Which one did you use?
I found one, masm32 that seemed to work with only one warning.
So, I think you can create the dll project now too.
Printable View
Which one did you use?
I found one, masm32 that seemed to work with only one warning.
So, I think you can create the dll project now too.
For masm http://www.masm32.com/
For RadAsm http://radasm.visualassembler.com/
These allow you to create exes,dlls,drivers and I think services with no nag screens, warning, etc.etc.
Theres also a IDE thats kinda like vb for asm called EasyCode, its at
http://www.easycoder.org/
packetvb
To make a VC++ project for APISPY32
1. create a new project, select Win32 dll
2. Add Source files
APSPY32.C
INTRCPT.C
LOADAPIS.C
LOG.C
RETURN.C
W32SUPP.C
3. Assemble ASMRETRN.ASM using above macro assembler
4. add asmretrn.obj to project/settings/Link/Project Options
Alternatively, I think you can add the following code to the end of the RETURN.C file
This way the C++ compiler will do some inline assembly, I know it compiles, but I didn't try to see if the resulting dll worked.Code:void AsmCommonReturnPoint(void)
{
_asm
{
SUB ESP,4 //; Make space for return address
PUSHAD
MOV EAX,ESP
PUSH EAX
CALL CCommonReturnPoint
ADD ESP,4
POPAD
RET
}}
Here are two VC++ projects:
APISPY32.dll and APISPYLD.exe
They both compile, but I didn't test them to see if they run once compiled. Compile them and then test them
Don't delete asmretrn.obj or you'll have to reassemble it.
Also, you could try uncommenting the code at the end of Return.c and removing asmretrn.obj from Link Project options. If this works, you don't have to worry about external assemblers.
...
The changes you made work great and now I have a project to work with. I just need to alter this so that the API Intercepts are posted in real time, rather than waiting till the .exe is closed and it then writes a file that contains everything.
Good luck.
Post the results when you're finished if you don't mind.
...
This is the only changes I have made so far that are different from your upload. Basically I edited the api file so that it only monitors DrawTextA. Also I made it so it doesn't ever write the info to a file and instead it just puts it in a message box as it comes in. This is really bad and crashes everytime. It is just for debugging though so no problem. Also it only puts the string that is being drawn in the message box and only if the text is being drawn to a graphic on the string that has no handle. You can tell that this is the case if the 3rd parameter is 0xFFFFFFFF or -1. Thanks for your help vbPacket and moeur...you guys are great.