26286 total geeks with 3498 solutions

Recent challengers:

UserZero level 1 - 11:38PM
Tyranus level 2 - 02:21AM
Tyranus level 1 - 01:44AM

Welcome, you are an anonymous user! [register] [login]

	GEEK
Challenge Bonus Levels Geek Reverser View Solutions Test Centre Hall of Brain Hall of Bonus Hall of Reverse Geek or Freak

User's box

Username:

Password:

Forgot password?
New account

Shoutbox

	MaxMouse It's Friday... That's good enough for me!
	CodeX non stop lolz here but thats soon to end thanks to uni, surely the rest of the world is going good?
	stabat how things are going guys? Here... boring...
	CodeX I must be going wrong on the password lengths then, as long as it was done on ECB
	MaxMouse lol... the key is in hex (MD5: of the string "doit" without the "'s) and is in lower case. Maybe i should have submitted this as a challenge!

Donate

Donate and help us fund new challenges

Due Date:	May 31
May Goal:	$40.00
Gross:	$0.00
Net Balance:	$0.00
Left to go:	$40.00

Contributors

News Feeds

The Register

	Ctl-P for pizza
	Report: China IP theft now equal in value to US exports to Asia
	Kim Dotcom claims invention of two-factor authentication
	US power grid the target of "numerous and daily" cyber-attacks
	Prenda lawyers miss sanctions deadline
	HP down on all fronts in Q2, but profits higher than expected
	Microsoft floats Azure cloud into China
	Twitter locks down logins by adding two-factor authentication
	IiNet offloads fibre network to NBN Co
	Microsoft tweaks WinPhone YouTube app to fix Google gripes

Slashdot

	3D Printers For Peace Contest
	Intel"s Linux OpenGL Driver Faster Than Apple"s OS X Driver
	Rough Roving: Curiosity"s Wheels Show Damage
	Tesla Motors Repays $465M Government Loan 9 Years Early
	Why the "Star Trek Computer" Will Be Open Source and Apache Licensed
	NYPD Detective Accused of Hiring Email Hackers
	Scientists Find Vitamin C Kills Drug-Resistant Tuberculosis
	German IT Firm Seeks Autistic Workers
	Violent Galactic Clash May Solve Cosmic Mystery
	The Canadian Government"s War On Science

Article viewer

Win32 calls from Assembly

Written by:	dimport
Published by:	sefo
Published on:	2003-06-21 07:19:46
Topic:	Assembly

Search OSI about Assembly.

More articles by dimport.

viewed 10748 times

The following is a simple demonstration of how win32 calls work in assembly, some say its easier in asm than C.

Hello world in Win32 in assembly:

.386p
.model flat, stdcall
extrn MessageBoxA : PROC
extrn ExitProcess : PROC
.DATA
szCaption db "OSI > *",0
szText db "Hello World",0

.CODE
Main:
                push 0
                push offset szCaption
                push offset szText
                push 0
                call MessageBoxA
                push 0
                call ExitProcess
End Main

Personally, i use tasm as my assembler so i dont know about other assemblers.

Assuming the above code is in a file called hello.asm (which is in the same dir as your assembler), the commands to turn it into an executable are:

tasm32 /ml hello

This gives you a object (obj) file, to link it:

tlink32 -x /Tpe /c hello,hello,, import32.lib,,

And now you have your executable. Run it and you’ll see its a message box, but, behind it is a dos window “surely that means it isnt win32 ?” it is, i just haven’t registered a window class, lets break the code down:

.386p
;denotes which instruction set to use (i386)
.model flat, STDCALL
;Tells the assembler which memory model we want to use, windows has a flat model
;and so thats what we use, STDCALL basically sets how the stack is managed
;by the program, in this instance data is pushed from right to left onto the stack.
extrn MessageBox : PROC
extrn ExitProcess : PROC
;Tells the assembler we want to use these external API functions

.DATA
;Tells the assembler the following segment and its content are data
;as opposed to code.
szCaption db ''OSI > *'',0
szText db ''Hello World'',0
;What it says on the tin

.CODE
;Defines the starting point for the code segment.

Now, here’s the trick, to translate the C version
of a function across to ASM, the syntax for the win32 MessageBox function is:

int MessageBox(
           HWND hWnd, // handle to parent window
           LPCTSTR lpText, // text in message box
           LPCTSTR lpCaption, //title of message box
           UINT uType, // type of message box
           );

In assembly, as you can see in the program, this becomes;

                push 0
                push offset szCaption
                push offset szText
                push 0

Then we call the win32 MessageBox function:

call MessageBox

And terminate the thread:

call ExitProcess, 0

This article was originally written by pigsbig78

Did you like this article? There are hundreds more.

Comments:

<none>

Anonymously add a comment: (or register here)
(registration is really fast and we send you no spam)

BB Code is enabled.

Captcha Number:

Blogs: (People who have posted blogs on this subject..)

jackier

jackier on Mon 13th Oct 10am
111

sefo

Sneak - encryption on Fri 17th Nov 12pm
I'm developing the win32 version of sneak: http://snarkles.net/scripts/sneak/sneak. php The ASM source code is available on cyberarmy svn (for members only - free) Check the forum for details: http://www.cyberarmy.net/forum/sneak/mes sages/295244.

sefo

Geek Toolbar on Mon 13th Nov 8am
This a very simple and small toolbar I wrote in my spare time. I use the same set of tools very often and I find it very annoying to look for them in the start menu, on the desktop or in explorer. http://www.osix.net/modules/folder/index .php?tid=134

sefo

BinScan and Alternate Data Stream on Thu 27th Jul 9am
BinScan I created this tool to quickly identify modifications in the PE, use of a TLS callback and Alternate Data Streams. -> Some modifications done in the PE structure of an executable can prevent debuggers or other tools to open the executable.

sefo

Wmf Creator on Wed 26th Jul 7am
Now that the blog is online, I'll be able to share two or three tools I wrote. The first one I'd like to share is WMF Creator. I already put a link in the comments of my article: Wmf Exploit but I thought it would look nicer here. This tool will tak

Test Yourself: (why not try testing your skill on this subject? Clicking the link will start the test.)

Reverse Engineering by Geek_Freek

A test to check your assembly and reversing skills.

Assembly Language - non compiler specific by TroPe

You can test your assembly knowledge by taking this test. It starts out relatively easy, but gets progressively hards very quickly! If you know assembly, or just want to see what you DONT know about assembly, this test is for you. A more advanced assembly

Your Ad Here