News:

Masm32 SDK description, downloads and other helpful links
Message to All Guests
NB: Posting URL's See here: Posted URL Change

Main Menu

LockResource

Started by jj2007, May 29, 2012, 05:58:19 PM

Previous topic - Next topic

jj2007

Guess what? This works!

include \masm32\include\masm32rt.inc

.code
start: invoke LockResource, 12345678h
print hex$(eax)
exit

end start


At least, it works on Win XP and Win 7. I wonder if older versions produce something else ::)

Under the hood, you can admire the immense improvements of Win7 over WinXP :biggrin:

LockResource      8BFF             mov edi, edi      ; See TheOldNewThing on hot patches
75C302DB          55               push ebp
75C302DC          8BEC             mov ebp, esp
75C302DE          5D               pop ebp
75C302DF          EB 05            jmp short 75C302E6                                                ; Jump to KERNELBASE.LockResource
75C302E1          90               nop
75C302E2          90               nop
75C302E3          90               nop
75C302E4          90               nop
75C302E5          90               nop
75C302E6          FF25 2C1BBF75    jmp near [75BF1B2C] aka &API-MS-Win-Core-LibraryLoader-L.LockResource
... ^ ^ ^ Win XP does not have the part above ^ ^ ^ ...
LockResource      8BFF             mov edi, edi   ; the address in [75BF1B2C]
758A8D47          55               push ebp
758A8D48          8BEC             mov ebp, esp
758A8D4A          8B45 08          mov eax, [ebp+8]  <<<<<<<<<< now guess what you will get in eax?
758A8D4D          5D               pop ebp
758A8D4E          C2 0400          retn 4


hutch--

 :biggrin:

Do I detect a note of sarcasm here ?  :P