Write Your First Application On Win32
What is Win32
win32 is an plactform that like J2ME and J2SE means that it have it's memory model
and have a architure and have those Applications programming interfaces to call
to the operating system . Like the APIS in the java , the user mode Win32 program
code cannot comminucate with the hardware componments directly , but the older 16
bit MS dos computer application software can do it .For an example if they need
to paint a pixel on the screen then they can done it by two different ways . The F
irst way is By using the DOS or BIOS calls that stored in the lower memory area .
The DOS or BIOS calls are like APIs to the MS-Dos programs . The MS-Dos program put
ts the system call id in a register like AH and puts other parameaters in the stack
and the other registers and interrupt it . The interrupt vector table stores the
address to the relavant procedure call . and that's how that was happen . The secon
d method is by writing to the device registers and memory structures directly .For
a example when a gam needs to place a bitmap in the screen it puts it directly to
write it to the device rather than calling to the BIOS or MS-DOS system calls to
draw it on the screen . But unlike the MS-DOS , 32-bit windows implements more
security levels . Beacuse of morden processors are capable of doing many things in
the hardware level , the operating systems that are implements on their architure
are implementing those features . One of the special feature that we have to focus
is that new 32 bit processors are implementing the executing modes . Modern processors
are having at least 2 executing modes . In intel x86 architure processors , there are
four execution modes . The root level of execution mode is the ring0 and the lowerst
priviledge mode is called ring3 . There are intermeadiate levels like ring2 and ring1
but operating system typically does not use them to implement their security execution
modes . (to make their operating system more simple and less bugs ).So what are you
think about the win32 appications like Microsoft Excel ( comes with the office package
by Microsoft ?). is an application program or not ? Yes brother that was an application
program and it runs in the execution mode ring3 . That means it have less priviledges.
But what about the device driver software that you installed to run your modem ? Ya
that was an ring0 software componment in the win32 world . That means the win32
environment is devided into two main categories . They are win32 applications and win32
drivers . As your first application on win32 , I'm show you how to write your fist
win32 application on ring3 . That means the application cannot call the hardware directly
but through the API ( Application Programming Interface ) you can do whatever you need
to perform as a application program .
The Memory Model In Win32
The memory model in Win32 is somewhat linear than the old MS-DOS 16 bit memory model.
However ,in MS-DOS you can use segments to segment and seperate your execution code ,
data , and stack . But in the 32 bit environment the segments are already there , but
the segment value in a segment register simply means an start pointer to a datastructure
or an code block rather than a starting page . The offset is simply added to the seg
ment that's how segments are different in the win32 . Thus beacuse of that it's like to
an memory model like in old msdos the small , that have used by the com files . However
the techonlogy give this win32 to handdle more memory than 64KB memory segment . Now
the size of the memory that can be accessed by a application program is 4GB . means
2^32 bytes of memory . WOW that's very interesting is'nt it ? But typically the truth
is no computer program that uses the memory even up to 1GB . Beacuse of the partical
limitations of the computing . Althrough the registers are 32 bit and can hold 32 bit
pointers in them , so many application programs are sharing the sam memory , the phy
sical memory limited to the 4GB , in the 32 bit world .Then the memory usage is more
than 4GB . Yes most of time that is the truth , that's why windows keeps an paging file
to page the memory form ram to the harddisk . That's a one of a reason that the things
are not fast as you expect . In reallaty there are no even 32 bit computers what fulled
with 4GB RAM cards .
So then , Like an MS-Dos program , win32 programs are also having their segments .
Yes there is an code segment and there is an stack segment and there is an also
a data segment . Thre are segments like resource , that newcome to the win32 .However
the things are grater if you know the assembly language programming for 16-bit MS
DOS . However it doesn't matter . The 16-bit model is dead a long time ago . Nowdays
that memory model is used for only in embedded devices shuch as cell phones , and
POS (point of sale ) devices like these things .That means I cannot say that there
is not worth to learn the x86 16 bit real mode assembly languae , Thus beacuse they are
heavily industrial , the indistries shuch as programming Microcontrollers .For an example
I found Z80 , like processor memory model in a morden day pannel bord that operates
circuit brakers in a heavily techinical electrical subsystem . However in destop computing
world that is'nt much worth . In the high end computing world the 32-bit environment is
also a old one . Now I'm writing this note using the windows xp professional x64 bit
Edition computer . But the operating system is still win32 backward compatiable , althrough
it cannot supports the win16 environment . Means that you have to think again if you
are interesting to start with the 16bit or go ahead with us with the knowledge of 32 or
64 bit computing . However I means 64 bit computing , I really still doesn't know
very much in 64 bit assembly language .Still many programs are working in the 32bit
mode either the operating system and it's kernel is in 64 bit mode .That means 32 bit
assembly language is an good starting point to master , and come to the 64 bit world .
What did you want's to know before we I expalin the code
Oky you are going to write an application program in win32 Therefore , there are
two types of win32 applications ,
 : Console Applications.
 : GUI applications.
The first type of application is like the applications like cmd.exe , if you doesn't
know what is cmd.exe . Please press the windows logo key + R in the keyboard and type
there cmd.exe and enter . The next type of application is GUI applications like the
internet explore , notepad like these programs . The difference of the GUI form the
console based application is that in GUI you have to use mostly the mouse rather than
the keyboard . As a windows user I really hate the mouse .Beacuse the keyboard is more
shourt cut than the mouse . However we are going to write an GUI application to the
in win32 .
what is our program ?
As the first program in console we can say "Hello World !" . But in GUI we can make an
message box and say "Hello World ! " .it uses the MessageBoxA@16 API call , typically
in windows API's are stored in a DLL file . In here it was stored in a uesr32.dll file
.So we have to make an external connection to that API call .
That's how we did it . After that you can call that API in anywhere in your program .By
the way when you linking you have to /defaultlib:c:\masm32\lib\user32.dll ,like this .
That is why , the external API's external information is inside that libarary file .Means
the dynamic linking information is in that lib file and actually when the program runs .
the call statement points to a somekind of procedure that really stored in the user32.dll
not the user32.lib. when comes to dynamic linking , the lib file only contains the information
about how to link the code to the external dll file , but not the real procedure code .By the
way code also can hold in lib files , whe there is an external static procedure is there .
But remember that API calls are typically a procudure that comes form a dll file that stored
in your windows\system32 directory.
So what about the @16 ? That's what I needs to come here .16 means that there are 16/4 = 4
dword parameaters in this call . means stack is filled with 16bytes when calling to the
However do you wondering what are the API calls ? Wonder about what are the parameaters that
i have push to the stack , first one is 0 , means MB_OK , second parameater is the offset to
the text that we need to display its on the message box as a caption and the thirid parameater
is the offset to the text that we are want to display on the message-box body. and the last
parameater is the hInstance , that the instance handler of the calling code . I place it as
0 however . you can learn more about this MessageBoxA function call by the MSDN. just type
the MessageBoxA in the search tag .
What are the tools that I need?
Basically you need these tools ,
A text editor : what about the notepad comes with windows
A assembler and a linker
A debugger : not optional
A disassembler : not optional
Any kind of 32-bit windows operating system , above windows 95 or itself.
As a text editor you can easily find the notepad.exe easily . However your paying for
it . isn't it . As an assembler you can use MASM 32bit edition or the TASM32.exe .
Hoever MASM32 bit version can be freely download form the internet .
As a debugger you can use the SoftIce if you have money to buy it . But I'm not just
using soft ICE even . Beacuse its costly . However I'm using Ollydbg as a user mode
debugger . As an desaassebler I'm using the IDA pro . You can download the IDA Pro
a freeware version form the internet . you have to search for that . if you unable to
search for that you can email me .As a operating system , trouble is'nt it , wow that's
really wont be a problem anymore however . Thus beacuse you can find the above 5 tools
in a one free iso image and you can burn the iso image into a CD-ROM using a software
like NERO . However you have to find out that iso image in the internet and download
it . You can find it at the virus group web site www.29a.net . you really have to
search for it . If you unable to find it you can email me then .
That was an bootable CD that starts alike windows xpe operating system . However I don't
know that it was leagal but I know that you can use that . It not only provides you
a operating system and a text editor . It provides the assemblers like masm , tasm and
even nasm . As a debugger it provides Ollydbg , my faviourate debugger . And a Integradate
development for assembly language programming . Another benefit of that CD is that you
not need to install it or deploy it on your hardware. It's bootable CD like KNOPPIX . My
faviourate LINUX .
OKY you got everything lets go now . Check Everyting that work properly
As a first setp you can open the cmd.exe . I mention how to open cmd.exe earlier .and make
an appropriate directory for your assembly language source files and binary files . Then
you have to set your paths to the MASM or TASM 's bin directory and windows\system32 directory
.A command like this will work if your operating system and masm32's directories are same as
:-) >>> The reason that set to the windows system32 directory is that the notepad.exe is
there . Then your are going to write your first assembly language source file . The extension
for the assembly language source file is still .asm . Like MS-DOS assembly . But remember that
the assembly language extension is sometimes can have .S even specially in the LINUX GNU
environments . For the GNU compilers the extendsion is .S . However our source file is named
is HelloWin and Extension is .asm . do it in the cmd like I did .
C:\src\HelloWin> notepad HelloWin.asm
The you are going to write the first assembly language program in the notepad
==== HelloWin.asm ==============================
.model flat, stdcall
szCaption db 'Hello World',0
szAppName db 'HelloWorld',0
push offset szCaption
push offset szAppName
Save it and back to the command prompt . then you have to assemble it use the following commands
to assemble it .
C:\src\HelloWin> ml.exe /coff /c HelloWin.asm
and this to link it
c:\src\HelloWin> link /subsystem:windows HelloWin.obj /defaultlib:C:\masm32\lib\user32.lib
and run the program .
Volume in drive C has no label.
Volume Serial Number is 7829-4529
Directory of H:\assembly\HELLOWORLD
01/24/2002 11:48 PM .
01/24/2002 11:48 PM ..
01/25/2002 12:07 AM 269 HelloWin.asm
01/25/2002 12:07 AM 500 HelloWin.obj <<-- this is the object file
01/25/2002 12:09 AM 2,560 HelloWin.exe <<-- this is the exe file that we need to run
4 File(s) 3,609 bytes
2 Dir(s) 821,002,240 bytes free
Then as you can see
A message Box something like this will be popup on the screen.
yes you worte an application for win32 GUI . you may wonder what is the /SUBSYSTEM:windows means . That meas
that you are link the program as an win32 GUI program.
if you are having errors while compiling the program please read the source program again . Thik that
the at first the worng is in your program , beacuse the tools are tested very long time . you can find some
differences in my link command and your link command beacuse of that /defaultlib:c:\masm32\lib\user32.lib
is in your computer may be in F:\masm32\lib\user32.lib .
you never need to byhart that how to compile the program using masm or tasm beacuse the tool
developer can change it . The only thing that you need is you have to read the documentation of the
masm and tasm . whatever you are using .For an example if you need to get the command summary about the
link command you can just type "link" with nothing parameters . Sometimes it can be "link /?" or
"link --help" or "link -h" .Try all of these things . the switches shuch as --help and -h are mostly
you can see in the nasm . thus beacuse nasm comes form the linux world . but don't use nasm in here.
You can use masm32 or tasm in here. Note that you have to download the masm32 bit version . Look, in
link.exe found in the masm32\lib i really forgoten how to invoke the library file in the cmd line.Then
I use the help and find a switch like /defaultlib: .Then I test it like /defaultlib:user32.lib , and that
does not works , and then I tried /defaultlib:c:\masm32\lib\user32.lib and that properly works .However
its ups to you to read the documentation of the assembler /linker that you are using . Althrough if
you don't like to read the documentation via the black-background white text screen you can find the
doucmentation in a pdf file on the internet . GOOGLE it . or you can get the whole documentation into
an txt file like this . Invoke this command in the command line .
c:\src\HelloWin> link.exe /? > linkDocumentation.txt
and you can read it by using a text editor or HTML it ,and have a fun !
Is't yet not working the program ?
Oky you can email me : email@example.com
--- By Sanzilla Jackcat
sorry about my english grammer rules . Thus beacuse there is no mathematical specification to english grammer rules yet .However please send me feedback .