I can't determine why this isn't working. EAX shows 000000 for the comparison.
Thanks.
.data
sec BYTE "Wie Viel",0 ; [Section]
key BYTE "Nummer",0 ; weights=5
value BYTE 0E9h,00h ; Null term string Alt 233,234 0E9h 0EAh
file BYTE "win1.ini",0
valueOK BYTE "Value is OK.",0
Sample BYTE "Box",0
.code
start:
fn WritePrivateProfileString, Offset sec, ADDR key, ADDR value, ADDR file
fn GetPrivateProfileInt,Offset sec,ADDR key,0,ADDR file
.if EAX==0E9h ;Show a message if stored value is OK
Go back and study the API reference please.
Here is your hint:
An application can use the GetProfileInt function to retrieve an integer value from the WIN.INI file.
Regards, P1 :8)
Quote from: P1 on April 13, 2006, 06:55:23 PM
Go back and study the API reference please.
Here is your hint:
An application can use the GetProfileInt function to retrieve an integer value from the WIN.INI file.
Regards, P1 :8)
I am not writing to win.ini, but I'll go back and read it again.
Your "value" isn't a correct decimal number represented in string...
I guess that would be correct
value BYTE 32h,33h,34h,35h,36h,37h,38h,39h,0
value BYTE "23456789",0
...
.if eax==23456789
Hint #2:
QuoteReturn Value
If the function succeeds, the return value is the integer equivalent of the string following the specified key name in the specified initialization file. If the key is not found, the return value is the specified default value. If the value of the key is less than zero, the return value is zero.
Hint #3:
Quote[Wie Viel]
Nummer=é
What integer number is é or E9h as a string ?
Have you figured out why, you got the return value you got yet?
And your German needs a little help too. Or should I ask "Wie Viel" of your German needs help?
Regards, P1 :8)
Quote from: P1 on April 13, 2006, 10:21:57 PM
Hint #2:
QuoteReturn Value
If the function succeeds, the return value is the integer equivalent of the string following the specified key name in the specified initialization file. If the key is not found, the return value is the specified default value. If the value of the key is less than zero, the return value is zero.
Hint #3:
Quote[Wie Viel]
Nummer=é
What integer number is é or E9h as a string ?
Have you figured out why, you got the return value you got yet?
And your German needs a little help too. Or should I ask "Wie Viel" of your German needs help?
Regards, P1 :8)
Points to the null-terminated string containing the key name whose value is to be retrieved.
String is different from integer.
Quote from: ramguru on April 13, 2006, 10:19:54 PM
Your "value" isn't a correct decimal number represented in string...
I guess that would be correct
value BYTE 32h,33h,34h,35h,36h,37h,38h,39h,0
value BYTE "23456789",0
...
.if eax==23456789
See post I made to P1.
Quote from: skywalker on April 14, 2006, 03:23:38 AMSee post I made to P1.
Just have just rejected the advise of two experienced Assembly programmers saying the same thing. What makes you think you are right ??? Does your code work yet ???
You are rapidly running out of people who will help you, when you will not help yourself. Even worst, reject the very help you need.
Hint #4:
We have already fixed your problem, but I will not give you the code, because you have not proven to have learned from being given code from other problems.
Hint #5:
You got a zero from your code, because it could not give you a number, so you got the default back.
You have a serious problem with data types and I recommend a different language that will beep the expletives out for you when it wants to correct you.
Regards, P1 :8)
Hint #6:
They don't call it Machine Language for nothing. You need to think like the Machine, otherwise just like a foriegn language to you.
Regards, P1 :8)
Quote from: P1 on April 14, 2006, 02:16:27 PM
Quote from: skywalker on April 14, 2006, 03:23:38 AMSee post I made to P1.
Just have just rejected the advise of two experienced Assembly programmers saying the same thing. What makes you think you are right ??? Does your code work yet ???
You are rapidly running out of people who will help you, when you will not help yourself. Even worst, reject the very help you need.
Hint #4:
We have already fixed your problem, but I will not give you the code, because you have not proven to have learned from being given code from other problems.
Hint #5:
You got a zero from your code, because it could not give you a number, so you got the default back.
You have a serious problem with data types and I recommend a different language that will beep the expletives out for you when it wants to correct you.
Regards, P1 :8)
Quote from: P1
Go back and study the API reference please.
Here is your hint:
An application can use the GetProfileInt function to retrieve an integer value from the WIN.INI file.
Regards, P1 :8)
Let's see the help you gave me above.
#1. My code clearly showed I wasn't writing to win.ini
#2. GetProfileInt would not work with my code
I have no problem studying and understanding the API reference.
I don't reject any help as long as it's done with respect.
Quote from: P1 on April 14, 2006, 02:16:27 PMYou have a serious problem with data types ...
What part of this, do you not understand ?
As long as you do not understand data types, what we say or give you will be meaningless. You have been unable to spot your error because of this.
When you fix the data type error in your code, that is when it will work.
I read the API reference of what you were using, I realized the mistake you made. Made a test program to, test what I thought was your problem and confirmed it. Then a second programmer gave you the code example to fix your problem and you dismissed him off as quickly you dismissed me.
Quote from: skywalker on April 14, 2006, 02:53:56 PMI have no problem studying and understanding the API reference.
Hint#7:
In the API reference, there is a data type conversion happening. And you are missing it !!!
Regards, P1 :8)
Hint #8:
Look at Hint #3 and ask yourself, if that looks like your code output ???
Regards, P1 :8)
Quote from: skywalker on April 14, 2006, 02:53:56 PMI don't reject any help as long as it's done with respect.
Is this why, all these people helping you right now ??? Because of your respect of the help we are trying to give you ???
Most people on this board, already know the answer to your problem. Help me out folks, read the whole post and some others maybe. Is it Me or Him ???
Regards, P1 :8)
Quote from: skywalker on April 14, 2006, 02:53:56 PM
#1. My code clearly showed I wasn't writing to win.ini
And who said I was talking about that?
DATA TYPESQuote from: skywalker on April 14, 2006, 02:53:56 PM
#2. GetProfileInt would not work with my code
GIGO,
DATA TYPESI will not give you the code. I will only give you pointers.
Now, if you really need help with Data Types, I reccommend that you go through Randy Hyde's The Art of Assembly Language Programming (AoA).
Seriously, consider hiring a assembly programmer for your software. Or change to another language.
Regards, P1 :8)
I've made numerous posts about GetPrivateProfileString in the past and even wrote a multi-line version to fix a "bug" present in its inherent design. Doing a simple site search would have yielded my complete examples, plus 4 other threads on how this API is used. Did you search for GetPrivateProfileString??? :dazzled:
And I know you've read my posts asking other newcomers to read MASM32.HLP, HLHELP.HLP, MASMLIB.HLP, and ASMINTRO.HLP. Have you? Because they all contain
KEY INFORMATION required to program in assembly language.
Quote from: Skywalker
I'll keep posting more. There are still plenty here who keep a positive learning attitude. :-)
Yeah, feign indifference... but truth is, nobody is going to keep handing you all the answers Andy, and worse they are starting to dislike you for pestering them, ignoring their hard-earned advice, and quoting every post! See this link (http://dictionary.reference.com/search?q=rude) for a word discribing these actions.
Please, either try to figure out the answers yourself first (by try I mean spend at least a
week on it, then ask one question and be kind about any response you get!) or as P1 says, switch to another language. Assembler is NOT an easy language, and is not user-friendly at all. It very well might be more suited for you to learn something like VB or .NET. An employer is not going to hire you unless you have 20 years or more of assembly programming experience, and since you're interested in cryptography of hidden registry keys and posting links about PE hacking programs and whatnot, I think you're into this for the wrong reasons anyways.
Regards,
Mark
Hi Andy,
The private profile (INI) functions are exceedingly easy to use and you should be able to muddle through the api documentation and figure this out yourself but if you're incapable of deciphering this information then perhaps try coding your app in another language as assembler is very unforgiving. Once you have coded the application in say C, then examine it and determine how you might translate it into assembler, for this you can use a disassembler or debugger, Olly is a great tool to look at the actual assembly code.
Beyond that, you are very welcome to email me with your question but I will not participate in long drawn out discussions about this, it is a simple issue and I will probably just return your corrected example code and not discuss it further. Obviously, if you do not supply me with the non-functional source and an exectuable I will not respond to any queries at all, you have to prove that you have at least tried to accomplish something before I will consider helping you. And by the way, some sloppily thrown together code or any code polluted by macros like "fn" will only result in a deleted email and no response, I don't use or waste my time finding macros or bother to read sloppy code. So any code you send must be self contained and use only functions intrinsic to MASM, none of that MASM32 crap.
As a tip, don't quote posts over and over, it is annoying and you are simply pissing people off, those people are extremely knowledgable and you are questioning their advise where they are completely correct. Until you have a better understanding of what youu're talking about you should accept the advise given here at face value. I have a great deal of respect for P1 and have found him to be overly patient in this thread, you have done nothing except goad him on and have done your best to alienate him. Your understanding level of what he is trying to tell you is lacking and you do not seem willing to research anything at all, just deride him for not explaining every last little detail. This board is not a programming course, it is meant to supply answers to questions and assumes that you are competant and have the background to understand them. Comments like "I'll keep posting more. There are still plenty here who keep a positive learning attitude. :-)" are inflamatory in nature and in my opinion rude and spiteful to those who are trying to help you, and don't be fooled, there are not many in the assembler community who will even consider answering your posts anymore. You have managed to make quite a few "gurus" ingore you and stay away from your questions, don't piss off the few that are left.
Edgar
Quote from: Mark Jones on April 14, 2006, 04:42:47 PM
I've made numerous posts about GetPrivateProfileString in the past and even wrote a multi-line version to fix a "bug" present in its inherent design. Doing a simple site search would have yielded my complete examples, plus 4 other threads on how this API is used. Did you search for GetPrivateProfileString??? :dazzled:
Yes, I did search. Nothing in there about using extended ASCII charcters which I have now determined can not
be done with that API.
And I know you've read my posts asking other newcomers to read MASM32.HLP, HLHELP.HLP, MASMLIB.HLP, and ASMINTRO.HLP. Have you? Because they all contain KEY INFORMATION required to program in assembly language.
Again, I have read those several times.
Quote from: Skywalker
I'll keep posting more. There are still plenty here who keep a positive learning attitude. :-)
Yeah, feign indifference... but truth is, nobody is going to keep handing you all the answers Andy, and worse they are starting to dislike you for pestering them, ignoring their hard-earned advice, and quoting every post! See this link (http://dictionary.reference.com/search?q=rude) for a word discribing these actions.
I am working hard and studying, so if someone thinks like you feel, they have the option of not answering.
Please, either try to figure out the answers yourself first (by try I mean spend at least a week on it, then ask one question and be kind about any response you get!) or as P1 says, switch to another language. Assembler is NOT an easy language, and is not user-friendly at all. It very well might be more suited for you to learn something like VB or .NET. An employer is not going to hire you unless you have 20 years or more of assembly programming experience, and since you're interested in cryptography of hidden registry keys and posting links about PE hacking programs and whatnot, I think you're into this for the wrong reasons anyways.
Regards,
Mark
Mark, I think you are thinking the worst.
There is nothing wrong with protecting code. No hacking code has ever been posted by me and never will. PEID is a hacking code, thus anti-PEID code is a good thing.
Have a good day,
Andy
Hi Andy,
You obviously have a problem, you have been asked many times not to f*cking quote whole posts, the post you were replying to is directly above your post, do you think that we are incapable of scrolling ????
Edgar
Just for the record, the "Reply" button ( at the bottom of the thread ) is how you start the next entry for this thread.
"Quote" button is for including PART of the post in question for clarity or emphases. Not intended to include a whole post or start another reply with a complete previous post in it. It is your responsibility to edit out the material that does not apply to the point you are making/repling to.
If this is confusing, just always use "Reply" button at the bottom of the thread. Then insert the quote ( Using the ballon dialog button ) in the Reply screen, then cut and pasting what you want into the "["quote"]["/quote"]" pair.
Regards, P1 :8)
Thanks,
Your answers are concise and without the extra 'Festus" dialogue. (Gunsmoke)
"I am a chemist, and sometimes I leave my glass on top of my car."
Hope U had a good Easter.
I'll bring this one up again... should be made sticky as a bad example...
Hi skywalker,
your main mistake explained for you in a nutshell.
If I wrote a function that parses numbers from a string (i.e. GetPrivateProfileInt) I would in the first step assume that the string contains numbers from the decimal system (base 10) which means that the string must consist of the characters "0123456789".
Now tell me to which number system the character "é" belongs. Which base will that number system have? Is it lysergdecimal?
That was the first point, now on to the bigger one.
If the pros in here give you advice, you would better start thinking instead of complaining.
Maybe you shouldn't use the force or whatever but your brain.
Here is some interesting link on how to behave in usegroups:
http://www.catb.org/~esr/faqs/smart-questions.html
The same again, but in german:
http://www.lugbz.org/documents/smart-questions_de.html
Kind regards from germany
Jens
Quote from: mnemonic on April 18, 2006, 07:57:00 AM
I'll bring this one up again... should be made sticky as a bad example...
Hi skywalker,
your main mistake explained for you in a nutshell.
If I wrote a function that parses numbers from a string (i.e. GetPrivateProfileInt) I would in the first step assume that the string contains numbers from the decimal system (base 10) which means that the string must consist of the characters "0123456789".
Now tell me to which number system the character "é" belongs. Which base will that number system have? Is it lysergdecimal?
My string contained extended ASCII characters and that is simply what I would like to store. That is what I am asking help for. Hopefully you understand what I am looking for.
Quote from: skywalker on April 18, 2006, 02:49:18 PMMy string contained extended ASCII characters and that is simply what I would like to store. That is what I am asking help for. Hopefully you understand what I am looking for.
Hint #9:
What is the difference between GetPrivateProfileInt and GetPrivateProfileString ??? Look at what DATA TYPES, these are handling !!!
Regards, P1
Thanks.
I didn't even know there was a GetPrivateProfileString. String function is what I need.
skywalker,
If you read my first response to this thread. It should jump out at you, that you did indeed picked the wrong API based on data type you were trying to use. You see, it was not about the win.ini after all.
Regards, P1 :8)
My buffer is filling with the correct character, but
this is returning 3Ch in ax. Do I have to have the buffer in the code segment ?
[code}
StrBuf db 16 dup(0)
; returns only number of characters in string
; |
fn GetPrivateProfileString,Offset sec,ADDR key,0,ADDR StrBuf,SIZEOF StrBuf,ADDR file
xor bx,bx
xor ax,ax
lea bx,StrBuf[0] ;point to 1st character in the buffer
mov al,bl
cmp al,0E9h
One of the APIs you did mention on an older post did only write to win.ini. The functions with Private in them, allow you to access any file.
uselea ebx, StrBuf
movzx eax, BYTE PTR [ebx]
cmp eax, 0E9h
insteadxor bx, bx
xor ax, ax
lea bx, StrBuf[0]
mov al, bl
cmp al, 0E9h
Other way :xor eax, eax
lea esi, StrBuf
lodsb
cmp eax, 0E9h
Take attention about most often using full 32-bits-wide registers in 32 bit asm (not "ax", "bx", but "eax", "ebx"), particulary if you are addressing. If you forgot about, processor doesn't think by you... ;)
This is 32bit API/code folks, why are you using 16bit registers ???
Fix the code you have for 32bit pointers.
Regards, P1 :8)
Thanks, Light-I.
I was using 16 regs because I didn't need the full 32 bit regs for my app. I'll use 32 bit regs from now on.
I am confused about the Reply button. This there is only one button for everything on the screen, how do I know
for sure who I am responding to.
Thanks.
Quote from: skywalkerI was using 16 regs because I didn't need the full 32 bit regs for my app.
But processor reads whole 32-bit addres regardless if you change 8, 16 or 32 bits a while ago, or not. 32 bit is for full control... ;)
Quote from: skywalkerI'll use 32 bit regs from now on.
Not always nessesary, but if you are not exactly sure what's going, this should be best way.
Quote from: skywalkerI am confused about the Reply button. This there is only one button for everything on the screen, how do I know
for sure who I am responding to.
Does it really matter ? Your reply appears as last... Of corse IMHO borderline between last reply and "Reply", "Notify" and "Print" buttons is to tiny... ;)
Quotation (
[quote="Quoted person"]Few words[/quote]) can be some kind of singification that you reply to current words, not person... ;)
If you want reply to person, just send private/personal message... ;)
"Too many programmers, spoil the code."
Light-I, I suggest you read all of skywalker's posts.
And by means, Light-I, feel free to help.
Regards, P1 :8)
Final version
[attachment deleted by admin]
Consider either clearing whole eax register before a dword wise compare using a byte ( Like xor eax,eax ). There might be left overs, that would cause your logic to fail.
- OR -
Perform the comparasion with just the al register, if all your inspecting is one byte. ( in your .if statement. )
Regards, P1 :8)
Well, well. It assembles and it works!
Paul
Thanks P1.
Paul,
I try to upload stuff that I know works.(At least till I start changing it up again)
Question 1
REG_BINARY
When it says binary data in any form, what does that specifically entail.
(as opposed to REG_SZ used for strings)
Question 2
How can I automate this to check for multiple characters. I tried inc esi.
lea esi, szBigBuffer[0] ;look at 1st character in buffer for a match
lodsb
.if EAX==31h ; the '1' character
lodsb automaticaly changes esi regard of direction flag (switches inc/dec) from Status Register. Don't you read /masm32/help/opcodes.hlp ?
It is a mystery. Join the club.