flat assembler
Message board for the users of flat assembler.
Index
> Windows > Generate import's ( api's ) |
Author |
|
YST 03 Apr 2009, 16:10
Code: format pe console espacio equ 13,10,0 include 'win32ax.inc' .data RutaLib rb MAX_PATH RutaINC rb MAX_PATH .code start: invoke printf,"Enter the path to the library:" invoke printf,espacio invoke scanf,"%s",RutaLib invoke printf,"Type the path where the include file will be created:" invoke printf,espacio invoke scanf,"%s",RutaINC stdcall CrearImport,RutaLib,RutaINC invoke ExitProcess,0 proc CrearImport,NombreLIB,NombreImport locals DirPEHeader dd ? PunteroPEHeader dd ? RVAofExportDirectory dd ? NumberOfNames dd ? AddressOfNames dd ? Funcion dd ? HFile dd ? Nosirve dd ? Largo dd ? LibHandle dd ? endl push ebx edx edi ecx invoke LoadLibrary, [NombreLIB] mov [LibHandle],eax cmp eax,NULL je .Error push dword[eax + 03Ch] pop [DirPEHeader] push [DirPEHeader] pop [PunteroPEHeader] add [PunteroPEHeader],eax mov ebx,[PunteroPEHeader] cmp word[ebx],"PE" jne .Error push dword[ebx+078h] pop [RVAofExportDirectory] mov ebx, [RVAofExportDirectory] add ebx,eax push dword[ebx+018h] pop [NumberOfNames] mov edx,[NumberOfNames] push dword[ebx+20h] pop [AddressOfNames] mov ebx,[NumberOfNames] mov edi, [AddressOfNames] add edi,[LibHandle] invoke CreateFileA, [NombreImport], GENERIC_WRITE, 0, 0, CREATE_ALWAYS, 0, 0 mov [HFile], eax invoke lstrlen,"import " invoke WriteFile, [HFile], "import ",eax,addr Nosirve, NULL invoke lstrlen,[NombreLIB] sub eax,4 invoke WriteFile, [HFile], [NombreLIB],eax,addr Nosirve, NULL invoke WriteFile,[HFile] , ",\",2,addr Nosirve, NULL invoke WriteFile, [HFile], espacio,2,addr Nosirve, NULL .bucle: dec ebx mov eax, [edi + ebx * 4] add eax,[LibHandle] mov [Funcion],eax invoke lstrlen, [Funcion] invoke WriteFile, [HFile], [Funcion],eax,addr Nosirve, NULL invoke WriteFile, [HFile],",",1,addr Nosirve, NULL invoke WriteFile, [HFile],"'",1,addr Nosirve, NULL invoke lstrlen, [Funcion] invoke WriteFile, [HFile], [Funcion],eax,addr Nosirve, NULL .if ebx = 0 invoke WriteFile, [HFile],"'",1,addr Nosirve, NULL .else invoke WriteFile, [HFile],"',\",3,addr Nosirve, NULL invoke WriteFile, [HFile], espacio,2,addr Nosirve, NULL .endif cmp ebx,0 jne .bucle invoke CloseHandle, [HFile] invoke system,"cls" invoke printf,"Library: " invoke printf,RutaLib invoke printf,espacio invoke printf,espacio invoke printf,"Path of the include : " invoke printf,RutaINC invoke printf,espacio invoke printf,espacio invoke printf,"Con " invoke printf,"%d",[NumberOfNames] invoke printf," functions extracts." invoke printf,espacio invoke system,"pause" pop ecx edi edx ebx ret .Error: invoke system,"cls" invoke printf,"Error." invoke printf,espacio invoke system,"pause" ret endp .end start Sorry for my english[/code]
|
|||||||||||
03 Apr 2009, 16:10 |
|
asmcoder 03 Apr 2009, 17:32
[content deleted]
Last edited by asmcoder on 14 Aug 2009, 14:52; edited 1 time in total |
|||
03 Apr 2009, 17:32 |
|
LocoDelAssembly 03 Apr 2009, 23:06
There is a tool already published that does it too but can't remember what user was to search and post the link...
|
|||
03 Apr 2009, 23:06 |
|
YST 04 Apr 2009, 04:48
LocoDelAssembly wrote: There is a tool already published that does it too but can't remember what user was to search and post the link... but this one was made by me |
|||
04 Apr 2009, 04:48 |
|
IronFelix 21 Apr 2009, 15:24
As far as i remember, the tool is - ApiResolve made by Reverend. It also uses LoadLibrary function to load DLL and then "extract" names of exported functions. But it is not good approach IMHO, because LoadLibrary will completely prepare DLL to execution - load all linked DLL's and fills all import tables, and it will fail, if some of linked DLL's or function is not found. It is better to consider DLL as simple file with bytes and get exported function names from that file directly, without LoadLibrary - it is mush faster and does not depend on any other files.
Thanks. |
|||
21 Apr 2009, 15:24 |
|
LocoDelAssembly 21 Apr 2009, 15:37
No, the tool I'm talking about was made by someone else (lovefasm?). I don't remember how (s)he gathered the export names so I can't tell if it is yet another duplicate of the same thing.
|
|||
21 Apr 2009, 15:37 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.