News:

MASM32 SDK Description, downloads and other helpful links
MASM32.com New Forum Link
masmforum WebSite

Could someone help?

Started by FromTheSun, April 01, 2007, 11:09:35 PM

Previous topic - Next topic
Print
Go Down Pages1 2
User actions

FromTheSun

April 01, 2007, 11:09:35 PM
I disassembled a program using IDA. I know that ida isn't designed to give MASM that'll assemble again.. but still.. i get quite a strange error while assembling with MASM32

(small sniped of code ida produced:)

Code Select

; ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ

MSG struc ; (sizeof=0x1C, standard type)
hwnd dd ? ; offset
message dd ?
wParam dd ?
lParam dd ?
time dd ?
pt POINT ?
MSG ends

; ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ

POINT struc ; (sizeof=0x8, standard type)
x dd ?
y dd ?
POINT ends

This obviously gives an error because MSG uses POINT before POINT is defined.

So i decided to change it to:

Code Select

; ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ

POINT struc ; (sizeof=0x8, standard type)
x dd ?
y dd ?
POINT ends

; ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ

MSG struc ; (sizeof=0x1C, standard type)
hwnd dd ? ; offset
message dd ?
wParam dd ?
lParam dd ?
time dd ?
pt POINT ? ; <-- ! line 64 !
MSG ends


But now i get the following weird error messages:
C:\doso\ida.asm(64) : error A2179: structure improperly initialized
C:\doso\da.asm(64) : error A2008: syntax error : in structure

Probably a newb question, but: improperly initialized? Why? To me it seems like it's initialised..

PBrennick

#1
April 02, 2007, 03:36:14 AM
Disassembling and reassembling a program is called RE, so you will get no more help from me but I will answer this 'one' question. Use:

Code Select

pt  POINT <?>


Paul
The GeneSys Project is available from:
The Repository or My crappy website

FromTheSun

#2
April 02, 2007, 10:35:57 AM
Ofcource it is, but why can't i RE my own application? It's good exercise, debugging still makes you learn the language more then any other way since you're actively searching for stuff you didn't knew about before.

But thanks, that'll help :)

Draakie

#3
April 02, 2007, 10:54:52 AM
<PBrennick>
Disassembling and reassembling a program is called RE, so you will get no more help from me....

<FromTheSun>
Ofcource it is, but why can't i RE my own application?

REVERSE ENGINEERING - is in NO way is the same as  DEBUG-ing - two seperate literal concepts.

Besides - it "looks" like you might not "really" be interested in programming in assembler - but
something else....... which generally around here does'nt go down well .....

I disassembled a program using IDA - could be misconstrude as "some-one else's" program



 
Does this code make me look bloated ? (wink)

FromTheSun

#4
April 02, 2007, 11:11:30 AM
I actually am. To see if i can speed things up by using assembly.

Came across a couple more tutorials, but some things just aren't explained, just like the following:

pt      POINT {}
pt      POINT <>
pt      POINT <?> (This one thanks to PBrennick)

Whats the difference between them?

FromTheSun

#5
April 02, 2007, 11:16:13 AM
Besides that, it's debugging ida asm code. Not my own application.

But yes, that's REing my own app. Which i still think is good exercise.

hutch--

#6
April 02, 2007, 11:17:00 AM
This topic has an element of bullsh*t about it.

> Ofcource it is, but why can't i RE my own application?

If you wrote it yourself you would KNOW how a POINT structure worked. It would seem obvious that you don't have the source code for the app so unless you can provide the source code this topic will be closed.
Download site for MASM32      New MASM Forum
https://masm32.com          https://masm32.com/board/index.php

sluggy

#7
April 02, 2007, 11:20:20 AM
Quote from: FromTheSun on April 02, 2007, 11:16:13 AM
But yes, that's REing my own app. Which i still think is good exercise.

The forum rules are there, and they are enforced, we don't care if it is your app or not.

FromTheSun

#8
April 02, 2007, 11:36:17 AM
Quote from: hutch-- on April 02, 2007, 11:17:00 AM
This topic has an element of bullsh*t about it.

> Ofcource it is, but why can't i RE my own application?

If you wrote it yourself you would KNOW how a POINT structure worked. It would seem obvious that you don't have the source code for the app so unless you can provide the source code this topic will be closed.


Well, here's my MFC application: http://www.vstrien.info/ASM/MyApp.rar

And here's the ASM code ida produced: http://www.vstrien.info/ASM/myapp.asm

It's just a normal mfc application, nothing special. Besides that, ofcouce i know how a POINT works in c++, i just don't know asm syntax, that's why i opened this topic.

Draakie

#9
April 02, 2007, 12:25:40 PM
Well - seeing as you are persistent and like looking at dumps - this
should explain it to you => RE : "But yes, that's REing my own app. Which i still think is good exercise"
Just the way you like it then .......

http://faculty.uwstout.edu/johnstonb/ico/chapter10/chapter10.1.shtml

[Just source and dumps - with high-lighting - various combinations - using Masm syntax :P]
Does this code make me look bloated ? (wink)

FromTheSun

#10
April 02, 2007, 12:35:33 PM
Yay, lol :bg

Well yeah, that's exactly what i meant.. Most so called "tutorials" don't handle things like whats the difference of: :(

pt      POINT {}
pt      POINT <>
pt      POINT <?>

http://win32assembly.online.fr/tutorials.html = a nice site too.

But yea, there's nothing bad about looking at dumps :)

lingo

#11
April 02, 2007, 12:43:23 PM
FromTheSun,

Disassembled code is useful because you can learn in details about
other's algorithms but you need to ask Ilfak from Datarescue how to compile the
disassembled code from IDA... :lol
Here you can learn how to create, compile and link your own assembly code and
it is mandatory if you want to understand other's code in the future

FromTheSun

#12
April 02, 2007, 12:50:32 PM
Well, actually the whole idea of using ida was just to make some asm code from my mfc application, and have some asm code to debug. As you see, actually all questions i ask are just about asm syntax i can't find tutorials about that ask my questions. I dont ask anything about how i should reverse engineer someone else's application. I never did.

And yes, i'm quite persistent in learning asm, since i find it interesting to program low level.

Draakie

#13
April 02, 2007, 01:01:40 PM
I thought I'd be less evil and let you have the defacto explanations aswell:

http://maven.smith.edu/~thiebaut/ArtOfAssembly/CH05/CH05-3.html#HEADING3-1

[Last Words] - (RE)VERSE ENGINEERING = BAD TOPIC         
                   - DISASSEMBLY                = THIN-ICE TOPIC
                   - DEBUGGING                   = GOOD TOPIC
Does this code make me look bloated ? (wink)

PBrennick

#14
April 02, 2007, 01:15:24 PM
FromTheSun,

Disassembling an entire program to see how asm works is an exercise in futility. In my opinion, you should take a small part of your program, compile it and then disassemble it. That way you will have a better idea what code is associated with what. You can eventually do the entire project that way. This is just 'my' opinion. I am not well versed in C++, just trying to give helpful advice.

In the future, it would be a good idea for you to explain fully what you are doing so as to avoid people getting the wrong idea. There are people around here who are good at converting C++ to assembly without using the method you are embracing.

Paul
The GeneSys Project is available from:
The Repository or My crappy website
Print
Go Up Pages1 2
User actions