when i try following program to pop up message box in my windows 32 bit system using NASM i get error.
section .myText progbits alloc exec write align=16
global _WinMain@16
_WinMain@16:
xor eax, eax
xor ebx, ebx
xor ecx, ecx
xor edx, edx
jmp short GetLibrary
LibraryReturn:
pop ecx
mov BYTE [ecx+10], dl
mov ebx, 0x76d62fe4
push ecx
call ebx
jmp short FunctionName
FunctionReturn:
pop ecx
xor edx, edx
mov BYTE [ecx+11], dl
push ecx
push eax ; handle to the module user32.dll
mov ebx, 0x76d616b9 ; GetProcAddress
call ebx
; now eax has the procAddress of 'MessageBoxA'
jmp short Message
MessageReturn:
pop ecx
xor edx, edx
mov BYTE [ecx+16] , dl
push edx
push ecx
push ecx
push edx
call eax ;MessageBoxA(windowhandle,msg,title,type)
ender:
xor edx,edx
push eax
mov eax, 0x76d63176 ;exitprocess(exitcode);
call eax
Message:
call MessageReturn
db 'hello am melvin!'
FunctionName:
call FunctionReturn
db 'MessageBoxAN'
GetLibrary:
call LibraryReturn
db 'user32.dllN'
i compiled
C:\SHELL>nasm -f win32 -o msgbox.o msgbox.asm
C:\SHELL>ld -o msgbox.exe msgbox.o
i doesn't show any error, but when i run this,
"i get windows Debug window- with a message: 'messagebox.exe' has stopped working' "
Now i disabled ASLR. And i found this is the problem.
Unhandled exception at 0x00404003 in Sample.exe: 0xC0000005: Access violation writing location 0x00404019.
00404003 C6 41 05 00 mov byte ptr [ecx+10],0
so how can i get rid of AV. i edited bcdedit.exe. but doesn't work
in linux when i try this,
section .myText progbits alloc exec write align=16
it was working but in windows, doesn't.
