Jump to content
Sign in to follow this  
Andreik

CPUID - Get Vendor ID

Recommended Posts

Andreik

Hey guys, I'm trying to get CPU's manufacturer ID string using cpuid instruction. I have a binary code obtained with FASM UDF and I use native DllCallAddress function to call the binary code in memory. All things are fine but I can't manage the result. After executing cpuid the result is stored in 3 different registers ebc, ecx and edx and only eax is returned by DllCallAddress function. Is there any way to get all obtained data in a single call or should I call the function 3 times and everytime copy ebc, ecx and edx in eax before return??

Edited by Andreik

When the words fail... music speaks

Share this post


Link to post
Share on other sites
KaFu

Hmmm, I really don't know :), but maybe reading from registry is sufficient as a workaround?

RegRead ("HKEY_LOCAL_MACHINEHARDWAREDESCRIPTIONSystemCentralProcessor0","VendorIdentifier")

Share this post


Link to post
Share on other sites
DicatoroftheUSA

From the command line "wmic cpu"

There is a straight up equivelent.

; Generated by AutoIt Scriptomatic November 02, 2012

$wbemFlagReturnImmediately = 0x10
$wbemFlagForwardOnly = 0x20
$colItems = ""
$strComputer = "localhost"

$Output=""
$Output &= "Computer: " & $strComputer & @CRLF
$Output &= "==========================================" & @CRLF
$objWMIService = ObjGet("winmgmts:" & $strComputer & "rootCIMV2")
$colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_Processor", "WQL", _
$wbemFlagReturnImmediately + $wbemFlagForwardOnly)

If IsObj($colItems) then
For $objItem In $colItems
$Output &= "AddressWidth: " & $objItem.AddressWidth & @CRLF
$Output &= "Architecture: " & $objItem.Architecture & @CRLF
$Output &= "Availability: " & $objItem.Availability & @CRLF
$Output &= "Caption: " & $objItem.Caption & @CRLF
$Output &= "ConfigManagerErrorCode: " & $objItem.ConfigManagerErrorCode & @CRLF
$Output &= "ConfigManagerUserConfig: " & $objItem.ConfigManagerUserConfig & @CRLF
$Output &= "CpuStatus: " & $objItem.CpuStatus & @CRLF
$Output &= "CreationClassName: " & $objItem.CreationClassName & @CRLF
$Output &= "CurrentClockSpeed: " & $objItem.CurrentClockSpeed & @CRLF
$Output &= "CurrentVoltage: " & $objItem.CurrentVoltage & @CRLF
$Output &= "DataWidth: " & $objItem.DataWidth & @CRLF
$Output &= "Description: " & $objItem.Description & @CRLF
$Output &= "DeviceID: " & $objItem.DeviceID & @CRLF
$Output &= "ErrorCleared: " & $objItem.ErrorCleared & @CRLF
$Output &= "ErrorDescription: " & $objItem.ErrorDescription & @CRLF
$Output &= "ExtClock: " & $objItem.ExtClock & @CRLF
$Output &= "Family: " & $objItem.Family & @CRLF
$Output &= "InstallDate: " & WMIDateStringToDate($objItem.InstallDate) & @CRLF
$Output &= "L2CacheSize: " & $objItem.L2CacheSize & @CRLF
$Output &= "L2CacheSpeed: " & $objItem.L2CacheSpeed & @CRLF
$Output &= "LastErrorCode: " & $objItem.LastErrorCode & @CRLF
$Output &= "Level: " & $objItem.Level & @CRLF
$Output &= "LoadPercentage: " & $objItem.LoadPercentage & @CRLF
$Output &= "Manufacturer: " & $objItem.Manufacturer & @CRLF
$Output &= "MaxClockSpeed: " & $objItem.MaxClockSpeed & @CRLF
$Output &= "Name: " & $objItem.Name & @CRLF
$Output &= "NumberOfCores: " & $objItem.NumberOfCores & @CRLF
$Output &= "NumberOfLogicalProcessors: " & $objItem.NumberOfLogicalProcessors & @CRLF
$Output &= "OtherFamilyDescription: " & $objItem.OtherFamilyDescription & @CRLF
$Output &= "PNPDeviceID: " & $objItem.PNPDeviceID & @CRLF
$strPowerManagementCapabilities = $objItem.PowerManagementCapabilities(0)
$Output &= "PowerManagementCapabilities: " & $strPowerManagementCapabilities & @CRLF
$Output &= "PowerManagementSupported: " & $objItem.PowerManagementSupported & @CRLF
$Output &= "ProcessorId: " & $objItem.ProcessorId & @CRLF
$Output &= "ProcessorType: " & $objItem.ProcessorType & @CRLF
$Output &= "Revision: " & $objItem.Revision & @CRLF
$Output &= "Role: " & $objItem.Role & @CRLF
$Output &= "SocketDesignation: " & $objItem.SocketDesignation & @CRLF
$Output &= "Status: " & $objItem.Status & @CRLF
$Output &= "StatusInfo: " & $objItem.StatusInfo & @CRLF
$Output &= "Stepping: " & $objItem.Stepping & @CRLF
$Output &= "SystemCreationClassName: " & $objItem.SystemCreationClassName & @CRLF
$Output &= "SystemName: " & $objItem.SystemName & @CRLF
$Output &= "UniqueId: " & $objItem.UniqueId & @CRLF
$Output &= "UpgradeMethod: " & $objItem.UpgradeMethod & @CRLF
$Output &= "Version: " & $objItem.Version & @CRLF
$Output &= "VoltageCaps: " & $objItem.VoltageCaps & @CRLF
if Msgbox(1,"WMI Output",$Output) = 2 then ExitLoop
$Output=""
Next
Else
Msgbox(0,"WMI Output","No WMI Objects Found for class: " & "Win32_Processor" )
Endif


Func WMIDateStringToDate($dtmDate)

Return (StringMid($dtmDate, 5, 2) & "/" & _
StringMid($dtmDate, 7, 2) & "/" & StringLeft($dtmDate, 4) _
& " " & StringMid($dtmDate, 9, 2) & ":" & StringMid($dtmDate, 11, 2) & ":" & StringMid($dtmDate,13, 2))
EndFunc

Edit: Sorry I assumed this was for general support, I doubt it helps for what you are looking for.

Edited by DicatoroftheUSA

Share this post


Link to post
Share on other sites
water

As Andreik uses binary code or DLLCalls performance might be an issue.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2018-06-01 - Version 1.4.9.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2018-01-27 - Version 1.3.3.1) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites
Andreik

Thanks guys for inputs but I'm not interesed especially to get this specific information as much to know how to get all data from this registers in a single call. If I would need just to get VendorID your code would be nice.

EDIT: I'm such an idiot, I could pass a string and add the content of registers to it.

#AutoIt3Wrapper_UseX64=n
#include <Memory.au3>

MsgBox(0,"",GetVendorID())

Func GetVendorID()
    $Code = "0x"            & _    ; use32
            "55"            & _    ; push ebp
            "89E5"          & _    ; mov ebp, esp
            "60"            & _    ; pushad
            "B800000000"    & _    ; mov eax,0
            "0FA2"          & _    ; cpuid
            "8B7D08"        & _    ; mov edi, [ebp + 08]
            "891F"          & _    ; mov [edi], ebx
            "895704"        & _    ; mov [edi + 4], edx
            "894F08"        & _    ; mov [edi + 8], ecx
            "B000"          & _    ; mov al, 0
            "88470C"        & _    ; mov [edi + 12], al
            "61"            & _    ; popad
            "5D"            & _    ; pop ebp
            "C20400"               ; ret 4
    $iSize = BinaryLen($Code)
    $pBuffer = _MemVirtualAlloc(0,$iSize,$MEM_COMMIT,$PAGE_EXECUTE_READWRITE)
    $tBuffer = DllStructCreate("byte Code[" & $iSize & "]",$pBuffer)
    DllStructSetData($tBuffer,"Code",$Code)
    $aRet = DllCallAddress("int",$pBuffer,"str","")
    _MemVirtualFree($pBuffer,$iSize,$MEM_DECOMMIT)
    Return $aRet[1]
EndFunc
Edited by Andreik
  • Like 2

When the words fail... music speaks

Share this post


Link to post
Share on other sites
danielkza

As Andreik uses binary code or DLLCalls performance might be an issue.

Why would you ever need to get the VendorID more than once?

Share this post


Link to post
Share on other sites
Mat

You would have to create a struct in AutoIt, pass the pointer to fasm, then fill it with the register values.

Share this post


Link to post
Share on other sites
Andreik

Why would you ever need to get the VendorID more than once?

You should read above that initialy I choose this strange method.

After executing cpuid the result is stored in 3 different registers ebc, ecx and edx and only eax is returned by DllCallAddress function. Is there any way to get all obtained data in a single call or should I call the function 3 times and everytime copy ebc, ecx and edx in eax before return??

@Mat thank you man

Edited by Andreik

When the words fail... music speaks

Share this post


Link to post
Share on other sites
danielkza

Is that a dumb question? You should read above.

My remark applies even if you want the whole CPU information. Performance is irrelevant since you never need to do it more than once: use WMI which is the easy route, or DLLCall some other library, there's no point in trying to do it in assembly yourself.

Share this post


Link to post
Share on other sites
Andreik

Ohh now your point it's more clear. muttley

It's right but looks very ugly to call almost same code 3 times when I was sure it can be done in a single call.


When the words fail... music speaks

Share this post


Link to post
Share on other sites
Richard Robertson

It can be a single call. You just have to return a more complex structure.

Share this post


Link to post
Share on other sites
trancexx

Raise hand who didn't bother much reading Andreik's posts. Let's see: Mat, Richard, ...

Btw, very nice code Andreik, you are even taking care of surely null-terminating the string. Well done.

Edited by trancexx
  • Like 1

♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites
Richard Robertson

It's called a confirmation.

Share this post


Link to post
Share on other sites
trancexx

It's called a confirmation.

If I would say "A rite of initiation in some churches?", that would be like we are playing Jeopardy. Can you confirm that too? Edited by trancexx

♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites
Richard Robertson

If I would say "A rite of initiation in some churches?", that would be like we are playing Jeopardy. Can you confirm that too?

You are the person on this forum that I have the most difficulty formulating replies to.

Share this post


Link to post
Share on other sites
trancexx

That's because you try too hard. Don't worry Richard, I'm sure it's my fault. :)

Yes, I know you are not worried.


♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites
jchd

Wikipeding is enough to get it (if at all needed).


This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.
Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe here
RegExp tutorial: enough to get started
PCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta.

SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.
SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.
An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.
SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)
A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!
SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×