Recently I was playing with invoking Shell.Application's method Open (takes one parameter of the type VARIANT):
include \masm32\include\masm32rt.inc
__UNICODE__ EQU
__DEBUG__ EQU
IDispatch_Invoke PROTO :DWORD,:DWORD,:DWORD,:DWORD
IDispatch_GetIDsOfNames PROTO :DWORD,:DWORD
SetParams PROTO :DWORD
VARIANT STRUCT
dw1 dd 0CCh
dw2 dd 0CCh
dw3 dd 0CCh
dw4 dd 0CCh
VARIANT ENDS
DISPPARAMS STRUCT
rgvarg dd ?
rgdispidNamedArgs dd ?
cArgs dd ?
cNamedArgs dd ?
DISPPARAMS ENDS
IFERROR MACRO arg
.if eax!=S_OK
printf("%s FAILED with hr 0x%08X\n",arg,eax)
print LastError$(),13,10,0
print "Exiting ...",13,10,0
jmp _exit
.endif
ENDM
IFDEBUG MACRO arg
IFDEF __DEBUG__
printf("%s : SUCCESS\n",arg)
ENDIF
ENDM
FEEDBACK MACRO arg
IFERROR arg
IFDEBUG arg
ENDM
.data
IID_IDispatch GUID <00020400h,0000h,0000h,<0C0h,0h,0h,0h,0h,0h,0h,46h>>
IID_NULL GUID <00000000h,0000h,0000h,<0h,0h,0h,0h,0h,0h,0h,0h>>
dpar DISPPARAMS<>
varg VARIANT <>
.data?
DISPID dd ?,?
pclsid dd ?
ppvShA dd ?
.code
start:
call main
inkey
exit
; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««
main proc
mov eax,uc$("Shell.Application")
invoke CLSIDFromProgID,eax,addr pclsid
FEEDBACK "CLSIDFromProgID"
invoke CoInitialize,NULL
invoke CoCreateInstance,addr pclsid,
NULL,
CLSCTX_INPROC_SERVER,
addr IID_IDispatch,
addr ppvShA
FEEDBACK "CoCreateInstance"
invoke IDispatch_Invoke,ppvShA,uc$("Open"),1,NULL ; CHANGE THE THIRD PARAMETER
_exit::
invoke CoUninitialize
ret
main endp
; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««
IDispatch_Invoke proc ppv:DWORD,member:DWORD,path:DWORD,result:DWORD
invoke IDispatch_GetIDsOfNames,ppv,member
invoke SetParams,path
; mov vres.dw1,0CCCC0000h ; initialize variant
push NULL
push NULL
push result
push offset dpar
push 1 ; DISPATCH_METHOD
push 409h
push offset IID_NULL
push DISPID
mov edx, ppv
mov ecx, [edx]
push edx
call dword ptr [ecx+24] ; offset of INVOKE
; pop edx
FEEDBACK "IDispatch_Invoke"
ret
IDispatch_Invoke endp
IDispatch_GetIDsOfNames proc ppv:DWORD, mname:DWORD
printf("GetIDsOfNames %s\n ",mname)
push mname
mov eax,esp
push offset DISPID
push 409h
push 1
push eax
push offset IID_NULL
mov edx, ppv
mov ecx, [edx]
push edx
call dword ptr [ecx+20] ; offset of GetIDsOfNames
pop edx
FEEDBACK "GetIDsOfNames"
ret
IDispatch_GetIDsOfNames endp
SetParams proc wstr:DWORD
mov eax,wstr
mov varg.dw1,2
mov varg.dw2,0
mov varg.dw3,eax
mov varg.dw4,0
mov dpar.rgvarg, offset varg
mov dpar.rgdispidNamedArgs,0
mov dpar.cArgs,1
mov dpar.cNamedArgs,0
ret
SetParams endp
end start
I've tested 61 variants on my W8.1 64 . Below is the list of PARAMETER - KNOWN FOLDER pairs:
0 - Desktop
1 - ERROR "The parameter is incorect" (Powershell opens Internet Explorer)
2 - %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
3 - Control Panel\All Control Panel Items
4 - All Control Panel Items\Printers
5 - Documents
6 - %USERPROFILE%\Favorites
7 - %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
8 - %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent
9 - %USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo
10 - Recycle Bin
11 - %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu
12 - nothing?
13 - Music
14 - Videos
15 - nothing?
16 - %USERPROFILE%\Desktop
17 - This PC (My Computer)
18 - Network
19 - %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts
20 - C:\Windows\Fonts
21 - %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates
22 - C:\ProgramData\Microsoft\Windows\Start Menu
23 - C:\ProgramData\Microsoft\Windows\Start Menu\Programs
24 - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
25 - C:\Users\Public\Desktop
26 - %USERPROFILE%\AppData\Roaming
27 - %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts
28 - %USERPROFILE%\AppData\Local
29 - %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
30 - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
31 - %USERPROFILE%\Favorites
32 - %USERPROFILE%\AppData\Local\Microsoft\Windows\INetCache
33 - %USERPROFILE%\AppData\Local\Microsoft\Windows\INetCookies
34 - %USERPROFILE%\AppData\Local\Microsoft\Windows\History
35 - C:\ProgramData
36 - C:\Windows
37 - C:\Windows\System32
38 - C:\Program Files (x86)
39 - Pictures
40 - %USERPROFILE%
41 - C:\Windows\SysWOW64
42 - C:\Program Files (x86)
43 - C:\Program Files (x86)\Common Files
44 - C:\Program Files (x86)\Common Files
45 - C:\ProgramData\Microsoft\Windows\Templates
46 - C:\Users\Public\Documents
47 - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
48 - %USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
49 - Control Panel\All Control Panel Items\Network Connections
50 - nothing?
51 - nothing?
52 - nothing?
53 - C:\Users\Public\Music
54 - C:\Users\Public\Pictures
55 - C:\Users\Public\Videos
56 - C:\Windows\Resources
57 - nothing?
58 - C:\ProgramData\OEM Links
59 - %USERPROFILE%\AppData\Local\Microsoft\Windows\Burn\Burn
60 - nothing?
61 - Network
and their official titles as reported by powershell:
0 - Desktop
1 - The Internet
2 - Programs
3 - All Control Panel Items
4 - Printers
5 - Documents
6 - Favorites
7 - Startup
8 - Recent Items
9 - SendTo
10 - Recycle Bin
11 - Start Menu
13 - Music
14 - Videos
16 - Desktop
17 - This PC
18 - Network
19 - Network Shortcuts
20 - Fonts
21 - Templates
22 - Start Menu
23 - Programs
24 - Startup
25 - Public Desktop
26 - Roaming
27 - Printer Shortcuts
28 - Local
29 - Startup
30 - Startup
31 - Favorites
32 - INetCache
33 - INetCookies
34 - History
35 - ProgramData
36 - Windows
37 - System32
38 - Program Files
39 - Pictures
40 - %USERPROFILE%
41 - SysWOW64
42 - Program Files (x86)
43 - Common Files
44 - Common Files
45 - Templates
46 - Public Documents
47 - Administrative Tools
48 - Administrative Tools
49 - Network Connections
53 - Public Music
54 - Public Pictures
55 - Public Videos
56 - Resources
58 - OEM Links
59 - Temporary Burn Folder
61 - Network
values 62-255 are currently free ( maybe Windows 16 will use them )
[EDIT]: see ShellSpecialFolderConstants enumeration (http://msdn.microsoft.com/en-us/library/windows/desktop/bb774096(v=vs.85).aspx)
(http://msdn.microsoft.com/en-us/library/windows/desktop/dd378457(v=vs.85).aspx)
to be continued ...
reading Dante and writing COM code in ASM may lead to suicide, buddy :shock:
Introduction to COM (http://www.codeproject.com/Articles/633/Introduction-to-COM-What-It-Is-and-How-to-Use-It)
The Complete Idiot's Guide to Writing Shell Extensions - Index (http://www.codeproject.com/Articles/830/The-Complete-Idiots-Guide-to-Writing-Shell-Extensi)