Text only | Text with Images

Pelles C forum

Assembly language => Assembly discussions => Topic started by: Vortex on August 10, 2024, 11:00:19 AM

Title: Information from the Process Environment Block
Post by: Vortex on August 10, 2024, 11:00:19 AM
Here is a quick example of getting the operating system version from the Process Environment Block :

https://en.wikipedia.org/wiki/Process_Environment_Block

Code Select
.386
.model flat,stdcall
option casemap:none

include PEBstruct.inc

.data

msg1    db "OSMajorVersion= %u",13,10,13,10,0
msg2    db "OSMinorVersion = %u",0

.code

start:

    call    main
    invoke  ExitProcess,0

main PROC uses ebx

    mov     ebx,fs:[30h]

    invoke  printf,ADDR msg1,\
            PEB.OSMajorVersion[ebx]

    invoke  printf,ADDR msg2,\
            PEB.OSMinorVersion[ebx]
    ret

main ENDP

END start
Title: Re: Information from the Process Environment Block
Post by: Vortex on August 12, 2024, 09:42:02 PM
Another version based on the API  RtlGetCurrentPeb :

Code Select
.386
.model flat,stdcall
option casemap:none

include PEBstruct.inc

.data

msg1    db "OSMajorVersion= %u",13,10,13,10,0
msg2    db "OSMinorVersion = %u",0

.code

start:

    call    main
    invoke  ExitProcess,0

main PROC uses ebx

    invoke  RtlGetCurrentPeb
    mov     ebx,eax

    invoke  printf,ADDR msg1,\
            PEB.OSMajorVersion[ebx]

    invoke  printf,ADDR msg2,\
            PEB.OSMinorVersion[ebx]
    ret

main ENDP

END start


Text only | Text with Images