Can I and should I convert Windows SDK (Win7 and Win10) to a masm inc format to use for Assembly programming? I think I can use a utility called h2incx.exe or the microsoft version h2inc.exe to convert C headers to masm32 include files. Not sure how it works exactly yet. I want to recode "GetFirewallSettings" project from the Windows 7 SDK to a masm32 version, but masm32 does not have the correct include files. I feel confident that this is not the only program in the win7 sdk samples that would require headers not included in the default masm32 install. Suggestions?
Video format of question:
https://www.youtube.com/watch?v=1jGVz2sm38c
P.S. I did find other posts about h2incx.exe on these forums.
http://luce.yves.pagesperso-orange.fr/header.htm (http://luce.yves.pagesperso-orange.fr/header.htm)
GetFirewallSettings isn't an api,a function.It seems usable only with .net (c++)
https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ics/c-getting-firewall-settings (https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ics/c-getting-firewall-settings)
seems more usable with masm but it need interfaces.
the netfw.sdk is usable without corrections and give you the needed declarations to use the interfaces.
You can't use the mlxx with those headers,only(!) uasm,jwasm,asmc,asmc64.
I am not sure what you are telling me? Are you saying that there is no way to do what I am asking with the Firewall thing? What about other header files
For a new coder in masm it could be difficult to do that this way.
If you are enough experimented,no problem.
Looks like a lot of the functions are actually COM based methods for firewall related stuff. Thats probably why its not in the masm sdk. Some of the functionality might be possible in roundabout ways but probably you would need to implement some COM in your masm for that. Best resource for COM in asm is ObjAsm: https://objasm.x10host.com/ (https://objasm.x10host.com/)
roundabout ways of doing this is to check the registry for various firewall related settings to see if they are enabled/disabled, and/or checking status of various known services to determine if windows firewall is running.
Link to GetFirewallSettings sample from SDK: https://github.com/microsoft/Windows-classic-samples/blob/27ffb0811ca761741502feaefdb591aebf592193/Samples/Win7Samples/security/windowsfirewall/getfirewallsettings/GetFirewallSettings.cpp
Quote from: fearless on August 08, 2021, 03:36:10 AM
Link to GetFirewallSettings sample from SDK: https://github.com/microsoft/Windows-classic-samples/blob/27ffb0811ca761741502feaefdb591aebf592193/Samples/Win7Samples/security/windowsfirewall/getfirewallsettings/GetFirewallSettings.cpp
https://godbolt.org/
$SG93503 DB 'CoInitializeEx failed: 0x%08lx', 0aH, 00H
$SG93507 DB 'Settings for the firewall domain profile:', 0aH, 00H
ORG $+5
$SG93508 DB 'Settings for the firewall private profile:', 0aH, 00H
$SG93549 DB 0aH, 00H
ORG $+2
$SG93509 DB 'Settings for the firewall public profile:', 0aH, 00H
ORG $+5
$SG93524 DB '******************************************', 0aH, 00H
ORG $+4
$SG93526 DB 'enabled', 00H
$SG93527 DB 'disabled', 00H
ORG $+3
$SG93542 DB 'Allow', 00H
ORG $+6
$SG93528 DB 'Firewall is %s', 0aH, 00H
$SG93530 DB 'enabled', 00H
$SG93531 DB 'disabled', 00H
ORG $+3
$SG93543 DB 'Block', 00H
ORG $+6
$SG93532 DB 'Block all inbound traffic is %s', 0aH, 00H
ORG $+3
$SG93546 DB 'Allow', 00H
ORG $+6
$SG93534 DB 'disabled', 00H
ORG $+3
$SG93547 DB 'Block', 00H
ORG $+6
$SG93535 DB 'enabled', 00H
$SG93536 DB 'Notifications are %s', 0aH, 00H
ORG $+2
$SG93538 DB 'disabled', 00H
ORG $+7
$SG93539 DB 'enabled', 00H
$SG93540 DB 'UnicastResponsesToMulticastBroadcast is %s', 0aH, 00H
ORG $+4
$SG93544 DB 'Default inbound action is %s', 0aH, 00H
ORG $+2
$SG93548 DB 'Default outbound action is %s', 0aH, 00H
ORG $+1
$SG93561 DB 'CoCreateInstance for INetFwPolicy2 failed: 0x%08lx', 0aH
DB 00H
unsigned __int64 `__local_stdio_printf_options'::`2'::_OptionsStorage DQ 01H DUP (?) ; `__local_stdio_printf_options'::`2'::_OptionsStorage
_GUID_98325047_c671_4174_8d81_defcd3f03186 DD 098325047H
DW 0c671H
DW 04174H
DB 08dH
DB 081H
DB 0deH
DB 0fcH
DB 0d3H
DB 0f0H
DB 031H
DB 086H
_GUID_e2b3c97f_6ae1_41ac_817a_f6f92166d7dd DD 0e2b3c97fH
DW 06ae1H
DW 041acH
DB 081H
DB 07aH
DB 0f6H
DB 0f9H
DB 021H
DB 066H
DB 0d7H
DB 0ddH
hrComInit$ = 32
hr$ = 36
pNetFwPolicy2$ = 40
main PROC
$LN10:
sub rsp, 56 ; 00000038H
mov DWORD PTR hrComInit$[rsp], 0
mov DWORD PTR hr$[rsp], 0
mov QWORD PTR pNetFwPolicy2$[rsp], 0
mov edx, 2
xor ecx, ecx
call QWORD PTR __imp_CoInitializeEx
mov DWORD PTR hrComInit$[rsp], eax
cmp DWORD PTR hrComInit$[rsp], -2147417850 ; ffffffff80010106H
je SHORT $LN2@main
cmp DWORD PTR hrComInit$[rsp], 0
jge SHORT $LN3@main
mov edx, DWORD PTR hrComInit$[rsp]
lea rcx, OFFSET FLAT:$SG93503
call printf
jmp SHORT $LN4@main
jmp SHORT $Cleanup$11
$LN3@main:
$LN2@main:
lea rcx, QWORD PTR pNetFwPolicy2$[rsp]
call long WFCOMInitialize(INetFwPolicy2 * *) ; WFCOMInitialize
mov DWORD PTR hr$[rsp], eax
cmp DWORD PTR hr$[rsp], 0
jge SHORT $LN5@main
jmp SHORT $LN6@main
jmp SHORT $Cleanup$11
$LN5@main:
lea rcx, OFFSET FLAT:$SG93507
call printf
mov rdx, QWORD PTR pNetFwPolicy2$[rsp]
mov ecx, 1
call void Get_FirewallSettings_PerProfileType(NET_FW_PROFILE_TYPE2_,INetFwPolicy2 *) ; Get_FirewallSettings_PerProfileType
lea rcx, OFFSET FLAT:$SG93508
call printf
mov rdx, QWORD PTR pNetFwPolicy2$[rsp]
mov ecx, 2
call void Get_FirewallSettings_PerProfileType(NET_FW_PROFILE_TYPE2_,INetFwPolicy2 *) ; Get_FirewallSettings_PerProfileType
lea rcx, OFFSET FLAT:$SG93509
call printf
mov rdx, QWORD PTR pNetFwPolicy2$[rsp]
mov ecx, 4
call void Get_FirewallSettings_PerProfileType(NET_FW_PROFILE_TYPE2_,INetFwPolicy2 *) ; Get_FirewallSettings_PerProfileType
$LN4@main:
$LN6@main:
$Cleanup$11:
cmp QWORD PTR pNetFwPolicy2$[rsp], 0
je SHORT $LN7@main
mov rax, QWORD PTR pNetFwPolicy2$[rsp]
mov rax, QWORD PTR [rax]
mov rcx, QWORD PTR pNetFwPolicy2$[rsp]
call QWORD PTR [rax+16]
$LN7@main:
cmp DWORD PTR hrComInit$[rsp], 0
jl SHORT $LN8@main
call QWORD PTR __imp_CoUninitialize
$LN8@main:
xor eax, eax
add rsp, 56 ; 00000038H
ret 0
main ENDP
bIsEnabled$ = 32
action$ = 36
tv75 = 40
tv87 = 48
tv131 = 56
tv143 = 64
tv154 = 72
tv165 = 80
ProfileTypePassed$ = 112
pNetFwPolicy2$ = 120
void Get_FirewallSettings_PerProfileType(NET_FW_PROFILE_TYPE2_,INetFwPolicy2 *) PROC ; Get_FirewallSettings_PerProfileType
$LN21:
mov QWORD PTR [rsp+16], rdx
mov DWORD PTR [rsp+8], ecx
sub rsp, 104 ; 00000068H
xor eax, eax
mov WORD PTR bIsEnabled$[rsp], ax
lea rcx, OFFSET FLAT:$SG93524
call printf
mov rax, QWORD PTR pNetFwPolicy2$[rsp]
mov rax, QWORD PTR [rax]
lea r8, QWORD PTR bIsEnabled$[rsp]
mov edx, DWORD PTR ProfileTypePassed$[rsp]
mov rcx, QWORD PTR pNetFwPolicy2$[rsp]
call QWORD PTR [rax+64]
test eax, eax
jl SHORT $LN2@Get_Firewa
movsx eax, WORD PTR bIsEnabled$[rsp]
test eax, eax
je SHORT $LN9@Get_Firewa
lea rax, OFFSET FLAT:$SG93526
mov QWORD PTR tv75[rsp], rax
jmp SHORT $LN10@Get_Firewa
$LN9@Get_Firewa:
lea rax, OFFSET FLAT:$SG93527
mov QWORD PTR tv75[rsp], rax
$LN10@Get_Firewa:
mov rdx, QWORD PTR tv75[rsp]
lea rcx, OFFSET FLAT:$SG93528
call printf
$LN2@Get_Firewa:
mov rax, QWORD PTR pNetFwPolicy2$[rsp]
mov rax, QWORD PTR [rax]
lea r8, QWORD PTR bIsEnabled$[rsp]
mov edx, DWORD PTR ProfileTypePassed$[rsp]
mov rcx, QWORD PTR pNetFwPolicy2$[rsp]
call QWORD PTR [rax+96]
test eax, eax
jl SHORT $LN3@Get_Firewa
movsx eax, WORD PTR bIsEnabled$[rsp]
test eax, eax
je SHORT $LN11@Get_Firewa
lea rax, OFFSET FLAT:$SG93530
mov QWORD PTR tv87[rsp], rax
jmp SHORT $LN12@Get_Firewa
$LN11@Get_Firewa:
lea rax, OFFSET FLAT:$SG93531
mov QWORD PTR tv87[rsp], rax
$LN12@Get_Firewa:
mov rdx, QWORD PTR tv87[rsp]
lea rcx, OFFSET FLAT:$SG93532
call printf
$LN3@Get_Firewa:
mov rax, QWORD PTR pNetFwPolicy2$[rsp]
mov rax, QWORD PTR [rax]
lea r8, QWORD PTR bIsEnabled$[rsp]
mov edx, DWORD PTR ProfileTypePassed$[rsp]
mov rcx, QWORD PTR pNetFwPolicy2$[rsp]
call QWORD PTR [rax+112]
test eax, eax
jl SHORT $LN4@Get_Firewa
movsx eax, WORD PTR bIsEnabled$[rsp]
test eax, eax
je SHORT $LN13@Get_Firewa
lea rax, OFFSET FLAT:$SG93534
mov QWORD PTR tv131[rsp], rax
jmp SHORT $LN14@Get_Firewa
$LN13@Get_Firewa:
lea rax, OFFSET FLAT:$SG93535
mov QWORD PTR tv131[rsp], rax
$LN14@Get_Firewa:
mov rdx, QWORD PTR tv131[rsp]
lea rcx, OFFSET FLAT:$SG93536
call printf
$LN4@Get_Firewa:
mov rax, QWORD PTR pNetFwPolicy2$[rsp]
mov rax, QWORD PTR [rax]
lea r8, QWORD PTR bIsEnabled$[rsp]
mov edx, DWORD PTR ProfileTypePassed$[rsp]
mov rcx, QWORD PTR pNetFwPolicy2$[rsp]
call QWORD PTR [rax+128]
test eax, eax
jl SHORT $LN5@Get_Firewa
movsx eax, WORD PTR bIsEnabled$[rsp]
test eax, eax
je SHORT $LN15@Get_Firewa
lea rax, OFFSET FLAT:$SG93538
mov QWORD PTR tv143[rsp], rax
jmp SHORT $LN16@Get_Firewa
$LN15@Get_Firewa:
lea rax, OFFSET FLAT:$SG93539
mov QWORD PTR tv143[rsp], rax
$LN16@Get_Firewa:
mov rdx, QWORD PTR tv143[rsp]
lea rcx, OFFSET FLAT:$SG93540
call printf
$LN5@Get_Firewa:
mov rax, QWORD PTR pNetFwPolicy2$[rsp]
mov rax, QWORD PTR [rax]
lea r8, QWORD PTR action$[rsp]
mov edx, DWORD PTR ProfileTypePassed$[rsp]
mov rcx, QWORD PTR pNetFwPolicy2$[rsp]
call QWORD PTR [rax+184]
test eax, eax
jl SHORT $LN6@Get_Firewa
cmp DWORD PTR action$[rsp], 0
je SHORT $LN17@Get_Firewa
lea rax, OFFSET FLAT:$SG93542
mov QWORD PTR tv154[rsp], rax
jmp SHORT $LN18@Get_Firewa
$LN17@Get_Firewa:
lea rax, OFFSET FLAT:$SG93543
mov QWORD PTR tv154[rsp], rax
$LN18@Get_Firewa:
mov rdx, QWORD PTR tv154[rsp]
lea rcx, OFFSET FLAT:$SG93544
call printf
$LN6@Get_Firewa:
mov rax, QWORD PTR pNetFwPolicy2$[rsp]
mov rax, QWORD PTR [rax]
lea r8, QWORD PTR action$[rsp]
mov edx, DWORD PTR ProfileTypePassed$[rsp]
mov rcx, QWORD PTR pNetFwPolicy2$[rsp]
call QWORD PTR [rax+200]
test eax, eax
jl SHORT $LN7@Get_Firewa
cmp DWORD PTR action$[rsp], 0
je SHORT $LN19@Get_Firewa
lea rax, OFFSET FLAT:$SG93546
mov QWORD PTR tv165[rsp], rax
jmp SHORT $LN20@Get_Firewa
$LN19@Get_Firewa:
lea rax, OFFSET FLAT:$SG93547
mov QWORD PTR tv165[rsp], rax
$LN20@Get_Firewa:
mov rdx, QWORD PTR tv165[rsp]
lea rcx, OFFSET FLAT:$SG93548
call printf
$LN7@Get_Firewa:
lea rcx, OFFSET FLAT:$SG93549
call printf
add rsp, 104 ; 00000068H
ret 0
void Get_FirewallSettings_PerProfileType(NET_FW_PROFILE_TYPE2_,INetFwPolicy2 *) ENDP ; Get_FirewallSettings_PerProfileType
hr$ = 48
ppNetFwPolicy2$ = 80
long WFCOMInitialize(INetFwPolicy2 * *) PROC ; WFCOMInitialize
$LN5:
mov QWORD PTR [rsp+8], rcx
sub rsp, 72 ; 00000048H
mov DWORD PTR hr$[rsp], 0
mov rax, QWORD PTR ppNetFwPolicy2$[rsp]
mov QWORD PTR [rsp+32], rax
lea r9, OFFSET FLAT:_GUID_98325047_c671_4174_8d81_defcd3f03186
mov r8d, 1
xor edx, edx
lea rcx, OFFSET FLAT:_GUID_e2b3c97f_6ae1_41ac_817a_f6f92166d7dd
call QWORD PTR __imp_CoCreateInstance
mov DWORD PTR hr$[rsp], eax
cmp DWORD PTR hr$[rsp], 0
jge SHORT $LN2@WFCOMIniti
mov edx, DWORD PTR hr$[rsp]
lea rcx, OFFSET FLAT:$SG93561
call printf
$LN2@WFCOMIniti:
$Cleanup$6:
mov eax, DWORD PTR hr$[rsp]
add rsp, 72 ; 00000048H
ret 0
long WFCOMInitialize(INetFwPolicy2 * *) ENDP ; WFCOMInitialize
You are probably better off just producing any extra header files yourself rather than try and do a complete set, H2INC.EXE was a very old M$ tool that no longer worked on most later (post 1995) files. The later h2incX.exe is not powerful enough to do the conversion and it leaves you with a massive mess. Some of the result may be useful to you but you will have some massive amount of work to do to make it usable.
Some of the guys here have done good work with COM and they may be able to help you.
Well, I am willing to give that a try, but I really am not sure where to start. I have opened a few of INC that come with masm32 and they really are mostly PROTO and EQU. I guess the INC would havea Library .LIB file as the other half, right? I am really not sure how to change what is in netfw.h to an INC file, I don't understand the builtin headers that well. mostly it is typedefs and defines however. It also, shows in the header file that there is a difference between it's C++ interface and C interface. Thank you, I am going to keep trying. So it will be massive work for just one header or one piece of functionally? Like netfw.h ? (netfw.h is 4000+ but it is covering both C++ and C i think)
I ran h2incx -i P:\Wind7SDK\v7.1\Include\netfw.h and it generated 86 files with a netfw.inc and others, but there were errors. I would not know how to test any of these to understand any problems. Would I need Lib files too? I also found these pages, but I don't know if they are relevant to this problem:
http://masm32.com/board/index.php?topic=1941.0
http://vortex.masmcode.com/
I don't know the actual function you are after but there is an alternative if you can hunt up the technical data on the function, Windows has always had 2 functions for individually loading DLLs,
LoadLibrary
GetProcAddress
There are people here who are experienced in setting up COM calls and they may be able to help you.
With LoadLibrary you need to be able to identify which DLL has the function you are after. If you can identify it, you can then test for it with GetProcAddress and if you don't get an error return, you can call it but note that COM is done differently.
Firewall API for C generated from typelib.
It is possible to make similar for asm.
The Microsoft sample source code had errors (&)
Corrected it and compiled with /FAs,the translation to asm could be useful
I have find it easy to translate (64),here the result
The translated is named firewall_asm.exe and the c sample firewallref.exe
There is a grammary question thant i let you solve.The two assertions:
Quote
NotificationsDisabled are disabled
UnicastResponsesToMulticastBroadcastDisabled is disabled
the upper are of my source
Quote
Notifications are enabled
UnicastResponsesToMulticastBroadcast is enabled
Those two are inverted ,The logic is that disabled the disabled give an enable.
This had been obtain changing the order of the comparison: bIsEnabled ? "enabled" : "disabled" (first two lines) begin bIsEnabled ? "disabled" : "enabled") last two lines
Make the same in the asm source ,if you want.
Quote from: TouEnMasm on August 09, 2021, 03:24:56 AM
I have find it easy to translate (64),here the result
The translated is named firewall_asm.exe and the c sample firewallref.exe
It was C++ example, not C
deleted
wow, I am just looking at your github, this is impressive. Is "Asmc" an assembler package for COM or something? What does the acronym stand for? You have alot of inc files. Can I just use these in masm32? I think I will play around with this tonight. Thank you good sir, cool. I see rax register used. I guess you are using 64bit, I am still using most things 32bit, will all this work with 32bit?
deleted
I moved this topic to the Workshop to try and prevent long drawn out technical diswcussions in the Campus.
Here a sample in 32 bits (the sdk translate is 32/64 bits and need a minimal number of changes)
I have also added and modify two macros who made the code very similar to the c++ one
The grammatical (logic) question follow the same way as the original.
Headers in use are here http://luce.yves.pagesperso-orange.fr/header.htm (http://luce.yves.pagesperso-orange.fr/header.htm)
;################################################################
Get_FirewallSettings_PerProfileType PROC ProfileTypePassed:NET_FW_PROFILE_TYPE2 ,ppvINetFwPolicy2:XMASM
local bIsEnabled:VARIANT_BOOL,action:NET_FW_ACTION ;VARIANT_BOOL TYPEDEF WORD ,NET_FW_ACTION TYPEDEF DWORD enum
.data
disabled db "disabled",0
enabled db "enabled",0
allow db "allow",0
block db "Block",0
.code
mov bIsEnabled,FALSE
;----------------------------------------------------------------------------------------
.if SUCCEEDED(INetFwPolicy2 get_FirewallEnabled,ProfileTypePassed,addr bIsEnabled)
invoke printf,TXT("FirewallEnabled is %s",13,10),Q?(bIsEnabled,enabled,disabled)
.endif
;----------------------------------------------------------------------------------------
.if SUCCEEDED(INetFwPolicy2 get_BlockAllInboundTraffic,ProfileTypePassed, addr bIsEnabled )
invoke printf,TXT("Block all inbound traffic is %s ",13,10),Q?(bIsEnabled,enabled,disabled)
.endif
;----------------------------------------------------------------------------------------
.if SUCCEEDED(INetFwPolicy2 get_NotificationsDisabled,ProfileTypePassed,addr bIsEnabled)
invoke printf,TXT("Notifications are %s ",13,10),Q?(bIsEnabled,disabled,enabled)
.endif
;----------------------------------------------------------------------------------------
.if SUCCEEDED(INetFwPolicy2 get_UnicastResponsesToMulticastBroadcastDisabled,ProfileTypePassed, addr bIsEnabled);"disabled" : "enabled" <<<<<inverse
invoke printf,TXT("UnicastResponsesToMulticastBroadcast is %s",13,10),Q?(bIsEnabled,disabled,enabled)
.endif
;----------------------------------------------------------------------------------------
.if SUCCEEDED(INetFwPolicy2 get_DefaultInboundAction,ProfileTypePassed,addr action )
invoke printf,TXT("Default inbound action is %s ",13,10),Q?(action,allow,block)
.endif
;----------------------------------------------------------------------------------------
.if SUCCEEDED(INetFwPolicy2 get_DefaultOutboundAction,ProfileTypePassed,addr action)
invoke printf,TXT("Default outbound action is %s",13,10),Q?(action,allow,block)
.endif
ret
Get_FirewallSettings_PerProfileType endp