ASM System Utilities

Author: Dominik Karczewski (ogur.dev)
Purpose: Learning x64 Windows Assembly programming

Description

A collection of basic system utilities written in pure x64 Assembly for Windows. This project demonstrates low-level Windows API usage without any C runtime libraries - everything is direct syscalls and API functions.

Features

1. System Info

Displays basic system information:

• Computer name
• Current user
• Current directory

Uses Win32 APIs: GetComputerNameA, GetUserNameA, GetCurrentDirectoryA

2. Directory Tree

Lists files and directories in the current working directory with visual tree structure.

Uses Win32 APIs: FindFirstFileA, FindNextFileA, FindClose

3. HTTP Request (curl-like)

Makes a simple HTTP GET request to a user-specified hostname:

• Resolves hostname to IP using DNS
• Opens TCP socket connection on port 80
• Sends HTTP/1.1 request with proper headers
• Displays server response

Uses Winsock APIs: socket, connect, send, recv, gethostbyname

4. Ping Host

ICMP ping utility:

• Accepts hostname or IP address
• Resolves hostname via DNS
• Sends ICMP echo request
• Displays round-trip time (RTT) in milliseconds

Uses IPHLPAPI: IcmpCreateFile, IcmpSendEcho

5. Port Scanner

TCP port scanner:

• Scans user-defined port range
• Tests if ports are open/closed via TCP connect
• Displays all open ports found

Uses Winsock APIs: socket, connect, closesocket

Build Instructions

Requirements

• NASM (Netwide Assembler)
• Microsoft Visual Studio (for link.exe)
• Windows x64 OS

Build Command

nasm -f win64 utils.asm -o utils.obj
link utils.obj /subsystem:console /entry:main kernel32.lib advapi32.lib ws2_32.lib iphlpapi.lib

Run

utils.exe

Technical Details

Architecture

• Platform: Windows x64
• Calling Convention: Microsoft x64 calling convention (rcx, rdx, r8, r9 + stack)
• No CRT: Direct Win32 API calls, no C runtime
• Socket API: Winsock 2.2

Key Concepts Demonstrated

1. Win32 API Usage

   • Console I/O operations
   • File system enumeration
   • System information queries

2. Network Programming

   • Winsock initialization (WSAStartup)
   • Socket creation and management
   • TCP connections
   • DNS resolution (gethostbyname)
   • HTTP protocol basics

3. ICMP Operations

   • Raw ICMP echo requests
   • Network diagnostics

4. Assembly Techniques

   • String manipulation
   • Number parsing and formatting
   • Function calling conventions
   • Stack frame management
   • Register preservation

Memory Layout

Data Section (.data):

• Menu strings
• Prompts and headers
• Error messages
• HTTP request templates

BSS Section (.bss):

• Console handles
• Network buffers (4KB recv buffer)
• User input buffers
• Winsock state (wsaData)

Text Section (.text):

• All executable code
• Helper functions for I/O
• Network utilities
• Main program loop

Known Limitations

• Ping/DNS resolution: gethostbyname is deprecated but used for simplicity. Modern code should use getaddrinfo.
• HTTP only: No HTTPS support (would require OpenSSL/WinHTTP)
• Single-threaded: Port scanner is sequential
• No error recovery: Most errors just display message and return to menu
• Fixed buffer sizes: No dynamic memory allocation

Learning Goals

This project was created to learn:

• x64 Assembly language fundamentals
• Windows API programming at the lowest level
• Network programming without abstractions
• Manual memory management
• How high-level languages work under the hood

Future Improvements

Potential enhancements for learning:

• Add getaddrinfo instead of deprecated gethostbyname
• Implement proper error handling with WSAGetLastError
• Add threading for parallel port scanning
• Support IPv6 addresses
• Add more utilities (process list, registry access, etc.)

License

Educational/learning project - use freely for learning purposes.

References

• Microsoft x64 Calling Convention
• Winsock Reference
• NASM Documentation