Code in Win32 Assembly!!!

Submitted on: 1/20/2015 11:20:00 PM
By: Chris Vega (from psc cd)  
Level: Advanced
User Rating: By 2 Users
Compatibility: VB 5.0, VB 6.0
Views: 1316
     This Article has nothing to do with Visual Basic, but a simple answer to those emails i received from PSC members asking how to add Assembly Inline-Code to Visual Basic; i say why learning those when you can actually write your Win32 Assembly Code, in pure TASM format! the article was written in serries, but this is the only part i will be uploading here in PSC cause i am now on my way of designing my own website, soon i will be deleting all of my entries here =(

This article has accompanying files
Introduction to Win32 Assembly Programming
By: Chris Vega []
What will i learn from this article?
	+- Definitions of Application Programming Interface (API)
	+- How to incorporate API to Win32 Assembly, as well as how to convert
	VC++ definitions from Win32 API Refference to a Win32 Assembly format
	+- How to code a Do-Nothing Application (skeleton) using Win32 Assembly
	using Borland TASM 5.0
	+- How to compile and link your Application
	+- How to show an output in screen saying "Hello World!" using MessageBox
Hello World! thats what everybody have in mind on every language introduction, so i will 
be giving a simple hello world application in Win32 Assembly in this Article, showing 
you how to compile and link it using Turbo Assembler (TASM) and explain the details 
about the application we have created.
 This tutorial, as well as other Win32 Assembly Articles in this site are written in 
 TASM syntax (TASM specific), therefore you need TASM5 to conpile and link the source 
 codes in this article.
	Download TASM here (greetz to, crackstore):
	Also, you need a Text Editor, NotePad which is Built-In Windows OS is pretty
 There are various Windows Operating Systems and non of them performs alike, but 
 with Assembly Coding, the differences are less, so the name "Win32" was purposely
 attached to Assembly to describe a Windows Environment Assembly Code - "Win32Asm"
Application Programming Interface
Application Programming Interface or simply API is what replaces the Interrupt calls
in the old DOS System, same as Interrupt, APIs are also a functions, but unlike Ints,
APIs "must" be imported into your Application before you can make use of it, i've put
"must" in quote cause APIs can also be called directly from its address without really
importing it to you application, but thats a little advanced topic, so lets concentrate
a more on importing APIs.
In TASM, importing an API was done using the directive "extrn", which is the same direc-
tive used to import external routines, that simplifies the explanation, API is exported
by Dynamic Link Libraries or DLL and APIs are external routines/funtions, therefore in 
order to import an API to your application, we can simply add:
	extrn ApiNameHere:PROC
	extrn ApiNameHere:NEAR
As i told earlier, APIs are exported by DLLs, and the rules for case-sensitivity in API 
Names are strictly active, thefore:
	extrn apiName:PROC
	is not the same as
	extrn Apiname:PROC
you can find these APIs in Win32 API Refference included in MSDN Library, Visit:
or download the Win32 API Refference (8.5MB) at crackstore:
After downloading and extracting it, or simply open your MSDN on-disk or on-line and
view the most common APIs of all, the ExitProcess
		The ExitProcess function ends a process and all its threads. 
	VOID ExitProcess(
		UINT uExitCode// exit code for all threads
In TASM, importing this API is always a must, this is to tell TASM that we are creating
a Win32 Application rather than DOS Programs:
	extrn ExitProcess:PROC
Again, case-sensitive check all API names you are typing before you proceed with coding
or else, TASM32 will unable to create import refference of API to your Application, and 
with Arguments or Parameter passing, Win32 Assembly always expect right-to-left (RTL) or
Standard Calling Convention (stdcall).
ExitProcess expect 1 parameter, in Assembly, all parameter must be pushed in RTL order,
and all addresses or values aree passed, meaning, lpXXX expect a Long-Pointer, uXXX
expect Unsigned Value etch.
The above C++ definition of ExitProcess API will be converted to Asm as:
	push	uExitCode	; exit code for all threads
	call	ExitProcess
APIs are generally grouped with two types, one is the string using API and the other is
not a string using API, meaning, if the API needs string to be passed as an argument, ie,
MessageBox, see the description of MessageBox in Win32 API Refference:
	The MessageBox function creates, displays, and operates a message box. The message
	box contains an application-defined message and title, plus any combination of
	predefined icons and push buttons.
	int MessageBox(
		HWND hWnd,		// handle to owner window
		LPCTSTR lpText,		// text in message box
		LPCTSTR lpCaption,	// message box title
		UINT uType		// message box style
LPCTSTR in VC++ is a pointer to a string argument, known in hungarian notation "LP" or
"Long Pointer", meaning, MessageBox API is an string using API, knowing that Windows
Operating System provides two different string types, the ANSI of "A" and the UNICODE
or "W", each string using API always two different versions, one for ANSI and one for
UNICODE, so MessageBox has:
	MessageBoxA 	-	ANSI version MessageBox
	MessageBoxW	-	UNICODE version MessageBox
this is very significant in Win32 Assembly, since in TASM, these APIs must be declared
first as an "extrn", therefore the correct name is necessary to be imported and not its
"macro" name!
To make it simple, MessageBox doesnt exist in User32.DLL, what exist are MessageBoxA and 
MessageBoxW, try to find out by downloading my GetAPI Tool in the Download section of 
this site, and try to locate MessageBox or other string API, like CreateFile etch and 
amaze yourself by discovering that they doesn't exist, but the ANSI or "A" / UNICODE or 
"W" versions.
If you dont want a tool to learn if the API exist by itsname or do it have two versions,
then simply look for the Requirements on the API description from Win32 API Refference,
let see MessageBox:
	 Windows NT/2000: Requires Windows NT 3.1 or later.
	 Windows 95/98: Requires Windows 95 or later.
	 Header: Declared in Winuser.h; include Windows.h.
	 Library: Use User32.lib.
	 Unicode: Implemented as Unicode and ANSI versions on all platforms.
and look at the Unicode label.
For the parameter, all API parameter, exept those User defined are Noted by Hungarian
Notation, ie, "LP" means Long Pointer for String, therefore in Win32 Assembly, LP will
simply be converted to Offset, let see the conversion of MessageBoxA in Win32 Assembly:
	push	uType			; message box style	(DWORD)
	push	offset lpCaption	; message box title	(OFFSET DWORD)
	push	offset lpText		; text in message box	(OFFSET DWORD)
	push	hWnd			; handle of Owner	(DWORD)
	call	MessageBoxA
and finally, functions return values, and APIs are functions, so values are returned
as a result, most APIs return their result in the register EAX, or EAX contains info
that the result has been passed to certain parameter/s.
simple? yeah, you're right!
On to coding, next
Do Nothing Code
Before we go to a full running "Hello World!", let see the skeleton of a Win32 Assembly
Code that does nothing, assuming you save them in "donone.asm":
--------------------------------------------------------------cut here----------------
	.model flat, stdcall
	extrn ExitProcess:PROC
	db ?
		call	ExitProcess, 0
		end	start
-----------------------------------------------------------end cut here---------------
The first two lines probably the most important in Win32 coding, because it will tell 
the compiler the minimum processor for the application:
	.model flat, stdcall
The second line tells the compiler about the memory model using directive ".model", where,
in Win32 Environment, flat is the only memory model, meaning we needs to trash any idea of
segment:offset pairing or whatever memory models you might come accross in your previous
Assembly Coding experiences, and welcome ourselves to the world of selectors or straight 
memory layout in 32-bit addressing.
the "stdcall" however tells the TASM our way of Passing Argument, if we omit stdcall, we
have to push all parameters in the RTL order, while using stdcall tells the compiler that
we are about to use Standard Calling Convention as our means of Parameter Passing, it means:
	push	uExitCode	; exit code for all threads
	call	ExitProcess
Can be converted to:
	call	ExitProcess, uExitCode
Therefore, no need to push Parameter to Stack one-by-oe, simply by calling the API and
its arguments all in one line separated be comma(,) Note the comma after the API name.
After the headings, the list of API imports follows - "extrn"s, you must import the needed
APIs to make use of it, at-least thats the idea of Win32 Programming.
	db ?
The same as the old layout of assembly coding, we need to define all datas first, inside
the ".data" directive; the "db ?" instruction tells TASM to have a dummy Data Section, or
TASM will gets an error (TASM bug) if your application doesn't included any data at all.
		call	ExitProcess, 0
		end	start
After Data is the Code, stated by ".code" directive, followed by the very-first label, 
meaning, it doesn't really needed to use "start:" as your starting label, you can use
others like "cvega:", but remember to close this first label using the "end 

winzip iconDownload article

Note: Due to the size or complexity of this submission, the author has submitted it as a .zip file to shorten your download time. Afterdownloading it, you will need a program like Winzip to decompress it.Virus note:All files are scanned once-a-day by Planet Source Code for viruses, but new viruses come out every day, so no prevention program can catch 100% of them. For your own safety, please:
  1. Re-scan downloaded files using your personal virus checker before using it.
  2. NEVER, EVER run compiled files (.exe's, .ocx's, .dll's etc.)--only run source code.
  3. Scan the source code with Minnow's Project Scanner

If you don't have a virus scanner, you can get one at many places on the net

Other 8 submission(s) by this author


Report Bad Submission
Use this form to tell us if this entry should be deleted (i.e contains no code, is a virus, etc.).
This submission should be removed because:

Your Vote

What do you think of this article (in the Advanced category)?
(The article with your highest vote will win this month's coding contest!)
Excellent  Good  Average  Below Average  Poor (See voting log ...)

Other User Comments

 There are no comments on this submission.

Add Your Feedback
Your feedback will be posted below and an email sent to the author. Please remember that the author was kind enough to share this with you, so any criticisms must be stated politely, or they will be deleted. (For feedback not related to this particular article, please click here instead.)

To post feedback, first please login.