It is about MASM64 or better tell GoASm....

You will find an example in the zip file...

http://pageperso.aol.fr/chapillong/MASM64.zip

To see GoAsm ---> http://www.GoDevTool.com

I don`t forget you...

Good Enjoy...
----

Gerard
Posted on 2005-10-25 07:15:35 by gerard
Warning....

In file Struc.inc there are a little error...

Structure MSG is ---->

MSG STRUCT
  hwnd      DQ      ?
  message  DD      ?
;  reserved  DD ?
  wParam    DQ      ?
  lParam    DQ      ?
  time      DD    ?
  pt        POINT      <?>
ENDS


Excuse me for the error I did in file Struc.inc...
It was not a wanted error...

Good enjoy...

---
Gerard
Posted on 2005-10-25 08:13:25 by gerard
Here is another listing...

Have a look...

http://pageperso.aol.fr/chapillong/cMASM64.zip



Good Enjoy...
----
Gerard
Posted on 2005-10-25 12:43:11 by gerard
Another program...

http://pageperso.aol.fr/chapillong/Essai-iz-64-4.zip

You will see that with this example the better choice for structure MSG is


Posted on 2005-10-26 14:22:50 by gerard

The more difficult is to find the real Structure of variable...

Why difficult? Just parse the header files from microsoft...
Posted on 2005-10-26 14:30:55 by f0dder
WARNING

If you let program Mem.exe opened a long time something happens...

Do the test...your PC doesn`t risk something....do the test...


I think that the use of DD (instead of  DQ) for lParam is the culprit...

GoAsm is only a Beta Version...and I think will hav a good future...

Excuse me for the trouble...You see that knowledge of MASM32 is similar than 64 bits...


GoodEnjoy...
----
Gerard
Posted on 2005-10-26 23:18:25 by gerard
Hi Gerard

The file struc.inc is not part of GoAsm.  Where did it come from?

As far as I am concerned the correct MSG structure in 64-bits is as follows:-

MSG      DQ 0         ;+0 hWnd
        DD 0        ;+8 message
        DD 0        ;padding for next
        DQ 0        ;+10 wParam
        DQ 0        ;+18 lParam
        DD 0        ;+20 time
        DD 0        ;+24 1st part of point structure
        DD 0        ;+28 2nd part of point structure


Message is only a dword and you need 4 bytes of padding after it to ensure that the following qwords are on their natural boundary.

For comparison here is the 32-bit version of the MSG structure:-

MSG      DD 0         ;+0 hWnd
        DD 0        ;+4 message
        DD 0        ;+8 wParam
        DD 0        ;+C lParam
        DD 0        ;+10 time
        DD 0        ;+14 1st part of point structure
        DD 0        ;+18 2nd part of point structure
Posted on 2005-10-27 11:32:25 by jorgon
Here is another program...
64 bits
http://pageperso.aol.fr/chapillong/Essai-iz-64-5.zip

Same than this -one
32 bits
http://pageperso.aol.fr/gerardchap/Provider.zip

The 64 bits works normally...but  with WinXP64Bits...it has some troubles...
the problem is in dll of Microsoft
in directory C:\WINDOWS\SysWOW64 ----> advapi32.dll
Microsoft has forgotten some things...
a)Provider Type DH (Diffie and Hellman) are not introduced...
b) One can`t enumerate Provider with API CryptGetProvParam

If someone could test my program on Windows2003 64 bits...
Perhaps the dll advapi32.dll in 64 bits is the same Windows 2003/XP 64 bits...

Therefore if someone does the test on Windows2003 64 bits a little message on this forum will be the welcomer...


GoAsm....works almost perfectly...
The problem of lParam was perturbing because when one uses Shelltray...this parameter is often used...

Good Enjoy..
----
Gerard
-----------------------------------------------------------------------------------------------------
? ??? ?? ???????? ??? , ?? ??? ?? ???? ??? ??????????...
("God let permit to me to change the world"---he never listens to me...)
Posted on 2005-10-31 05:43:54 by gerard
GoAsm....works almost perfectly...
The problem of lParam was perturbing because when one uses Shelltray...this parameter is often used...


Just to make it clear, the "problem of lParam" is and never was a GoAsm issue.
Posted on 2005-10-31 10:26:39 by jorgon
Hi...

Here is a new program working in 64 bits...
http://pageperso.aol.fr/chapillong/Essai-iz-64-6.zip

It is the same than this one for 32 bits
http://pageperso.aol.fr/gerardchap/DAPVersion3.zip

This of 32 bits doesn't work correctly on WindowsXP64Bits ...the problem is in
API FTPGetSizeFile (used in 32 bits) whose doesn't work...on WinXP64Bits

With this program this of 64 bits you will be able to retrieve file on FTP Server if this one permit it...
ftp://ftp.sedl.org/pub/mirrors/nihongo/
FTP is ftp://ftp.sedl.org  and one can resume a broken download...
THis FTP is a site for Japonese ----> nihongo...

Why with DAP (SpeedBits) and IDM and other one can resume on FTP File because they (these programs) works on NetWork i.e. they are like eMule or Kazaa...

You will find a little Tutorial
http://pageperso.aol.fr/gerardchap/Annexe.zip

Good Enjoy..
----
Gerard
Posted on 2005-11-03 11:16:18 by gerard
Hi...

I have a little problem ...with GoAsm...because I want to use static code libraries and I don't arrive...

(It is to build Driver in 64 bits)...

Like one can't retrieve address of certain Function (API)...I use the following line...
Then I use

Posted on 2005-11-08 13:34:41 by gerard
Hi Gerard

GoAsm gives this error if you have tried to use an import library (containing only the names of the DLLs for linking purposes) instead of a static library (containing actual code of functions).

If you have a look inside ntoskrnl.lib using a PE viewer (could I suggest Wayne Radburn's PEview?) you can check which type of library it is.

When writing 64-bit code with the help of code (static) libraries, you would need 64-bit versions of such libraries.  These would contain 64-bit code instead of 32-bit code.  So far I have not come across any such code libraries.  If they exist I would welcome a chance to get my hands on them, since I suspect the format of the library will be different from usual 32-bit static libraries.  If so, I would need to make some adjustments to GoAsm to suit.
Posted on 2005-11-08 13:57:42 by jorgon
Hi

  In this folder http://pageperso.aol.fr/chapillong/Essai-iz-64-8.zip
there are an example of a DLL in 64 bits...
The example serves only to show the entry point i.e. the


Posted on 2005-11-14 04:10:04 by gerard
It is always about EXE files or DLL files...

To see the structure go to ---> http://elfz.laacz.lv/ms_exe_spec.html

Try to use a good program ...at page http://www.magma.ca/~wjr/

Program's link...( http://www.magma.ca/~wjr/PEview.zip )

Try also to see the interior of a *.obj file ...and, above all, try to build a listing...
i.e

http://elfz.laacz.lv/ms_exe_spec.html


About Drivers...I have a little problem because I have not the ntoskrnl.lib and hal.lib..files...
These two files are in 64 bits...

I re-give you a good link...for Drivers in 32 bits...the site was made by Four-F..he is Russian ...
(Four-F is a game of words between hexadecimal FFFF and Forrest first Great Wizard of K.K.K in 18xx)
http://www.freewebs.com/four-f/


I hope you will enjoy after seeing all these sites...

----
Gerard
Posted on 2005-12-02 01:47:37 by gerard
For those who want to have a better understanding about how and why GoAsm is built like that

Go to ----->http://win.asmcommunity.net/x86book/index.php?pagename=WinCallingConventions

One can read that ecx and edx was (and is always used) under 32 bits...

For 64 bits ecx and edx are always used..but r9 and r8 are also used...

If you want to know more about stack please read that...

http://win.asmcommunity.net/x86book/index.php?pagename=TheStack

I think that these informations will be welcomers... 8)

----
Gerard



Posted on 2005-12-07 00:30:45 by gerard
Here is a new example...

http://pageperso.aol.fr/chapillong/API64.zip

If you want some detail please go and see on http://www.wasm.ru

the following article

http://www.wasm.ru/article.php?article=green2red01

Good enjoy...
----
Gerard
------------------------------------------
For those who have some trouble with russian...go to...
http://babelfish.altavista.com/

Posted on 2005-12-16 10:57:25 by gerard
It is about GoAsm...

I saw two little errors...

movsxd rcx,    one can with GoAsm....
in fact it is impossible..and the real solution is..

mov ecx,
movsxd rcx,ecx

and the utilisation of cmpsb...
when one uses it with GoAsm register rax change...
in fact cmpsb must not change rax...


Gothere http://www.asmcommunity.net/board/index.php?topic=22519.0 to see this error...

----
Gerard







Posted on 2005-12-19 04:24:31 by gerard
movsxd rcx,
in fact it is impossible

This isn't impossible.  According to the AMD64 specifications this instruction:-
"Copies the 32-bit value in a register or memory location (second operand) into a 64-bit register (first operand), extending the most significant bit of the 32-bit value into all higher bits of the 64-bit register."

In MASM you need this in the source code:-
MOVSXD RCX,DWORD PTR

This produces the following opcodes:- 48 63 0C 24
This is exactly GoAsm's output as well, except that the "DWORD PTR" override is implicit and not required.

As for CMPSB, this is one opcode 0A6h
GoAsm codes this correctly

These are not GoAsm errors
Posted on 2005-12-19 17:20:49 by jorgon
To quote the rules...


Violations of the rules stated below can and most likely will result in your posting abilities being disabled pending membership termination. All rules pertain to public postings, private messages, and direct or indirect links to other sources. You have been WARNED!!!
...
Illegal software including cracks, hacks, viruses, trojans, or anything else considered mailicious or illegal by US or Internation Laws will not be tolerated in this community, EVER. This includes reverese engineering for the purpose of circumventing security/protection mechanisms.


This naturally includes links to virus-related material, even if it is related to anti-virus techniques... it brings too much attention to this forum from the virus underworld even though the intentions of the arcticle are good.

I won't lock this topic, but please keep away from such discussions in the future... I don't look foward to this forum being flooded by script-kiddies who know how to google for "v1|2U5 73C|-|NIQU35!!1!".
Posted on 2005-12-19 19:11:35 by SpooK
I don't want to sound rude, but isn't this topic utter rubbish? It's barely in English and seems to just be a hodgepodge of false accusations against GoAsm even though it's entitled "MASM64"...?
Posted on 2005-12-19 20:21:51 by stormix