I was wondering if anyone knew of a place I could find an example that demonstrates how to generate a randomized string in masm32... I can't seem to figure it out I been trying somthing like this my random number method uses a variable like random_number, and generates a randomized number after that I try to use a strcpy to copy it to string and strcat to append to that string.. but its not working.... basically im trying to make the db random string become a random string of 2 characters..

a small idea:


.data?
random_number dd ?
nLower dd ?
nUpper dd ?
ch dd ?
random_string db ?

StrLen PROC SRC:DWORD
mov ecx,-1
mov edi,SRC
mov al,0
repnz scasb
mov eax,ecx
not eax
dec eax
ret
StrLen ENDP

StrCpy proc SRC:LPSTR,DST:LPSTR
INVOKE StrLen,SRC
add eax,2
mov ecx,eax
mov esi,SRC
mov edi,DST
rep movsb
ret
StrCpy endp

StrCat proc S1:DWORD,S2:DWORD
INVOKE StrLen,S2
add eax,2
push eax
INVOKE StrLen,S1
mov edi,S1
add edi,eax
mov esi,S2
pop ecx
rep movsb
ret
StrCat endp

iRand proc uses ecx edx first:DWORD, second:DWORD
invoke GetTickCount
mov ecx, 23
mul ecx
add eax, 7
mov ecx, second
sub ecx, first
inc ecx
xor edx, edx
div ecx
add edx, first
mov eax, edx
ret
iRand endp
// random string code...
mov nLower, 0
mov nUpper, 255
invoke iRand, nFirst, nSecond
mov ch, eax
invoke StrCpy,offset random_string, offset ch
// call random again then use strcat... ect
Posted on 2004-01-21 00:57:04 by DevSpartacus
When you use the term string, do you accept non-ascii characters?
Posted on 2004-01-21 01:10:51 by roticv
Well really ima be using this for a thing that modifys the PE file header section names.. so whatever is acceptable there probably not system characters :)
Posted on 2004-01-21 01:36:42 by DevSpartacus
Hi DevSpartacus,

About the string manipulation functions, why don't you use the optimized functions coming with Hutch's masm32 library?
Posted on 2004-01-21 05:09:26 by Vortex
try:


irand:
rdstc
xor eax, edx
mov ecx, 23
mul ecx
add eax, 7
mov ecx, 256; upperlimit = 255
;sub ecx, first ;lower limit = 0
xor edx, edx
div ecx
add edx, 255
xchg eax, edx
retn

..
mov esi, offset buffer
mov ebx, lengthofstringtogenerate
@@:
call irand
mov [esi], al
inc esi
dec ebx
jnz @B

Note: Code untested.
Posted on 2004-01-21 06:06:52 by roticv
rdtsc probably isn't the best for this - on some processors, the n lower bits can be static. Can't remember where I saw this, but it was probably on sandpile.org forums.
Posted on 2004-01-21 08:40:50 by f0dder
Posted on 2004-01-21 17:02:31 by bitRAKE

Hi DevSpartacus,

About the string manipulation functions, why don't you use the optimized functions coming with Hutch's masm32 library?


I don't know what they are or how to use them... exactly.

But I wish i knew how to get this to work because it wont let me use dd but it lets me use db :)
Posted on 2004-01-21 18:58:04 by DevSpartacus
I don't see that you are converting a number to a string.
StrCpy will not convert binary to text form.

Section names are restricted to 8 characters of text, and they are null padded.

I believe there is a dwtoa function in the MASM32 library that will do what you want. Be careful, a 32-bit dword can be as long as ten digits in decimal form.
Posted on 2004-01-21 19:33:26 by tenkey

Section names are restricted to 8 characters of text, and they are null padded.



wrong,8 chars max, does NOT have to be null padded, and doesnt have to be 'text' either
Posted on 2004-01-21 19:37:36 by evlncrn8
Ok, so they don't need to be. It's just the convention, which makes it readable in a formatted dump.

In which case, StrCpy should not be used at all, as it will stop copying at the first zero byte, or worse, won't stop copying until the first zero byte.

----

Didn't notice it before, but there is only room for 1 byte for random_string. Depending on what other data follows it, there may or may not be room for more.
Posted on 2004-01-21 19:46:13 by tenkey
I use random strings to generate passwords. I am currenty using a Mersenne Twister to generate valid characters (0-9 & A-Z) This is the routine I use, pass the pointer to a buffer and the number of characters you need.

Output
Line 43: String = 0I1I8KG6I3
Line 43: String = FDWVQHC0XU
Line 43: String = 6Y1QDHN7U4
Line 43: String = ECEJ2RJ458
Line 43: String = QE8H5KOB8B
Line 43: String = 1FN67S7QR2
Line 43: String = KN08K5UEO2
Line 43: String = 6M3I1C3LOX
Line 43: String = W5M20BIXDK
Line 43: String = 0J8N01OROU
Line 43: String = BXOFBPX4XW
Line 43: String = 1REYBXYCY2
.CONST


N equ 624
M equ 397
MN4 equ -908
TEMPERING_MASK_B equ 9d2c5680h
TEMPERING_MASK_C equ 0efc60000h
UM equ 80000000h
LM equ 7fffffffh
.DATA
hInst DD 0

MTI dd (N+1)
MC dd 69069
MATRIX dd 0
dd 9908b0dfh
MT dd 2496 dup (?)

.CODE

GenPassword FRAME pString,nChars
pushad
rdtsc
push eax
call Randomize

mov edi,[pString]
xor ecx,ecx
jmp >L4
L1:
push ecx
push edi
L2:
push 43
call RandM
cmp eax,11h
jge >L3
cmp eax,09h
jle >L3
jmp <L2
L3:
pop edi
pop ecx
add eax,30h
mov [edi+ecx],al
inc ecx
L4:
cmp ecx,[nChars]
jl <L1
popad
RET
ENDF

Randomize FRAME Seed
lea edi,MT
mov eax,[Seed]
mov [edi],eax
mov ecx,N
add edi,4
:
mul D[MC]
stosd
dec ecx
jnz <
mov D[MTI],N
ret
ENDF

RandM FRAME limit
push 0
lea edi,MT
cmp D[MTI],N
jb >>L1
cmp D[MTI],N+1
jnz >L2
rdtsc
push eax ; Generate a new seed
call Randomize
L2:
mov esi,edi
L3:
mov eax,[esi]
and eax,UM
mov ebx,[esi+4]
and ebx,LM
or eax,ebx
mov ecx,eax
shr eax,1

mov edx,esi
add edx,(M*4)
mov ebx,[edx]
xor eax,ebx
and ecx,1
xor eax,[MATRIX+ecx*4]
mov [esi],eax
add esi,4
inc D[esp]
cmp D[esp],(N-M)
jnz <L3
L4:
mov eax,[esi]
and eax,UM
mov ebx,[esi+4]
and ebx,LM
or eax,ebx
mov ecx,eax
shr eax,1
mov edx,esi
add edx,MN4
mov ebx,[edx]
xor eax,ebx
and ecx,1
xor eax,[MATRIX+ecx*4]
mov [esi],eax
add esi,4
inc D[esp]
cmp D[esp],(N-1)
jnz <L4
mov edx,edi
add edx,(M-1)*4
mov ebx,[edx]
xor eax,ebx
and ecx,1
xor eax,[MATRIX+ecx*4]
mov [esi],eax
mov D[MTI],0
L1:
mov esi,edi
mov eax,[MTI]
inc D[MTI]
shl eax,2
add esi,eax
mov eax,[esi]
mov ebx,eax
shr eax,11
xor ebx,eax
mov eax,ebx
shl eax,7
and eax,TEMPERING_MASK_B
xor ebx,eax
mov eax,ebx
shl eax,15
and eax,TEMPERING_MASK_C
xor ebx,eax
mov eax,ebx
shr eax,18
xor eax,ebx
xor edx,edx
div D[limit]
mov eax,edx
pop ebx
ret
ENDF
Posted on 2004-01-21 19:56:13 by donkey
Wow nice.
Posted on 2004-01-21 21:02:02 by DevSpartacus
As for section names: it's generally a good idea to leave .rsrc alone.
Posted on 2004-01-22 03:12:13 by f0dder
Speaking of Mersenne, I used Mersenne B in my particle demo, and I noticed that it has some issues in terms of distribution which I would NEVER have noticed had the application not been visual in nature... the particles tended towards the axes even though I used a fairly elaborate mechanism to calculate their initial velocity in 3D, which leads me to believe that it's best to marry its output to another psuedorandom generator, or even have several of them which pseudorandomly marry to each other... any thoughts?
Posted on 2004-01-22 10:01:26 by Homer
EvilHomer2k, I find your explaination hard to believe. More likely is that you created an attractor with your "fairly elaborate mechanism to calculate their initial velocity in 3D". The simplest of rules have the abilty to confine randomness and most certainly pseudorandomness. :)
Posted on 2004-01-22 10:27:37 by bitRAKE
Does the mersenne twister take some input seed and continue from there, without any added entropy? If that's the case, what about blending in some entropy? Like, using data collected from a global message hook - that should yield pretty random results from session to session. Perhaps combined with RDTSC and run through a secure hash?

I dunno, though... it would probably make it more 'random', but I have no clue about the cryptographic security of the PRNG :)
Posted on 2004-01-22 10:42:19 by f0dder