 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
qHF
How do I cheat?
![]() Reputation: 0
Joined: 12 Dec 2009
Posts: 9
|
 Posted: Mon Feb 08, 2010 10:28 am Post subject: Assembly help |
 |
|
I am coding a keygen in assembly (my first in asm) and I have two problems.
My second problem is it's not displaying a bitmap on my dialog...
Here is (part of) my .rc file:
| Code: | //
// Bitmap resources
//
LANGUAGE 9, SUBLANG_DEFAULT
208 BITMAP ".\\bitmap1.bmp"
//
// Dialog resources
//
...
{
...
CONTROL 208, 205, "Static", WS_BORDER | SS_BITMAP | WS_CHILD | WS_VISIBLE, 7, 9, 257, 96
...
} |
(I cut out unimportant parts)
I know the control is working properly because the border still exists:
| Code: | | http://img52.imageshack.us/img52/4343/bordera.png |
And I also know the bitmap is included in the .exe file because when I open it up in a resource editor I see it in there. What am I doing wrong that makes it not show up?
first problem (solved)
| Quote: |
and I added a dialog trick I stole from my C++ experience:
| Code: | proc dlgproc
.hwnd argd
.umsg argd
.wparam argd
.lparam argd
cmp argv(.umsg), dword 1024
jg wm_default
cmp argv(.umsg), dword WM_LBUTTONDOWN ;mouse down
je .move ;jmp to trick
cmp argv(.umsg), dword WM_CLOSE
je .closeit
mov eax, dword argv(.umsg)
push dword argv(.lparam)
push dword argv(.wparam)
push dword argv(.hwnd)
call [msg_table + eax * 4]
ret
.move: ;trick
invoke ReleaseCapture
invoke SendMessageA, dword argv(.hwnd) , dword WM_NCLBUTTONDOWN, dword HTCAPTION, dword 0
xor eax, eax
ret |
This will make the dialog move as if you are holding the top bar except it works if you click anywhere.
It actually works perfectly, except when I click inside an editbox it crashes. Is there a different way to achieve the same effect without crashing? Or is there a way to avoid crashing using the same method? |
Here are my tools (if it matters)
Compiler: NASM (+ nasmx)
Resource: GORC
Linker: GoLink
Here is the full source (edited out most unimportant stuff... errors reserved):
| Code: | %include '..\..\inc\nasmx.inc'
%include '..\..\inc\win32\windows.inc'
%include '..\..\inc\win32\kernel32.inc'
%include '..\..\inc\win32\user32.inc'
entry key
[section .text]
proc key
mov eax, msg_table
mov [eax + WM_COMMAND * 4], dword Wm_CommandProc
mov [eax + WM_DESTROY * 4], dword Wm_DestroyProc
invoke DialogBoxParamA, byte NULL, dword szTemplate, byte NULL, dword dlgproc, byte NULL
invoke ExitProcess, dword ebx
ret
endproc
proc dlgproc
.hwnd argd
.umsg argd
.wparam argd
.lparam argd
cmp argv(.umsg), dword 1024
jg wm_default
cmp argv(.umsg), dword WM_LBUTTONDOWN ;mouse down
je .move ;jmp to trick
cmp argv(.umsg), dword WM_CLOSE
je .closeit
mov eax, dword argv(.umsg)
push dword argv(.lparam)
push dword argv(.wparam)
push dword argv(.hwnd)
call [msg_table + eax * 4]
ret
.move: ;trick
invoke ReleaseCapture
invoke SendMessageA, dword argv(.hwnd) , dword WM_NCLBUTTONDOWN, dword HTCAPTION, dword 0
xor eax, eax
ret
.closeit:
invoke EndDialog, dword argv(.hwnd), byte 1
mov eax, 1
ret
wm_default:
xor eax, eax
ret
endproc
proc Wm_DestroyProc
.hwnd argd
.wparam argd
.lparam argd
invoke EndDialog, dword argv(.hwnd), byte 1
mov eax, 1
ret
endproc
proc Wm_CommandProc
.hwnd argd
.wparam argd
.lparam argd
mov eax, dword argv(.wparam)
jmp .forward
.cmd_table: dd .cmd_idgo, .cmd_idabout, .cmd_idok
.forward:
sub eax, 200
jmp [.cmd_table + eax * 4]
.cmd_idok:
invoke EndDialog, dword argv(.hwnd), byte 1
mov eax, 1
ret
.cmd_idabout:
invoke MessageBoxA, dword argv(.hwnd), dword szAboutTxt, dword szAbout, dword MB_OK | MB_ICONINFORMATION
mov eax, 1
ret
.cmd_idgo:
;generate...
mov eax, 1
ret
endproc
[section .bss]
dwText: resd 1
dwHeap: resd 1
[section .data]
szTitle: db "Keygen", 0x0
szContent: db "Error: you must enter text into the top edit box!", 0x0
szTemplate: db "MyDialog", 0x0
msg_table: times 1024*4 dd wm_default
szAbout: db "About",0x0
szAboutTxt: db "Keygen by qHF", 0Dh, 0Ah
db "Coded in Assembly", 0x0 |
The RC file:
| Code: | #include "..\..\inc\win32\resource.h"
//
// Bitmap resources
//
LANGUAGE 9, SUBLANG_DEFAULT
208 BITMAP ".\\bitmap1.bmp"
//
// Dialog resources
//
LANGUAGE 9, SUBLANG_DEFAULT
MyDialog DIALOG DISCARDABLE 0, 0, 272, 168
STYLE DS_3DLOOK | DS_CENTER | DS_MODALFRAME | DS_FIXEDSYS | WS_VISIBLE | WS_BORDER | WS_CAPTION | WS_DLGFRAME | WS_POPUP | WS_SYSMENU
CAPTION "Keygen"
FONT 8, "Ms Shell Dlg 2"
{
DEFPUSHBUTTON "OK", 200, 7, 147, 50, 14, BS_FLAT
PUSHBUTTON "About", 201, 107, 147, 50, 14, BS_FLAT
PUSHBUTTON "Exit", 202, 212, 147, 50, 14, BS_FLAT
EDITTEXT 203, 42, 112, 220, 12, ES_AUTOHSCROLL
EDITTEXT 204, 42, 127, 220, 12, ES_AUTOHSCROLL
CONTROL 208, 205, "Static", WS_BORDER | SS_BITMAP | WS_CHILD | WS_VISIBLE, 7, 9, 257, 96
LTEXT "Name:", 206, 12, 117, 25, 10, SS_LEFT
LTEXT "Serial:", 207, 12, 127, 25, 10, SS_LEFT
} |
And the batch for the hell of it:
| Code: | @echo off
set file=%1
if exist %file%.obj del %file%.obj
if not exist %file%.asm goto errasm
..\..\bin\nasm -f win32 %file%.asm -o %file%.obj
if errorlevel 1 goto errasm
..\..\bin\GoRC.exe /r=keygen.res keygen.rc
if errorlevel 1 goto errres
..\..\bin\GoLink.exe /entry _main %file%.obj keygen.res kernel32.dll user32.dll
if errorlevel 1 goto errlink
if exist %file%.obj del %file%.obj
if exist keygen.res del keygen.res
goto TheEnd
:errlink
echo _
echo Link error
pause
goto TheEnd
:errres
echo _
echo Resource Error
pause
goto TheEnd
:errasm
echo _
echo Assembly Error
pause
goto TheEnd
:TheEnd
echo _ |
Note: I may have left in some unimportant stuff... just focus on the code causing problems.
Last edited by qHF on Wed Feb 10, 2010 6:57 am; edited 4 times in total |
|
| Back to top |
|
 |
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Mon Feb 08, 2010 1:27 pm Post subject: |
|
|
| if you post the entire source people would be able to help you a lot easier. if not the whole source, then at least a skeleton that can be compiled with the parts in question in there
|
|
| Back to top |
|
|
qHF
How do I cheat?
![]() Reputation: 0
Joined: 12 Dec 2009
Posts: 9
|
| Posted: Mon Feb 08, 2010 1:46 pm Post subject: |
|
|
| Ok. I updated the original post with a skeleton source with the bugs still present.
|
|
| Back to top |
|
|
HellSpider
How do I cheat?
![]() Reputation: 0
Joined: 09 Feb 2010
Posts: 4
Location: Finland
|
| Posted: Tue Feb 09, 2010 12:28 pm Post subject: |
|
|
There is an easier way to move the dialog box from any-non control point  .
| Code: | .if uMsg == WM_LBUTTONDOWN
invoke PostMessage,hDlg,WM_NCLBUTTONDOWN,HTCAPTION,0
.endif |
However if you want it to be moveable from the control points too I don't have anything to aid you.
Use the following code in the dialog callback proc. I'm coding in MASM (not NASM) so this is how I'd make it.
| Code: | DlgProc proc hDlg:HWND, uMsg:UINT, wParam:WPARAM, lParam:LPARAM
.if uMsg == WM_LBUTTONDOWN
invoke PostMessage,hDlg,WM_NCLBUTTONDOWN,HTCAPTION,0
.endif
xor eax,eax
ret
db 0CCh
db 0CCh
DlgProc endp |
Hope that this helps .
|
|
| Back to top |
|
|
qHF
How do I cheat?
![]() Reputation: 0
Joined: 12 Dec 2009
Posts: 9
|
| Posted: Tue Feb 09, 2010 3:24 pm Post subject: |
|
|
Thanks HellSpider,
Although it does work, it still crashes when I click inside the editbox.
|
|
| Back to top |
|
|
HellSpider
How do I cheat?
![]() Reputation: 0
Joined: 09 Feb 2010
Posts: 4
Location: Finland
|
| Posted: Tue Feb 09, 2010 3:45 pm Post subject: |
|
|
Hmm... that's strange  . This method is always working just fine, I can edit in edit controls normally when I'm using that snippet.
Have you tested if the edit control work without the dlg-move modification?
|
|
| Back to top |
|
|
qHF
How do I cheat?
![]() Reputation: 0
Joined: 12 Dec 2009
Posts: 9
|
| Posted: Tue Feb 09, 2010 4:06 pm Post subject: |
|
|
I thought it was working without it, but now after I just tested it does still crash without the moving code.
I remember it was working before I implemented the moving code, but I guess I also changed something at the same time I put in that code. I'll look further into it. Thanks 
I got it! I removed the part here:
| Code: | proc Wm_CommandProc
.hwnd argd
.wparam argd
.lparam argd
mov eax, dword argv(.wparam)
jmp .forward
.cmd_table: dd .cmd_idgo, .cmd_idabout, .cmd_idok
.forward:
sub eax, 200
jmp [.cmd_table + eax * 4] |
the part I removed had to handle unaccounted for commands (such as editing the editbox) It should be this:
| Code: | proc Wm_CommandProc
.hwnd argd
.wparam argd
.lparam argd
mov eax, dword argv(.wparam)
jmp .forward
.cmd_table: dd .cmd_idgo, .cmd_idabout, .cmd_idok
.forward:
sub eax, 200
cmp eax, 2
jg .unknown
jmp [.cmd_table + eax * 4]
.unknown:
xor eax, eax
ret |
|
|
| Back to top |
|
|
HellSpider
How do I cheat?
![]() Reputation: 0
Joined: 09 Feb 2010
Posts: 4
Location: Finland
|
| Posted: Wed Feb 10, 2010 11:40 am Post subject: |
|
|
Glad to see you managed to get it working .
I thought yesterday that your name was familiar. I got it now why, I made a keygen a few days ago for your console CrackMe on crackmes.de .
|
|
| Back to top |
|
|
qHF
How do I cheat?
![]() Reputation: 0
Joined: 12 Dec 2009
Posts: 9
|
| Posted: Fri Feb 12, 2010 2:47 pm Post subject: |
|
|
Cool 
You might see a gui CrackMe if I can get the bitmap working 
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
