename driver name etc. The 32-bit sample posted there helped me a lot for developping 64-bit samples http://flatassembler.net/examples/win64_drivers.zip (studying what to do - skeleton, disassembling real win64 drivers - the smalles I found - just about 2 kB of code, fixing something in import section and that was all) |
|||
|
25 Apr 2008, 06:52 |
|
< Last Thread | Next Thread > |
Forum Rules:
|