Stop at dialog box

[Magnum]

I can not figure out how to get ollydbg to stop at the point when a dialog box appears.
Here is the beginning code.

When it loads, it starts with push 70, but when I hit F9, the cursor stays there when the dialog box opens.

Code Select Expand



CPU Disasm
Address   Hex dump          Command                                  Comments
01002564  /$  6A 70         PUSH 70
01002566  |.  68 68140001   PUSH 01001468
0100256B  |.  E8 00020000   CALL 01002770
01002570  |.  33DB          XOR EBX,EBX
01002572  |.  895D FC       MOV DWORD PTR SS:[EBP-4],EBX


[jj2007]

F9 = go until you hit ExitProcess or an exception (e.g. int 3)
F8 = step forward but don't go inside procs (this is probably what you want)
F7 = step forward and go inside procs

[Magnum]

I used F8, but it starts looping thru 4 instructions.

I want the program to run with having to click on Next.

I tried echo y and enter to it, but no go.

Andy

[dedndave]

you want to insert an INT 3 instruction in the source code, at the place you want to break
perhaps WM_INITDIALOG would be what you want

then, just run the program normally
if Olly is the default JIT handler, it will pop up when the INT 3 is encountered

[Magnum]

I found this. I need enter,tab,enter,tab, and enter but sometimes if it doesn't find any missing links, only one enter would be required. Not sure how that would be implemented.

Code Select Expand



         ; and now simulate keyboard entries
         invoke keybd_event, VK_RETURN, NULL, NULL, NULL ; Send ENTER key
         invoke Warte_Zeit, 1  ; wait 1 second
         invoke keybd_event, VK_F4, NULL, NULL, NULL ; Send F4 key 'down'
         invoke Warte_Zeit, 1
         invoke keybd_event, VK_F4, NULL, KEYEVENTF_KEYUP, NULL ; Send F4 key 'up'
         invoke Warte_Zeit, 1
         invoke keybd_event, VK_F4, NULL, KEYEVENTF_KEYUP, NULL ; Send Alt key 'up'
         invoke Warte_Zeit, 1
         invoke SetForegroundWindow, hwndTemp  ; activate own window again




[Magnum]

Gerhard didn't post a complete program.

This is what I have so far.

I will start a program and then send keystrokes to it so it goes unattended.

I need some help in where the code after WindowName goes.

I just noticed that some data is missing too.

Code Select Expand


;  .asm  Gerhard Putschalka
;
;
;  SiegeWorks 2013 - Present A.P.K.
include \masm32\include\masm32rt.inc   

.data

SuNam  db  "chklnks",0

.data?

.code

start:

; Start chklnks first

; get the full name and the handle

WindowName Proc  ; FNameAdr:DWord,FHandle:DWord
         Local A, X, Y, Z:DWord
         mov    FHandle,0
         mov    Z,0        ; GW_HWNDFIRST
         Op2ToOp1 X,hwnd
         .while X>0
           invoke GetWindow, X, Z
           mov  X,eax
           mov  Z,2 ; GW_HWNDNEXT
           .if  X>0
             invoke GetWindowLongA, X, -6 ; GWL_HINSTANCE
             mov Y,eax
             .if Y>0
               ; get (consecutive) the names of active applications
               invoke GetWindowText,X,addr FName, 100
               ; lookup in proc "InstrStr" for the String (in SuNam) if found in FName
               invoke InstrStr, addr SuNam,addr FName,1
               ; if the name starts in position 1 in addr FName: name has been found, termin. loop
               .if eax==1
                 mov eax,X
                 mov FHandle,eax
                 mov  X,0  ; beende Schleife
               .endif
             .endif
           .endif
         .endw

         ; full name of application is in addr FName, handle to the application is in FHandle
         .if   eax==0
           mov FName,0 ; clear if not found  Application has not been started yet
         .endif
         ret
WindowName Endp

; and hier the part for sending Alt+F4
         invoke GetForegroundWindow  ; save handle of own window
         mov    hwndTemp,eax

         invoke SetForegroundWindow, FHandle ; activate VirtualDub-window
         ; and now simulate keyboard entries
         
         invoke keybd_event, VK_RETURN, NULL, NULL, NULL ; Send ENTER key
         invoke Sleep, 7000 ; give enuf time to find bad links
         
         invoke keybd_event, VK_TAB, NULL, NULL, NULL ; Send tab key
         invoke Sleep, 1500
         
         invoke keybd_event, VK_TAB NULL, KEYEVENTF_KEYUP, NULL ; Send F4 key 'up'
         invoke Sleep, 1500
         
         invoke keybd_event, VK_RETURN, NULL, NULL, NULL ; Send ENTER key
         invoke Sleep, 1500

         invoke keybd_event, VK_RETURN, NULL, NULL, NULL ; Send ENTER key
         invoke Sleep, 1500
 
         
         invoke SetForegroundWindow, hwndTemp  ; activate own window again

end     start



[Magnum]

Do I have to send this to explorer to have the tab move ?

Code Select Expand


start:

invoke keybd_event, VK_TAB, NULL, NULL, NULL ; Send tab key -- key down
invoke Sleep, 1500

invoke keybd_event, VK_TAB, NULL, KEYEVENTF_KEYUP, NULL ; key up
invoke Sleep, 1500


invoke ExitProcess,0

end     start



[japheth]

Do I have to send this to explorer to have the tab move ?

What explorer? Windows or Internet? And what tab? Are you talking about "the focus" or tabs in IE?

"There are no stupid questions, but there are lots of stupid answers." 

It probably depends. IMO there are questions that reveal that the questioner is a plain fool.

[Magnum]

there is explorer.exe and iexplore.exe.

Two separate programs.

I am talking about the focus.

[japheth]

Using keybd_event to send a TAB key ... should work.

A simple PostMessage or PostThreadMessage with WM_KEYDOWN might also work.