LCF-AT Posted February 11, 2015 Share Posted February 11, 2015 Hi again, so I have a little question again and need some help. Can anybody tell me how to control & handle & work with the CMD console inside of own code?So what I want at the moment is to get the content of the CMD console. Exsample / Steps: ----------------------------------------- 1.) I start the a CMD tool xy with specific paramters via CreateProcess API 2.) Now the CMD console gets some results xy back (text xy) 3.) I wanna get this text etc logged into memory buffer 4.) Now I check the text for some strings as success or failed for exsample 5.) I got the results of CMD console 6.) If string success was found = keep console running 7.) If string failed found = close console via TerminateProcess ------------------------------------------ Pretty simple so far right?Its just some condition check about success or failed of executed CMD tool command paramters and if I got the results then I can work go on with my own code to make the next steps etc.So how can I do this to get the text content into my memory buffer?So I hope you know what I mean so far.Maybe you have any ideas about it which could help to handle this thing. Thank you 2 Link to comment
Encrypto Posted February 11, 2015 Share Posted February 11, 2015 I would recommend using named pipes with redirected stdin, and stdout. Perhaps this example can help? https://msdn.microsoft.com/en-us/library/windows/desktop/ms682499%28v=vs.85%29.aspx Link to comment
LCF-AT Posted February 11, 2015 Author Share Posted February 11, 2015 Hi Encrypto, thanks for the answer but this exsample is not helpfully for me.So I think I need anything else or better any exsample exe file what I could check in debugger to see how its working. So I do remember from the past that I have seen already any GUIs for CMD tools who do pipe the CMD text content directly into a own GUI window but can't remember the target names anymore.Do you know any exsample targets which I could check or something?Or can anybody code any little exsample? PS: So at the moment I could maybe hook the WriteConsole API somehow to check what gets written into the CMD process but also this way would be to awkward.Hhmmm!Is there never any simple solution to get? greetz Link to comment
simple Posted February 11, 2015 Share Posted February 11, 2015 I'd post the binary but no point when u can compile it yourself. MSDN code makes me throw up too, but just an advice for next time, C programming makes this kind of stuff very fast ; ) .data format1 db "%s", 0 format2 db "PID = %d", 0 SearchString db "ghfhgf", 0 Error db "SearchString not found", 0 SecuAttr SECURITY_ATTRIBUTES <> StartInfo STARTUPINFO <> PI PROCESS_INFORMATION <> hRead dd 0 hWrite dd 0 retourligne db 13,10,0 ReadBuffer db 500h dup (0) bytesRead dd 0 Hfile dd 0 NumberOfBytesWritten dd 0 CommandToRun db "ipconfig /all",0 .data? .code ; function mod'd from somebody on masm forums. ; according to msdn ur supposed to call SetHandleInfo first but works fine w/out it Init PROC Local RetVal:DWORD mov RetVal,0 mov SecuAttr.nLength,sizeof SECURITY_ATTRIBUTES mov SecuAttr.bInheritHandle,TRUE invoke CreatePipe,addr hRead,addr hWrite,addr SecuAttr,NULL mov RetVal,eax mov StartInfo.cb,sizeof StartInfo invoke GetStartupInfo,addr StartInfo xor eax,eax mov StartInfo.lpReserved,eax ;null avant d'appeler CreateProcess mov eax,hWrite mov StartInfo.hStdOutput,eax mov StartInfo.hStdError,eax mov StartInfo.dwFlags,STARTF_USESHOWWINDOW+STARTF_USESTDHANDLES mov StartInfo.wShowWindow,SW_SHOW mov eax,RetVal ret Init endp main proc ; initialize call Init ; self explanatory... invoke CreateProcess,NULL,addr CommandToRun,NULL,NULL,TRUE,NULL,NULL,NULL, addr StartInfo, addr PI invoke crt_printf, ADDR format2, [PI.dwProcessId] ; read console output invoke ReadFile,hRead,addr ReadBuffer, sizeof ReadBuffer - 1, addr bytesRead, NULL invoke crt_printf, ADDR format1, addr ReadBuffer ; search for search string invoke crt_strstr, addr ReadBuffer, addr SearchString ; If search string was not found .if eax == 0 invoke crt_printf, ADDR Error invoke OpenProcess, PROCESS_TERMINATE, FALSE, [PI.dwProcessId] .if eax != 0 invoke TerminateProcess, eax, 0 .endif jmp FINISH .endif ; if a string was found now u can send other info back ;invoke WriteFile,hFile,addr InfoToSendBack, bytesRead, addr NumberOfBytesWritten,NULL FINISH: invoke CloseHandle,hRead ;invoke crt_printf, addr format3, x invoke ExitProcess, 0 ret main endp end main 3 Link to comment
LCF-AT Posted February 11, 2015 Author Share Posted February 11, 2015 HI simple, coolio and thanks for your code exsample. So the test executable is working so far (with ReadFile API / funny).So I didn't remember that I could also use ReadFile for this (completely forgotten). Its already good to have any working exsample code now and I will see how I get it work with my other CMD based tool where I get the response later (after few seconds) so I think there I have to add any loop (sleep mode or so) to capture the datas.I will see and check this out and send some feedback. Thanks again very much for the quick help and this nice exsample ASM code. Hhmm I have also no idea about C programming (don't have C) and just use WinASM what I can handle already a little bit (more or less). greetz Link to comment
Alzri2 Posted February 12, 2015 Share Posted February 12, 2015 You can have a look at AutoIt; it has the functions you want and more.Also, it's open source ... it means that u can compile a file then debug it or just read the source code. Link to comment
LCF-AT Posted February 12, 2015 Author Share Posted February 12, 2015 Hi again, sorry but AutoIt is not my thing. @ simple Ok I have test the code snippet some more and found some problems. 1.) Is it just possible to pipe the content text without to keep the content text showing in CMD at same time?So in your code I see you do use "STARTF_USESHOWWINDOW+STARTF_USESTDHANDLES" in startup struct and with this paramters I can read the content via ReadFile API but the CMD window keeps empty but I wanna get both (Read Content + keep content showing in CMD) so is this also possible or not? 2.) Next problem is the termination of CMD tool again.So I see this is only working if the CMD tool was failed to work but if its running then its not working to terminate and it keeps running. 3.) My CreateProcess Paramter are like this... cmd.exe /c toolXY.exe -Paramter X -Paramter -Y player.exe ...so normaly if the tool was executed successfully with right working paramters then it keeps running permanently and gets datas so long till I close it manually (press X or key combi strg+c).Now the question is whether I can send a command strg+c to this CMD before to execute the TerminateProcess API?So I think the problem is to terminate the player.exe.So if I exit the player.exe manually then CMD will also closed but how to get the right PID of this player.exe?Lets say the player.exe is running already 3 times so where should I find out which player PID was executed with this CreateProcess string?Hhmmm! greetz Link to comment
Encrypto Posted February 12, 2015 Share Posted February 12, 2015 LCF: for point 2), you could enumerate the processes, using Process32First/Next and check the ParentPID of the process for player.exe. For example: yourprocess.exe-> | -> cmd.exe (PID : 011) ( from simple's code : CreateProcess(.... π) -> pi.dwProcessID) | -> player.exe (PID : 012) ( enumerate process32first/next to find pe.th32ProcessID == 012, check if pe.th32ParentProcessID == 011) Perhaps this link will give you answers to what you seek. http://stackoverflow.com/questions/185254/how-can-a-win32-process-get-the-pid-of-its-parent Link to comment
simple Posted February 12, 2015 Share Posted February 12, 2015 (edited) 1. Yes, you should be able to do that using anonymous pipes, but it requires editing code inside of your child process. By default progs use 1 pipe only for output. edit - typo 2. The OpenProc()/TermProc() calls work fine for terminating process. See code below. 3. A. If I understand u, You'd have to manually edit the PSP to change args post CreateProc(). B. PID of the child process (the exe called via CreateProc()) is returned in [PI.dwProcessId] (look at the arg to printf()) and can be determined from other instances. It's used to Terminate the proc. Here's a proof concept I'm using. Sample program (child process): #include <stdio.h> #include <stdlib.h> #include <conio.h> // this will retrieve args from the psp int main(int argc, char *argv[]) { printf("%s %s %s\n", argv[0], argv[1], argv[2]); fflush(stdout); _getch (); return 0; }Slightly mod'd masm (parent process):edit again - this isn't designed to be production code, just a PoC, u have to add error checking, etc. .data ... Args db "CmdLineArg.exe string1 string2", 0 ; dont put cmd.exe /c here CommandToRun db "CmdLineArg.exe",0 .data? .code Init PROC Local RetVal:DWORD mov RetVal,0 mov SecuAttr.nLength,sizeof SECURITY_ATTRIBUTES mov SecuAttr.bInheritHandle,TRUE invoke CreatePipe,addr hRead,addr hWrite,addr SecuAttr,NULL invoke SetHandleInformation, hRead, HANDLE_FLAG_INHERIT, 0 mov RetVal,eax mov StartInfo.cb,sizeof StartInfo invoke GetStartupInfo,addr StartInfo xor eax,eax mov StartInfo.lpReserved,eax mov eax,hWrite mov StartInfo.hStdOutput,eax mov StartInfo.hStdError,eax ;mov StartInfo.dwFlags,STARTF_USESHOWWINDOW+STARTF_USESTDHANDLES mov StartInfo.dwFlags, STARTF_USESTDHANDLES mov StartInfo.wShowWindow,SW_SHOW mov eax,RetVal ret Init endp main proc ; initialize call Init ; self explanatory... ;invoke CreateProcess,NULL,addr CommandToRun,NULL,NULL,TRUE,NULL,NULL,NULL, addr StartInfo, addr PI invoke CreateProcess,addr CommandToRun, addr Args, NULL,NULL,TRUE,NULL,NULL,NULL, addr StartInfo, addr PI invoke crt_printf, ADDR format2, [PI.dwProcessId] ; read console output invoke ReadFile,hRead,addr ReadBuffer, sizeof ReadBuffer - 1, addr bytesRead, NULL invoke crt_printf, ADDR format1, addr ReadBuffer ; search for search string invoke crt_strstr, addr ReadBuffer, addr SearchString ; If search string was not found .if eax == 0 invoke crt_printf, ADDR Error invoke OpenProcess, PROCESS_TERMINATE, FALSE, [PI.dwProcessId] .if eax != 0 invoke TerminateProcess, eax, 0 .endif jmp FINISH .endif FINISH: invoke CloseHandle,hRead ;invoke crt_printf, addr format3, x invoke ExitProcess, 0 ret main endp end main Edited February 12, 2015 by simple Link to comment
LCF-AT Posted February 12, 2015 Author Share Posted February 12, 2015 (edited) Hi again and thanks for your hints so far, @ Encrypto Ok I have test what you said but I got one problem....so if I got the PID of my CMD process what to do to check for a running parent process?So I wrote a quick MultiASM exsample... @top: call GetCurrentProcessId mov ebx,eax lea esi, [esp-400] mov dword [esi], 128 push edi push 2 call CreateToolhelp32Snapshot mov edi, eax push esi push edi call Process32First cmp dword [esi+8], ebx je @PIDFOUND @LOOP: push esi push edi call Process32Next or eax,eax je short @LISTFINISHED cmp dword [esi+8], ebx je @PIDFOUND jmp short @LOOP @LISTFINISHED: push edi call CloseHandle nop ; <-- pause nop @PIDFOUND: nop ; <-- Got PID what now? nop...so you know what I mean right?Just need to know what steps I have to do after this check now.Also I don't really can follow these MSDN descriptions,sorry. @ simple Got some problems with your new & extra code on the first code tags "#include <stdio.h> etc" so this I can't use in WinASM as you wrote and also I don't have this files. Next problem comes with the new paramters for CreateProcess API so they don't work on this way = failed to work correctly.If I set dwFlags to default (to see something in CMD temporary for testing) then the content inside is not normal = all trashy inside with all signs etc = not working.So it seems I still have to use the cmd.exe /c command in commandline of this API then it works also normaly.But also if I rechange this with using cmd.exe /c then I got same results as before = CMD is showing nothing inside & TerminateProcess does not Terminate CMD. So I think I have to use the idea of Encrypto to get the processID of the player.exe which was executed by commandline and to close this only and then also CMD tool gets closed automatic. EDIT: So I think to get the parent process is not really working.So if I found the CMD PID and check then what for a parent PID I got before then its not the player PID its Exlporer PID... PROCESSENTRY32 structure $ ==> 0012FBB0 00000128 $+4 0012FBB4 00000000 $+8 0012FBB8 00000250 <-- CMD PID $+C 0012FBBC 00000000 $+10 0012FBC0 00000000 $+14 0012FBC4 00000001 $+18 0012FBC8 00000288 <-- Explorer PID $+1C 0012FBCC 00000008 $+20 0012FBD0 00000000 ........I think this way isn't working.Is there now way to check now something with the PID I got from CMD to get infos of extra executed processes by CMD or something etc?So I do execute a commandline via CreateProcess which also holds at the end of all paramters the player.exe path which gets started by the extern CMD tool xy and I don't have any influence about the player.exe so far you know.Also this player.exe could also run already a few times to work with other processes so how should I then find out which player does belong to this executed CMD commandlines you know?Of course I don't want to quit the wrong player.exe process.Maybe you have again any ideas how to handle this situation. greetz Edited February 12, 2015 by LCF-AT Link to comment
simple Posted February 12, 2015 Share Posted February 12, 2015 Sry misunderstood u I drank too many soft drinks today. After your call to Proc32First, use pe.th32ParentProcessID to get parent PID of child. Would code it for u but don't have ur target binary. Link to comment
LCF-AT Posted February 12, 2015 Author Share Posted February 12, 2015 Hi again, so you mean this right? typedef struct tagPROCESSENTRY32 { DWORD dwSize; DWORD cntUsage; DWORD th32ProcessID; ULONG_PTR th32DefaultHeapID; DWORD th32ModuleID; DWORD cntThreads; DWORD th32ParentProcessID; <---- Here LONG pcPriClassBase; DWORD dwFlags; TCHAR szExeFile[MAX_PATH]; } PROCESSENTRY32, *PPROCESSENTRY32; But as I told before,there I only get the parent PID back what I got before and this parent PID is not the player.exe PID its just any PID if any process which was found in the PID list. Somehow I have to work now go on with the PID of CMD tool what is connected with the player to get the PID of the player but how is the question. greetz Link to comment
simple Posted February 12, 2015 Share Posted February 12, 2015 OK, I used cmd.exe /c target.exe param etc, I ran multiple instances of it and this will close the instance called w/CreateProc. theres a bug in masm w/ascii vs ansi Proc32First/Next api requiring special build instructions, here they are thanks to Alex @masmforums who found it Change in kernel32.incProcess32FirstW PROTO STDCALL :DWORD,:DWORDProcess32NextW PROTO STDCALL :DWORD,:DWORDtoProcess32First PROTO STDCALL :DWORD,:DWORDProcess32Next PROTO STDCALL :DWORD,:DWORDand make a new kernel32.lib or take the one from windows sdk..386p.model flat, stdcalloption casemap: noneinclude \masm32\include\windows.incinclude \masm32\include\kernel32.incinclude \masm32\include\user32.incinclude \masm32\include\ntdll.incinclude \masm32\include\msvcrt.incincludelib \kernel32.libincludelib \masm32\lib\ntdll.libincludelib \masm32\lib\user32.libincludelib \masm32\lib\msvcrt.lib.data format1 db "%s", 0 format2 db "PID = %d", 0 SearchString db "ghfhgf", 0 Args db "cmd.exe /c CmdLineArg.exe string1 string2", 0 Error db "SearchString not found", 0 SecuAttr SECURITY_ATTRIBUTES <> StartInfo STARTUPINFO <> PI PROCESS_INFORMATION <> hRead dd 0 hWrite dd 0 retourligne db 13,10,0 ReadBuffer db 500h dup (0) bytesRead dd 0 Hfile dd 0 NumberOfBytesWritten dd 0 CommandToRun db "CmdLineArg.exe",0 AppName db "Terminate",0 ;SearchForThis db "CmdLineArg.exe",0 errSnapshot db "CreateToolhelp32Snapshot failed.",0 errProcFirst db "Process32First failed.",0 hSnapshot HANDLE ? ProcEnt PROCESSENTRY32 <> .data?.codeInit PROC Local RetVal:DWORD mov RetVal,0 mov SecuAttr.nLength,sizeof SECURITY_ATTRIBUTES mov SecuAttr.bInheritHandle,TRUE invoke CreatePipe,addr hRead,addr hWrite,addr SecuAttr,NULL invoke SetHandleInformation, hRead, HANDLE_FLAG_INHERIT, 0 mov RetVal,eax mov StartInfo.cb,sizeof StartInfo invoke GetStartupInfo,addr StartInfo xor eax,eax mov StartInfo.lpReserved,eax mov eax,hWrite mov StartInfo.hStdOutput,eax mov StartInfo.hStdError,eax mov StartInfo.dwFlags, STARTF_USESTDHANDLES mov StartInfo.wShowWindow,SW_SHOW mov eax,RetVal retInit endpmain proc ; initialize call Init ; self explanatory... ;invoke CreateProcess,NULL,addr CommandToRun,NULL,NULL,TRUE,NULL,NULL,NULL, addr StartInfo, addr PI invoke CreateProcess, NULL, addr Args, NULL,NULL,TRUE,NULL,NULL,NULL, addr StartInfo, addr PI invoke crt_printf, ADDR format2, [PI.dwProcessId] ; read console output invoke ReadFile,hRead,addr ReadBuffer, sizeof ReadBuffer - 1, addr bytesRead, NULL invoke crt_printf, ADDR format1, addr ReadBuffer ; search for search string invoke crt_strstr, addr ReadBuffer, addr SearchString ; If search string was not found .if eax == 0 invoke crt_printf, ADDR Error invoke CreateToolhelp32Snapshot, TH32CS_SNAPPROCESS,0 .IF (eax != INVALID_HANDLE_VALUE) mov hSnapshot,eax mov [ProcEnt.dwSize],SIZEOF ProcEnt invoke Process32First, hSnapshot,ADDR ProcEnt ; 7c865535 .IF (eax) l00p: invoke crt_printf, ADDR format1, addr [ProcEnt.szExeFile] invoke lstrcmpi, ADDR CommandToRun ,ADDR [ProcEnt.szExeFile] .IF (eax == 0) ; if PID of cmd.exe from CreateProc == Parent PID of CmdLineArg.exe ; then this is the CmdLineArg.exe called from cmd.exe called from CreateProcess() mov eax, [PI.dwProcessId] mov ecx, [ProcEnt.th32ParentProcessID] cmp eax, ecx jnz n0cl0se ;invoke crt_memcmp, [PI.dwProcessId], [ProcEnt.th32ParentProcessID], sizeof DWORD invoke OpenProcess, PROCESS_TERMINATE,FALSE,[ProcEnt.th32ProcessID] .IF (eax) invoke TerminateProcess, eax,0 .ENDIF .ENDIF n0cl0se: invoke Process32Next, hSnapshot,ADDR ProcEnt test eax,eax jnz l00p .endif .ENDIF invoke CloseHandle, hSnapshot .endif ; if a string was found now u can send other info back ;invoke WriteFile,hFile,addr InfoToSendBack, bytesRead, addr NumberOfBytesWritten,NULL FINISH: invoke CloseHandle,hRead ;invoke crt_printf, addr format3, x invoke ExitProcess, 0 retmain endpend mainI tried to space this code best I could manually, this modern technology forum we're using doesnt want to do it for me forgive me if it comes up messed up 1 Link to comment
LCF-AT Posted February 12, 2015 Author Share Posted February 12, 2015 Hi again, thanks for the new code. In my kernel32.inc I find this... Process32First PROTO :DWORD,:DWORD Process32FirstW PROTO :DWORD,:DWORD Process32Next PROTO :DWORD,:DWORD Process32NextW PROTO :DWORD,:DWORD ...should I really change this now or not?Ok at the moment I haven't change it and have only test your code so far and it seems to work.No idea why but it works on my first tests but I am still not sure so maybe it was only a lucky random that it was working. First I just startet 2 player.exe instances and then I startet your code and it also has closed the right one. Coolio! So I get a little lost during debugging the code sample.I also tried now to start 10 player instances but its still working. Does it mean that I can keep my kernel32.inc untouched now? Ok so it seems that this problem is sloved now so far (very well) but the other little problem I have is still the empty CMD window.So I would like to keep showing the content as normaly + reading the content via ReadFile but my tests failed to get both together so I can just decide for one only at the moment or do you also know any way how to get both or is it really not possible? greetz Link to comment
LCF-AT Posted February 12, 2015 Author Share Posted February 12, 2015 Forgot one more thing. Problem with ReadFile API So I see ReadFile API is just so long working so long CMD gets some content but if not and I call ReadFile API again then my code is just running without to come back after this API call.How to handle this?Normaly I would like to call ReadFile API to get the content bytes XY so far and right after I wanna call ReadFile API again to see whether it got another content or not and if not = call exit but the problem now is that my code then just runs and gets lost into ReadFile API.Hmmm. greetz Link to comment
Alzri2 Posted February 12, 2015 Share Posted February 12, 2015 Told ya ... what ur looking for is already written neatly in AutoIt by C++ expertsjust look at the source code of AutoIt (StdoutRead function) Link to comment
simple Posted February 12, 2015 Share Posted February 12, 2015 (edited) If u want the console to display as normal, ShellExecuteExA will do it. The downside is that the only way to get stdout from console is to have it write to a file, so you'd then have to open the file and search for the string. Don't think ShellEx is wired for pipes. U can also use anonymous pipes w/CreateProcess, but as far as I know you'll have to alter some of the code in your child process to redirect the pipes as I don't think it's possible to tell the kernel to redirect pipes of a process from outside that process. If the program flow stops at ReadFile, it's because there is nothing in stdout and it needs to be flushed via fflush(stdout) from within the child process. You can put the ReadFile call inside of a thread if your main thread has other work to do in the mean time so program flow continues. edit: yeah if it compiles fine then leave kernel32.lib/inc alone, my masm must be old Edited February 12, 2015 by simple Link to comment
Encrypto Posted February 13, 2015 Share Posted February 13, 2015 LCF: To see if the named pipe has any content use PeekNamedPipe. So your code will look like: bSuccess = PeekNamedPipe(blahblah, ...)if (!bSuccess) return 0;ReadFile(blahblahblah...) https://msdn.microsoft.com/en-us/library/windows/desktop/aa365779%28v=vs.85%29.aspx P.S : I know you dont like MSDN, but just use that for detailed information, and use google for the rest. 1 Link to comment
LCF-AT Posted February 13, 2015 Author Share Posted February 13, 2015 Hi again, ah ok so as I thought already its not working to get both without to write a extra temporary file. How to flush?So I can't find a API called fflush etc or what to do? @ Encrypto Hey thanks for this info about this API so I have test it and its working so far and I can call it endless without the problems I get with ReadFile.So if I see it right then this PeekNamedPipe API seems to log always the entire content from the start.So I think it should be then enough only to check the returned bytes I got and this twice and if both byte lenghts are same = There is no more action going on in the CMD right? call PeekNamedPipe ... // Got 214 bytes call Sleep (1000d) call PeekNamedPipe ... // Got 214 bytes = Same bytes value Pipe Over call PeekNamedPipe ... // Got 214 bytes call Sleep (1000d) call PeekNamedPipe ... // Got 282 bytes = Pipe still in action So I think I have to check this on that way also because I always get "success" back after calling call PeekNamedPipe API (always 1 never 0).Ok thanks again guys and I will check this out and send some feedback later. greetz Link to comment
LCF-AT Posted February 15, 2015 Author Share Posted February 15, 2015 Hi again, so I got a quick short other simple question (don't wanna create new topic now). So I have a problem how to get the handle (hwnd) of my created editbox and without the handle I can't get the content (text what I have entered). I just created a Dialog (ID 1001) & Edit (ID 1002) & Button (ID 1003).Now if I press the button then my code should read the text from the editbox.Pretty simple so far but I can't get this handle of editbox.I tried already to use the ID 1002 but dosen't work.So what I have is this at the moment... DlgProc proc hWnd:HWND, uMsg:HWND, wParam:WPARAM, lParam:LPARAM .if uMsg == WM_COMMAND .if wParam == 1003 mov eax, handle of editbox etc ; <--- call ReadText .endif .elseif uMsg == WM_CLOSE invoke EndDialog,hWnd,0 .endif xor eax,eax Ret DlgProc endp ;;;;;;;;;;;;;;;;;;;;;;;;;;;; ReadText proc invoke GetWindowText,eax,ADDR buffer,512 ..... ret ReadText endp...so can anybody tell me quick how to get the handle of editbox?Sorry for asking but I have always problems with that handle stuff or how to declare the IDs with that handle thing etc.Is there any API something like GetHandleByID or something? Thanks Link to comment
simple Posted February 15, 2015 Share Posted February 15, 2015 Try something like: DlgProc proc hWnd:HWND, uMsg:HWND, wParam:WPARAM, lParam:LPARAM .if uMsg == WM_COMMAND .if wParam == 1003 invoke GetDlgItem, hWnd, 1002 ; pass getdlgitem the handle from callback + id of edit box invoke GetWindowText, eax, addr ThisIsWhereTextLands, MAX_TEXT_SIZE .endif 1 Link to comment
mrexodia Posted February 15, 2015 Share Posted February 15, 2015 Learn some C/C++, you can write these kind of things with a few lines of code. Syntax is different from ASM, but you can use the WinAPI in the same manner, it's not too hard to learn... Link to comment
simple Posted February 15, 2015 Share Posted February 15, 2015 next time search "GetWindowText masm example". C (NOT high/app level C++, but C89) is good because its near identical to masm, everybody codes it = billions of code examples. no example in masm? surely C will have. Link to comment
LCF-AT Posted February 15, 2015 Author Share Posted February 15, 2015 Hi again, thanks for the API hint (didn't remember again as always). Hhmm no idea about C /+ etc so I got already problems with WinASM and I think switching to C / + would be maybe not the best idea for me.So for me its really hard to handle all this strange name stuff where I mostly don't know what it is or what I have to use in this or that case etc and I need hours to code any little things + testing. I am very lousy. Thanks again Link to comment
ragdog Posted February 16, 2015 Share Posted February 16, 2015 The language is relativ, only understand it Lcf i cannot send you a pm Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now