hey guys,,...

i was trying to get text from a dialogbox's edit box but i dont know why
there's an error in GetDlgItemTextA API invalid windows handle...

here is the code..
%include"WIN32N.inc"
extern MessageBoxA
import MessageBoxA user32.dll
extern GetModuleHandleA
import GetModuleHandleA kernel32.dll
extern DialogBoxParamA
import DialogBoxParamA user32.dll
extern ExitProcess
import ExitProcess kernel32.dll
extern GetDlgItemTextA
import GetDlgItemTextA user32.dll


SECTION .data USE32
cap db "w0rm CrackMe",0
msg db "You Entered : ",0
handl dd 0
EdtHandl dd 0
serial resb 100
MSGhWnd  equ 0
MSGmsg    equ 4
MSGwParam equ 8
MSGlParam equ 12
dlgHandl dd 0

SECTION .code USE32 class=CODE
..start:
push NULL
call
mov dword,eax
push 0
push DialogProc
push 0
push 100
push dword
call
push dword 0
call
DialogProc:
cmp dword ,1004
je chek
cmp dword , WM_CLOSE
je exitout
jmp returnback
exitout:
push dword 0
call
jmp returnback
chek:
push 100h
push serial
push 1005
push dword
call
cmp eax,0
je exit
push dword MB_OK
push dword serial  ; here
push dword cap
push dword 0         
call
exit:
returnback:
mov eax, 0
ret 16



please guys help...

thanks
Posted on 2012-08-14 12:23:54 by aloksaini
When you ask a question about some source code, try to include the full source code (including resource files). That would allow others to build your demo and see the errors for ourselves.

Aside from that, you're not properly handling the WM_COMMAND event. Your DialogProc should probably be more like the following.

DialogProc:
MSGhWnd  equ 0
MSGmsg    equ 4
MSGwParam equ 8
MSGlParam equ 12

mov eax,
cmp eax, WM_COMMAND
je .Wm_Command

cmp eax, WM_CLOSE
je .Wm_Close

.Wm_Default:
xor eax, eax
ret 16

.Wm_Close:
mov eax,
push dword 0
push eax
call
jmp .Finished

.Wm_Command:
cmp dword , (BN_CLICKED << 16) + 1004
jne .Finished

mov eax,
push dword 100h
push dword serial
push dword 1005
push eax
call
cmp eax, 0
je .Finished

push dword MB_OK
push dword serial
push dword cap
push dword 0
call

.Finished:
mov eax, 1
ret 16


Which brings me to my next point, use [code] and [/code] tags. It allows you to show your code with formatting rather than using just [quote] tags which remove formatting.

Another place an error might be is the use of 100h. Throughout your source code, you've constantly used base 10 but in this instance (for some reason) you've used base 16. Is that on purpose?
Posted on 2012-08-14 15:59:42 by Synfire
I am with synfire here.  Normally I just ignore code when not put in between code tags.  Something did stand out.  Your using esp directly, any push/pops you do affect esp and you have to take that into account.
    push 100h
    push serial
    push 1005
    push dword
    call

Are you sure hWnd is STILL at esp+4?  Why don't you create a normal stack frame and use ebp?
Posted on 2012-08-14 21:12:11 by Gunner

Are you sure hWnd is STILL at esp+4?  Why don't you create a normal stack frame and use ebp?


Ah yes, I forgot to mention that part. My update also fixed it so the value is saved in a register before I started pushing parameters. As Gunner said, ESP gets updated each time you push so you have to do that.
Posted on 2012-08-14 21:44:38 by Synfire
firstly thanks for the reply guys.....

and sorry for not putting my code in
 tags...
i will take care next time and yes

DialogProc:
push dword
pop dword
rest of code...


solved the problem thanks......
Posted on 2012-08-14 23:30:51 by aloksaini