I've got a program something like this below:
.586
.model flat,stdcall
option casemap:none
include \masm32\include\windows.inc
include \masm32\include\kernel32.inc
includelib \masm32\lib\kernel32.lib
include \masm32\include\user32.inc
includelib \masm32\lib\user32.lib
.data
MsgBoxText db 'this is a program',0
MsgBoxCaption db 'good',0
@start:
invoke MessageBox, NULL, addr MsgBoxText, addr MsgBoxCaption, MB_OK
.code
invoke ExitProcess, NULL
end @start
then I compile it use this:
ml /c /coff a.asm
errors happened, like these:
Assembling: a.asm
a.asm(14) : error A2108: use of register assumed to ERROR
a.asm(15) : error A2107: cannot have implicit far jump or call to near label
Now, the question is, I want to start my program in the segment .DATA (not in .CODE), how can i do this stuff when i'm using MASM 7.0?
Thanks all!!!
.586
.model flat,stdcall
option casemap:none
include \masm32\include\windows.inc
include \masm32\include\kernel32.inc
includelib \masm32\lib\kernel32.lib
include \masm32\include\user32.inc
includelib \masm32\lib\user32.lib
.data
MsgBoxText db 'this is a program',0
MsgBoxCaption db 'good',0
@start:
invoke MessageBox, NULL, addr MsgBoxText, addr MsgBoxCaption, MB_OK
.code
invoke ExitProcess, NULL
end @start
then I compile it use this:
ml /c /coff a.asm
errors happened, like these:
Assembling: a.asm
a.asm(14) : error A2108: use of register assumed to ERROR
a.asm(15) : error A2107: cannot have implicit far jump or call to near label
Now, the question is, I want to start my program in the segment .DATA (not in .CODE), how can i do this stuff when i'm using MASM 7.0?
Thanks all!!!
Save this code as StartInData.bat and run, it compiles itself.
;@echo off
;goto make
.386
.model flat,stdcall
option casemap:none
include \masm32\include\windows.inc
include \masm32\include\kernel32.inc
includelib \masm32\lib\kernel32.lib
include \masm32\include\user32.inc
includelib \masm32\lib\user32.lib
proto04 typedef proto :DWORD,:DWORD,:DWORD,:DWORD
.data
szMsgBoxText db 'this is a program',0
szMsgBoxCaption db 'good',0
start proc
mov eax, MessageBox
mov eax, [eax+2]
invoke proto04 ptr [eax], NULL, addr szMsgBoxText, addr szMsgBoxCaption, MB_OK
mov eax, offset @start
jmp eax
start endp
.code
@start:
invoke ExitProcess, 0
end start
:make
\masm32\bin\ml /nologo /c /coff StartInData.bat
\masm32\bin\Link /nologo /subsystem:windows /release /section:.data,RWE StartInData.obj
del StartInData.obj
echo.
pauseSave this code as StartInData.bat and run, it compiles itself.
;@echo off
;goto make
.386
.model flat,stdcall
option casemap:none
include \masm32\include\windows.inc
include \masm32\include\kernel32.inc
includelib \masm32\lib\kernel32.lib
include \masm32\include\user32.inc
includelib \masm32\lib\user32.lib
proto04 typedef proto :DWORD,:DWORD,:DWORD,:DWORD
.data
szMsgBoxText db 'this is a program',0
szMsgBoxCaption db 'good',0
start proc
mov eax, MessageBox
mov eax, [eax+2]
invoke proto04 ptr [eax], NULL, addr szMsgBoxText, addr szMsgBoxCaption, MB_OK
mov eax, offset @start
jmp eax
start endp
.code
@start:
invoke ExitProcess, 0
end start
:make
\masm32\bin\ml /nologo /c /coff StartInData.bat
\masm32\bin\Link /nologo /subsystem:windows /release /section:.data,RWE StartInData.obj
del StartInData.obj
echo.
pauseThanks very much!!!!!!!
I love you!!
:stupid:
I love you!!
pazuluo, Is it first time you have fallen in love at first sight ? :)
:-)
just kidding, pls. forgive me.
I just want to thank you for helping me a lot!!!
just kidding, pls. forgive me.
I just want to thank you for helping me a lot!!!
Pardon my ignorance, but why would one want the program to start in the .DATA section? Why would one put code there to execute?
belairdino
belairdino
It could prevent people from disassembling code with disassembler I think.
Can't think of anything else.
At least my disassembler can't disassemble .data sections, just show raw data.
Can't think of anything else.
At least my disassembler can't disassemble .data sections, just show raw data.
For IDA Pro it's not a problem at all.
I wrote a program myself which is also stored as ".data" and I did it more because it was nessecary then because of fun.
Think of a program which holds another program as a array of data. In my case I wrote a program as .data and compiled the object and then used that object as a external array of the 2nd program.
If I made it as code/.text it would keep having conflicts because of redefinition and you can't make changes to the code if it's as .text without changing linker settings.
There are many places where this could be useful like program patchers which holds a patcher program and needs to be modified to include the data to patch or a installer which holds the installer stub and will be put together with the files to install (ok this might be done more efficient in other ways but it could be done this way).
// CyberHeg
Think of a program which holds another program as a array of data. In my case I wrote a program as .data and compiled the object and then used that object as a external array of the 2nd program.
If I made it as code/.text it would keep having conflicts because of redefinition and you can't make changes to the code if it's as .text without changing linker settings.
There are many places where this could be useful like program patchers which holds a patcher program and needs to be modified to include the data to patch or a installer which holds the installer stub and will be put together with the files to install (ok this might be done more efficient in other ways but it could be done this way).
// CyberHeg
CyberHeg,
I see where you're going with this, but I guess that's beyond where I want to spend my time... Seems easier to rebuild the .exe files from source.
(Of course, in my real life, we do zap our mainframe assembler apps, but there's no correlating concept of .code, .text, vs .data sections. Zaps are quick, temporary fixes; eventually the source tree gets updated and new installations get the latest object/executables.)
david,
I don't think that application would have come to mind.
pazuluo,
I hear their two reasons: security and program maintenance. Are there other reasons (e.g., performance, the gee-whiz factor)?
belairdino
I see where you're going with this, but I guess that's beyond where I want to spend my time... Seems easier to rebuild the .exe files from source.
(Of course, in my real life, we do zap our mainframe assembler apps, but there's no correlating concept of .code, .text, vs .data sections. Zaps are quick, temporary fixes; eventually the source tree gets updated and new installations get the latest object/executables.)
david,
I don't think that application would have come to mind.
pazuluo,
I hear their two reasons: security and program maintenance. Are there other reasons (e.g., performance, the gee-whiz factor)?
belairdino
I have wondered some about the task in mind when it comes to 32 bit PE files, while it is routine to put bits of DATA in the CODE section, if you in fact maintain the distinction from the PE specs between .text and .data and have the correct flags set for what can be executed, then you cannot execute code in the .data section.
DATA is usually set READ/WRITE where CODE needs to be set READ/EXECUTE and while you can set CODE to WRITE and it will execute OK, there is no point in having a DATA section if you want to execute it.
You can easily set everything to READ/WRITE/EXECUTE but I wonder why you would need sections at all if you did so.
Regards,
hutch@movsd.com
DATA is usually set READ/WRITE where CODE needs to be set READ/EXECUTE and while you can set CODE to WRITE and it will execute OK, there is no point in having a DATA section if you want to execute it.
You can easily set everything to READ/WRITE/EXECUTE but I wonder why you would need sections at all if you did so.
Regards,
hutch@movsd.com
I have wondered some about the task in mind when it comes to 32 bit PE files, while it is routine to put bits of DATA in the CODE section, if you in fact maintain the distinction from the PE specs between .text and .data and have the correct flags set for what can be executed, then you cannot execute code in the .data section.
DATA is usually set READ/WRITE where CODE needs to be set READ/EXECUTE and while you can set CODE to WRITE and it will execute OK, there is no point in having a DATA section if you want to execute it.
You can easily set everything to READ/WRITE/EXECUTE but I wonder why you would need sections at all if you did so.
Regards,
hutch@movsd.com
Thank you, hutch!
I started this thread because I want to know how to do it, there's no other purpose...
:grin: