News:

Masm32 SDK description, downloads and other helpful links
Message to All Guests
NB: Posting URL's See here: Posted URL Change

Main Menu

A Simple API get wrong answer

Started by peter666, February 15, 2020, 10:03:50 PM

Previous topic - Next topic

peter666

Hi Sir,

A Simple API get wrong answer
Why ?

Thank you.

For Consle Application.

    .486
    .model flat, stdcall
    option casemap :none

    .data
    Str1 BYTE "SecureBoot",0,0
    Str2 BYTE "{8BE4DF61-93CA-11D2-AA0D-00E098032B8C}",0,0

    include \masm32\include\windows.inc
    include \masm32\macros\macros.asm
    include \masm32\include\masm32.inc
    include \masm32\include\gdi32.inc
    include \masm32\include\user32.inc
    include \masm32\include\kernel32.inc
    includelib \masm32\lib\masm32.lib
    includelib \masm32\lib\gdi32.lib
    includelib \masm32\lib\user32.lib
    includelib \masm32\lib\kernel32.lib

    .code
start:
   
    invoke GetFirmwareEnvironmentVariableA,ADDR Str1,ADDR Str2, NULL,0
    invoke GetLastError
   
    .if eax == ERROR_INVALID_FUNCTION     
    print chr$("Secure Boot=None",13,10)
   
    .elseif eax == ERROR_SUCCESS     
    print chr$("Secure Boot=Enabled",13,10)   
   
    .else
    print chr$("Secure Boot=Disabled",13,10)
   
    .endif

    invoke ExitProcess,0
end start



Vortex

Hello,

I can assemble the code you posted but I am not sure about the parameters passed to the function GetFirmwareEnvironmentVariableA. Did you build it as a console application? You didn't provide information about your issue.

hutch--

Have a read of this URL.

https://docs.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-getfirmwareenvironmentvariablea

It may be useful to you.

peter666

To Vortex:

Yes,i build a console exe.
It can comiple and run.
But it can not show correct result.

peter666

To hutch--:
I know the link.
But i do not know why it can not show correct result.

jj2007

Quote from: hutch-- on February 15, 2020, 10:12:52 PMhttps://docs.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-getfirmwareenvironmentvariablea

Strangely enough, the function doesn't ask for a GUID:
QuoteThe GUID must be a string in the format "{xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}"

Here are some entries I found in various places in the Win7-64 registry (but they all return "incorrect parameter"):
;TheGuid db "8BE4DF61-93CA-11D2-AA0D-00E098032B8C", 0
;TheGuid db "07E46473-9B0B-FFD9-46A9-BC1E96AB6D75", 0
;TheGuid db "01990C8F-27AC-D40C-827B-FDAEB08EB64E", 0
;TheGuid db "07E46473-9B0B-FFD9-46A9-BC1E96AB6D75", 0


However,
Print Str$("SB=%i\n", GetRegVal("HKLM\SYSTEM\ControlSet001\Control\Lsa", "SecureBoot"))
returns SB=1

aw27

#6
Quote
A Simple API get wrong answer

I get SecureBoot disabled, which is what I have.

Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecureBoot\State
UEFISecureBootEnabled = 0

BTW, you need to launch as Administrator and enable the SeSystemEnvironmentPrivilege too, which is disabled by default.

peter666

Quote from: jj2007 on February 15, 2020, 11:35:00 PM

Quote
Print Str$("SB=%i\n", GetRegVal("HKLM\SYSTEM\ControlSet001\Control\Lsa", "SecureBoot"))
returns SB=1


To:jj2007

I use Windows 7 X64 with legacy BIOS ONLY.
This PC use over 10 years.
There is NOT SecureBoot 10 years ago.

But i found the registry

HKLM\SYSTEM\ControlSet001\Control\Lsa -> SecureBoot=1
HKLM\SYSTEM\CurrentControlSet\Control\Lsa -> SecureBoot=1

It seems is WRONG.

peter666

Quote from: AW on February 16, 2020, 02:18:09 AM
Quote

I get SecureBoot disabled, which is what I have.

Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecureBoot\State
UEFISecureBootEnabled = 0

BTW, you need to launch as Administrator and enable the SeSystemEnvironmentPrivilege too, which is disabled by default.

To:AW

Secure Boot State is OFF although it is turned on in UEFI Firmware Settings
https://superuser.com/questions/1027781/secure-boot-state-is-off-although-it-is-turned-on-in-uefi-firmware-settings

The registry is not good.

aw27

I enabled the Secure Boot to see who is right.





Conclusion:
The Registry is good.
Your software is buggy (not much, so I know you will find out where is the problem).