Author Topic: FindFirstFile  (Read 1720 times)

shankle

  • Member
  • ****
  • Posts: 784
FindFirstFile
« on: January 09, 2017, 02:12:03 AM »
Was wondering if Iczelion could do an example of using FindFirstFile and Win32_Find_Data
but I don't know how to ask him. In 64-bit please.
Having difficulty with lpFileName in FindFirstFile.

ragdog

  • Member
  • ****
  • Posts: 572
Re: FindFirstFile
« Reply #1 on: January 09, 2017, 03:32:08 AM »
Hello

Why Iczelion i think this time is long gone  :biggrin:
It gives enough exmaple about FindFirstFile Win32_Find_Data
and x64 is not really different..

have you not access to a Wow64 folder use Wow64DisableWow64FsRedirection

here is a X64 example JWasm



Disasm:

Code: [Select]
000000013FF51000 | lea rcx,qword ptr ds:[13FF53188]        |
000000013FF51007 | movabs rdx,<console.??0000>             | 13FF53000:"C:\\masm32\\include\\"
000000013FF51011 | call qword ptr ds:[<&lstrcpyA>]         |
000000013FF51017 | lea rcx,qword ptr ds:[13FF53188]        |
000000013FF5101E | movabs rdx,<console.??0001>             | 13FF53013:"*.*"
000000013FF51028 | call qword ptr ds:[<&lstrcat>]          |
000000013FF5102E | lea rcx,qword ptr ds:[13FF53188]        |
000000013FF51035 | lea rdx,qword ptr ds:[13FF53040]        |
000000013FF5103C | call qword ptr ds:[<&FindFirstFileA>]   |
000000013FF51042 | cmp rax,FFFFFFFFFFFFFFFF                |
000000013FF51046 | je console.13FF5107F                    |
000000013FF51048 | mov qword ptr ds:[13FF53180],rax        |
000000013FF5104F | lea rdx,qword ptr ds:[13FF5306C]        |
000000013FF51056 | movabs rcx,<console.??0002>             | 13FF53017:"%s\r\n"
000000013FF51060 | call <console.printf>                   |
000000013FF51065 | mov rcx,qword ptr ds:[13FF53180]        |
000000013FF5106C | lea rdx,qword ptr ds:[13FF53040]        |
000000013FF51073 | call qword ptr ds:[<&FindNextFileA>]    |
000000013FF51079 | cmp rax,0                               |
000000013FF5107D | jne console.13FF5104F                   |

Regards,

Vortex

  • Member
  • *****
  • Posts: 1809
Re: FindFirstFile
« Reply #2 on: January 09, 2017, 04:29:52 AM »
Hi shankle,

Here is a Poasm 64-bit example :

Code: [Select]
.model flat,fastcall

include FindFileWin64.inc

.data

format1 db '%s',13,10,0

.data?

wfd     WIN32_FIND_DATA <?>
buffer  db 512 dup(?)

.code

start PROC uses rsi PARMAREA=4*QWORD

LOCAL hFind:QWORD

    invoke  ParseCmdLine,ADDR buffer
    cmp     rax,2
    jne     _finish

    mov     rsi,OFFSET wfd
    mov     rax,OFFSET buffer

    invoke  FindFirstFile,QWORD PTR [rax+8],rsi
    mov     hFind,rax
@@:
    invoke  printf,ADDR format1,ADDR WIN32_FIND_DATA.cFileName[rsi]
    invoke  FindNextFile,hFind,rsi
    test    eax,eax
    jnz     @b

    invoke  FindClose,hFind

_finish:

    invoke ExitProcess,0

start ENDP

END start

Running Test.bat in the attachment :

Code: [Select]
FindFileWin64.exe *.asm

FindFileWin64.asm
ParseCmdLine.asm

shankle

  • Member
  • ****
  • Posts: 784
Re: FindFirstFile
« Reply #3 on: January 09, 2017, 06:47:35 AM »
Thanks guys for responding.
I don't know JWASM or POASM.
Need an example in Masm32/64 or Goasm 64

ragdog

  • Member
  • ****
  • Posts: 572
Re: FindFirstFile
« Reply #4 on: January 13, 2017, 04:21:10 AM »
Quote
Need an example in Masm32/64 or Goasm 64

Both examples is similar to Masm32/64.

Code: [Select]
include C:\masm64\include64\masm64rt.inc
includelib C:\masm64\lib64\m64lib.lib
includelib C:\masm64\lib64\msvcrt.lib

printf PROTO :VARARG

.const
CR equ 13
LF equ 10

.data
szPath db "C:\masm32\include\",0
szMask db "*.*",0
szFrm db "%s",CR,LF,0

.data?
wfd WIN32_FIND_DATA <?>
hWfd HANDLE ?
szSearch  db MAX_PATH dup(?)
.code
entry_point proc

;#########################################################################
invoke lstrcpy,addr szSearch,addr szPath
invoke lstrcat,addr szSearch,addr szMask

invoke FindFirstFile,addr szSearch,addr wfd
.if (eax & eax)
mov hWfd,rax
.repeat
invoke printf,addr szFrm,addr wfd.cFileName
invoke FindNextFile,hWfd,addr wfd
.until (eax == FALSE)
.endif
;#########################################################################
invoke wait_key
    invoke ExitProcess, 0


Code: [Select]
@echo off

set appname=Console
C:\masm64\bin\ml64.exe /c %appname%.asm
C:\masm64\bin\link.exe /SUBSYSTEM:CONSOLE /MACHINE:X64 /ENTRY:entry_point /nologo /LARGEADDRESSAWARE %appname%.obj

pause

I do not know how is Goasm syntax but i think not really different.