Hi guys and girls.
I have been quite inactive into programming but anyway, lets go directly to the point. Below is a summary and later the comments ok?


  • Emulating real mode as a programming style

  • Google is not the only one

  • Undocumented methods



1)Emulating modes as a programming style:
So, I have been reading the newsgroups these last 2 days for well... news. Some questions were quite interesting. In one of them, one guy was asking how he could load a Dll (16 bits) on given App (32bits). So here we are. Protection mode and crap. What you think of writting applications to be run in an emulated mode? We all know that hardware and software industry is following totaly different path and that things are nowadays, each day, more and more automagically setup but anyway I was puzzleing myself on that. I think its interesting. No idea about you, but maybe many of you guys must have worked once or twice on emulation, etc, so you must have a nice idea of how good is it, what path to follow etc. What are your thoughts?

2)Google is not the only one:
Every place I go in the cyberworld, people talk google google google. While I like google and I use it a lot, I think people could speak of search generally. Otherwise people (in my humble oppinion) gets too limited. For instance, I dont know about you, but I use Krugle a lot. I dont like the fact that it is generally slow to load but its focus on programming and code as a whole makes it a nice choice for some of us I think. So my oppinion about it is: "Dont google it. Rather search it." What you have to say about that?

3)Undocumented methods:
While it would be nice that for every programming method there was an example, some methods, apis or whatever dont have ANY documentation at all! Not even saying return values, etc. It makes job a lot harder since you must then spend hours (at least myself, and this is, when I can figure out) searching source code for possible clues. Not to mention code is some times obfuscated. Eh...
The weird thing is that now I got extremely interested in unfolding undocumented methods. Its great! But still a pain in the ass you know. On the other hand maybe thats what makes it look nicer. My question here is rather if you know of any shadowy apis you've always been wondering about but never got the patience to look over it. Since programming is a hobby for me, I love those sorts of things so if you have anything interesting, send me a pm about it ok?

Maybe it is polemic when I say that some sorts of behavior (like not documenting stuff, or saying "google is your friend") causes a lot of problems to the next generation of programmers. Dont take it the wrong side. I think the dicussion is valid.

Ok maybe that covers all what I wanted to say in this topic. Yeah. Oh yeah, forgot to say: I am working on a "protective app" (win32) for a game a friend of mine is making so if you have any interesting concepts about it (tcp for instance), send me a pm too. While people talk a lot about it in the linux world, seems to me that on win32 world it is not so well commented. :P If you are having problems with your cat is okay to pm too. I am not so used to make questions in forums. =P But this one is for chilling.
Posted on 2007-09-19 09:42:22 by codename
codename,

Welcome back to the board.

1&3) Since you said that you like arsing around with undocumented opcodes, I won't go into great detail and let you figure out most of it on your own (I've only used it once so I'm by no means any person to explain it in any detail anyways). But basically Windows offers three API procedures fully available in Kernel32; LoadLibrary16, FreeLibrary16, and GetProcAddress16. These can be used along with an undocumented/underdocumented procedured called QT_thunk which is located in Kernel32 (but not loaded by default). Basically you load QT_thunk with GetProcAddress (the 32 bit one), load your 16 bit DLL using LoadLibrary16, then get the exports using GetProcAddress16. From there you can use QT_thunk to call the 16 bit exports in your 32 bit environment. The alternative method is to create a sort of proxy 32 bit DLL which calls down to the 16 bit DLL. I don't really like that method cause you are carrying an extra DLL with your app that could be avoided. I'll leave the specifics up to you to figure out.. I'm sure there are a couple of demos out there if you search around, although I can't really think of many situations where this would be extremely useful.

2) I'm guitly myself of using "google it". It's just become the popular term amongst people who use google. I also use mamma.com and other search engines but most of the time when I say "google it" I actually mean to search google. I have a tendancy to try and get people to put a little effort into obtaining information when it appears they are looking for "spoon feeding" or whatever. Usually if I tell someone to "google it" it's because within the first three or four pages of a google results the page containing their answer is listed. Otherwise I'll say things like "do a yahoo search" or "search mamma.com" but being as I normally use google I tend to refer to it more often than I do any of the others (especially Yahoo since it's really gone down hill over the years).

My favorite code searches are probably Koders Search or Google Code Search. Never really used Krugle before, just tried it out... the interface isn't very friendly for my taste (I don't like the tabs when viewing the content of results, I prefer to use my browsers tabs).

Unfortunately I don't do games so I won't be of any help there, as for protecting a port or protocol.. about the best things you can do include limiting the amount of data which can come in at a single time (ie setting a MAX_PACKET size), checking that limit before allocating your containers for the packets and forcefully disconnecting people who brake that rule which could help to prevent various overflow attacks. Implementing some sort of SSL could help ensure data security in case someone gained control of one of the routers/switches between your clients and the game server (although not much). Not sure if that's what you meant.. if you were talking about an auth system that's something more along the lines of an IM convo, you can try and catch me on MSN, I might not be on there tonight but I should have internet access tomarrow or so. I'm sitting in with my sister the rest of the week after she gets out of surgery. If the doc lets her go home tonight I should be online (username is on profile). If not then it'll probably be tomarrow or Friday before I get online again. Authentication systems is something more for a private matter because you don't want something like that publicly documented, the internals of auth systems are generally closely guarded by companies and in the case of your game you are going to want to keep it low key until you work all the bugs out of the design.

Regards,
Bryant Keller
Posted on 2007-09-19 15:47:08 by Synfire
Hey Syn, thanks for your reply. Interesting stuff you said there about the Api16's there. I remember that, while using IDA, sometimes I would get the 16 versions of them on 32 apps! I need to find it out again so I post one screenshot of it so you guys can see how interesting... I still need to read lots of stuff but I think maybe win kernel uses them too for many purposes and when you link your program it maybe comes together. Confusing. Well more reading. Thanks for the suggestions. It does look interesting.

Ah yeah, thanks for the search suggestions also. I did know of google code (which I dont like so much but anyway) but I didnt know of Koders Search. Thanks for the link! Looks great so far.

Oh and about my tool, I am having some funky ideas to block the nasty programs hhh. But I am reading so many header files that I am going crazy. I found some cool stuff in iphlpapi and I might design something from it. Probably wont get too far too quickly because I am not so good in asm but well for sure some funky idea will come from experience. Thanks again! :D
Posted on 2007-09-20 11:35:03 by codename
I do stuff.
Posted on 2007-09-20 14:00:55 by Homer

I do stuff.


Dear Homer,

You are a very talented fellow. Have U thought about changing your avatar.

Maybe one that shoots a programmer that is lazy.

Take care my friend.


Posted on 2007-09-24 16:58:03 by skywalker
Actually, you have a point.

I said I would update my avatar when I had updated my hardware.
I have done the latter, and not the former, and I have broken my word.
And now I correct this oversight :)

Posted on 2007-09-26 10:54:07 by Homer
The hosting of you image is referrer-protected
GET /avatars/Funny/Albert-Einstein.jpg HTTP/1.1
Host: www.avatarist.com
Referer: www.asmcommunity.net
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Transfer-Encoding: chunked
Date: Wed, 26 Sep 2007 17:08:07 GMT
Content-Type: text/html
Server: Apache/1.3.37 (Unix) mod_fastcgi/2.4.2 mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635.SR1.2 mod_ssl/2.8.28 OpenSSL/0.9.7a PHP-CGI/0.1b

cc
<html><head><title>403 Permission Denied</title></head>
<body bgcolor=white>
<h1>403 Permission Denied</h1>

You do not have permission for this request /avatars/Funny/Albert-Einstein.jpg

</body></html>

0


Works when you visit entering the URL in the browser and then revisiting asmcommunity again (because the browser uses cache)
GET /avatars/Funny/Albert-Einstein.jpg HTTP/1.1
Host: www.avatarist.com
Cache-Control: no-cache

HTTP/1.1 200 OK
Age: 719
Date: Wed, 26 Sep 2007 17:09:22 GMT
Content-Length: 3967
Content-Type: image/jpeg
Server: Apache/1.3.37 (Unix) mod_fastcgi/2.4.2 mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635.SR1.2 mod_ssl/2.8.28 OpenSSL/0.9.7a PHP-CGI/0.1b
Last-Modified: Sun, 31 Jul 2005 15:57:10 GMT
ETag: "491b1b-f7f-42ecf4d6"

Knd >

Posted on 2007-09-26 12:11:05 by LocoDelAssembly

The hosting of you image is referrer-protected


I fixed it for you, Homer :)
Posted on 2007-09-26 14:52:17 by SpooK
lol ty
Posted on 2007-09-26 21:07:06 by Homer