flat assembler
Message board for the users of flat assembler.
Index
> Windows > FasmWideHook |
Author |
|
iic2 17 Sep 2008, 10:56
To revolution and all...
First use GlobalClick.exe with the masm dll. It is already ready to go... Notice how your window receive messages even when it is outside your window. Open any file and get 3 entry ... Than use the FasmDLL with --- add edx, sizeof.MOUSEHOOKSTRUCT == it's off overflow Than use the FasmDLL with --- add edx, [M_HOOK_STRUCT] == Right setting but lost focus when click is out side your window... Hope someone can help fix it. I can't seem to get anything to work. Thanks in advance
|
|||||||||||
17 Sep 2008, 10:56 |
|
shoorick 17 Sep 2008, 11:50
check this. generally, i have no idea what
Code: add edx, MOUSEHOOKSTRUCT[edx] ------------------------ btw, i would suggest you to preserve ebx to avoid inexpective crash on w2k
_________________ UNICODE forever! Last edited by shoorick on 17 Sep 2008, 11:58; edited 1 time in total |
|||||||||||
17 Sep 2008, 11:50 |
|
iic2 17 Sep 2008, 15:30
Quote: ... comment this line in fasm variant and ... XPsp2 and 3 ... It only work as usual, only when your window receive a mouse click. When clicked out-side your window it get nothing. Are you sure you did'nt get the same results when using the FASM DLL. Comenting it out in the MASM DLL in-fact DID work and was GLOBAL. Comenting it out in the FASM DLL DID NOT work as expected. Could you check again and let me know first chance you get. I'll be working on this new lead in the mean time. Thanks shoorick Quote: add edx, [sizeof.MOUSEHOOKSTRUCT + edx] .. revolution, I tried that and it only works if your window get the click. That is and was the end results of most of my attempts. Quote: ...but since you say the MASM code works then the above... It's doing something interesting because I played with that code for weeks before trying to translate to FASM. Now I see the code deserve even more serious investigation. But I never knew that line was not needed in MASM until now. There's a reason and both provides a great Global Hook with near No CPU usages. But we need it in FASM. So one of these two ideas here got to work for FASM. OK, check this out. Notice that FASM has to use a POINTER to the STRUCT. Is this true? If not what can I do because I bet this is the root of the problem. M_HOOK_STRUCT MOUSEHOOKSTRUCT <> Below was my original syntax that did not work, but by right it should have. ; mov edx,[lParam] ;add edx, [M_HOOK_STRUCT + edx] OR.. maybe, something in the FASM struct macro may have cause a miss somewhere for this type of un-known case. As you see in the MasmDll sample code it don't even use a pointer to a structure... I just realized, whenever you write a dll in MASM that use structures, I can't remember ever having to have to use any pointers. I can't quit now. There got to be a work around. Here is the link where I learn how to work around similar MASM code being translated to POASM.. Maybe someone can figure out what I missed since FASM is now the case. It's in there somewhere. H E L P !!! http://www.masm32.com/board/index.php?topic=5426.0 |
|||
17 Sep 2008, 15:30 |
|
revolution 17 Sep 2008, 15:46
iic2: Are you sure you have included all the code? Because when I disassemble both DLLs I get the same code, there is no difference.
|
|||
17 Sep 2008, 15:46 |
|
iic2 17 Sep 2008, 17:28
[quote="iic2"]!00% ... I spend weeks of testing to insure a match. I don't think i missed a beat. Look at what your disassemble may have proved.
The only difference is one is the set-up for the FASM DLL and the one is for MASM DLL. The EXE use both depending on which one you place in the folder with the EXE. The way the Structure is call is the ONLY big difference. See what I mean. MASM is a Global hook and FASM is a Local hook when the both should be global. I bet it got something to do with the FASM STRUCT macro or something minor got to be changed in the FASM DLL setup. It took a lot of work just to get FASM DLL set-up because there is nothing like it that I could find anywhere when it come to Global in FASM and it's the type that don't eat-up CPU. A dream DLL. But than again shoorick may have something for us by morning. I hope he did not miss-calculate (overlooked clicking out-side the box for checking) That is soooo easy not to remember. I hope I don't have to go high level FASM. How did you cmp the disassemble, with a tool or by site. I wish I knew how to use SoftIce or Olly because this is not the norm of a DLL and MASM got something that realize this code to be Global and others do not. Or maybe the way it is declared in the EXE don't work for FASM... And if these are not the case than it prove the computer can lie or FASM has a flaw or MS figured out a way to block special ASM code not of masm syntax or it's just that I a suspicious person who have not figured out the FASM way. Same Folder With ALL Sources
|
|||||||||||
17 Sep 2008, 17:28 |
|
revolution 17 Sep 2008, 19:15
I don't see the difference, functionally the same. The left side is the fasm file. What did I miss?
[edit]Removed the attachment, it is no longer needed.[/edit] Last edited by revolution on 22 Dec 2008, 00:45; edited 1 time in total |
|||
17 Sep 2008, 19:15 |
|
iic2 17 Sep 2008, 19:41
My screen is too small. Can you separate the pages and zip them up in bitmaps or the whole text files. Is this Olly. I think I can get that far with Olly and will try it and see what I get and compare with yours as i go. I will do basic IDA and all else I know by this evening. It don't seem as difficult as i thought now that Isee the expect results to view. I guest it took a good butt kicking to make me pay attention and learn faster. I am so worn out. I got to sleep for a few hours. Thank you very very much revolution
|
|||
17 Sep 2008, 19:41 |
|
iic2 18 Sep 2008, 03:02
I could not sleep so I been moving on with some Jim Beam in the belly and got 50 ways in. So wake up everybody
I don't know how to get those result using olly for a dll. It tell me no no and I can't even open the file. I did enlarged your bitmap and every thing did match perfectly. But using Dependency Walker results do not match and maybe other tools will show the same. Hope someone can shed some lite on this. For now it seem FASM need to build in more juice when it comes to DLL's .. can't this be right fix now? or what can we do about it to make the file work ? ................................................... GLOBAL MASM.DLL Time Stamp 7:47PM Size 2,560 1024 smaller Free mem to use unknown. 512 made since Attributes A Machine Intel x86 Subsystem Win32 GUI Debug No BASE 0x10000000 Seem to a mean Real Dll** File Version 0.0.0.0 Product Verson 0.0.0.0 Image Version 0.0 Linker Version 5.12 OS Verson 4.0 Why MASM get 4 Pack ? Subsystem 4.0 ................................................... Seems Cheated FASM.DLL Time Stamp 5:41a Size 3,584 Fasm is 1024 bigger Attributes A Machine Intel x86 Subsystem Win32 GUI Debug No BASE 0x00400000 Seem lto mean EXE ** to receive LESS Msg ** File Version 0.0.0.0 0.0.0.0 Product Verson 0.0.0.0 0.0.0.0 Image Version 0.0 0.0 Linker Version 1.67 build-in Linker or Assem ? OS Verson 1.0 Why others get 1 Beer Subsystem 4.0 4.0
|
|||||||||||
18 Sep 2008, 03:02 |
|
shoorick 18 Sep 2008, 07:00
before i will search the bug i have to understand something.
i do understand this: PUSH [MOUSEHOOKSTRUCT.pt.x+edx] - it is pushing into stack member pt.x of MOUSEHOOKSTRUCT, pointed by edx and i do not understand this: add edx, MOUSEHOOKSTRUCT[edx] - before this operation edx has pointer to MOUSEHOOKSTRUCT structure, sent via lParam. what has to be beyond this structure and have to be added? what expected in edx then? if there is hopefully 0 - just nothing will happend. if not - what then? if you will answer me - i'll look there again |
|||
18 Sep 2008, 07:00 |
|
shoorick 18 Sep 2008, 07:06
before i will think about global/local difference here is your masm dll without that strange line, working same as previous
_________________ UNICODE forever! |
|||||||||||
18 Sep 2008, 07:06 |
|
Alphonso 18 Sep 2008, 08:45
** If you want to use base 10000000h instead of default 400000h then use
Code: format PE GUI 4.0 DLL at 10000000h |
|||
18 Sep 2008, 08:45 |
|
Alphonso 18 Sep 2008, 14:10
iic2: see if this helps
Code: format PE GUI 4.0 DLL entry DllEntry WM_MOUSEHOOK equ WM_USER+6 include 'win32a.inc' section '.text' code readable executable proc DllEntry hInst, reason, rsev mov eax,[hInst] mov [hInstance],eax mov eax,1 ret endp proc MouseProc nCode,wParam,lParam PUSH [lParam] PUSH [wParam] PUSH [nCode] PUSH [hHook] call [CallNextHookEx] mov edx,[lParam] ;lparam is our pointer to a MOUSEHOOKSTRUCT ;add edx,[edx+14h] ;dwExtraInfo, is it really needed? mov ebx,[wParam] cmp ebx,WM_LBUTTONDOWN je _GotDown jmp @f _GotDown: PUSH dword [edx+4] ;Y pos PUSH dword [edx] ;X pos PUSH WM_MOUSEHOOK PUSH [hWnd] CALL [PostMessage] @@: cmp ebx, WM_LBUTTONUP je _GotUP jmp @f _GotUP: PUSH dword [edx+4] ;Y pos PUSH dword [edx] ;X pos PUSH WM_MOUSEHOOK PUSH [hWnd] CALL [PostMessage] @@: xor edx,edx ; assume edx:nothing xor eax,eax ret endp proc InstallHook hwnd push [hwnd] pop [hWnd] PUSH 0 PUSH [hInstance] PUSH MouseProc PUSH WH_MOUSE CALL [SetWindowsHookEx] mov [hHook],eax ret endp proc UninstallHook PUSH [hHook] CALL [UnhookWindowsHookEx] ret endp section '.data' data readable writeable shareable ;very important to have shareable ;otherwise no global operation ! hInstance dd 0 ;Dll's module handle hHook dd 0 ;Hook handle hWnd dd 0 section '.idata' import data readable library user32,'user32.dll' include '\api\user32.inc' section '.edata' export data readable export 'GlobalDll.DLL',\ InstallHook,'InstallHook',\ UninstallHook,'UninstallHook',\ MouseProc,'MouseProc' section '.reloc' fixups data discardable |
|||
18 Sep 2008, 14:10 |
|
revolution 18 Sep 2008, 14:18
Alphonso wrote:
And this: Code: ;add edx,[edx+14h] ;dwExtraInfo, is it really needed? |
|||
18 Sep 2008, 14:18 |
|
iic2 18 Sep 2008, 23:11
The Key:
Quote: it is reading beyond the end of the array shoorick, I forgot what this was for until now: mov edx,[lParam] add edx, MOUSEHOOKSTRUCT[edx] It is needed if you want to retrieve the 3rd entry based off a DOUBLE-CLICK. When the user click any SHORT-CUT LINK to open a file your app will know. .. If you remove it you only get the standard information for BUTTONDOWN/BUTTONUP. This was my goal from the beginning... While fighting this FASM DLL, I forgot that toooo. add edx,[edx+14h] Alphonso file is way much better and i bet it's faster Thanks again everybody |
|||
18 Sep 2008, 23:11 |
|
iic2 19 Sep 2008, 05:28
I should have bow out as plan. I just knew if I continue I would throw things off. I sent out all the warning. I finally realize that line was (MAY) not be needed. For the pass few years before trying FASM I always translate MASM examples to POASM code and that was my way of translating an assume statement (that may never needed to be there in the first place). You see my desperation to achieve this in the link i posted way above. But again, I can almost swear I once saw the reason for it in the pass.
Anyway, I'm just happy you guy help to get it working properly in FASM and I learn more than I dream about behind all of it. This is a shock for me. Now I got to re-write everything I did in FASM and it's going to be FUN. bye |
|||
19 Sep 2008, 05:28 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.