News:

MASM32 SDK Description, downloads and other helpful links
MASM32.com New Forum Link
masmforum WebSite

Problem with binary progging

Started by thomasantony, April 03, 2005, 02:46:09 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

thomasantony

April 03, 2005, 02:46:09 PM Last Edit: April 05, 2005, 03:31:21 PM by thomasantony
Hi,
  I am wokring on making small program using a hex editor only to learn more about the PE format. So I made an ExitProcess proggy and a messagebox proggy that worked well. Now I am working on a window. AFAIK it is working Ok. but it keeps crashing. with Olly dbg I found it was crashing on CreateWindowEx  :snooty:

Thomas Antony ::)

[attachment deleted by admin]
There are 10 types of people in the world. Those who understand binary and those who don't.


Programmer's Directory. Submit for free

pbrennick

#1
April 03, 2005, 02:50:06 PM Last Edit: April 03, 2005, 05:39:28 PM by pbrennick
Gee, I am sorry to hear that, hope you can work it out.  Are you asking a question or just chewing the fat?  Show us what is stumping you and we might be able to help.

Paul

sluggy

#2
April 03, 2005, 10:51:26 PM
For a start, i would check 3 things:

- run your exe thru a disassembler, to make sure that what you think is there is actually there. You may have used an incorrect opcode, etc.

- are you using a window class name or an atom for lpClassName? Having either wring will cause a crash.

- make sure your data is aligned, easy to get out of alignment when you are hand coding the hex.


You could also add a call to GetLastError or add some SEH, of course you will have to do that the hardcore way as well :)

thomasantony

#3
April 04, 2005, 05:27:58 AM Last Edit: April 05, 2005, 03:30:03 PM by thomasantony
Uh, I was stupid to forget to post the attachment. Anyway I solved the problem. I was filling the wrong members of WNDCLASSEX and there was some problems with the jump table and API calls. I have also made my own 60h byte DOS stub. THe file is attached.

Thomas

[attachment deleted by admin]
There are 10 types of people in the world. Those who understand binary and those who don't.


Programmer's Directory. Submit for free

hutch--

#4
April 04, 2005, 08:34:20 AM
Thomas,

I downloaded the file and tried it but it does not run on my win2k sp4. What is it supposed to do ?
Download site for MASM32      New MASM Forum
https://masm32.com          https://masm32.com/board/index.php

hitchhikr

#5
April 04, 2005, 11:49:45 AM
It just displays a window.

Replace the bytes at 0x2b6 (0xff 0x75 0x04) with 0x6a 0x0a 0x90 and the window will be displayed.

pbrennick

#6
April 04, 2005, 12:34:17 PM
It does not run on XP HE, either.  However, it does run on ME.

Paul

hitchhikr

#7
April 04, 2005, 01:06:08 PM
Once patched it runs under xp sp1.

thomasantony

#8
April 05, 2005, 06:08:32 AM
Hi,
  Thnx for testing. BTW I use Win98SE. So I made such that it works on that. What did you patch hitch? Isn't the PE format a standard?

Thomas
There are 10 types of people in the world. Those who understand binary and those who don't.


Programmer's Directory. Submit for free

hitchhikr

#9
April 05, 2005, 06:27:56 AM
The nCmdShow value passed to ShowWindow was wrong and newer windows are obviously not as forgiving as the older ones.

thomasantony

#10
April 05, 2005, 03:29:26 PM
Oops,
    I didn't pass the value to Wndproc and tried to use the parameter but even that was wrong I used [ebp+4] instead of [ebp+14]. The new one is in the first post

Thomas
There are 10 types of people in the world. Those who understand binary and those who don't.


Programmer's Directory. Submit for free
Print
Go Up Pages1
User actions