Briefly about FASM, assembler, WinAPI
What is FASM? - This is an assembler compiler (flat assembler).
What is assembler? - these are machine instructions, that is, commands what to do to the processor.
What is Windows API / WinAPI? - These are Windows functions, without them you cannot work with Windows.
What do WinAPI functions do? - A lot of things:
Working with files.
Working with windows, drawing pictures, OpenGL, DirectX, GDI, and so on.
Interaction with other processes.
Working with ports.
Working with the Windows console
And many more interesting features.
Why do you need an assembler?
You can do anything on it, from OS to 3D games.
Here are the pros of assembler:
He's very fast.
.
:
. ()
.
(FASM)?
FASM - https://flatassembler.net/
FASM Editor 2.0 - IDE FASM, fasmworld.ru (asmworld), : https://fasmworld.ru/content/files/tools/FEditor-v2.0.rar
OlyDbg - ollydbg.de: https://www.ollydbg.de/odbg201.zip
8.5MB.
( )
FASM- C:\\FASM\ , FASMEditor.
FASMEdit-a -, C:\\FASM Editor 2.0\
OlyDbg -, C:\\Users\****\Documents\FasmEditorProjects\
FASM Editor-a
.
FASM Editor .
"" ( ) -> "..."
"..." .
. .
"Hello world!" FASM
Fasm Editor "" -> "". , "Console"
, .
format PE Console ; FASM
entry start ; windows- .
include 'win32a.inc' ; FASM-
; .
section '.data' data readable writeable ;
hello db 'hello world!',0 ;
section '.code' code readable writeable executable ;
start: ;
invoke printf, hello ; printf
invoke getch ;
; .
invoke ExitProcess, 0 ; windows-
; ()
section '.idata' data import readable ;
library kernel, 'kernel32.dll',\ ; ,
msvcrt, 'msvcrt.dll'
import kernel,\
ExitProcess, 'ExitProcess'
import msvcrt,\
printf, 'printf',\
getch, '_getch'
, 3: 16, 18, 21 . ( , . )
.
:
2. ( 1, )
: ?
1 : "format PE Console" - FASM- , 1 , ( ).
PE - EXE , .
Console - , .
:
format MZ - EXE- MS-DOS
format PE - EXE- Windows, format PE GUI 4.0
format PE64 - EXE- Windows, 64 .
format PE GUI 4.0 - EXE- Windows, .
format PE Console - EXE- Windows, . ( )
format PE Native -
format PE DLL - DLL- Windows, .
format COFF - OBJ- Linux
format MS COFF -
format ELF - OBJ- gcc (Linux)
format ELF64 - OBJ- gcc (Linux), 64-bit
( ) format PE Console
;
. .
3 : entry start
windows- \ . "start" , .
5 : include 'win32a.inc'
, "win32a.inc" INCLUDE ( FASM). .
8 : section '.data' data readable writeable
, (), , .
"data" ( \\ - ) .
"readable writeable" - -.
'.data' -
10 : hello db 'hello world!',0
hello - , (, ), , , , , FASM , .
db - 1 . 1 .
'hello world!' - ASCII
",0" ? - 0 ( ), 0, . . .
12 : section '.code' code readable writeable executable
"code" - .
"executable" - , .
.
14 : start:
. . 3 start , . , entry
15 : invoke printf, hello
printf - \ . "hello"
, , .
- , - .
, invoke : ( 15 )
push hello
call [printf]
.
17 : invoke getch
getch - , .
20 : invoke ExitProcess, 0
ExitProcess - WinAPI , . , , , .
23 : section '.idata' data import readable
"import" - .
24-25 :
library kernel, 'kernel32.dll',\
msvcrt, 'msvcrt.dll'
"library" DLL ( , ).
DLL .
kernel - , .
: 'kernel32.dll'
- DLL .
\
.
:
library kernel, 'kernel32.dll',\
msvcrt, 'msvcrt.dll'
:
library kernel, 'kernel32.dll', msvcrt, 'msvcrt.dll'
1 1 .
27-28 :
import kernel,\
ExitProcess, 'ExitProcess'
import
- , DLL.
kernel
- DLL, .
ExitProcess
- , , . (WinAPI )
'ExitProcess'
- This is the name of the function that will be loaded from the DLL, that is, this is the name of the function that is written in the DLL.
Further I think it is not worth explaining, everything seems to be clear.
What is a DLL library?
It is a file with a DLL extension. This file contains functions (whatever). This is an ordinary program, but which is not launched by a double click, but is loaded into the program into virtual memory, and then the functions located in this DLL are called.
Summing up
You can write in assembler without knowing the language itself, but using only macro commands of the compiler. For the entire article, I mentioned only 2 assembler commands this push hello
and call [printf]
. I will tell you what this means in the next article.