[dopamine]

That was an old example how superior the FASM macroses are. It’s a self encrypting code at the moment of parsing.
Explanation: the encrypt macro does XOR 0xAA on every byte between two labels, which is a primitive way to crypt the code. The code on the start label decrypts it.

Code:

; selfencrypt
; 04.07.2008

format PE GUI 4.0
entry start

include "%include%/win32a.inc"

;
; This is the encryption macro.
; It is a simple XOR with 0xAA (10101010 in binary).
;
macro encrypt dstart,dsize {
    local ..char,..key,..shift
    repeat dsize
        load ..char from dstart+%-1
        ..char = ..char xor $AA
        store ..char at dstart+%-1
    end repeat
}

section ".code" code readable writeable executable
start:
        ;
        ; This will be the only non-encrypted part of the code.
        ; Here we will decrypt the code at run-time.
        ;
        mov     edx,real_start
        xor     eax,eax
        mov     ecx,code_size
@@:     xor     byte [edx],$AA
        inc     edx
        loop    @B

real_start:
        ;
        ; Everything from here on will be encrypted.
        ;
        stdcall [MessageBox],0,HelloWorld,HelloWorld,MB_ICONASTERISK

        stdcall [ExitProcess],0

        ;
        ; Encrypt everything from real_start to here.
        ;
        display "Encrypting code... "
        code_size = $ - real_start
        encrypt real_start,code_size
        display "done",13,10

section ".data" data readable writeable import
        library kernel32,"kernel32.dll",user32,"user32.dll"
        include "%include%/api/kernel32.inc"
        include "%include%/api/user32.inc"

        HelloWorld      db      "Hello World!",0

Source: https://blez.wordpress.com/2012/09/18/se...e-in-fasm/

[p0pn0pr0p]

I don't see how this is superior to anything. It's just a postprocessing feature...

[phyrrus9]

Looking at this just makes me want to cry... This isn't even real assembly.. NASM all the way, but thats just syntax. He is using C functions for the majority of his code.

[ArkPhaze]

Looking at this just makes me want to cry... This isn't even real assembly.. NASM all the way, but thats just syntax. He is using C functions for the majority of his code.

Uhh.. Explain which "C functions" you're talking about? All I see are a couple Win32 functions.

[phyrrus9]

Uhh.. Explain which "C functions" you're talking about? All I see are a couple Win32 functions.

And what language is winapi written in. He is linking against functions he didnt write. Not only is that pathetic but its an insult to his (really low) intelligence.

[ArkPhaze]

And what language is winapi written in. He is linking against functions he didnt write. Not only is that pathetic but its an insult to his (really low) intelligence.

*languages You mean perhaps?

Which still does not qualify it as a C function. Those that do are specified under the C standard library. Otherwise we could consider many other language function calls as C functions. And perhaps others as ASM functions, or how about byte code functions? :S

He's not calling any C functions, he's calling Windodws functions, and I don't know how you'd expect him to call to show a message box without going through the Windows API... Lol, there's no alternative. To think that there is, is silly, and this is the same principle behind Windows programs that have a GUI -> you simply can't avoid the Win32 API. Please educate yourself before trying to bash someone else's code.

You should rethink what you're trying to say here... I don't know what your initial point is however, he probably called them for demonstration purposes only. Lol... I'd like to see you write your own MessageBox function however if that's what you are suggesting, and like you say, "not through any functions you didn't write".

[dopamine]

And what language is winapi written in. He is linking against functions he didnt write. Not only is that pathetic but its an insult to his (really low) intelligence.

LOL. So using WinAPI is pathetic now?

Go write basic HTTP Request sender/receiver for linux without using socket(). Go. Do it. GO GO GO. GO Do it mother fuck!

You're the biggest joke on this forum. You should be demoted because you're an insult to the whole staff team.

[phyrrus9]

It can be done. Socket has to be implemented, just make your own implementation. True ASM programmers don't rely on other libs because its all they have, they do so because its easier.

Also, POSIX FTW

[A5^]

True ASM programmers don't rely on other libs because its all they have, they do so because its easier.

so anyone except you? ayyyy lmao

[ArkPhaze]

It can be done. Socket has to be implemented, just make your own implementation. True ASM programmers don't rely on other libs because its all they have, they do so because its easier.

Also, POSIX FTW

Write an example then You can't avoid at least the startup and shutdown code being Windows specific.