News:

Masm32 SDK description, downloads and other helpful links
Message to All Guests
NB: Posting URL's See here: Posted URL Change

Main Menu

Used to work

Started by Magnum, April 03, 2013, 10:37:30 AM

Previous topic - Next topic

Magnum

This used to work.

C:\masm32\SOURCE\kill1.asm(28) : error A2006: undefined symbol : Process32First
C:\masm32\SOURCE\kill1.asm(41) : error A2006: undefined symbol : Process32Next


.data
AppName         db "Terminate",0
Item                 db "notebook.exe",0

errSnapshot     db "CreateToolhelp32Snapshot failed.",0
errProcFirst    db "Process32First failed.",0

.data?
hSnapshot   HANDLE ?
ProcEnt     PROCESSENTRY32 <?>

.code
start:
   invoke CreateToolhelp32Snapshot, TH32CS_SNAPPROCESS,0
   .IF (eax != INVALID_HANDLE_VALUE)
       mov hSnapshot,eax
       mov [ProcEnt.dwSize],SIZEOF ProcEnt
       invoke Process32First, hSnapshot,ADDR ProcEnt
       .IF (eax)
         @@:
           invoke lstrcmpi, ADDR Item ,ADDR [ProcEnt.szExeFile]
           .IF (eax == 0)
               invoke OpenProcess, PROCESS_TERMINATE,FALSE,[ProcEnt.th32ProcessID]
               .IF (eax)
                   invoke TerminateProcess, eax,0
               .ELSE
                  ;failed for some reason
               .ENDIF
           .ENDIF

           invoke Process32Next, hSnapshot,ADDR ProcEnt
           test eax,eax
           jnz @B

       .ELSE
           invoke MessageBox, NULL,ADDR errProcFirst,ADDR AppName,MB_OK or MB_ICONERROR
       .ENDIF
       invoke CloseHandle, hSnapshot
   .ELSE
       invoke MessageBox, NULL,ADDR errSnapshot,ADDR AppName,MB_OK or MB_ICONERROR
   .ENDIF
   invoke ExitProcess, NULL

Take care,
                   Andy

Ubuntu-mate-18.04-desktop-amd64

http://www.goodnewsnetwork.org

dedndave

#1
there are a couple threads on that issue, Andy
you have to make a few slight mods to kernel32.inc and kernl32p.inc
and - rebuild the associated lib's

i seem to recall that Jochen attached the updated lib's - he may have put the inc's in there, as well

just use the forum search tool on the new and old forum for "process32first"
probably in the masm32 sub-forum

GoneFishing

#2
I can't see your include files. Are those functions called from kernel32 or toolhelp library?
Here's the one of my earliest exercises . Maybe it will be helpful despite of its awful style  :biggrin:
This proggie also can be an example of producing huge output exceeding debug window's (rich?) edit control capabilities (32Kb).
.586
.model flat,stdcall
option casemap:none

include \masm32\include\windows.inc
include \masm32\include\masm32.inc
include \masm32\include\kernel32.inc
include \masm32\include\gdi32.inc
include \masm32\include\user32.inc
include \masm32\include\debug.inc

includelib \masm32\lib\masm32.lib
includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\gdi32.lib
includelib \masm32\lib\user32.lib
includelib \masm32\lib\debug.lib

Process32First PROTO :DWORD,:DWORD
Process32Next  PROTO :DWORD,:DWORD
GetProcessList PROTO
ListProcessModules PROTO :DWORD
ListProcessThreads PROTO :DWORD
INVALID_HANDLE_VALUE=-1
DBGWIN_EXT_INFO = 0

.data

    pe32 PROCESSENTRY32<sizeof PROCESSENTRY32>
    me32 MODULEENTRY32<sizeof MODULEENTRY32>
    te32 THREADENTRY32<sizeof THREADENTRY32>
   
    krnl32 db "c:\\windows\\system32\\kernel32.dll",0
    prFst  db "Process32First",0
    prNxt  db "Process32Next",0
    mdFst  db "Module32First",0
    mdNxt  db "Module32Next",0
    thFst  db "Thread32First",0
    thNxt  db "Thread32Next",0
    fmt db "%s",13,10,0
    fmtInt db "%d",13,10,0
    fmtHex db "0x%08X",13,10,0
    fmtHex4 db "0x%04X",13,10,0

.data?
    PID   db ?
    ProcessName db ?
    hKrnl32     dd ?
   
    ModuleName  db ?
    Executable  db ?
    ProcessID   db ?
    RefCount_g  db ?
    RefCount_p  db ?
    BaseAddress db ?
    BaseSize    db ?
    ThreadID    db ?
    BasePriority db ?
    DeltaPriority db ? 

.code

start:
   
     call main
     invoke ExitProcess, NULL

; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««


main proc

invoke GetProcessList
ret
   
main endp

; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««

GetProcessList proc

LOCAL hProcessSnap:DWORD
LOCAL hProcess:DWORD
LOCAL dwPriorityClass:DWORD

invoke CreateToolhelp32Snapshot,TH32CS_SNAPPROCESS, 0
mov hProcessSnap,eax
.if eax==INVALID_HANDLE_VALUE
PrintText "CreateToolhelp32Snapshot (of processes)failed"
ret
.endif
push offset krnl32
call LoadLibraryA
mov  hKrnl32 ,eax
push offset prFst
push eax
call GetProcAddress
push offset pe32
push hProcessSnap
call eax
.if eax==FALSE
PrintText "Process32First invokation failed,closing handle "
invoke  CloseHandle,hProcessSnap     
ret
.endif
invoke FreeLibrary,hKrnl32
lbl0:
push offset pe32.szExeFile
push offset fmt
push offset ProcessName
call wsprintfA

PrintText "============================================================="
PrintText "                                                             "

PrintString ProcessName
add esp,12
mov eax, pe32.th32ProcessID
push eax
push offset fmtHex4
push offset PID
call wsprintfA

PrintString PID

PrintText "============================================================="
PrintText "                                                             "

PrintText "                List of loaded modules                       "
PrintLine
add esp,12
invoke ListProcessModules,pe32.th32ProcessID
invoke ListProcessThreads,pe32.th32ProcessID
push offset krnl32
call LoadLibraryA
push offset prNxt
push eax
call GetProcAddress
push offset pe32
push hProcessSnap
call eax
.if eax==TRUE
invoke FreeLibrary,hKrnl32
jmp lbl0
.else
PrintError
.endif


invoke  CloseHandle,hProcessSnap
ret
GetProcessList endp

; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««

ListProcessModules proc dwPID:DWORD
LOCAL hModuleSnap :DWORD

invoke CreateToolhelp32Snapshot,TH32CS_SNAPMODULE, dwPID
mov hModuleSnap,eax
.if eax==INVALID_HANDLE_VALUE
PrintText "CreateToolhelp32Snapshot (of modules)failed"
PrintError
ret
.endif

push offset krnl32
call LoadLibraryA
mov  hKrnl32 ,eax
push offset mdFst
push eax
call GetProcAddress
push offset me32
push hModuleSnap
call eax
.if eax==FALSE
PrintText "Module32First invokation failed,closing handle "
PrintError
invoke  CloseHandle,hModuleSnap     
ret
.endif
invoke FreeLibrary,hKrnl32

lbl1:
push offset me32.szModule
push offset fmt
push offset ModuleName
call wsprintfA
PrintString ModuleName
add esp,12

push offset  me32.szExePath
push offset fmt
push offset Executable
call wsprintfA
PrintString Executable
add esp,12

mov eax,  me32.th32ProcessID
push eax
push offset fmtHex
push offset ProcessID
call wsprintfA
PrintString ProcessID
add esp,12

mov eax,  me32.GlblcntUsage
push eax
push offset fmtHex4
push offset  RefCount_g
call wsprintfA
PrintString  RefCount_g
add esp,12

mov eax,  me32.ProccntUsage
push eax
push offset fmtHex4
push offset  RefCount_p
call wsprintfA
PrintString  RefCount_p
add esp,12

mov eax, me32.modBaseAddr
push eax
push offset fmtHex
push offset   BaseAddress
call wsprintfA
PrintString   BaseAddress
add esp,12

mov eax,  me32.modBaseSize
push eax
push offset fmtInt
push offset   BaseSize
call wsprintfA
PrintString   BaseSize
PrintLine
add esp,12

push offset krnl32
call LoadLibraryA
push offset mdNxt
push eax
call GetProcAddress
push offset me32
push hModuleSnap
call eax
.if eax==TRUE
invoke FreeLibrary,hKrnl32
jmp lbl1
.else
PrintError
PrintText "                                                              "
PrintText "                                                              "

.endif

invoke FreeLibrary,hKrnl32
invoke CloseHandle, hModuleSnap
ret

ListProcessModules endp

; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««

ListProcessThreads proc  dwOwnerPID:DWORD
  LOCAL hThreadSnap :DWORD
 
mov hThreadSnap,INVALID_HANDLE_VALUE
invoke CreateToolhelp32Snapshot, TH32CS_SNAPTHREAD, 0
mov hThreadSnap,eax
.if hThreadSnap==INVALID_HANDLE_VALUE
PrintText "CreateToolhelp32Snapshot (of threads) failed"
PrintError
ret
.endif
push offset krnl32
call LoadLibraryA
mov  hKrnl32 ,eax
push offset thFst
push eax
call GetProcAddress
push offset te32
push hThreadSnap
call eax
.if eax==FALSE
PrintText "Thread32First invokation failed,closing handle "
PrintError
invoke  CloseHandle,hThreadSnap
ret
.endif
invoke FreeLibrary,hKrnl32
PrintText "                                                             "

PrintText "                List of threads                      "
PrintLine
lbl2:
mov eax,te32.th32OwnerProcessID
.if eax==dwOwnerPID

mov eax, te32.th32ThreadID
push eax
push offset fmtHex
push offset  ThreadID
call wsprintfA
PrintString ThreadID
add esp,12

mov eax, te32.tpBasePri
push eax
push offset fmtInt
push offset   BasePriority
call wsprintfA
PrintString  BasePriority
add esp,12

mov eax, te32.tpDeltaPri
push eax
push offset fmtInt
push offset  DeltaPriority
call wsprintfA
PrintString  DeltaPriority
PrintLine
add esp,12
.endif
push offset krnl32
call LoadLibraryA
push offset thNxt
push eax
call GetProcAddress
push offset te32
push hThreadSnap
call eax
.if eax==TRUE
invoke FreeLibrary,hKrnl32
jmp lbl2
.else
PrintError
PrintText "                                                              "
PrintText "                                                              "
PrintText "                                                              "

.endif

invoke FreeLibrary,hKrnl32


invoke CloseHandle,hThreadSnap
ret
ListProcessThreads endp

end start
end


dedndave

well - it used to work - with masm32 package version 10
when Hutch updated to masm32 version 11, he added UNICODE support - a big step

Process32First, Process32Next, Module32First, and Module32Next are a little bit odd
all 4 functions are exported by both kernel32.dll and kernl32p.dll

for most functions that provide ANSI and UNICODE support, there is an "A" version and a "W" version
for example, MessageBoxA and MessageBoxW
when the names are aliased, MessageBoxA is aliased to MessageBox if __UNICODE__ is not defined
MessageBoxW is aliased to MessageBox if __UNICODE__ is defined

Process32First et al are not defined that way - they have no "A" version
so - it makes for a little problem when you want to alias Process32FirstW as Process32First

Hutch uses a program named "inc2l.exe" to build libraries
it worked fine when there was no UNICODE support
but now, it chokes on the naming issue - so the functions are not imported

you can make some simple changes in the kernel32.inc and kernl32p.inc files
then, use Erol's inc2def and def2lib tools to build new libraries (he has a new version of def2lib, by the way)

Magnum

I will need some details so I can build new libraries.

Will those new libraries work with Unicode or will I need to rename them for this code ?

Andy
Take care,
                   Andy

Ubuntu-mate-18.04-desktop-amd64

http://www.goodnewsnetwork.org

dedndave

they will work with ansi or unicode
you can look up those threads for details, and Erol's tools are easy to use   :P

Magnum

I'll get masm10 and use what I need.
Take care,
                   Andy

Ubuntu-mate-18.04-desktop-amd64

http://www.goodnewsnetwork.org

dedndave

 :redface:
you're missing out on a good experience

Magnum

Trying to show message if TerminateProcess fails.
Not working.



invoke CreateToolhelp32Snapshot, TH32CS_SNAPPROCESS,0
   .IF (eax != INVALID_HANDLE_VALUE)
       mov hSnapshot,eax
       mov [ProcEnt.dwSize],SIZEOF ProcEnt
       invoke Process32First, hSnapshot,ADDR ProcEnt
       .IF (eax)
         @@:
           invoke lstrcmpi, ADDR Item ,ADDR [ProcEnt.szExeFile]
           .IF (eax == 0)
               invoke OpenProcess, PROCESS_TERMINATE,FALSE,[ProcEnt.th32ProcessID]
               .IF (eax)
                   invoke TerminateProcess, eax,0
                   invoke Sleep,2000 ; Delay to give time to terminate process
               .ELSEIF eax == ERROR_NO_MORE_FILES
                 
                invoke MessageBox, NULL,ADDR err,ADDR Box,MB_OK or MB_ICONERROR

Take care,
                   Andy

Ubuntu-mate-18.04-desktop-amd64

http://www.goodnewsnetwork.org

rsala

Hi Magnum,

Download the bug-fixed kernel32.inc, kernlp.inc, kernel32.lib and kernlp.lib files in the following link:

http://masm32.com/board/index.php?topic=506.0

Then, replace those files in your "masm32" folder.
EC coder

Magnum

Thanks rsala for your work on those fixes.

I can compile my code without having to use older versions.

Andy
Take care,
                   Andy

Ubuntu-mate-18.04-desktop-amd64

http://www.goodnewsnetwork.org

GoneFishing

QuoteTrying to show message if TerminateProcess fails.
You're calling an error MessageBox in  .ELSEIF branch. That's why it doesn't appear as expected.
Try this:
... ... ...
       invoke OpenProcess, PROCESS_TERMINATE,FALSE,[ProcEnt.th32ProcessID]
               .IF (eax)
                   invoke TerminateProcess, eax,0
                   invoke Sleep,2000 ; Delay to give time to terminate process
                     .IF eax==0
                          invoke MessageBox, NULL,ADDR err,ADDR Box,MB_OK or MB_ICONERROR
                     .ENDIF
               .ELSEIF eax == ERROR_NO_MORE_FILES
                 
               

jj2007

Just a thought ;-)

invoke TerminateProcess, eax,0
push eax
invoke Sleep,2000 ; Delay to give time to terminate process
pop eax
   .IF eax==0

GoneFishing

QuoteJust a thought ;-)
Does Sleep function modify eax?
Anyway it's much better, I'm agree with you ;)

Magnum

Quote from: jj2007 on April 05, 2013, 11:28:40 PM
Just a thought ;-)

invoke TerminateProcess, eax,0
push eax
invoke Sleep,2000 ; Delay to give time to terminate process
pop eax
   .IF eax==0


It doesn't give error message if process isn't running.


push eax
                        invoke Sleep,2000 ; Delay to give time to terminate process
                        pop eax
                           .IF eax==0
                         invoke MessageBox, NULL,ADDR err,ADDR Box,MB_OK or MB_ICONERROR
                           .endif   
Take care,
                   Andy

Ubuntu-mate-18.04-desktop-amd64

http://www.goodnewsnetwork.org