Author Topic: Length limit to MB_OK | MB_ICONEXCLAMATION  (Read 12533 times)

jj2007

  • Member
  • *****
  • Posts: 9633
  • Assembler is fun ;-)
    • MasmBasic
Re: Length limit to MB_OK | MB_ICONEXCLAMATION
« Reply #15 on: April 16, 2013, 09:00:17 PM »
loving father

You could adopt Andy. That is, if you like the idea of becoming a multiple grandfather :icon_mrgreen:

Magnum

  • Member
  • *****
  • Posts: 2304
Re: Length limit to MB_OK | MB_ICONEXCLAMATION
« Reply #16 on: April 16, 2013, 10:30:39 PM »
You are certainly entitled to your opinion.

As a scientist, it is my opinion that you are making predictions based on little or faulty data.

But there are no hard feelings on my part for stating what's is on your mind.

Andy
Take care,
                   Andy

Ubuntu-mate-18.04-desktop-amd64

http://www.goodnewsnetwork.org

Magnum

  • Member
  • *****
  • Posts: 2304
Re: Length limit to MB_OK | MB_ICONEXCLAMATION
« Reply #17 on: April 19, 2013, 10:30:09 AM »
This compiles o.k. and creates the TLS section but the program doesn't work.

Application failed to initialize properly.

Andy

Code: [Select]
include \masm32\include\windows.inc
include \masm32\include\user32.inc
include \masm32\include\kernel32.inc
include \masm32\include\comdlg32.inc

includelib \masm32\lib\user32.lib
includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\comdlg32.lib
 
IMAGE_TLS_DIRECTORY32 STRUCT
    StartAddressOfRawData dd    ?
    EndAddressOfRawData dd      ?
    AddressOfIndex dd           ?
    AddressOfCallBacks dd       ?
    SizeOfZeroFill dd           ?
    Characteristics dd          ?
IMAGE_TLS_DIRECTORY32 ENDS

.CONST

public _tls_used ;tell the linker that a TLS directory is wanted


.data

DbgNotFoundTitle db "Debugger status:",0h
DbgFoundTitle    db "Debugger status:",0h
DbgNotFoundText  db "Debugger not found!",0h
DbgFoundText     db "Debugger found!",0h
_tls_used        IMAGE_TLS_DIRECTORY32 <>


; TLS Structure
 
    dd offset StartAddress
    dd offset EndAddress
    dd offset AddressOfIndex
    dd offset TlsCallBack
 
    TlsCallBack     dd  offset TLS ; Address of our callback
                    dd     0 ; Spacer
                    dd     0       ; Spacer
    StartAddress    dd     0
    EndAddress   dd     0
    AddressOfIndex  dd     0
    TlsCallBack2    dd     offset TLS
    SizeOfZeroFill  dd     0
    Characteristics dd     0

.data?

TLSCalled db ? ; Flag for if TLS has been called

.code

start:

invoke ExitProcess,0 ; Main routine does nothing
ret

; TLSCallback                                                 


TLS:

CMP BYTE PTR[TLSCalled],1 ; If callback has already been run
JE @exit ; ignore it
MOV BYTE PTR[TLSCalled],1 ; Set flag for next time
CALL IsDebuggerPresent

CMP EAX,1 ; Are we being debugged?
JE @DebuggerDetected ; yes

PUSH 40h ; Show goodboy
PUSH offset DbgNotFoundTitle
PUSH offset DbgNotFoundText
PUSH 0
CALL MessageBox
JMP @exit

@DebuggerDetected:

PUSH 30h ; Show badboy
PUSH offset DbgFoundTitle
PUSH offset DbgFoundText
PUSH 0
CALL MessageBox

@exit:
RET

end start
Take care,
                   Andy

Ubuntu-mate-18.04-desktop-amd64

http://www.goodnewsnetwork.org

dedndave

  • Member
  • *****
  • Posts: 8823
  • Still using Abacus 2.0
    • DednDave
Re: Length limit to MB_OK | MB_ICONEXCLAMATION
« Reply #18 on: April 19, 2013, 10:44:12 AM »
Code: [Select]
IMAGE_TLS_DIRECTORY32 STRUCT
    StartAddressOfRawData dd    ?
    EndAddressOfRawData dd      ?
    AddressOfIndex dd           ?
    AddressOfCallBacks dd       ?
    SizeOfZeroFill dd           ?
    Characteristics dd          ?
IMAGE_TLS_DIRECTORY32 ENDS

the structure is already defined in windows.inc

Code: [Select]
.CONST

public _tls_used ;tell the linker that a TLS directory is wanted

it isn't necessary to open a segment to declare a symbol as public

Code: [Select]
.data

_tls_used        IMAGE_TLS_DIRECTORY32 <>

here, you have declared a _tls_used structure
the elements may be accessed in code using a period, for example
Code: [Select]
        mov     eax,_tls_used.StartAddressOfRawData
furthermore, the element values may be initialized when defined
Code: [Select]
_tls_used        IMAGE_TLS_DIRECTORY32 <StartAddress,EndAddress,AddressOfIndex,TLS,0,0>
Code: [Select]
; TLS Structure
 
    dd offset StartAddress
    dd offset EndAddress
    dd offset AddressOfIndex
    dd offset TlsCallBack
 
    TlsCallBack     dd  offset TLS ; Address of our callback
                    dd     0 ; Spacer
                    dd     0       ; Spacer
    StartAddress    dd     0
    EndAddress   dd     0
    AddressOfIndex  dd     0
    TlsCallBack2    dd     offset TLS
    SizeOfZeroFill  dd     0
    Characteristics dd     0

here, you are attempting to declare another structure in another way   :eusa_naughty:

Magnum

  • Member
  • *****
  • Posts: 2304
Re: Length limit to MB_OK | MB_ICONEXCLAMATION
« Reply #19 on: April 19, 2013, 11:31:02 AM »
What you said makes sense, but I don't understand much of what the code is doing or supposed to be doing.

Andy
Take care,
                   Andy

Ubuntu-mate-18.04-desktop-amd64

http://www.goodnewsnetwork.org

ToutEnMasm

  • Member
  • *****
  • Posts: 1189
    • EditMasm
Re: Length limit to MB_OK | MB_ICONEXCLAMATION
« Reply #20 on: April 19, 2013, 05:11:41 PM »

Here is a sample of use with some modifies.
The Cstr macro in html page need to be modify.
Many data was in the .const segment

The TLS segment made the .exe work as a dll,see the sample.
Fa is a musical note to play with CL

six_L

  • Member
  • **
  • Posts: 151
Re: Length limit to MB_OK | MB_ICONEXCLAMATION
« Reply #21 on: April 19, 2013, 06:39:13 PM »
Code: [Select]
.486
.model flat, stdcall
option casemap:none

include \masm32\include\windows.inc
include \masm32\include\kernel32.inc
include \masm32\include\user32.inc

includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\user32.lib

TlsCallBack1 PROTO :DWORD,:DWORD,:DWORD
TlsCallBack2 PROTO :DWORD,:DWORD,:DWORD

.DATA   

DbgNotFoundTitle db "Debugger status:",0h
DbgFoundTitle    db "Debugger status:",0h
DbgNotFoundText  db "Debugger not found!",0h
DbgFoundText     db "Debugger found!",0h

msgCaption1 db "TLS Callback  *1*",0
msgCaption2     db "TLS Callback  *2*",0

; TLS Callbacks are called like DLL entry proc
;DLL_PROCESS_DETACH    equ 0
;DLL_PROCESS_ATTACH    equ 1
;DLL_THREAD_ATTACH     equ 2
;DLL_THREAD_DETACH     equ 3

msgText dd offset szDLL_PROCESS_DETACH
dd offset szDLL_PROCESS_ATTACH
dd offset szDLL_THREAD_ATTACH
dd offset szDLL_THREAD_DETACH
       
szDLL_PROCESS_DETACH db "TLS Callback running with Reason",0Dh,0Ah,0Dh,0Ah,"    DLL_PROCESS_DETACH",0
szDLL_PROCESS_ATTACH db "TLS Callback running with Reason",0Dh,0Ah,0Dh,0Ah,"    DLL_PROCESS_ATTACH",0
szDLL_THREAD_ATTACH db "TLS Callback running with Reason",0Dh,0Ah,0Dh,0Ah,"    DLL_THREAD_ATTACH",0
szDLL_THREAD_DETACH db "TLS Callback running with Reason",0Dh,0Ah,0Dh,0Ah,"    DLL_THREAD_DETACH",0

align 4

; Null terminated list of pointers to callback procedures
Callbacks DWORD TlsCallBack1, TlsCallBack2, 0

PUBLIC _tls_used              ; this name is required and must be PUBLIC!!!!
_tls_used IMAGE_TLS_DIRECTORY < _tls_start, _tls_end, _tls_index, Callbacks, 0, 0 >

.DATA?
_tls_index DWORD  ?
TLSCalled db ? ; Flag for if TLS has been called
; Create a section with name .tls

OPTION DOTNAME
.tls   SEGMENT
_tls_start LABEL  DWORD
DWORD     80H    DUP ("slt.")
_tls_end   LABEL  DWORD
.tls   ENDS
OPTION NODOTNAME

.CODE
TlsCallBack1 proc uses ebx hInst:HINSTANCE, reason:DWORD, lpReserved:DWORD

        mov ebx, reason
        shl ebx, 2
        invoke MessageBox, NULL, msgText[ebx], ADDR msgCaption1,MB_OK+MB_TASKMODAL+MB_TOPMOST
     
mov eax, TRUE
ret
TlsCallBack1 endp
TlsCallBack2 proc uses ebx hInst:HINSTANCE, reason:DWORD, lpReserved:DWORD

        mov ebx, reason
        shl ebx, 2
        invoke MessageBox, NULL, msgText[ebx], ADDR msgCaption2,MB_OK+MB_TASKMODAL+MB_TOPMOST
 ; TLSCallback                                                 
TLS:

CMP BYTE PTR[TLSCalled],1 ; If callback has already been run
JE @exit ; ignore it
MOV BYTE PTR[TLSCalled],1 ; Set flag for next time
CALL IsDebuggerPresent

CMP EAX,1 ; Are we being debugged?
JE @DebuggerDetected ; yes

PUSH 40h ; Show goodboy
PUSH offset DbgNotFoundTitle
PUSH offset DbgNotFoundText
PUSH 0
CALL MessageBox
JMP @exit

@DebuggerDetected:

PUSH 30h ; Show badboy
PUSH offset DbgFoundTitle
PUSH offset DbgFoundText
PUSH 0
CALL MessageBox
@exit:
   
mov eax, TRUE
ret
TlsCallBack2 endp
start:
invoke GetModuleHandle, NULL

invoke ExitProcess, 0

end start

Magnum

  • Member
  • *****
  • Posts: 2304
Re: Length limit to MB_OK | MB_ICONEXCLAMATION
« Reply #22 on: April 19, 2013, 11:04:09 PM »
Thanks to both you gentleman.

I am studying your code.

Andy
Take care,
                   Andy

Ubuntu-mate-18.04-desktop-amd64

http://www.goodnewsnetwork.org

ToutEnMasm

  • Member
  • *****
  • Posts: 1189
    • EditMasm
Re: Length limit to MB_OK | MB_ICONEXCLAMATION
« Reply #23 on: April 20, 2013, 12:58:45 AM »

This one is a translate from msdn and don't need a segment.
Fa is a musical note to play with CL