API to Assembly

Printable View

Apr 27th, 2008, 11:14 AM
dw85745

API to Assembly

) What is the best way to gain an understanding of how a particular API is represented in Assembly?

Stated differently, can i just enter an API call in Visual C++ and get out assembly for that particular API call?

If so how?
May 5th, 2008, 06:07 PM
Paul M

Re: API to Assembly

Oh boy i haven't done any sort of ASM in so long, but if i remeber correctly all you have to do is inlcude the approriate lib and include files and then you can either invoke or push/call. Not to sure which is more effective performance wise but i am sure it would not be noticeable at all ;)

So it would be..

Code:

invoke MessageBox, NULL, text here, caption here, MB_OK

Code:

push MB_OK ;uType push Caption ;Caption push Text ;Text push 0 ;HWND call MessageBoxA

Should note invoke is an extension in MASM, it translates to push/call anyway. Not to sure if it works in winASM etc...
May 6th, 2008, 09:50 PM
dw85745

Re: API to Assembly

Thanks for response Paul_M

Your post had me a little confused. Are you saying if I enter this is VC

Quote:

invoke MessageBox, NULL, text here, caption here, MB_OK

That VC will return this for me (or whatever) for any API?

Quote:

push MB_OK ;uType
push Caption ;Caption
push Text ;Text
push 0 ;HWND
call MessageBoxA
Dec 7th, 2008, 07:44 PM
Macka007

Re: API to Assembly

I'm only just learning assembly but this is something i've been playing around with a bit. So, I may be wrong but I'll give it a shot.

Are you after the ASM that makes up the API or the ASM used to call the API?

If you want the ASM for the API it resides in the DLL always.
eg MessageBoxA resides in User32.dll to get the asm for MessageBoxA you will need to open User32.dll in a disassembler such as W32DASM or Ollydbg.

Invoke is used in some assemblers such as TASM, and as far as I know isn't used in VC

VC:

Code:

MessageBox NULL, "text", "Title",MB_OK

The parameters are pushed onto the stack from right to left as push decreases the esp (Stack pointer).

ASM code generated by the compiler

Code:

push 1 push <ptr to caption> push <ptr to text> push 0 Call MessageBoxA

The API is then able to read the values passed to it by looking in the stack

Code:

esp holds the address after call (the address to return to) esp+4 holds the hWnd (0) esp+8 holds the ptr to the text esp+c holds the ptr to the caption esp+10 holds the uType (1 for MB_OK)