using ollydbg to debug this source code
masm32\icztutes\TUTE09\controls.asm
which is included with masm v8...

if i wanted to break on WndProc's WM_COMMAND for IDM_HELLO
or WM_COMMAND alone even. I would think i would open controls.exe with ollydbg, run the program. when it's running, click view/windows then right click and actualize. I would see "My First Button". That make's me happy because that is what i want to break on. So i would right click on it, then Message breakpoint on classproc. it brings up a window set breakpoing on winproc.. sweet, i know that this is WM_COMMAND so rather then break on the message Any Message i break on 111 WM_COMMAND. I would think any window would do but why not the actual window. i click ok, resume the program and click the button ... the breakpoint never hits... using the actual window or any window for the specific message that i selected, on this source or any source i code. i think i'm missing something, can anyone explain why this doesn't work ?

i noticed people keep regurgitating the same info from ollydbg's help. from this regurgitation i can only seem to make a pink breakpoint that hits the classproc everytime it passes, but conditionally using the message breakpoint s as i mentioned above i never get a hit. i dont think most people who reply actually try to do what they say

WndProc proc hWnd:HWND, uMsg:UINT, wParam:WPARAM, lParam:LPARAM
.IF uMsg==WM_DESTROY
invoke PostQuitMessage,NULL
.ELSEIF uMsg==WM_CREATE
invoke CreateWindowEx,WS_EX_CLIENTEDGE, ADDR EditClassName,NULL,\
WS_CHILD or WS_VISIBLE or WS_BORDER or ES_LEFT or\
ES_AUTOHSCROLL,\
50,35,200,25,hWnd,EditID,hInstance,NULL
mov hwndEdit,eax
invoke SetFocus, hwndEdit
invoke CreateWindowEx,NULL, ADDR ButtonClassName,ADDR ButtonText,\
WS_CHILD or WS_VISIBLE or BS_DEFPUSHBUTTON,\
75,70,140,25,hWnd,ButtonID,hInstance,NULL
mov hwndButton,eax
.ELSEIF uMsg==WM_COMMAND
mov eax,wParam
.IF lParam==0
.IF ax==IDM_HELLO
invoke SetWindowText,hwndEdit,ADDR TestString
invoke SendMessage,hwndEdit,WM_KEYDOWN,VK_END,NULL
.ELSEIF ax==IDM_CLEAR
invoke SetWindowText,hwndEdit,NULL
.ELSEIF ax==IDM_GETTEXT
invoke GetWindowText,hwndEdit,ADDR buffer,512
invoke MessageBox,NULL,ADDR buffer,ADDR AppName,MB_OK
.ELSE
invoke DestroyWindow,hWnd
.ENDIF
.ELSE
.IF ax==ButtonID
shr eax,16
.IF ax==BN_CLICKED
invoke SendMessage,hWnd,WM_COMMAND,IDM_GETTEXT,0
.ENDIF
.ENDIF
.ENDIF
.ELSE
invoke DefWindowProc,hWnd,uMsg,wParam,lParam
ret
.ENDIF

i can conditionally breakpoint using shift+f2 for the condition
msg==111
where 111 is WM_COMMAND on the translate message api call.
this works for this source code only on the menu items, not when the button is pressed, even still, when the button is pressed ..
invoke SendMessage,hWnd,WM_COMMAND,IDM_GETTEXT,0
is done.
this should still break and it doesn't, wtf?

Breakpoints, item 0
Address=00401118
Module=CONTROLS
Active=Log
Disassembly=PUSH EBP

00401118 MSG == WM_COMMAND /. 55 PUSH EBP ; Decoded as <WinProc>



Log data
Address Message
00401118 CALL to Assumed WinProc from KERNEL32.BFF73638
hWnd = 00000F10 ('Our First Window',class='SimpleWinClass',wndproc=00401118)
Message = WM_COMMAND
Notify = EN_SETFOCUS... ID = 2.
hControl = 00000F0C (class='Edit',wndproc=803C5FC8,parent=00000F10)

00401118 CALL to Assumed WinProc from KERNEL32.BFF73638
hWnd = 00000F10 ('Our First Window',class='SimpleWinClass',wndproc=00401118)
Message = WM_COMMAND
Notify = EN_KILLFOCUS... ID = 2.
hControl = 00000F0C (class='Edit',wndproc=803C5FC8,parent=00000F10)

00401118 CALL to Assumed WinProc from KERNEL32.BFF73638
hWnd = 00000F10 ('Our First Window',class='SimpleWinClass',wndproc=00401118)
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 1.
hControl = 00000F08 ('My First Button',class='Button',wndproc=803C5E7E,parent=00000F10)

00401118 CALL to Assumed WinProc
hWnd = 00000F10 ('Our First Window',class='SimpleWinClass',wndproc=00401118)
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 3.
hControl = NULL

00401118 CALL to Assumed WinProc from KERNEL32.BFF73638
hWnd = 00000F10 ('Our First Window',class='SimpleWinClass',wndproc=00401118)
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 1.
hControl = NULL

00401118 CALL to Assumed WinProc from KERNEL32.BFF73638
hWnd = 00000F10 ('Our First Window',class='SimpleWinClass',wndproc=00401118)
Message = WM_COMMAND
Notify = EN_UPDATE... ID = 2.
hControl = 00000F0C (class='Edit',wndproc=803C5FC8,parent=00000F10)

00401118 CALL to Assumed WinProc from KERNEL32.BFF73638
hWnd = 00000F10 ('Our First Window',class='SimpleWinClass',wndproc=00401118)
Message = WM_COMMAND
Notify = EN_CHANGE... ID = 2.
hControl = 00000F0C (class='Edit',wndproc=803C5FC8,parent=00000F10)

00401118 CALL to Assumed WinProc from KERNEL32.BFF73638
hWnd = 00000F10 ('Our First Window',class='SimpleWinClass',wndproc=00401118)
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 2.
hControl = NULL

00401118 CALL to Assumed WinProc from KERNEL32.BFF73638
hWnd = 00000F10 ('Our First Window',class='SimpleWinClass',wndproc=00401118)
Message = WM_COMMAND
Notify = EN_UPDATE... ID = 2.
hControl = 00000F0C (class='Edit',wndproc=803C5FC8,parent=00000F10)

00401118 CALL to Assumed WinProc from KERNEL32.BFF73638
hWnd = 00000F10 ('Our First Window',class='SimpleWinClass',wndproc=00401118)
Message = WM_COMMAND
Notify = EN_CHANGE... ID = 2.
hControl = 00000F0C (class='Edit',wndproc=803C5FC8,parent=00000F10)

00401118 CALL to Assumed WinProc from KERNEL32.BFF73638
hWnd = 00000F10 ('Our First Window',class='SimpleWinClass',wndproc=00401118)
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 3.
hControl = NULL

00401118 CALL to Assumed WinProc from KERNEL32.BFF73638
hWnd = 00000F10 ('Our First Window',class='SimpleWinClass',wndproc=00401118)
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 4.
hControl = NULL
Process terminated, exit code

using the conditional breakpoint on the translate message api call as
msg==WM_LBUTTONUP
worked well to break on the button.

what i dont understand is, why when i cbp as msg==WM_COMMAND the button doesn't break for two reasons. it's specified under
uMsg==WM_COMMAND

-----

.ELSEIF uMsg==WM_COMMAND
mov eax,wParam
.IF lParam==0
....
.ELSE
.IF ax==ButtonID
shr eax,16
.IF ax==BN_CLICKED
invoke SendMessage,hWnd,WM_COMMAND,IDM_GETTEXT,0
.ENDIF
.ENDIF
.ENDIF



it should have broke, one more thing


after the button was pressed, it sent a message WM_COMMAND,IDM_GETTEXT


00401246 |. 6A 00 PUSH 0 ; /lParam = 0
00401248 |. 6A 03 PUSH 3 ; |wParam = 3
0040124A |. 68 11010000 PUSH 111 ; |Message = WM_COMMAND
0040124F |. FF75 08 PUSH DWORD PTR SS:[EBP+8] ; |hWnd
00401252 |. E8 5F000000 CALL <JMP.&USER32.SendMessageA> ; &#92;SendMessageA

it in code loops back, a conditional break point should be hit here as well

00401118 MSG == WM_COMMAND && [esp+0xc] == 1 /. 55 PUSH EBP ; Decoded as <WinProc>

Windows, item 0
Handle=00000DBC
Title=Our First Window
Parent=Topmost
WinProc=00401118 CONTROLS.00401118 MSG == WM_COMMAND && [esp+0xc] == 1
ID=000009E0 (2528.)
Style=14CF0000 WS_OVERLAPPED|WS_MINIMIZEBOX|WS_MAXIMIZEBOX|WS_CLIPSIBLINGS|WS_VISIBLE |WS_SYSMENU|WS_THICKFRAME|WS_CAPTION
ExtStyle=00000300 WS_EX_WINDOWEDGE|WS_EX_CLIENTEDGE
Thread=Main
ClsProc=00401118 CONTROLS.00401118 MSG == WM_COMMAND && [esp+0xc] == 1
Class=SimpleWinClass




/CALL to Assumed WinProc from KERNEL32.BFF73638
|hWnd = 00000DBC ('Our First Window',class='SimpleWinClass',wndproc=00401118)
|Message = WM_COMMAND
|Notify = MENU/BN_CLICKED... ID = 1.
&#92;hControl = 00000DB8 ('My First Button',class='Button',wndproc=803C5E7E,parent=00000DBC)

three tries three breaks

Log data
Address Message
00401118 CALL to Assumed WinProc from KERNEL32.BFF73638
hWnd = 00000DBC ('Our First Window',class='SimpleWinClass',wndproc=00401118)
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 1.
hControl = 00000DB8 ('My First Button',class='Button',wndproc=803C5E7E,parent=00000DBC)
00401118 Conditional breakpoint at CONTROLS.00401118
00401118 CALL to Assumed WinProc from KERNEL32.BFF73638
hWnd = 00000DBC ('Our First Window',class='SimpleWinClass',wndproc=00401118)
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 1.
hControl = 00000DB8 ('My First Button',class='Button',wndproc=803C5E7E,parent=00000DBC)
00401118 Conditional breakpoint at CONTROLS.00401118
00401118 CALL to Assumed WinProc from KERNEL32.BFF73638
hWnd = 00000DBC ('Our First Window',class='SimpleWinClass',wndproc=00401118)
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 1.
hControl = 00000DB8 ('My First Button',class='Button',wndproc=803C5E7E,parent=00000DBC)
00401118 Conditional breakpoint at CONTROLS.00401118

i appreciate your post of your log dump "oh me anon", getting this information you posted was not a problem. having a breakpoint set already knowing what to break on was.


wm_lbuttonup is good to break on this button for this source code. what my problem is, is that using a cbp on msg==WM_COMMAND on the translate message api call for a known pass of this message doesn't work for a button that does send it ..

.IF ax==BN_CLICKED
invoke SendMessage,hWnd,WM_COMMAND,IDM_GETTEXT,0
.ENDIF


everything else in this code breaks appropiately for WM_COMMAND message, just not the button, is this because a message for WM_COMMAND is sent out of a .uMsg==WM_COMMAND ?? that would be the second place it should of hit, the first hit for the button anyways, should of been when it was pressed after WM_LBUTTONDOWN to get to WM_COMMAND for the
.IF ax==BN_CLICKED


from a non-software cracking point of view, but for a coding assembly point of view i see this problematic for my own code debugging. i'm showing code from iczelion, and have the problem, but in my own code this is becoming a larger problem.

rather, the first hit for WM_COMMAND message should be hit when the button was pressed to get to .IF ax==BN_CLICKED inside uMsg==WM_COMMAND...

and the second hit would of been when i sent a message to WM_COMMAND just after .IF ax==BN_CLICKED

invoke SendMessage,hWnd,WM_COMMAND,IDM_GETTEXT,0
..
yet neither hit
..
i can break differently to catch this message but from asm coding viewpoint and debugging viewpoint i dont see why these dont hit conditionally with a cbp set on translate message.

? i really couldnt understand anything you posted right from the first post till the last post
i avoided commenting anything and just pasted the dump details hoping you could some how post a clear coherant question

a send message is meant to be sent to another hwnd in this case idm_whatever == 3
so if you need to break on the SendMessages message viz wm_command
combine it with wParam == 3 or [esp+0x0c] == 3

and if you click the button you will see it broke and if you single step
you will see it is getting the text

0040121E /CALL to GetWindowTextA from CONTROLS.00401219
00000FD4 |hWnd = 00000FD4 (class='Edit',wndproc=803C5FC8,parent=00000FD0)
00403074 |Buffer = CONTROLS.00403074
00000200 &#92;Count = 200 (512.)
0063FBF0
BFF958F8 KERNEL32.BFF958F8
00000FD0
00000111 <---- wm_command
00000003 <----- id here
00000000

you did this setting a conditional breakpoint on the api call to translate message ? with shift+f2
msg ==WM_COMMAND && [esp+0x0c] == 3

without wparam, or lparam .. just a cbp with WM_COMMAND set as you described. will only break when the menu items are clicked for 0x01 0x02 0x03, not the button itself. with ollydbg v1.10 and with this source code . for this 'button' i couldn't break on wm_command, only wm_lbuttondown .. i dont see how you did it. though your source code also appears to be different, the offsets at least. from where did you download your source code ?

wtf translatemessage you are harping about ??
you mean that translate message call in that message loop ?? @ 401101

anyway this is all the message that the winproc gets

if you really notice you can see two wm_commands one below another with two different ids and a hit on button before that
i am stopping replying to this thread unless it makes sense

00401119 COND: 00000D1C 00000D1C ('My First Button',class='Button',wndproc=803C6062,parent=00000B98)
00401118 COND: msg to winproc = 00000020 WM_SETCURSOR
00401119 COND: 00000D1C 00000D1C ('My First Button',class='Button',wndproc=803C6062,parent=00000B98)
00401118 COND: msg to winproc = 00000210 WM_PARENTNOTIFY
00401119 COND: 00000201 00000201
00401118 COND: msg to winproc = 00000021 WM_MOUSEACTIVATE
00401119 COND: 00000B98 00000B98 ('Our First Window',class='SimpleWinClass',wndproc=00401118)
00401118 COND: msg to winproc = 00000020 WM_SETCURSOR
00401119 COND: 00000D1C 00000D1C ('My First Button',class='Button',wndproc=803C6062,parent=00000B98)
00401118 COND: msg to winproc = 00000008 WM_KILLFOCUS
00401119 COND: 00000D1C 00000D1C ('My First Button',class='Button',wndproc=803C6062,parent=00000B98)
00401118 COND: msg to winproc = 00000135 WM_CTLCOLORBTN
00401119 COND: 00000776 00000776
00401118 COND: msg to winproc = 00000135 WM_CTLCOLORBTN
00401119 COND: 00000776 00000776
00401118 COND: msg to winproc = 00000135 WM_CTLCOLORBTN
00401119 COND: 00000776 00000776
00401118 COND: msg to winproc = 00000111 WM_COMMAND
00401119 COND: 00000001 00000001
00401118 COND: msg to winproc = 00000111 WM_COMMAND
00401119 COND: 00000003 00000003
00401118 COND: msg to winproc = 00000086 WM_NCACTIVATE
00401119 COND: 00000000 NULL
00401118 COND: msg to winproc = 0000000D WM_GETTEXT
00401119 COND: 000000FF 000000FF
00401118 COND: msg to winproc = 00000006 WM_ACTIVATE
00401119 COND: 00000000 NULL
00401118 COND: msg to winproc = 00000135 WM_CTLCOLORBTN
00401119 COND: 00000776 00000776
00401118 COND: msg to winproc = 00000020 WM_SETCURSOR
00401119 COND: 00000D1C 00000D1C ('My First Button',class='Button',wndproc=803C6062,parent=00000B98)
00401118 COND: msg to winproc = 00000135 WM_CTLCOLORBTN
00401119 COND: 00000776 00000776
00401118 COND: msg to winproc = 00000020 WM_SETCURSOR
00401119 COND: 00000D1C 00000D1C ('My First Button',class='Button',wndproc=803C6062,parent=00000B98)
00401118 COND: msg to winproc = 00000084 WM_NCHITTEST
00401119 COND: 00000000 NULL
00401118 COND: msg to winproc = 00000020 WM_SETCURSOR
00401119 COND: 00000B98 00000B98 ('Our First Window',class='SimpleWinClass',wndproc=00401118)
00401118 COND: msg to winproc = 00000200 WM_MOUSEMOVE
00401119 COND: 00000000 NULL
00401118 COND: msg to winproc = 0000001C WM_ACTIVATEAPP
00401119 COND: 00000000 NULL

if anyone is not making sense, it is you, not answering a direct question

what translate message api call do you think i mean ? of course the one in the api message loop and i'm not talkin gabout any of this jazz from your log dump.

if anything this alone,

00401118 COND: msg to winproc = 00000111 WM_COMMAND
00401119 COND: 00000001 00000001
00401118 COND: msg to winproc = 00000111 WM_COMMAND
00401119 COND: 00000003 00000003

how are you breaking here ? without it being from the menu items in controls.exe, but the button. is this confusing for you ? is WM_LBUTTONDOWN confusing for you ? is WM_COMMAND confusing for you ? is asm confusing for you ?

i have no problems breaking on any of the other messages, like wm_paint, wm_resize, etc.... wm_command alone here, what i dont understand though is why i'm having to break on the api call with translate message rather then using the view/windows/actualize/message break on classproc which is a feature to ollydbg ... i figure it too looks for something like translate message to find this message. it's a good thing i'm not looking for user defined messages if base messages like wm_command is problematic

maybe you are doing something i'm not doing, so rather then pasting dumps from your logs, why not explain how you are doing it? me? i'm using shift+f2
here
004010FC >|. E8 CD010000 |CALL <JMP.&USER32.TranslateMessage> ; &#92;TranslateMessage

using

msg==WM_COMMAND

which is pretty simple.

and if you try it just like this, then press f9 to run the program, you'll notice this condition to break is never met when you click the "My first button", but only when you click the menu items, if this confuses you. damn. i'm sorry.

since this isn't breaking on this condition, what i dont understand is why, the message for WM_COMMAND as the asm code shows, passes not once, but twice

god damn bullshit you are talking i posted the info right in the first post
and you blind cant see through it or you dont understand shit

00401118 MSG == WM_COMMAND && [esp+0xc] == 1 /. 55 PUSH EBP ; Decoded as <WinProc>

how i break there ?? i break there either by setting a conditional break point like i pasted above

wtf 401118 means to you some gabazoom hell ??
it is the address of winproc or classproc

Breakpoints, item 0
Address=00401118
Module=CONTROLS
Active=Log "<WinProc>"
Disassembly=PUSH EBP

00401118 [ESP+8]==WM_COMMAND /. 55 PUSH EBP




Log data
Address Message
00401118 CALL to Assumed WinProc from USER32.77E3A3CD
hWnd = 001402F8 ('Our First Window',class='SimpleWinClass')
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 1.
hControl = 001C0346 ('My First Button',class='Button',parent=001402F8)
00401118 Conditional breakpoint at CONTROLS.00401118
00401118 CALL to Assumed WinProc from USER32.77E3A3CD
hWnd = 001402F8 ('Our First Window',class='SimpleWinClass')
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 3.
hControl = NULL
00401118 Conditional breakpoint at CONTROLS.00401118
00401118 CALL to Assumed WinProc from USER32.77E3A3CD
hWnd = 001402F8 ('Our First Window',class='SimpleWinClass')
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 1.
hControl = 001C0346 ('My First Button',class='Button',parent=001402F8)
00401118 Conditional breakpoint at CONTROLS.00401118
00401118 CALL to Assumed WinProc from USER32.77E3A3CD
hWnd = 001402F8 ('Our First Window',class='SimpleWinClass')
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 3.
hControl = NULL
00401118 Conditional breakpoint at CONTROLS.00401118


here is the detail of the windows again which i have pasted long long back
if you cant understand shit then dont whine about

write a debugger that works for you
or find one thats better than this
or if you can modify the behaviour by adding extra functionality
or write a plugin to achieve some excellent behaviour


Windows, item 0
Handle=001402F8
Title=Our First Window
Parent=Topmost
WinProc=00401118 CONTROLS.00401118 [ESP+8]==WM_COMMAND
ID=007703D1 (7799761.)
Style=14CF0000 WS_OVERLAPPED|WS_MINIMIZEBOX|WS_MAXIMIZEBOX|WS_CLIPSIBLINGS|WS_VISIBLE |WS_SYSMENU|WS_THICKFRAME|WS_CAPTION
ExtStyle=00000300 WS_EX_WINDOWEDGE|WS_EX_CLIENTEDGE
Thread=Main
ClsProc=00401118 CONTROLS.00401118 [ESP+8]==WM_COMMAND
Class=SimpleWinClass

well i know you cant and wont understand
i hate to have replied to the thread in first place

/ignore

edit the posts dont reply to yourself
why would you and should you break on some obscure TranslateMessage
inside the exe ?? if you want to break on Translate msg for some
reasons known only to you break on system dll

take a look below for the flow of messages

77E155C4 CALL to TranslateMessage from CONTROLS.00401101
pMsg = WM_LBUTTONDOWN hw = 1C0346 ("My First Button" Keys = MK_LBUTTON X = 78. Y = 7.
77E155C4 CALL to TranslateMessage from CONTROLS.00401101
pMsg = MSG(C0D5) wParam = 11 lParam = 1C0346
77E155C4 CALL to TranslateMessage from CONTROLS.00401101
pMsg = WM_LBUTTONUP hw = 1C0346 ("My First Button" Keys = 0 X = 78. Y = 7.
00401118 CALL to Assumed WinProc from USER32.77E3A3CD
hWnd = 001402F8 ('Our First Window',class='SimpleWinClass')
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 1.
hControl = 001C0346 ('My First Button',class='Button',parent=001402F8)
00401118 Conditional breakpoint at CONTROLS.00401118
00401118 CALL to Assumed WinProc from USER32.77E3A3CD
hWnd = 001402F8 ('Our First Window',class='SimpleWinClass')
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 3.
hControl = NULL
00401118 Conditional breakpoint at CONTROLS.00401118
77E155C4 CALL to TranslateMessage from USER32.77E334E4
pMsg = MSG(C0D5) wParam = 1 lParam = 0
77E155C4 CALL to TranslateMessage from USER32.77E334E4
pMsg = MSG(C0D5) wParam = 11 lParam = 150304

here is the call stack when it broke on button click

Call stack of main thread
Address Stack Procedure / arguments Called from Frame
0012FCE0 77E3A3D0 Maybe CONTROLS.00401118 USER32.77E3A3CD 0012FCFC
0012FCE4 001100C8 hWnd = 001100C8 ('Our First Window',class='SimpleWinClass')
0012FCE8 00000111 Message = WM_COMMAND
0012FCEC 00000003 age = Notify = MENU/BN_CLICKED... ID = 3.
0012FCF0 00000000 hControage = NULL
0012FD00 77E16381 USER32.77E3A3B8 USER32.77E1637C 0012FCFC
0012FD30 77E168C4 USER32.77E16063 USER32.77E168BF 0012FD2C
0012FD50 0040125C <JMP.&USER32.SendMessageA> CONTROLS.00401257 0012FD4C
0012FD54 001100C8 hWnd = 1100C8
0012FD58 00000111 Message = WM_COMMAND
0012FD5C 00000003 age = Notify = MENU/BN_CLICKED... ID = 3.
0012FD60 00000000 hControage = NULL
0012FD68 77E3A3D0 Maybe CONTROLS.00401118 USER32.77E3A3CD 0012FD64
0012FD6C 001100C8 hWnd = 001100C8 ('Our First Window',class='SimpleWinClass')
0012FD70 00000111 Message = WM_COMMAND
0012FD74 00000001 age = Notify = MENU/BN_CLICKED... ID = 1.
0012FD78 0015013E hControage = 0015013E ('My First Button',class='Button',parent=001100C8)
0012FD88 77E16381 USER32.77E3A3B8 USER32.77E1637C 0012FD84
0012FDB8 77E17361 USER32.77E16063 USER32.77E1735C 0012FDB4
0012FDD8 77E30963 USER32.SendMessageW USER32.77E3095E 0012FDD4
0012FDDC 001100C8 hWnd = 1100C8
0012FDE0 00000111 Message = WM_COMMAND
0012FDE4 00000001 age = Notify = MENU/BN_CLICKED... ID = 1.
0012FDE8 0015013E hControage = 0015013E ('My First Button',class='Button',parent=001100C8)
0012FDEC 77E2C150 USER32.77E3091F USER32.77E2C14B 0012FE74
0012FE04 77E28676 USER32.77E2C058 USER32.77E28671 0012FE74
0012FE78 77E2E078 USER32.77E27DB5 USER32.77E2E073 0012FE74
0012FE9C 77E3A3D0 Includes USER32.77E2E078 USER32.77E3A3CD 0012FE98
0012FEBC 77E14605 USER32.77E3A3B8 USER32.77E14600 0012FEB8
0012FF48 77E15B77 USER32.77E14321 USER32.77E15B72 0012FF44
0012FF54 0040110F <JMP.&USER32.DispatchMessageA> CONTROLS.0040110A 0012FFAC
0012FF58 0012FF60 pMsg = WM_LBUTTONUP hw = 15013E ("My First Button" Keys = 0 X = 62. Y = 9.
0012FFB0 0040102B CONTROLS.00401031 CONTROLS.<ModuleEntryPoint>+ 0012FFAC
0012FFB4 00400000 Arg1 = 00400000
0012FFB8 00000000 Arg2 = 00000000
0012FFBC 00132340 Arg3 = 00132340 ASCII ""C:&#92;Documents and Settings&#92;xyz&#92;Desktop&#92;completeolly&#92;tut09&#92;CONTROLS.EXE""
0012FFC0 0000000A Arg4 = 0000000A
0012FFC4 7C59893D Maybe CONTROLS.<ModuleEntryPoint> KERNEL32.7C59893A 0012FFF0

also from this asm, you'll notice that

.ELSEIF ax==IDM_GETTEXT
invoke GetWindowText,hwndEdit,ADDR buffer,512
invoke MessageBox,NULL,ADDR buffer,ADDR AppName,MB_OK


clicking the menu item 3 breaks ...

but the button when pressed,

invoke SendMessage,hWnd,WM_COMMAND,IDM_GETTEXT,0

calls the same thing, IDM_GETTEXT, Menu item 3.. and doesn't break ...

purely as it was written.. i guess i too am confused

you didn't say shit, except the same regurgitated bs, if you had tried what i said, you would have the same problem

&& [esp+0xc] would be direct, specific for an argument passed along with WM_COMMAND, since WM_COMMAND alone isn't breaking, why make it more complex .. i would love to see it break on WM_COMMAND to begin with, before i attach a specific lparam to it. maybe someone else will see what i say and understand. thanx for your help anon which helped uhm, not me.

well, i noticed your offsets were different so i tried to find the same code you had thinking maybe there was some code differentiation.

http://spiff.tripnet.se/~iczelion/files/tut09.zip
("http://spiff.tripnet.se/~iczelion/files/tut09.zip
")

same, also same problem

so, with the same code...

00401101 >|. E8 CE010000 |CALL <JMP.&USER32.TranslateMessage> ; &#92;TranslateMessage

then press shift+f2,

a window pops up to add a condition,

msg==WM_COMMAND

i press f9 to run the program,

i click menu item 1, break
f9 to resume
i click menu item 2, break
f9 to resume
i click menu item 3, break
f9 to resume

i click the button, a messagebox appears, no break.

....................


i rewrote this code for example here,

.IF uMsg==WM_COMMAND
mov eax,wParam
.IF lParam==0
.IF ax==IDM_GETTEXT
invoke GetWindowText,hwndEdit,ADDR buffer,512
invoke MessageBox,NULL,ADDR buffer,ADDR AppName,MB_OK
.ELSE
invoke DestroyWindow,hWnd
.ENDIF
.ELSE
.IF ax==ButtonID
shr eax,16
.IF ax==BN_CLICKED
invoke SendMessage,hWnd,WM_COMMAND,IDM_GETTEXT,0
.ENDIF
.ENDIF
.ENDIF
.ENDIF


the button, also in WM_COMMAND .. would it not break?
if not, then surely when i send a message to WM_COMMAND

evil!

ok, not using translate message api, though still confused over why WM_COMMAND didn't break cause the messae passed.

i switched to,

i pressed shift+f4 at the start of WndProc

assuming i know nothing about the button,

in the condition drop down i put

MSG == WM_COMMAND

for the explanation drop down i put

<WinProc>

for the expression drop down i put

MSG == WM_COMMAND

for the decode expression i selected

assumed by expression

for the pause program radio tabs i selected

never for pause program

for the log value of expression radio tabe i selected

on condition

for the log function arguments radio tab i selected

on condition

for the pass count, i selected

0.

i left if program pauses pass following arguements blank


then selected ok

my conditional pink break point was set now on

00401118 >/. 55 PUSH EBP

i pressed alt+L to bring up the log window

i pressed f9 to run the program

i clicked the "My first Button" and in the Log Window i see this..


00401118 COND: <WinProc>
00401118 CALL to Assumed WinProc from USER32.77D43A65
hWnd = 008C04FC ('Our First Window',class='SimpleWinClass')
Message = WM_COMMAND
Notify = EN_KILLFOCUS... ID = 2.
hControl = 007004FA (class='Edit',parent=008C04FC)
00401118 COND: <WinProc>
00401118 CALL to Assumed WinProc from USER32.77D43A65
hWnd = 008C04FC ('Our First Window',class='SimpleWinClass')
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 1.
hControl = 02FF04F8 ('My First Button',class='Button',parent=008C04FC)
00401118 COND: <WinProc>
00401118 CALL to Assumed WinProc from USER32.77D43A65
hWnd = 008C04FC ('Our First Window',class='SimpleWinClass')
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 3.
hControl = NULL


what mattered to me was this though


00401118 CALL to Assumed WinProc from USER32.77D43A65
hWnd = 008C04FC ('Our First Window',class='SimpleWinClass')
Message = WM_COMMAND
Notify = MENU/BN_CLICKED... ID = 1.
hControl = 02FF04F8 ('My First Button',class='Button',parent=008C04FC)


i know that MENU/BN_CLICKED id = 1

this argument of one is 4*3, 12 or 0xC on the stack ...

[esp+0xC] == 1

i go back and modify my conditional breakpoint

i press shift+f4 on

00401118 >/. 55 PUSH EBP

on the condition drop down

i change it from
msg==WM_COMMAND
to
MSG == WM_COMMAND && [esp+0xc] == 1

also in the expression drop down
i change it from
msg==WM_COMMAND
to
MSG == WM_COMMAND && [esp+0xc] == 1

i change the pause program radio tab to

On condition

then press ok

i press f9 to resume the program

click the button, boom, condition is hit

looking back @ the log window

Log data, item 0
Address=00401118
Message=Conditional breakpoint at CONTROLS.00401118


was met ...


this worked for me,

obviously breaking on the api Translate Message will not always work as it should, because the problem i mentioned above is still valid .. anon did help me i suppose but not as clear as i needed, here .. i figured out my problem and maybe this will help others who dont truly understand ollydbg's non-documented areas

i dont know whether to laugh or cry
why the fuck you want to break on some obscure TranslateMessage
do you understand how Translatemessage works ??

do you know all the internal code in user32.dll
do you know what message it sends (ever tried wm_user+ msgs)

what is the problem on breaking on winproc directly ??

if you are hell bent on breaking on TranslateMessage only why dont you break on system dll and log all the messages it recieves

if you had done that you would have surely seen the msg cod5 that is sent after WM_LBUTTONUP

or if you had looked a little in my dumps or een the call stack in my latest post you could have surely seen that DispatchMessage SendMessage
and Break on winproc with just WM_COMMAND

windows-->messagebreakpoint on WNDPROC 111 (WM_COMMAND)
will set the break on wndproc only which happens to be at
401118

please pay a little attention and read the posts
dont litter the board with repetative question like a little child
crying for a specific chocolate on a store

i know how translate message api works,

if i didn't, i wouldn't of had it breaking on the menu items, reading the asm you would see that a message for WM_COMMAND was sent back from when the button was BN_CLICKED .. yet it didn't hit, though if you explained things where people could understand rather then pasting stuff from your current knowledge maybe i would have. either way, you made me explore, thank you.

if you noticed, i did say something about WM_LBUTTONDOWN earlier ...

i was wanting to break on translate message for a message that does pass, and doesn't hit.. it passes twice, and doesn't hit. i still see it as a problem with ollydbg, there is this to overlook it, but why will i trust to break on apis with ollydbg. that is my oppinion

forgive me, but i'm going to debug the debugger to prove my point. thank you

you see WM_COMMAND passing through TranslateMessage where did you see it the TranslateMessage neer Recieves a WM_COMMAND

if you cant trust to break dont trust ollydbg didnt force you to trust
roll your own


the only messages the TranslateMessage reciees are like this

Log data
Address Message
00401101 COND: 0012FF60 WM_PAINT hw = 19022E ("Our First Window"
00401101 COND: 0012FF60 MSG(C0D5) wParam = 11 lParam = 19022E
00401101 COND: 0012FF60 MSG(C0D5) wParam = 0 lParam = 0
00401101 COND: 0012FF60 WM_PAINT hw = 2A01A2 (class="Edit"
00401101 COND: 0012FF60 WM_PAINT hw = 1D0236 ("My First Button"
00401101 COND: 0012FF60 WM_MOUSEMOVE hw = 19022E ("Our First Window" Keys = 0 X = 165. Y = 146.
00401101 COND: 0012FF60 WM_MOUSEMOVE hw = 19022E ("Our First Window" Keys = 0 X = 251. Y = 40.
00401101 COND: 0012FF60 WM_NCMOUSEMOVE hw = 2A01A2 (class="Edit" Hittest = HTBORDER X = 386. Y = 217.
00401101 COND: 0012FF60 WM_MOUSEMOVE hw = 2A01A2 (class="Edit" Keys = 0 X = 192. Y = 5.
00401101 COND: 0012FF60 WM_MOUSEMOVE hw = 1D0236 ("My First Button" Keys = 0 X = 88. Y = 7.
00401101 COND: 0012FF60 WM_LBUTTONDOWN hw = 1D0236 ("My First Button" Keys = MK_LBUTTON X = 88. Y = 7.
00401101 COND: 0012FF60 MSG(C0D5) wParam = 11 lParam = 1D0236
00401101 COND: 0012FF60 WM_LBUTTONUP hw = 1D0236 ("My First Button" Keys = 0 X = 88. Y = 7.
00401101 COND: 0012FF60 MSG(C0D5) wParam = 11 lParam = 31021C
00401101 COND: 0012FF60 WM_NCMOUSEMOVE hw = 19022E ("Our First Window" Hittest = HTBOTTOMRIGHT X = 415. Y = 328.
00401101 COND: 0012FF60 WM_PAINT hw = 19022E ("Our First Window"
00401101 COND: 0012FF60 WM_PAINT hw = 1D0236 ("My First Button"
00401101 COND: 0012FF60 WM_NCMOUSEMOVE hw = 19022E ("Our First Window" Hittest = HTBOTTOMRIGHT X = 412. Y = 328.
00401101 COND: 0012FF60 WM_NCMOUSEMOVE hw = 19022E ("Our First Window" Hittest = HTBORDER X = 401. Y = 327.
00401101 COND: 0012FF60 WM_MOUSEMOVE hw = 19022E ("Our First Window" Keys = 0 X = 247. Y = 148.
00401101 COND: 0012FF60 WM_NCMOUSEMOVE hw = 19022E ("Our First Window" Hittest = HTMENU X = 155. Y = 160.
00401101 COND: 0012FF60 WM_NCLBUTTONDOWN hw = 19022E ("Our First Window" Hittest = HTMENU X = 155. Y = 160.
00401101 COND: 0012FF60 WM_COMMAND hw = 19022E ("Our First Window" Notify = MENU/BN_CLICKED... ID = 1. hControl = NULL
00401101 COND: 0012FF60 WM_MOUSEMOVE hw = 19022E ("Our First Window" Keys = 0 X = 40. Y = 12.
00401101 COND: 0012FF60 WM_PAINT hw = 19022E ("Our First Window"
00401101 COND: 0012FF60 WM_PAINT hw = 2A01A2 (class="Edit"
00401101 COND: 0012FF60 WM_PAINT hw = 1D0236 ("My First Button"
00401101 COND: 0012FF60 WM_MOUSEMOVE hw = 19022E ("Our First Window" Keys = 0 X = 42. Y = 11.
00401101 COND: 0012FF60 WM_LBUTTONDOWN hw = 1D0236 ("My First Button" Keys = MK_LBUTTON X = 83. Y = 12.
00401101 COND: 0012FF60 MSG(C0D5) wParam = 11 lParam = 1D0236
00401101 COND: 0012FF60 WM_LBUTTONUP hw = 1D0236 ("My First Button" Keys = 0 X = 83. Y = 12.

WndProc proc hWnd:HWND, uMsg:UINT, wParam:WPARAM, lParam:LPARAM
.IF uMsg==WM_DESTROY
invoke PostQuitMessage,NULL
.ELSEIF uMsg==WM_CREATE
invoke CreateWindowEx,WS_EX_CLIENTEDGE, ADDR EditClassName,NULL,&#92;
WS_CHILD or WS_VISIBLE or WS_BORDER or ES_LEFT or&#92;
ES_AUTOHSCROLL,&#92;
50,35,200,25,hWnd,EditID,hInstance,NULL
mov hwndEdit,eax
invoke SetFocus, hwndEdit
invoke CreateWindowEx,NULL, ADDR ButtonClassName,ADDR ButtonText,&#92;
WS_CHILD or WS_VISIBLE or BS_DEFPUSHBUTTON,&#92;
75,70,140,25,hWnd,ButtonID,hInstance,NULL
mov hwndButton,eax
.IF uMsg==WM_COMMAND
mov eax,wParam
.IF lParam==0
.IF ax==IDM_GETTEXT
invoke GetWindowText,hwndEdit,ADDR buffer,512
invoke MessageBox,NULL,ADDR buffer,ADDR AppName,MB_OK
.ELSE
invoke DestroyWindow,hWnd
.ENDIF
.ELSE
.IF ax==ButtonID
shr eax,16
.IF ax==BN_CLICKED
invoke SendMessage,hWnd,WM_COMMAND,IDM_GETTEXT,0
.ENDIF
.ENDIF
.ENDIF
.ENDIF
invoke DefWindowProc,hWnd,uMsg,wParam,lParam
ret
.ENDIF
xor eax,eax
ret
WndProc endp

ty, actually you're right

i recant what i said based on not fully understanding sendmessage/translate message ..

.IF ax==ButtonID
shr eax,16
.IF ax==BN_CLICKED
invoke SendMessage,hWnd,WM_COMMAND,IDM_GETTEXT,0
.ENDIF
.ENDIF

after breaking here, and setting a breakpoint on translatemessage, translate message was never hit. ollydbg functioned as it was suppose to, and it's a wonderful product. best advice i can give to people is do not try and do what i did, make use of log breakpoints. ollydbg is a wonderful product and for application developers it kicks a&#036;&#036;, i get dissed on for not using stuff like softice. for coding in asm, i prefer this product.