flat assembler
Message board for the users of flat assembler.

Index > Windows > about dll

Author
Thread Post new topic Reply to topic
Ali.Z



Joined: 08 Jan 2018
Posts: 822
Ali.Z 08 Feb 2018, 09:03
Q1: is this valid? (i wanna ask before i do anything) (.exe file)
Code:
section '.idata' import data readable

  library kernel32,'KERNEL32.DLL',\
          user32,'USER32.DLL',\
          mydll,'MYDLL.DLL'

  include '..\mydll.inc' ; contain function names, kernel32 and user32 inc files    


Q2: what about this? (.dll file) (not sure include or export .inc)
Code:
section '.edata' export data readable

  export 'MYDLL.DLL',\
  include 'mydll.inc' ; im not sure if its valid, but i thought of this instead of typing every function name to be exported    


Q3: is it right? (.inc file)
Code:
include 'api\kernel32.inc'
include 'api\user32.inc'

import mydll,\
          addresses,'addresses',\
          memory,'memory'    

_________________
Asm For Wise Humans
Post 08 Feb 2018, 09:03
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20754
Location: In your JS exploiting you and your system
revolution 08 Feb 2018, 09:12
The second isn't valid because of the line continuation backslash. "export" can't process the "include" directive. That would make it an inline macro which fasm doesn't support and "export" hasn't been coded to look for it.

The others are fine depending upon the contents of your "mydll.inc" file.

BTW: These questions don't really relate to DLLs in particular, they are more tied to macro processing. Because "export", "import" and "library" are macros, not keywords.
Post 08 Feb 2018, 09:12
View user's profile Send private message Visit poster's website Reply with quote
Ali.Z



Joined: 08 Jan 2018
Posts: 822
Ali.Z 08 Feb 2018, 10:09
ah thats sad, then i have to export every function using ,\
thanks rev.

ok two more questions:

- whats the keyword SHAREABLE <- and where i can use it .exe or .dll? and which section?
- how to share data between .dll and .exe

say in my exe i have ( check db 01 ) can my dll read and write it?
Post 08 Feb 2018, 10:09
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20754
Location: In your JS exploiting you and your system
revolution 08 Feb 2018, 15:24
Shareable is for sharing memory between processes. Within a single process all code can always read/write all memory that is mapped and has the proper permissions. DLLs don't get any sort of special memory allocation, it is all the same memory.
Post 08 Feb 2018, 15:24
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20754
Location: In your JS exploiting you and your system
revolution 08 Feb 2018, 16:30
Ali.A wrote:
ah thats sad, then i have to export every function using ,\
You can define a list using EQU

File: my_exports.inc
Code:
my_exports equ \
 proc1,"proc1",\
 proc2,"proc2",\
 proc3,"proc3",\
 proc4,"proc4"    
Code:
include 'my_exports.inc' 
export 'MYDLL.DLL',my_exports    
Post 08 Feb 2018, 16:30
View user's profile Send private message Visit poster's website Reply with quote
Ali.Z



Joined: 08 Jan 2018
Posts: 822
Ali.Z 09 Feb 2018, 06:42
thanks for this rev, im not sure how to use this?
Code:
BOOL WINAPI DllMain(
  _In_ HINSTANCE hinstDLL,
  _In_ DWORD     fdwReason,
  _In_ LPVOID    lpvReserved
);    


push 0 ; reserved
push 1 ; attach
but what should i push for hinstdll
and when i try to call dllmain it gives me undefined symbol, thats my issue with dll main entry point.

and i tried couple ways, sometimes it gives me EIP=0 lol.

_________________
Asm For Wise Humans
Post 09 Feb 2018, 06:42
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20754
Location: In your JS exploiting you and your system
revolution 09 Feb 2018, 06:55
The DllMain function is called by the OS when the DLL is linked during program load/startup. Normally you won't call it from your own code.
Post 09 Feb 2018, 06:55
View user's profile Send private message Visit poster's website Reply with quote
Ali.Z



Joined: 08 Jan 2018
Posts: 822
Ali.Z 09 Feb 2018, 07:34
then why its not loading, and crashing .. when i debug it using olly i see eip=0
is there any specific code should be under dll entry point?
Post 09 Feb 2018, 07:34
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20754
Location: In your JS exploiting you and your system
revolution 09 Feb 2018, 07:34
Show your code.
Post 09 Feb 2018, 07:34
View user's profile Send private message Visit poster's website Reply with quote
Ali.Z



Joined: 08 Jan 2018
Posts: 822
Ali.Z 09 Feb 2018, 07:53
i just figured out why eip was 0.
i called a function that takes no parameters (void) and pushed 0 before calling it, thus when the execution hit RET/RETN the return value is 0 and whats why eip was 0.
just a stupid mistake.
Post 09 Feb 2018, 07:53
View user's profile Send private message Reply with quote
Ali.Z



Joined: 08 Jan 2018
Posts: 822
Ali.Z 07 Jul 2018, 02:55
can i embed my dll in my exe?
Post 07 Jul 2018, 02:55
View user's profile Send private message Reply with quote
DimonSoft



Joined: 03 Mar 2010
Posts: 1228
Location: Belarus
DimonSoft 08 Jul 2018, 12:15
Ali.A wrote:
can i embed my dll in my exe?

You can but you wouldn’t generally want to since most antivirus crapware will call it something like Trojan.Dropper which would make your users being afraid of your program.
Post 08 Jul 2018, 12:15
View user's profile Send private message Visit poster's website Reply with quote
Ali.Z



Joined: 08 Jan 2018
Posts: 822
Ali.Z 08 Jul 2018, 15:08
im not sure about AV flase positives, but i think embedding without compressing and/or packing shouldnt trigger AV alarms.

the question goes here, im sure fasm does not have options for embedding, so is it possible to achieve this without third-party tool?
Post 08 Jul 2018, 15:08
View user's profile Send private message Reply with quote
Ali.Z



Joined: 08 Jan 2018
Posts: 822
Ali.Z 11 Jul 2018, 20:02
ok no one answered, then what about static linking?
any idea?
Post 11 Jul 2018, 20:02
View user's profile Send private message Reply with quote
DimonSoft



Joined: 03 Mar 2010
Posts: 1228
Location: Belarus
DimonSoft 11 Jul 2018, 21:30
Define the meaning of “embedding” for your task. I’m sure you already have to know what can be done to include an arbitrary file into your EXE if you’re trying to write your own DLL.
Post 11 Jul 2018, 21:30
View user's profile Send private message Visit poster's website Reply with quote
Ali.Z



Joined: 08 Jan 2018
Posts: 822
Ali.Z 11 Jul 2018, 22:04
section '.somename' code readable executable
file "my.dll"

:'(
i just had too much pressure
Post 11 Jul 2018, 22:04
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.