Macro to simply encode string

[quocsan]

Hi all!

I've just joined the forum.

The first topic I want to post here is about MASM macros – simple text macro.
Long time ago, when I wrote a small utility (Win32) in MASM to check if a container's name is valid (ISO check digit), I decided to hide strings in the executable from viewing.
To do that, I tried to write an MASM macro. The usage is simple:

Code Select Expand

_EOPENFILE DB @T(<Error opening file.~0>)The string will be hidden by XORring with a changing key.
See the attached images for more details.
Macro code in file NQS_MAC.INC (remove ".txt" in its name).

The macro code is far from complete.
I'm awaiting to hearing from you.
Thank you for your attention.

[zedd151]

Could you provide an example of practical usage?

[NoCforMe]

Not sure exactly what your question is here.
Could you post the source to your macro? (It's not top sekrit, is it? maybe omit the key?)
Looks interesting.

[zedd151]

Could you post the source to your macro? (It's not top sekrit, is it? maybe omit the key?)

In the attached .txt file...NQS_MAC.INC.txt there are several macros.
But no example of its usage.

[NoCforMe]

I guess we'll have to wait for some specific questions from the OP.

BTW, how did you create that file? Weird formatting (carriage-returns only, no line feeds, so Notepad opened it as a huge mess with no line breaks).

Luckily my own editor opened it correctly, with line breaks. Might want to check that in the future.

[quocsan]

Hi all!
I shall post full source code to illustrate how to use the macro.
In the images attached, you will see something like @T(<...>), that is where the macro called.
The images taken when I was using a Macbook. 

[quocsan]

The usage of the macro is quite simple.

Code Select Expand

include .\NQS_Mac.inc
; ...
; ...
.DATA
; ...
lblFrom label Byte ; Mark start of strings to be encoded
  szTitle DB @T(<ISO Check Digit~0>)
  ; ...
lblTo label Byte ; Mark end of strings to be encoded
; ...
.CODE
  ; Decode strings
  @Decode lblFrom, lblTo - lblFrom
  ; ...

Please see details in the attached ZIP file.
As you can see, I wrote the macro in 2004, quite a long time.
I hope you will find it helpful and make some improvements to it.

[jj2007]

Code Select Expand

;;;;;;; Entry Point ;;;;;;;;;;;;;;;;;;;;;;
Start:
mov eax, offset lblFrom
int 3
@Decode lblFrom, lblTo - lblFrom
Very nice

So the user cannot just open the executable in Notepad or so and find the "hidden" strings. There is a similar feature in RichMasm called "obscure string", but when I tried that one yesterday (inspired by your macro) I found a little glitch. So I'm in bug chasing mode now

[quocsan]

Code Select Expand

;;;;;;; Entry Point ;;;;;;;;;;;;;;;;;;;;;;
Start:
mov eax, offset lblFrom
int 3
@Decode lblFrom, lblTo - lblFrom
Very nice

So the user cannot just open the executable in Notepad or so and find the "hidden" strings. There is a similar feature in RichMasm called "obscure string", but when I tried that one yesterday (inspired by your macro) I found a little glitch. So I'm in bug chasing mode now

If RichMasm has that feature, obscure string, programmers will be happy. But will the app have something, like macro or some lines of codes, to make the string unobscured?

[jj2007]

But will the app have something, like macro or some lines of codes, to make the string unobscured?

Code Select Expand

    ; quocsan has good ideas    ; <<< select the text, then go to menu Edit & Format and click Obscure string; the following lines will be inserted:
; ---- start ----
    push 9 
    call @F
    dd 08D4D91D2h,0E81F91F2h,0D423ADD2h,0EF2ADEB3h,08A4EB793h,0EE21D8F4h,0CE52B99Ch,0EE3CD8EFh,08D53AD9Eh
@@:    pop edx
    pop ecx
    .Repeat
        mov eax, [edx]
        xor eax, [edx-4]
        add edx, 4
        push eax
        dec ecx
    .Until Zero?

    print esp    ; esp points to the decoded string

    add esp, 4*9 
; ---- end ----
And it looks like this in the debugger:

Code Select Expand

CPU Disasm
Address   Hex dump          Command                                  Comments
00401001   .  6A 09         push 9                                   ; /Arg1 = 9
00401003   .  E8 24000000   call 0040102C                            ; \CHK.0040102C
00401008   .  D291 4D8DF291 rcl byte ptr [ecx+91F28D4D], cl
0040100E   .  1F            pop ds
0040100F      E8            db E8
00401010      D2            db D2
00401011      AD            db AD
00401012      23            db 23                                    ; char '#'
00401013      D4            db D4
00401014      B3            db B3
00401015      DE            db DE
00401016      2A            db 2A                                    ; char '*'
00401017      EF            db EF
00401018      93            db 93
00401019      B7            db B7
0040101A      4E            db 4E                                    ; char 'N'
0040101B      8A            db 8A
0040101C      F4            db F4
0040101D      D8            db D8
0040101E      21            db 21                                    ; char '!'
0040101F      EE            db EE
00401020      9C            db 9C
00401021      B9            db B9
00401022      52            db 52                                    ; char 'R'
00401023      CE            db CE
00401024      EF            db EF
00401025      D8            db D8
00401026      3C            db 3C                                    ; char '<'
00401027      EE            db EE
00401028      9E            db 9E
00401029      AD            db AD
0040102A      53            db 53                                    ; char 'S'
0040102B      8D            db 8D                                    ; CHK.0040102B(guessed Arg1)
0040102C  /$  5A            pop edx
0040102D  |.  59            pop ecx
0040102E  |>  8B02          /mov eax, [edx]
00401030  |.  3342 FC       |xor eax, [edx-4]
00401033  |.  83C2 04       |add edx, 4
00401036  |.  50            |push eax
00401037  |.  49            |dec ecx
00401038  |.^ 75 F4         \jnz short 0040102E


[zedd151]

If RichMasm has that feature, obscure string, programmers will be happy. But will the app have something, like macro or some lines of codes, to make the string unobscured?

He has even more. But you will have to open Pandora's box to see it. Or a different can o' worms. 

Ask him about MasmBasic ... 
jj2007 is a very prolific coder, but much of his code uses MasmBasic. It's not for everybody's taste, but you may like it. You seem to have a very good grasp on plain old masm, so adapting may come easy for you.

No charge jj, for the referral. 

[quocsan]

Code Select Expand

  ; <<< select the text, then go to menu Edit & Format and click Obscure string; the following lines will be inserted:
; ---- start ----
    push 9 
    call @F
    dd 08D4D91D2h,0E81F91F2h,0D423ADD2h,0EF2ADEB3h,08A4EB793h,0EE21D8F4h,0CE52B99Ch,0EE3CD8EFh,08D53AD9Eh
@@:    pop edx
    pop ecx
    .Repeat
        mov eax, [edx]
        xor eax, [edx-4]
        add edx, 4
        push eax
        dec ecx
    .Until Zero?

    print esp    ; esp points to the decoded string

Great!
Your code call...pop reminds me of the way to get the address of the code line after call instruction. :-)

I'm also thinking of improving my macros.

[jj2007]

the way to get the address of the code line after call instruction

Exactly ;-)

[quocsan]

jj2007 is a very prolific coder, but much of his code uses MasmBasic. It's not for everybody's taste, but you may like it. You seem to have a very good grasp on plain old masm, so adapting may come easy for you.

No charge jj, for the referral. 

Well, I shall try to look at MasmBasic.

I learnt the assembly language from MS-DOS time, studied interrupts, TSR programs, etc. But for my job, I had to pay most of my time in other programming languages.
For Win32, I had only some small asm apps.

Recently I've turned back to asm again and felt free as before: Free to code, free to cause problem to my PCs/laptops and my head. 

[jj2007]

No charge jj, for the referral.

Normally MasmBasic is free, but for you I'll make a special price