I decided to understand the assembler (I chose FASM because everything just works out of the box), while writing "Hello World!" the question arose, why are we not actually working with the following code
format PE64 Console
entry main
include 'win64a.inc'
section '.data' data readable writeable
hello2 db 'hello world!',0
section '.bss' data readable writeable
StandardHandle rd 1
Written rd 1
section '.code' code readable writeable executable
main:
stdcall test_proc, 11
invoke ExitProcess, 0
proc test_proc, ms
invoke GetStdHandle, STD_OUTPUT_HANDLE
mov [StandardHandle], eax;getting handle
push rbx
invoke WriteFile, [StandardHandle], hello2, 1, Written, 0
mov rbx, qword ptr ms
invoke WriteFile, [StandardHandle], hello2, 2, Written, 0
invoke WriteFile, [StandardHandle], hello2, rbx, Written, 0
invoke WriteFile, [StandardHandle], hello2, 3, Written, 0
pop rbx
ret
endp
section '.idata' data import readable
library kernel, 'kernel32.dll'
import kernel,\
GetStdHandle, 'GetStdHandle',\
ExitProcess, 'ExitProcess',\
WriteFile, 'WriteFile'
It reaches 3 calls to WriteFile and does not display anything on it, although the current output works. The salt itself is that the rbx register is not empty, an incomprehensible value is written into it (not what we passed). I can't understand anything...