CreateThread Adding ADDR's

AgentSmithers · June 29, 2009, 03:28:45 AM

    invoke CreateThread,0,NULL,eax,ADDR NumberOfThreads,NORMAL_PRIORITY_CLASS,ADDR [ThreadHandleArray] + i - ECX ;Invoke Uses EAX, ECX, EDX

Im trying to pass the thread ID to a DWORD array to store it later to close then handle.... Whats the Proper way to do this in the end?

In this case i and ECX are both = 10

dedndave · June 29, 2009, 03:43:23 AM

looks like a virus to me

AgentSmithers · June 29, 2009, 04:07:07 AM

You gotta be kidding me.

disintx · June 29, 2009, 05:51:19 AM

Quote from: AgentSmithers on June 29, 2009, 03:28:45 AM
Code Select Expand
invoke CreateThread,0,NULL,eax,ADDR NumberOfThreads,NORMAL_PRIORITY_CLASS,ADDR [ThreadHandleArray] + i - ECX ;Invoke Uses EAX, ECX, EDX

Im trying to pass the thread ID to a DWORD array to store it later to close then handle.... Whats the Proper way to do this in the end?

In this case i and ECX are both = 10

I'm hoping "i" is a local variable ??
I wouldn't bother using invoke (I never do, really)

Code Select

sub i, ecx
push offset [ThreadHandleArray+i]
push NORMAL_PRIORITY_CLASS
push offset NumberOfThreads
push eax
push NULL
push 0
call CreateThread

Don't really know the context of your code, but this is pretty much the same as you have above just not in INVOKE form.
I also don't really know what you mean by a DWORD array. I'm not an expert though but I hope I'm helping a bit.

AgentSmithers · June 29, 2009, 06:42:08 AM

Thanks ALOT!

I endded up writting this =(

Code Select


CreateThreadLoop:
    
    mov  esi, OFFSET ThreadHandleArray
    mov  eax, NumberOfTothoThreads
    mov  edx, 4
    mul  edx

    mov ebx, edx ;Move ThreadHandleArray + NumberOfTothoThreads*4
    
    mov eax, ecx
    mov edx, 4
    mul edx

    add esi, ebx
    sub esi, eax

    push ecx
    mov  eax,OFFSET ThreadProcOne
    invoke CreateThread, 0, NULL, EAX, ADDR i, NORMAL_PRIORITY_CLASS, ESI ;Invoke Uses EAX, ECX, EDX
    invoke CloseHandle,eax 
    pop ecx
loop CreateThreadLoop

Im learning :bdg

When I use call is EAX, ECX, EDX reserved? im guessing not due to it using STDCALL

Whats the difference between the ThreadID and the Handle, Just another way to Id the instance of it I guess? Used for Different APIS?

disintx · June 29, 2009, 07:33:58 AM

Quote from: AgentSmithers on June 29, 2009, 06:42:08 AM
Thanks ALOT!

I endded up writting this =(

Code Select Expand
CreateThreadLoop: mov esi, OFFSET ThreadHandleArray mov eax, NumberOfTothoThreads mov edx, 4 mul edx mov ebx, edx ;Move ThreadHandleArray + NumberOfTothoThreads*4 mov eax, ecx mov edx, 4 mul edx add esi, ebx sub esi, eax push ecx mov eax,OFFSET ThreadProcOne invoke CreateThread, 0, NULL, EAX, ADDR i, NORMAL_PRIORITY_CLASS, ESI ;Invoke Uses EAX, ECX, EDX invoke CloseHandle,eax pop ecx loop CreateThreadLoop

Im learning :bdg

The fact that you are trying and actively trying to learn is great.

QuoteWhen I use call is EAX, ECX, EDX reserved? im guessing not due to it using STDCALL
Whats the difference between the ThreadID and the Handle, Just another way to Id the instance of it I guess? Used for Different APIS?

Well, in stdcall I believe eax, ecx, and edx are designated for use within the function so if you need them make sure to save otherwise they are trashed. eax is always where the return value is stored.
As for the difference, the handle is just a "pointer" to an object, and the ThreadID is just a pointer to a thread identifier.
I think someone more experienced will be able to say more, or at least say it in the correct way.

AgentSmithers · June 29, 2009, 07:45:09 AM

Thanks =)

News:

CreateThread Adding ADDR's

AgentSmithers

dedndave

AgentSmithers

disintx

AgentSmithers

disintx

AgentSmithers