News:

Masm32 SDK description, downloads and other helpful links
Message to All Guests

Main Menu

[Help] Code

Started by jeivarmarr, November 25, 2012, 10:27:40 AM

Previous topic - Next topic

jeivarmarr

I get a memory address, hexadecimal values​​, these values ​​should I pass to text and write them to a file. txt the text

example : Address= 00C4C988h  value hex=53 00 65 00 72 00 76 00 69 00 64 00 6F 00 72  text= S.e.r.v.i.d.o.r


txt proc
tecla:
invoke Sleep,1000
mov ebx,00C4C988h
Open "O", #1, "MyTextFile.txt"
   mov eax,dword ptr [ebx]
   .if eax==NULL
  jmp tecla
   .else
   Print #1, eax  ; your example is Unicode, therefore "wide" Print
   Close #1
   Inkey "ok"
   .endif
txt endp


check this but not works

PD: Compile Dll

how I can write the value into . txt file?

fearless

Ive a procedure that gives a rough approximation of figuring out the windows version, it suits for my use, and im sure there is better examples, but you could use something like this:

include kernel32.inc
includelib kernel32.lib

WindowsVersion PROTO

.CONST
WINDOWS_VERSION_UNKNOWN         EQU 0
WINDOWS_VERSION_WIN31           EQU 31 ; Win32 on Windows 3.1
WINDOWS_VERSION_NT_31           EQU 32
WINDOWS_VERSION_NT_35           EQU 35
WINDOWS_VERSION_NT_351          EQU 36
WINDOWS_VERSION_95              EQU 40
WINDOWS_VERSION_98              EQU 41
WINDOWS_VERSION_ME              EQU 42
WINDOWS_VERSION_NT              EQU 43
WINDOWS_VERSION_NT_4            EQU 43
WINDOWS_VERSION_2000            EQU 50
WINDOWS_VERSION_XP              EQU 51
WINDOWS_VERSION_XP_HOME         EQU 51
WINDOWS_VERSION_XP_64           EQU 52
WINDOWS_VERSION_XP_PRO_64       EQU 52
WINDOWS_VERSION_2003            EQU 52
WINDOWS_VERSION_2003_SERVER     EQU 52
WINDOWS_VERSION_HOME_SERVER     EQU 52
WINDOWS_VERSION_VISTA           EQU 60
WINDOWS_VERSION_2008            EQU 60
WINDOWS_VERSION_2008_SERVER     EQU 60
WINDOWS_VERSION_2008_SERVER_R2  EQU 61
WINDOWS_VERSION_7               EQU 61
WINDOWS_VERSION_8               EQU 62

.data
WINDOWS_VERSION dd 0 ; use this for comparing what version or use the value returned in eax

.code

;=========================================================================================
; Gets windows version and returns version in eax which is stored in the WINDOWS_VERSION
; variable as well. See constants above for which version is returned.
;=========================================================================================
WindowsVersion PROC
    LOCAL VersionInformation:OSVERSIONINFO
   
    mov  VersionInformation.dwOSVersionInfoSize, SIZEOF OSVERSIONINFO
    Invoke GetVersionEx, Addr VersionInformation
    mov eax, VersionInformation.dwMajorVersion
    mov ebx, VersionInformation.dwMinorVersion
    mov ecx, VersionInformation.dwPlatformId

    .IF ecx == VER_PLATFORM_WIN32s
        mov eax, WINDOWS_VERSION_WIN31
    .ELSEIF ecx == VER_PLATFORM_WIN32_WINDOWS
        .IF ebx == 0
            mov eax, WINDOWS_VERSION_95
        .ELSEIF ebx == 10
            mov eax, WINDOWS_VERSION_98
        .ELSEIF ebx == 90
            mov eax, WINDOWS_VERSION_ME
        .ENDIF
    .ELSEIF ecx == VER_PLATFORM_WIN32_NT   
        .IF eax <= 3
            .IF ebx == 51
                mov eax, WINDOWS_VERSION_NT_351
            .ENDIF
        .ELSEIF eax == 4
            mov eax, WINDOWS_VERSION_NT
        .ELSEIF eax == 5
            .IF ebx == 0 ; Win2000
                mov eax, WINDOWS_VERSION_2000
            .ELSEIF ebx == 1 ; WinXP
                mov eax, WINDOWS_VERSION_XP
            .ELSEIF ebx == 2 ; Server20003 / XP Pro 64 / Home Server
                mov eax, WINDOWS_VERSION_2003
            .ELSEIF ebx > 2 ; Unknown
                mov eax, WINDOWS_VERSION_UNKNOWN         
            .ENDIF
        .ELSEIF eax == 6
            .IF ebx == 0 ; Vista
                mov eax, WINDOWS_VERSION_VISTA
            .ELSEIF ebx == 1 ; Win7, Server2008
                mov eax, WINDOWS_VERSION_7
            .ELSEIF ebx == 2
                mov eax, WINDOWS_VERSION_8
            .ELSEIF ebx > 2 ; Unknown
                mov eax, WINDOWS_VERSION_UNKNOWN                               
            .ENDIF
        .ELSEIF eax > 6
            mov eax, WINDOWS_VERSION_UNKNOWN               
        .ENDIF
    .ELSE
        mov eax, WINDOWS_VERSION_UNKNOWN
    .ENDIF       
    mov WINDOWS_VERSION, eax
    ret
WindowsVersion endp

Sample usage:
Invoke WindowsVersion
.IF eax == WINDOWS_VERSION_XP
    ;Invoke MessageBox .... with some string about XP is running
.ELSEIF eax == WINDOWS_VERSION_VISTA
    ;Invoke MessageBox .... with some string about Vista is running
.ELSEIF eax == WINDOWS_VERSION_7
    ;Invoke MessageBox .... with some string about Windows 7 is running
.ELSE
    ;Invoke MessageBox .... with some string about some other os version is running
.ENDIF


hope that helps

jj2007

Don't get overwhelmed by fearless' code - it's actually simple. Getting info on Windows versions is notoriously complicated and clumsy. Here is a simpler version, but it won't give you everything you need.

include \masm32\MasmBasic\MasmBasic.inc   ; download
.data?
ovx   OSVERSIONINFOEX <>
   Init
   mov ovx.dwOSVersionInfoSize, OSVERSIONINFOEX
   invoke GetVersionEx, addr ovx
   Print Str$("MajorVersion     \t%i\n", ovx.dwMajorVersion)
   Print Str$("MinorVersion     \t%i\n", ovx.dwMinorVersion)
   Print Str$("Build number     \t%i\n", ovx.dwBuildNumber)
   Print Str$("PlatformId         \t%i\n", ovx.dwPlatformId)
   PrintLine offset ovx.szCSDVersion
   Print Str$("ServicePackMajor \t%i\n", ovx.wServicePackMajor)
   Print Str$("ServicePackMinor \t%i\n", ovx.wServicePackMinor)
   Print Str$("Suite Mask         \t%i\n\n", ovx.wSuiteMask)
   Inkey "You are running ", ExpandEnv$("%OS%")      ; use the %OS% environment variable
   Exit
end start

Output:
MajorVersion            5
MinorVersion            1
Build number            2600
PlatformId              2
Service Pack 3
ServicePackMajor        3
ServicePackMinor        0
Suite Mask              768

You are running Windows_NT


Actually, I am running XP SP3...

jeivarmarr

Quote from: jj2007 on November 25, 2012, 11:28:47 AM
Don't get overwhelmed by fearless' code - it's actually simple. Getting info on Windows versions is notoriously complicated and clumsy. Here is a simpler version, but it won't give you everything you need.

include \masm32\MasmBasic\MasmBasic.inc   ; download
.data?
ovx   OSVERSIONINFOEX <>
   Init
   mov ovx.dwOSVersionInfoSize, OSVERSIONINFOEX
   invoke GetVersionEx, addr ovx
   Print Str$("MajorVersion     \t%i\n", ovx.dwMajorVersion)
   Print Str$("MinorVersion     \t%i\n", ovx.dwMinorVersion)
   Print Str$("Build number     \t%i\n", ovx.dwBuildNumber)
   Print Str$("PlatformId         \t%i\n", ovx.dwPlatformId)
   PrintLine offset ovx.szCSDVersion
   Print Str$("ServicePackMajor \t%i\n", ovx.wServicePackMajor)
   Print Str$("ServicePackMinor \t%i\n", ovx.wServicePackMinor)
   Print Str$("Suite Mask         \t%i\n\n", ovx.wSuiteMask)
   Inkey "You are running ", ExpandEnv$("%OS%")      ; use the %OS% environment variable
   Exit
end start

Output:
MajorVersion            5
MinorVersion            1
Build number            2600
PlatformId              2
Service Pack 3
ServicePackMajor        3
ServicePackMinor        0
Suite Mask              768

You are running Windows_NT


Actually, I am running XP SP3...

C:\Masm32\Bin\ML.EXE /c /coff /Cp /nologo /I"C:\Masm32\Include" "windows.asm"
Assembling: windows.asm
\masm32\include\masm32rt.inc(33) : warning A4011: multiple .MODEL directives found : .MODEL ignored
##########################

You cannot use the MasmBasic library with ml.exe version 6.14, sorry - try JWasm or ml 6.15

##########################
\masm32\MasmBasic\MasmBasic.inc(179) : error A2052: forced error
TestMasmVersion(7): Macro Called From
  \masm32\MasmBasic\MasmBasic.inc(179): Include File

Help

jeivarmarr

Quote from: fearless on November 25, 2012, 11:12:13 AM
Ive a procedure that gives a rough approximation of figuring out the windows version, it suits for my use, and im sure there is better examples, but you could use something like this:

include kernel32.inc
includelib kernel32.lib

WindowsVersion PROTO

.CONST
WINDOWS_VERSION_UNKNOWN         EQU 0
WINDOWS_VERSION_WIN31           EQU 31 ; Win32 on Windows 3.1
WINDOWS_VERSION_NT_31           EQU 32
WINDOWS_VERSION_NT_35           EQU 35
WINDOWS_VERSION_NT_351          EQU 36
WINDOWS_VERSION_95              EQU 40
WINDOWS_VERSION_98              EQU 41
WINDOWS_VERSION_ME              EQU 42
WINDOWS_VERSION_NT              EQU 43
WINDOWS_VERSION_NT_4            EQU 43
WINDOWS_VERSION_2000            EQU 50
WINDOWS_VERSION_XP              EQU 51
WINDOWS_VERSION_XP_HOME         EQU 51
WINDOWS_VERSION_XP_64           EQU 52
WINDOWS_VERSION_XP_PRO_64       EQU 52
WINDOWS_VERSION_2003            EQU 52
WINDOWS_VERSION_2003_SERVER     EQU 52
WINDOWS_VERSION_HOME_SERVER     EQU 52
WINDOWS_VERSION_VISTA           EQU 60
WINDOWS_VERSION_2008            EQU 60
WINDOWS_VERSION_2008_SERVER     EQU 60
WINDOWS_VERSION_2008_SERVER_R2  EQU 61
WINDOWS_VERSION_7               EQU 61
WINDOWS_VERSION_8               EQU 62

.data
WINDOWS_VERSION dd 0 ; use this for comparing what version or use the value returned in eax

.code

;=========================================================================================
; Gets windows version and returns version in eax which is stored in the WINDOWS_VERSION
; variable as well. See constants above for which version is returned.
;=========================================================================================
WindowsVersion PROC
    LOCAL VersionInformation:OSVERSIONINFO
   
    mov  VersionInformation.dwOSVersionInfoSize, SIZEOF OSVERSIONINFO
    Invoke GetVersionEx, Addr VersionInformation
    mov eax, VersionInformation.dwMajorVersion
    mov ebx, VersionInformation.dwMinorVersion
    mov ecx, VersionInformation.dwPlatformId

    .IF ecx == VER_PLATFORM_WIN32s
        mov eax, WINDOWS_VERSION_WIN31
    .ELSEIF ecx == VER_PLATFORM_WIN32_WINDOWS
        .IF ebx == 0
            mov eax, WINDOWS_VERSION_95
        .ELSEIF ebx == 10
            mov eax, WINDOWS_VERSION_98
        .ELSEIF ebx == 90
            mov eax, WINDOWS_VERSION_ME
        .ENDIF
    .ELSEIF ecx == VER_PLATFORM_WIN32_NT   
        .IF eax <= 3
            .IF ebx == 51
                mov eax, WINDOWS_VERSION_NT_351
            .ENDIF
        .ELSEIF eax == 4
            mov eax, WINDOWS_VERSION_NT
        .ELSEIF eax == 5
            .IF ebx == 0 ; Win2000
                mov eax, WINDOWS_VERSION_2000
            .ELSEIF ebx == 1 ; WinXP
                mov eax, WINDOWS_VERSION_XP
            .ELSEIF ebx == 2 ; Server20003 / XP Pro 64 / Home Server
                mov eax, WINDOWS_VERSION_2003
            .ELSEIF ebx > 2 ; Unknown
                mov eax, WINDOWS_VERSION_UNKNOWN         
            .ENDIF
        .ELSEIF eax == 6
            .IF ebx == 0 ; Vista
                mov eax, WINDOWS_VERSION_VISTA
            .ELSEIF ebx == 1 ; Win7, Server2008
                mov eax, WINDOWS_VERSION_7
            .ELSEIF ebx == 2
                mov eax, WINDOWS_VERSION_8
            .ELSEIF ebx > 2 ; Unknown
                mov eax, WINDOWS_VERSION_UNKNOWN                               
            .ENDIF
        .ELSEIF eax > 6
            mov eax, WINDOWS_VERSION_UNKNOWN               
        .ENDIF
    .ELSE
        mov eax, WINDOWS_VERSION_UNKNOWN
    .ENDIF       
    mov WINDOWS_VERSION, eax
    ret
WindowsVersion endp

Sample usage:
Invoke WindowsVersion
.IF eax == WINDOWS_VERSION_XP
    ;Invoke MessageBox .... with some string about XP is running
.ELSEIF eax == WINDOWS_VERSION_VISTA
    ;Invoke MessageBox .... with some string about Vista is running
.ELSEIF eax == WINDOWS_VERSION_7
    ;Invoke MessageBox .... with some string about Windows 7 is running
.ELSE
    ;Invoke MessageBox .... with some string about some other os version is running
.ENDIF


hope that helps

windows.asm(57) : error A2006: undefined symbol : OSVERSIONINFO
windows.asm(57) : error A2195: parameter or local cannot have void type
windows.asm(59) : error A2006: undefined symbol : dwOSVersionInfoSize
windows.asm(61) : error A2006: undefined symbol : dwMajorVersion
windows.asm(62) : error A2006: undefined symbol : dwMinorVersion
windows.asm(63) : error A2006: undefined symbol : dwPlatformId
windows.asm(65) : error A2006: undefined symbol : VER_PLATFORM_WIN32s
windows.asm(67) : error A2006: undefined symbol : VER_PLATFORM_WIN32_WINDOWS
windows.asm(75) : error A2006: undefined symbol : VER_PLATFORM_WIN32_NT

Make error(s) occured.

Help

jj2007

Quote from: jeivarmarr on November 28, 2012, 04:59:16 PM
You cannot use the MasmBasic library with ml.exe version 6.14, sorry - try JWasm or ml 6.15
...
Help

- Go the JWasm page
- download JWasm208abw.zip
- rename \Masm32\bin\ML.EXE to \Masm32\bin\MLv614.EXE
- take the JWasm.exe from the archive and copy it as \Masm32\bin\ML.EXE
... and voilà, you have an assembler that understands also the newer instructions :t

jeivarmarr

#6
Quote from: jj2007 on November 28, 2012, 05:16:28 PM
Quote from: jeivarmarr on November 28, 2012, 04:59:16 PM
You cannot use the MasmBasic library with ml.exe version 6.14, sorry - try JWasm or ml 6.15
...
Help

- Go the JWasm page
- download JWasm208abw.zip
- rename \Masm32\bin\ML.EXE to \Masm32\bin\MLv614.EXE
- take the JWasm.exe from the archive and copy it as \Masm32\bin\ML.EXE
... and voilà, you have an assembler that understands also the newer instructions :t

Thanks,

help me anything else? please

I get a memory address, hexadecimal values​​, these values ​​should I pass to text and write them to a file. txt the text

example : Address= 10837FE4h  value hex=53 00 65 00 72 00 76 00 69 00 64 00 6F 00 72  text= S.e.r.v.i.d.o.r

how I can write the value into . txt file?


hfheatherfox07

You are invoking the "WindowsVersion Proc" with  "Invoke WindowsVersion" than ".if eax==Windows_NT"
than your message Box

I made an example for you really quickly with what fearless posted , It was quite easy to understand

@fearless thank you for this great code  :t
Your code and your skills will be assimilated. Your programming language is irrelevant.
We are the ASM Borg and you will become part of us. Compile and be assembled.

jeivarmarr

Quote from: hfheatherfox07 on November 28, 2012, 07:31:16 PM
You are invoking the "WindowsVersion Proc" with  "Invoke WindowsVersion" than ".if eax==Windows_NT"
than your message Box

I made an example for you really quickly with what fearless posted , It was quite easy to understand

@fearless thank you for this great code  :t

Thanks for your help.

help me anything else? please.

I get a memory address, hexadecimal values​​, these values ​​should I pass to text and write them to a file. txt the text

example : Address= 10837FE4h.  value hex=53 00 65 00 72 00 76 00 69 00 64 00 6F 00 72.  text= S.e.r.v.i.d.o.r

how I can write the value into . txt file?


ragdog

Hi

I better way to get Os Version get you read from Peb (Process Environment Block)



GetOsVersion proc pProcessEnvironmentBlock:DWORD
xor      eax,eax
mov eax,pProcessEnvironmentBlock
.if (DWORD ptr (PEB ptr [eax]).OSPlatformId)==VER_PLATFORM_WIN32_NT ;0B0h
     .if (DWORD ptr (PEB ptr [eax]).OSMajorVersion)==5  && (DWORD ptr (PEB ptr [eax]).OSMinorVersion >= 1)   ;0A4h 0A8h
      ;Windows XP,Windows Server 2003,Windows Server 2003 R2
     mov eax,1
     .elseif (DWORD ptr (PEB ptr [eax]).OSMajorVersion)==6  && (DWORD ptr (PEB ptr [eax]).OSMinorVersion >= 0)
             ;Windows Vista,Windows Server 2008,Windows Server 2008 R2,Windows 7 or greater     
             mov eax,2
     .endif
.endif
ret
GetOsVersion endp


Greets,

jj2007

Quote from: jeivarmarr on November 28, 2012, 06:43:54 PM

I get a memory address, hexadecimal values​​, these values ​​should I pass to text and write them to a file. txt the text

example : Address= 10837FE4h  value hex=53 00 65 00 72 00 76 00 69 00 64 00 6F 00 72  text= S.e.r.v.i.d.o.r

how I can write the value into . txt file?

include \masm32\MasmBasic\MasmBasic.inc   ; download
; example : Address= 10837FE4h  value hex=53 00 65 00 72 00 76 00 69 00 64 00 6F 00 72  text= S.e.r.v.i.d.o.r
.data
MyExample   db 53h, 00h, 65h, 00h, 72h, 00h, 76h, 00h, 69h, 00h, 64h, 00h, 6Fh, 00h, 72h, 0, 0   ; text= S.e.r.v.i.d.o.r

   Init
   Open "O", #1, "MyTextFile.txt"
   mov eax, offset MyExample
   wPrint #1, eax  ; your example is Unicode, therefore "wide" Print
   Close #1
   Inkey "ok"
   Exit
end start

dedndave

i seem to recall there was a problem with the OSVERSIONEX structure in the masm32 version 10 includes
it's probably been fixed in version 11   :P

anyways, here is a program i wrote a couple years ago
this one does some extra stuff, examining the registry values
in the old forum, you can see the results run on many different machines

http://www.masmforum.com/board/index.php?topic=11963.0

DednDave OS Info Dump Ver 2.03

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion]
"ProductName"="Microsoft Windows XP"
"CurrentVersion"="5.1"
"CurrentBuildNumber"="2600"
"SubVersionNumber"=""
"CSDVersion"="Service Pack 3"
"BuildLab"="2600.xpsp_sp3_qfe.100216-1510"
"ProductId"="76487-OEM-XXXXXXX-XXXXX"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Media Center]
"Ident"="4.0"

OSVERSIONINFOEX Structure:

       Version.Build: 5.1.2600
         Platform ID: Win32 on Windows NT
         CSD Version: Service Pack 3
Service Pack Version: 3.0
          Suite Mask: 0000000100000000
        Product Type: Windows 2000 Pro/XP/Vista Workstation


EDIT: it seems that the structure has been fixed in masm32 version 11
also, Hutch made it __UNICORN__ aware   :P

jeivarmarr

Quote from: jj2007 on November 28, 2012, 09:55:16 PM
Quote from: jeivarmarr on November 28, 2012, 06:43:54 PM

I get a memory address, hexadecimal values​​, these values ​​should I pass to text and write them to a file. txt the text

example : Address= 10837FE4h  value hex=53 00 65 00 72 00 76 00 69 00 64 00 6F 00 72  text= S.e.r.v.i.d.o.r

how I can write the value into . txt file?

include \masm32\MasmBasic\MasmBasic.inc   ; download
; example : Address= 10837FE4h  value hex=53 00 65 00 72 00 76 00 69 00 64 00 6F 00 72  text= S.e.r.v.i.d.o.r
.data
MyExample   db 53h, 00h, 65h, 00h, 72h, 00h, 76h, 00h, 69h, 00h, 64h, 00h, 6Fh, 00h, 72h, 0, 0   ; text= S.e.r.v.i.d.o.r

   Init
   Open "O", #1, "MyTextFile.txt"
   mov eax, offset MyExample
   wPrint #1, eax  ; your example is Unicode, therefore "wide" Print
   Close #1
   Inkey "ok"
   Exit
end start
thanks jj2007



txt proc
tecla:
invoke Sleep,1000
mov ebx,00C4C988h
Open "O", #1, "MyTextFile.txt"
   mov eax,dword ptr [ebx]
   .if eax==NULL
  jmp tecla
   .else
   Print #1, eax  ; your example is Unicode, therefore "wide" Print
   Close #1
   Inkey "ok"
   .endif
txt endp


check this but not works

PD: Compile Dll

jj2007

You open a file inside a loop - that cannot work. What do you intend to do??

tecla:
invoke Sleep,1000
mov ebx,00C4C988h
Open "O", #1, "MyTextFile.txt"
   mov eax,dword ptr [ebx]
   .if eax==NULL
  jmp tecla
   .else
   Print #1, eax  ; your example is Unicode, therefore "wide" Print
   Close #1

jeivarmarr

Quote from: jj2007 on November 29, 2012, 04:49:25 AM
You open a file inside a loop - that cannot work. What do you intend to do??

tecla:
invoke Sleep,1000
mov ebx,00C4C988h
Open "O", #1, "MyTextFile.txt"
   mov eax,dword ptr [ebx]
   .if eax==NULL
  jmp tecla
   .else
   Print #1, eax
   Close #1


I want to pass the value of 00C4C988h to txt file

tecla:
invoke Sleep,100
invoke GetAsyncKeyState,VK_H
   test eax,eax
   jz tecla
mov ebx,00C4C988h
Open "O", #1, "C:/MyTextFile.txt"
mov eax, dword ptr [ebx]
   Print #1, eax  ; your example is Unicode, therefore "wide" Print
   Close #1
   Inkey "ok"
  jmp tecla
   ret

not working :(

I work with dll