flat assembler
Message board for the users of flat assembler.
Index
> Main > winpcap |
Author |
|
gavin 14 Aug 2008, 02:54
First of all my code works .
Whats wrong is on the example page http://www.winpcap.org/docs/docs_40_2/html/group__wpcap__tut3.html the pcap_findalldevs_ex function uses some fancy structures . The structure page is here http://www.winpcap.org/docs/docs_40_2/html/annotated.html and its name is pcap_if As you can see my code is no good without a uniform way of finding the adapters like they have using c. If you don't understand anything just ask . Thanks alot. Code: ;NASM Win32 stack ; ;compile with: ;NASMW.EXE -fobj sniffer.asm ;link with: ;ALINK.EXE sniffer.obj -c -oPE -subsys console %include "D:\programming\nasm\include\windows.inc" EXTERN pcap_findalldevs_ex IMPORT pcap_findalldevs_ex wpcap.dll EXTERN pcap_open IMPORT pcap_open wpcap.dll EXTERN pcap_freealldevs IMPORT pcap_freealldevs wpcap.dll EXTERN pcap_next_ex IMPORT pcap_next_ex wpcap.dll EXTERN printf IMPORT printf Msvcrt.dll EXTERN ExitProcess IMPORT ExitProcess kernel32.dll segment .DATA USE32 PCAP_SRC_IF_STRING db "rpcap://",0 segment .DATA? USE32 alldevs resd 254 errbuf resb 256 adhandle resd 1 adapter resd 1 segment .CODE USE32 ..start ;-------------------------------------------------------------------- ; Retrieve the device list from the local machine ;-------------------------------------------------------------------- push dword errbuf push dword alldevs push dword 0 push dword PCAP_SRC_IF_STRING call[pcap_findalldevs_ex] mov ebx,dword [alldevs] push dword [ebx] ;0 push dword [ebx+4] ;name push dword [ebx+8] ;description push dword ebx mov ebx,dword [alldevs] add ebx,204 push dword [ebx] ;name push dword [ebx+4] ;description push dword [ebx+8] ;0 push dword ebx mov eax,[ebx] mov [adapter],eax push dword errbuf push dword 0 push dword 1000 push dword 1 ;PROMISCUOUS push dword 65536 push dword [adapter] call[pcap_open] mov [adhandle],dword eax push dword 0 call [ExitProcess] |
|||
14 Aug 2008, 02:54 |
|
baldr 18 Aug 2008, 00:05
"Wherever particular people congregate"
|
|||
18 Aug 2008, 00:05 |
|
gavin 18 Aug 2008, 15:02
Okasvi I'm not sure how you understood the structs but thanks a million.
I couldn't of asked for a better reply to my question. You must of spent a good few hours writting that, so all i can say is thanks alot. I can now carry on writting my packet sniffer. Your code is very nice. A few questions. My code worked but it was horrible as you know . How or where did you learn to interpret them strucs used by the library? I know it is flat assembler but nasm is very similiar. |
|||
18 Aug 2008, 15:02 |
|
LocoDelAssembly 18 Aug 2008, 15:37
Quote:
So why don't you switch to fasm then? About interpreting the fields types it is very simple because C has very few native types: Code: ; Always in 32-bit x86 C char = byte (db, rb) short int = word (dw, rw) int = dword (dd, rd) long int = dword (dd, rd) long long int = qword (dq, rq) float = dword (dd, rd) double = qword (dq, rq) long double = tword (dt, rt) If I remember right, char is signed by default so if it has no prefix you must consider the byte as signed (in branches, divisions, etc). All types but floating-point ones accept signed and unsigned prefix. If the field type is none of the native types then it is a typedef, so you must look inside the header files (or in the lines above the definition of the structure) to see what native type is. Since the typedef could be again another structure you need a recursive search (But in such case define all the strucs in the path in your Assembly source instead of expanding all native types fields) I hope I haven't confused you much, I suggest you read The C Programming Language book which I'm sure it was available for reading online (legally) but now I can't find it |
|||
18 Aug 2008, 15:37 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.