Win32ASM Programming 2nd Edition (From China) - ver UASM x64

Started by LiaoMi, August 27, 2017, 10:15:23 AM

Previous topic - Next topic

LiaoMi

Hello,

64 bit examples for the UASM from Chinese colleagues, it will be interesting to learn from these examples  :t Password - 1
https://www.file-upload.net/**********windows64-1.7z.html

Have a good weekend all!!!

habran

They are not examples, that is some suspicious exe and some suspicious installer ::)
I am not gonna install that and not gonna run that exe either :icon13:
I don't see any source examples there, maybe  I should take of my shades 8)
Cod-Father

jj2007

They even have made an extra effort to hide the URL that you normally see in the lower left corner when you hover over the links!

LiaoMi, can you tell us more about this?

Habran, what does Jotti say about the exe and the installer?

habran

I don't have Jotti, I use Malwarebytes. Did not react, however, I am not interested in games and installers and don't want to install some crap on my laptop.
Cod-Father

aw27

I run it on a virtual machine I have for testing dubious software. It does not ask for folder to install, I could not find anything installed or new in the Program Files folders, ProgramData, Windows and System32 folders, Documents. It does not ask for password either.

habran

Cod-Father

aw27


habran

Cod-Father

LiaoMi

Hello people!

Sorry for the inconvenience! I use this file sharing service, because one of the users from the forum also used it. I can download as usual, the appearance of ads and malicious files, depends on the browser and IP address.

In the 7z archive there are source codes, I dont know where I can reload the archive, so that you do not cause a new wave of installers ?!

http://sendfile.su/1357767 On this file sharing service I dont have advertising, no file downloader, here is an alternative link https://mega.co.nz/#!I15wnLRD!AAAAAAAAAAAS85NJHNJVdQAAAAAAAAAAEvOTSRzSVXU

I use a Chrome browser with the adguard, and I also have Malwarebytes. I'll erase the link above so that no one can pick up these spyware ... This link will be in this message, but with a warning that it is infected

https://www.file-upload.net/download-12679197/windows64-1.7z.html   :icon_exclaim: :icon_exclaim: :icon_exclaim: :icon_exclaim: :icon_exclaim: :icon_exclaim: infected

LiaoMi

Here is my download page for downloading from an infected service



GoneFishing

I've downloaded and extracted the archive. Nothing suspicious so far ( didn't scan exe's though ).
Archive extracts everything to luoyunbin folder
The contents of the folder:
Quote
Appendix A  Chapter03  Chapter07  Chapter11  Chapter15  Readme.txt
Appendix B  Chapter04  Chapter08  Chapter12  Chapter16  Var.bat
Appendix C  Chapter05  Chapter09  Chapter13  Chapter17  读者调查表.doc
Chapter02   Chapter06  Chapter10  Chapter14  Chapter18  附录A-C.pdf
Where Appendix* and  Chapter** are subfolders containing other subfolders  with asm sources , makefiles, object files and exe's.
Looks like lots of work. The only ( and HUGE ! ) disadvantage of the package is that all the docs and comments are written in Chinese. Translate it to English and re-upload it.

@jj &  @habran
The download page as shown by JJ has 3  download buttons . One ( blue ) is for downloading the archive and other 2 are for something else :) 



habran

No success :(
Password required when you want to extract it ::)
Cod-Father


aw27

I will download directly from here:
https://github.com/zhaohengyi/Win_Asm_Program_Ver2

LiaoMi

Quote from: aw27 on August 27, 2017, 07:54:44 PM
I will download directly from here:
https://github.com/zhaohengyi/Win_Asm_Program_Ver2

This is an older version for the 32-bit system

;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 使用 nmake 或下列命令进行编译和链接:
; ml /c /coff Main.asm
; rc Main.rc
; Link  /subsystem:windows Main.obj Main.res
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.386
.model flat, stdcall
option casemap :none


And this in the topic is for a 64 bit system for UASM

;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; К№УГ nmake »тПВБРГьБоЅшРР±аТлєНБґЅУ:
; uasm -c -win64 Main.asm
; rc Main.rc
; Link  /subsystem:windows Main.obj Main.res
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
option casemap:none
option win64:7


.elseif eax == WM_HOOK
mov rax,wParam
.if al == 0dh
mov eax,0a0dh
.endif
mov @dwTemp,eax
invoke SendDlgItemMessage,hWnd,IDC_TEXT,EM_REPLACESEL,0,addr @dwTemp
.else
mov rax,FALSE
ret
.endif
mov rax,TRUE
ret

_ProcDlgMain endp