making smallest 32-bit "Hello World" application

[white scorpion]

Hi All,

i'm trying to make a simple "hello world" program as small as possible, currently i'm stuck on 1kb, but i have a lot of empty bytes in it..
how can i get rid of these binary 0's ?

here's the program: http://www.white-scorpion.nl/testjunk/hello.zip

i have no source since i made an empty program in masm:

Code Select Expand


.586
.model flat,stdcall
option casemap:none

.code
start:
mov eax,eax
end start

and started writing my code in it using ollydbg. it has no data section, and the data is in the code section as well (this forced me to make the code section writable).
so now i have a program of 124 bytes of code, but a program of 1024 bytes, how can i get rid of as much as possible from the other 900 bytes? i know i have to have bytes reserved for the PE header and DOS stub, but still i think it should be possible to strip off about  350 bytes of of the code section.

Any ideas?

Thanks in advance!

[Vortex]

Hi white scorpion,

There are some tricks to create very small Win32 executables but the minimum size for an executable is 1024 bytes according to MS.
An example:

Code Select Expand


.386
.model flat, stdcall
option casemap:none
include \masm32\include\windows.inc
include \masm32\include\kernel32.inc
include \masm32\include\user32.inc
includelib \masm32\lib\user32.lib
includelib \masm32\lib\kernel32.lib

.code

MsgCaption      db "Iczelion's tutorial no.2",0
MsgBoxText      db "Win32 Assembly is Great!",0

start:
invoke MessageBox, NULL,addr MsgBoxText, addr MsgCaption, MB_OK
invoke ExitProcess,NULL

END start


Code Select Expand


\masm32\bin\ml /c /coff Msgbox.asm
\masm32\bin\polink /SUBSYSTEM:WINDOWS /MERGE:.data=.text Msgbox.obj
\masm32\bin\polink /SUBSYSTEM:WINDOWS /MERGE:.data=.text /ALIGN:4 /OUT:Msgbox2.exe Msgbox.obj


The first one is 1024 bytes where the second executable is only 680 bytes with the minimum alignment value. You can get even smaller executables with some extra modifications but EXEs under 1024 bytes may not run on every version of Windows.

[attachment deleted by admin]

[pbrennick]

White Scorpion,
Another point to remember is this; even if you could make the file smaller than 1024 bytes, it will still occupy 1024 bytes no matter what size it is.  A data file of 20 bytes, for instance, uses 1024 bytes of storage space because of the way disk writes are handled.  The only time such savings can be realized is in memory.

Paul

[P1]

It's possible to program a .com executable for the smallest bytewise footprint.

Regards,  P1  :8)

[white scorpion]

@vortex > thanks, i never thought of that, i'll go and work it out ;)

@pbrennick > i know, on my system it is even 32kb since i'm using larger sections on my hdd to improve speed with NTFS, but it's just the challenge to make it as small as possible ;)

@P1 > this then wouldn't be a 32-bit app, would it? i know i can make a smaller program using 16-bit assembly, but my challenge (i gave myself) is to make the smallest 32-bit hello world program possible since it would help me improve my understandings of the PE file format in a practical manner...

[hutch--]

Scorpion,

The problem is that the PE spec requires one section of 512 bytes for the MZ and PE header and section headers and at least 1 more for any minimal code and for it to be a legal PE file, it is at the minimum 2 x 512 byte sections. There are enough examples of 1k EXE files so you cannot do it any smaller without making a file that does not properly comform to the PE specifications. Some of them will run on some versions of Windows but unless they properly comform to the specification, there are other versions they will not run on.

I have seen manually coded "PE" files down to a couple of hundred bytes but they sufer the same problem as any of the non standard ones.

[P1]

@P1 > this then wouldn't be a 32-bit app, would it?

As long as M$ permits a .com to execute in a 32bit environment.  It's a 32bit app, when it takes advantage of that environment.

Research your options.  I have battled with 32bit .com files before.

Regards,  P1  :8)

[Relvinian]

IMHO, I don't see why making an "hello word" program which takes 1k (for .exe size) is something to try and "achieve".  You are still loading the .DLL runtime (kernel32, etc) which take upwards of 512k to 1meg of MEMORY for just a little app that does nothing.

In my view, why create code size that is SO small when in reality, you want code which runs FAST.  So what if it takes a few K more to run .

Just my opinion.

Relvinian

[white scorpion]

Scorpion,

The problem is that the PE spec requires one section of 512 bytes for the MZ and PE header and section headers and at least 1 more for any minimal code and for it to be a legal PE file, it is at the minimum 2 x 512 byte sections. There are enough examples of 1k EXE files so you cannot do it any smaller without making a file that does not properly comform to the PE specifications. Some of them will run on some versions of Windows but unless they properly comform to the specification, there are other versions they will not run on.

I have seen manually coded "PE" files down to a couple of hundred bytes but they sufer the same problem as any of the non standard ones.

this is more like i meant, i know i should have 1kb minimum, but i think stripping a piece of the dos stub should be possible as well. all i want is that it still can be executed, i don't care about other windows versions since i wouldn't ever going to distribute it (who cares about such a program?).

As long as M$ permits a .com to execute in a 32bit environment.  It's a 32bit app, when it takes advantage of that environment.

Research your options.  I have battled with 32bit .com files before.

Regards,  P1 

i never knew this, i was under the impression that the .com files were run under the dos-emulator instead of running under a true 32-bit environment... i will do some research about this..

@Relvinian> who cares if you can write a very fast hello world program? i know speed most of the time is most important, but sometimes it isn't, and in this case, like stated before, i just want to do this to learn more about the PE format in a practical manner. this means stripping off as many as possible but still being able to run the program. i don't care if this program would use about 5mb of memory, all i care atm is the size on disk.

like i said, it is not something what would really help me improve my programming skills, but it does improve my understanding on what is really necessary and what isn't really necessary in a PE file.
eventually i will try to learn to write a program in a hexeditor, without having to use any assembler anymore, but this will take a lot of time since i would have to memorize all opcodes and their hexvalues....

[P1]

IMHO, I don't see why making an "hello word" program which takes 1k (for .exe size) is something to try and "achieve".  You are still loading the .DLL runtime (kernel32, etc) which take upwards of 512k to 1meg of MEMORY for just a little app that does nothing.

That's why it become prudent to ask why, when you can not figure out why.  Size does matter in an e-mail attachment encoded and mass mailed. 

Regards,  P1  :8)

[white scorpion]

That's why it become prudent to ask why, when you can not figure out why.  Size does matter in an e-mail attachment encoded and mass mailed.

Regards,  P1  Cool

well thats certainly true, but that surely isn't my intention :lol:

like i said, i love challenges, and for me this is a challenge... just as writing a program from scratch using a hexeditor is a challenge, but this might take a while to achieve ;)

[Wodan58]

Hi white scorpion,

I got a Win32 MessageBox in 232 bytes: http://members.home.nl/ruurd.wiersma/ under Assembler.
The trick is to compress the file. Uncompressed size = 576 bytes, compressed size = 116 bytes.
I needed to store an uncompressor in front, size = 116 bytes, for a total of 232 bytes.
The uncompressor makes a temporary file, but performance was not an issue, right?
As to the usefulness of this project: I learned a lot about the PE format and about assembler.

[mariø]

there is a 32bytes version:
Start-->Execute:

Code Select Expand

rundll32 User32,MessageBox HELLO :bg

[Vortex]

there is a 32bytes version:
Start-->Execute:

Code Select Expand

rundll32 User32,MessageBox HELLO :bg

:P
Even more smaller : save the code below as small.vbs , only 21 bytes :

Code Select Expand


Msgbox "Hello"


[Bieb]

Hehe, VBscript.  I don't think that counts.