hi all
what i am trying to do is asking the user for to input username and pass which declared as constant. With if/else procedure compare if the text is same if not, then another loop
so far i did get the user to input the username and pass and compared but i cant not see if the password is right.
------------------------------------------------
thx
Posted on 2002-05-15 20:35:03 by k0d
what i am trying to do is asking the user for to input username and pass which declared as constant. With if/else procedure compare if the text is same if not, then another loop
so far i did get the user to input the username and pass and compared but i cant not see if the password is right.
------------------------------------------------
.486
.model flat, stdcall
option casemap :none
Main proto :DWORD
include \masm32\include\windows.inc
include \masm32\include\kernel32.inc
include \masm32\include\masm32.inc
includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\masm32.lib
.data
Login db "welCome to Zion Network",13,10,0
UName db "UserName: ",13,10,0
UPass db "UserPass: ",13,10,0
Again db "try again!",13,10,0
UNa db "k0d"
UPa db "love"
.data?
hInstance DWORD ?
.code
start:
invoke GetModuleHandle, NULL
mov hInstance, eax
invoke Main, hInstance
invoke ExitProcess, eax
Main proc hInst:DWORD
LOCAL kb: WORD
@@:
invoke ClearScreen
invoke StdOut, ADDR Login
invoke StdOut, ADDR UName
invoke StdIn, ADDR kb, 128
lea eax, kb
invoke StdOut, ADDR UPass
invoke StdIn, ADDR kb, 128
lea ecx, kb
cmp word ptr [eax], 'UNa'
cmp word ptr [ecx], 'UPa'
jmp @f
invoke StdOut, ADDR Again
jz @b
@@:
xor eax, eax
ret
Main endp
end start
-------------------------------------------
thx
Posted on 2002-05-15 20:35:03 by k0d
um... i'm not sure if this reply is allowed, but just to let you know... it wouldn't be very difficult to recover the password from this program.
but anyway, i think your problem lies here:
cmp word ptr , 'UNa'
cmp word ptr , 'UPa'
jmp @f
shouldn't you be doing two conditional jumps? like this (where jc is a conditional jump):
cmp word ptr , 'UNa'
jc @UNaFails
cmp word ptr , 'UPa'
jc @UPaFails
but anyway, i think your problem lies here:
cmp word ptr , 'UNa'
cmp word ptr , 'UPa'
jmp @f
shouldn't you be doing two conditional jumps? like this (where jc is a conditional jump):
cmp word ptr , 'UNa'
jc @UNaFails
cmp word ptr , 'UPa'
jc @UPaFails
UNa db "k0d",0
UPa db "love",0
BUFFER_SIZE equ 512
buffer struct
data db BUFFER_SIZE dup ()
buffer ends
Main proc hInst:DWORD
local nick:buffer
local pass:buffer
@@:
invoke ClearScreen
invoke StdOut, ADDR Login
invoke StdIn, ADDR nick, BUFFER_SIZE-4
invoke StdOut, ADDR UPass
invoke StdIn, ADDR pass, BUFFER_SIZE-4
invoke StrCmp, addr nick, addr UNa
jne @B
invoke StrCmp, addr pass, addr UPa
jne @B
xor eax, eax
ret
I wouldnt think there is anything wrong with this. ;)
As pointed out, you cant compare two things and expect the Processor to remember the first ;)
As well, you *might* get away with the comparisons, since they are both 4 bytes or less, but this is not a good way of comparing strings in general.
Its becoming quite clear to me you dont understand stings, so i will give you the run down ;). But you do have the *idea's* in place so dont feel too bad.
Anyways, there you go.
Hope you can learn from it ;)
:NaN:
As pointed out, you cant compare two things and expect the Processor to remember the first ;)
As well, you *might* get away with the comparisons, since they are both 4 bytes or less, but this is not a good way of comparing strings in general.
Its becoming quite clear to me you dont understand stings, so i will give you the run down ;). But you do have the *idea's* in place so dont feel too bad.
[*]You tried to make an input buffer, and as i gather it, you wanted it to be 128 bytes in length. A good start, how your declairing the buffer is wrong. Seing LOCAL kb: WORD will only declair 2 bytes (since a word is 2 bytes long). Your on the right track, but you need to make a byte array on the local stack: LOCAL kb[128] :BYTE will do this.
[*]Your actual username and password should have a NULL character as the rest of your stings do. This is so the comparison routines will know where to end.
[*]You understanding of the cmp in general needs work ;) . *i* know what your trying to do by reading this, but the assembler doesnt. To the assembler, the string "cmp word ptr , 'UNa' says: compare the TWO bytes found at the address of EAX, to the THREE ascii bytes 'UNa' (respectively). Well, somehow anyways. Im surprised the assembler actually assembled this with out error. Since your trying to compare two different sizes!. I will show you how to compare strings further on.
[*]Another problem is that your should realize that EAX, ECX, and EDX are NOT transparent thru API calls and in general should NOT assume the same for LIB functions you didnt write ;) . The line lea eax, kb followed by invoke StdOut, ADDR UPass will certainly change the value of EAX as soon as the StdOut function is called!! You can not assume that it will preserved! As well, you can not assume by simply doing the 'LEA' you preserve the infor currently in the buffer, so you can reuse it later. You need make two separate buffers to hold two types of information!
[*]A little for decptive, but the when using the MASM32.LIB routine "StdIn", the text copied into the buffer will have the "13,10" line feed in it. You should call StripLF also found in the MASM32.LIB. It will replace this with a NULL char which will better suit the string comparison routine.
Here is a reworking of your source with new areas in bold:
.486
.model flat, stdcall
option casemap :none
Main proto :DWORD
include \masm32\include\windows.inc
include \masm32\include\kernel32.inc
include \masm32\include\masm32.inc
includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\masm32.lib
.data
Login db "welCome to Zion Network",13,10,0
UName db "UserName: ",13,10,0
UPass db "UserPass: ",13,10,0
Again db "try again!",13,10,0
UNa db "k0d"[b],0[/b]
UPa db "love"[b],0[/b]
.data?
hInstance DWORD ?
.code
start:
[b]push esi
push edi[/b]
invoke GetModuleHandle, NULL
mov hInstance, eax
invoke Main, hInstance
[b]pop edi
pop esi[/b]
invoke ExitProcess, eax
Main proc hInst:DWORD
LOCAL kb[b][128] :BYTE
LOCAL kb2[128] :BYTE[/b]
@@:
invoke ClearScreen
invoke StdOut, ADDR Login
invoke StdOut, ADDR UName
invoke StdIn, ADDR kb, 128
[b]invoke StripLF, addr kb[/b]
[b]; remove this: lea eax, kb [/b]
invoke StdOut, ADDR UPass
invoke StdIn, [b]ADDR kb2, 128[/b]
[b]; remove this: lea ecx, kb
invoke StripLF, addr kb2[/b]
[b]; remove this : cmp word ptr [eax], 'UNa'
; This will compare the username
invoke StrLen, addr kb ; Get the number of bytes entered
mov ecx, eax ; Save the count in ECX
mov esi, offset kb ; Set the SOURCE INDEX to the buffer kb
mov edi, offset UNa ; Set the DEST INDEX to the UserName seeked
cld ; Indicate to count up the byte string
repz cmpsb ; repeate comparing the byte at ESI to EDI.
; If they are the same, ESI = ESI + 1,
; EDI = EDI +1, and ECX = ECX - 1.
; When finished, ask, is ECX == 0 ? No? Then
; somewhere the bytes were not the same, since
; not ALL the bytes were checked!
cmp ecx, 0
jne @Error
invoke StrLen, addr kb2 ; Get the number of bytes entered
mov ecx, eax ; Save the count in ECX
mov esi, offset kb2 ; Set the SOURCE INDEX to the buffer kb2
mov edi, offset UPa ; Set the DEST INDEX to the UserPass seeked
cld ; Indicate to count up the byte string
repz cmpsb ; repeate comparing the byte at ESI to EDI.
; If they are the same, ESI = ESI + 1,
; EDI = EDI +1, and ECX = ECX - 1.
; When finished, ask, is ECX == 0 ? No? Then
; somewhere the bytes were not the same, since
; not ALL the bytes were checked!
cmp ecx, 0
jne @Error
jmp @F
@Error:[/b]
invoke StdOut, ADDR Again
[b]jmp[/b] @b
@@:
xor eax, eax
ret
Main endp
end start
Anyways, there you go.
Hope you can learn from it ;)
:NaN:
Nan there is error
(58) : error A2098: invalid operand for OFFSET
(72) : error A2098: invalid operand for OFFSET
sorry but i am not really familiar with offset yet
- gaining password from this program i was planning write simple encryption thats in another file that everytime user enter there name and password algorith i guess encrypt and compare it however i couldn't get to that part
but next thing i want to try is to display * instead of characters
i am not zen of assembly so till then try my best
thx everyone
(58) : error A2098: invalid operand for OFFSET
(72) : error A2098: invalid operand for OFFSET
sorry but i am not really familiar with offset yet
- gaining password from this program i was planning write simple encryption thats in another file that everytime user enter there name and password algorith i guess encrypt and compare it however i couldn't get to that part
but next thing i want to try is to display * instead of characters
i am not zen of assembly so till then try my best
thx everyone
Didn't check to see where lines 58 and 72 were, but I can guess they were at the LOCAL variables
Now if I remeber correctly off hand... You can't use OFFSET for local variables, because they're based off the stack...
remove the offset and use "lea" instead...
Hope it helps,
Sliver
ps. I think I'm right, but if not I'll give a closer look if Nan doesn't fix it first
Now if I remeber correctly off hand... You can't use OFFSET for local variables, because they're based off the stack...
remove the offset and use "lea" instead...
Hope it helps,
Sliver
ps. I think I'm right, but if not I'll give a closer look if Nan doesn't fix it first
Quick question:
How does one do this:
Enter User Name: Sliver
Enter Password: ********
Basically is there a way to "intercept" the characters being typed to the screen and replace them with "*" so as to hide the characters?
Sliver
How does one do this:
Enter User Name: Sliver
Enter Password: ********
Basically is there a way to "intercept" the characters being typed to the screen and replace them with "*" so as to hide the characters?
Sliver
Ooooops my bad ;)
Cant use offset cause it is only works for STATIC values. Ie) Addresses that can be determined at COMPILE-TIME. Since the very nature of a stack (and local varialbes) are dynamic, this is why it failed.
The fix is replace:
mov esi, offset kb
mov edi, offset UNa
with:
lea esi, kb
lea edi, UNa
In both sections.... sorry for this (guess its obvious now i didnt test it first ;) )
:alright:
NaN
Cant use offset cause it is only works for STATIC values. Ie) Addresses that can be determined at COMPILE-TIME. Since the very nature of a stack (and local varialbes) are dynamic, this is why it failed.
The fix is replace:
mov esi, offset kb
mov edi, offset UNa
with:
lea esi, kb
lea edi, UNa
In both sections.... sorry for this (guess its obvious now i didnt test it first ;) )
:alright:
NaN
thx NaN, everyone
i can't understand why NaN did
is the push, pop needed?!?! why ?!?!
.code
start:
[B]push esi
push edi[/B]
invoke GetModuleHandle, NULL
mov hInstance, eax
invoke Main, hInstance
[B]pop edi
pop esi[/B]
invoke ExitProcess, eaxis the push, pop needed?!?! why ?!?!
Can't see why it would be... APIs preserve registers. Ok, main can
trash registers if it wants to. Also, register preservation is only
necessary in callbacks, and "entrypoint" isn't really a callback. No,
ExitProcess will *not* fail on trashed registers ;).
trash registers if it wants to. Also, register preservation is only
necessary in callbacks, and "entrypoint" isn't really a callback. No,
ExitProcess will *not* fail on trashed registers ;).