flat assembler
Message board for the users of flat assembler.

Index > Macroinstructions > SOS!

Author
Thread Post new topic Reply to topic
skykrnl



Joined: 17 Nov 2008
Posts: 21
skykrnl
Code:
macro FwExport ModuleName*, OriginalName*, [api,string]
{
common
  local   module,addresses,names,ordinal,count
        count = 0
forward
        local   ExportName, ForwardName
     count = count+1
common
   dd      0, 0, 0, RVA module, 1
      dd      count, count, RVA addresses, RVA names, RVA ordinal
 module  db      ModuleName,0

common
  addresses:
forward
   if  `api eq string
          dd      RVA ForwardName
     else
                dd      RVA api
     end if

common
        names:
forward
       dd      RVA ExportName

common
        ordinal:
        count = 0
forward
        dw      count
       count = count+1

forward
      if `api eq string
           ForwardName     db      OriginalName,'.'
  end if
              ExportName      db      string,0
}

FwExport 'usr32.dll','user32.dll',\
  MessageBoxA,'MessageBoxA',\  ;forward to user32.dll
      hookMessageBoxW,'MessageBoxW'

proc hookMessageBoxW, hWnd, szStr1, szStr2, nMb
      ;code
endp
    
Post 26 Oct 2009, 03:37
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17716
Location: In your JS exploiting you and your system
revolution
Do you have a question? What are we supposed to make of your post above?
Post 26 Oct 2009, 04:35
View user's profile Send private message Visit poster's website Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
"How to do export forwarding properly?"/"My code is supposed to implement export forwarding but it is not working. What's wrong with my code?"Question
Post 26 Oct 2009, 05:36
View user's profile Send private message Reply with quote
skykrnl



Joined: 17 Nov 2008
Posts: 21
skykrnl
1,system32\user32.dll rename user32ex.dll
2, replace user32.dll
3, reboot
4, no start system

Why?

Code:
format pe dll

entry DllEntry

include 'Win32AX.inc'

section '.text' code readable executable

proc DllEntry, hModule, fdwReason, lpReserved
      .if     [fdwReason] = DLL_PROCESS_ATTACH
    .elseif [fdwReason] = DLL_PROCESS_DETACH
    .endif
      mov     eax, TRUE
   ret
endp

section      '.edat' export readable
include 'macro/exportfw.inc'
FwExport 'user32.dll','user32ex',\    ;user32.XXXXX -> user32ex.XXXXX
        ActivateKeyboardLayout,'ActivateKeyboardLayout',\
        AdjustWindowRect,'AdjustWindowRect',\
    AdjustWindowRectEx,'AdjustWindowRectEx',\
        AlignRects,'AlignRects',\
        AllowForegroundActivation,'AllowForegroundActivation',\
  AllowSetForegroundWindow,'AllowSetForegroundWindow',\
    AnimateWindow,'AnimateWindow',\
  AnyPopup,'AnyPopup',\
    AppendMenuA,'AppendMenuA',\
      AppendMenuW,'AppendMenuW',\
      ArrangeIconicWindows,'ArrangeIconicWindows',\
    AttachThreadInput,'AttachThreadInput',\
  BeginDeferWindowPos,'BeginDeferWindowPos',\
      BeginPaint,'BeginPaint',\
        BlockInput,'BlockInput',\
        BringWindowToTop,'BringWindowToTop',\
    BroadcastSystemMessage,'BroadcastSystemMessage',\
        BroadcastSystemMessageA,'BroadcastSystemMessageA',\
      BroadcastSystemMessageExA,'BroadcastSystemMessageExA',\
  BroadcastSystemMessageExW,'BroadcastSystemMessageExW',\
  BroadcastSystemMessageW,'BroadcastSystemMessageW',\
      BuildReasonArray,'BuildReasonArray',\
    CalcMenuBar,'CalcMenuBar',\
      CallMsgFilterA,'CallMsgFilterA',\
        CallMsgFilterW,'CallMsgFilterW',\
        CallNextHookEx,'CallNextHookEx',\
        CallWindowProcA,'CallWindowProcA',\
      CallWindowProcW,'CallWindowProcW',\
      CascadeChildWindows,'CascadeChildWindows',\
      CascadeWindows,'CascadeWindows',\
        ChangeClipboardChain,'ChangeClipboardChain',\
    ChangeDisplaySettingsA,'ChangeDisplaySettingsA',\
        ChangeDisplaySettingsExA,'ChangeDisplaySettingsExA',\
    ChangeDisplaySettingsExW,'ChangeDisplaySettingsExW',\
    ChangeDisplaySettingsW,'ChangeDisplaySettingsW',\
        ChangeMenuA,'ChangeMenuA',\
      ChangeMenuW,'ChangeMenuW',\
      CharLowerA,'CharLowerA',\
        CharLowerBuffA,'CharLowerBuffA',\
        CharLowerBuffW,'CharLowerBuffW',\
        CharLowerW,'CharLowerW',\
        CharNextA,'CharNextA',\
  CharNextExA,'CharNextExA',\
      CharNextW,'CharNextW',\
  CharPrevA,'CharPrevA',\
  CharPrevExA,'CharPrevExA',\
      CharPrevW,'CharPrevW',\
  CharToOemA,'CharToOemA',\
        CharToOemBuffA,'CharToOemBuffA',\
        CharToOemBuffW,'CharToOemBuffW',\
        CharToOemW,'CharToOemW',\
        CharUpperA,'CharUpperA',\
        CharUpperBuffA,'CharUpperBuffA',\
        CharUpperBuffW,'CharUpperBuffW',\
        CharUpperW,'CharUpperW',\
        CheckDlgButton,'CheckDlgButton',\
        CheckMenuItem,'CheckMenuItem',\
  CheckMenuRadioItem,'CheckMenuRadioItem',\
        CheckRadioButton,'CheckRadioButton',\
    ChildWindowFromPoint,'ChildWindowFromPoint',\
    ChildWindowFromPointEx,'ChildWindowFromPointEx',\
        CliImmSetHotKey,'CliImmSetHotKey',\
      ClientThreadSetup,'ClientThreadSetup',\
  ClientToScreen,'ClientToScreen',\
        ClipCursor,'ClipCursor',\
        CloseClipboard,'CloseClipboard',\
        CloseDesktop,'CloseDesktop',\
    CloseWindow,'CloseWindow',\
      CloseWindowStation,'CloseWindowStation',\
        CopyAcceleratorTableA,'CopyAcceleratorTableA',\
  CopyAcceleratorTableW,'CopyAcceleratorTableW',\
  CopyIcon,'CopyIcon',\
    CopyImage,'CopyImage',\
  CopyRect,'CopyRect',\
    CountClipboardFormats,'CountClipboardFormats',\
  CreateAcceleratorTableA,'CreateAcceleratorTableA',\
      CreateAcceleratorTableW,'CreateAcceleratorTableW',\
      CreateCaret,'CreateCaret',\
      CreateCursor,'CreateCursor',\
    CreateDesktopA,'CreateDesktopA',\
        CreateDesktopW,'CreateDesktopW',\
        CreateDialogIndirectParamA,'CreateDialogIndirectParamA',\
        CreateDialogIndirectParamAorW,'CreateDialogIndirectParamAorW',\
  CreateDialogIndirectParamW,'CreateDialogIndirectParamW',\
        CreateDialogParamA,'CreateDialogParamA',\
        CreateDialogParamW,'CreateDialogParamW',\
        CreateIcon,'CreateIcon',\
        CreateIconFromResource,'CreateIconFromResource',\
        CreateIconFromResourceEx,'CreateIconFromResourceEx',\
    CreateIconIndirect,'CreateIconIndirect',\
        CreateMDIWindowA,'CreateMDIWindowA',\
    CreateMDIWindowW,'CreateMDIWindowW',\
    CreateMenu,'CreateMenu',\
        CreatePopupMenu,'CreatePopupMenu',\
      CreateSystemThreads,'CreateSystemThreads',\
      CreateWindowExA,'CreateWindowExA',\
      CreateWindowExW,'CreateWindowExW',\
      CreateWindowStationA,'CreateWindowStationA',\
    CreateWindowStationW,'CreateWindowStationW',\
    CsrBroadcastSystemMessageExW,'CsrBroadcastSystemMessageExW',\
    CtxInitUser32,'CtxInitUser32',\
  DdeAbandonTransaction,'DdeAbandonTransaction',\
  DdeAccessData,'DdeAccessData',\
  DdeAddData,'DdeAddData',\
        DdeClientTransaction,'DdeClientTransaction',\
    DdeCmpStringHandles,'DdeCmpStringHandles',\
      DdeConnect,'DdeConnect',\
        DdeConnectList,'DdeConnectList',\
        DdeCreateDataHandle,'DdeCreateDataHandle',\
      DdeCreateStringHandleA,'DdeCreateStringHandleA',\
        DdeCreateStringHandleW,'DdeCreateStringHandleW',\
        DdeDisconnect,'DdeDisconnect',\
  DdeDisconnectList,'DdeDisconnectList',\
  DdeEnableCallback,'DdeEnableCallback',\
  DdeFreeDataHandle,'DdeFreeDataHandle',\
  DdeFreeStringHandle,'DdeFreeStringHandle',\
      DdeGetData,'DdeGetData',\
        DdeGetLastError,'DdeGetLastError',\
      DdeGetQualityOfService,'DdeGetQualityOfService',\
        DdeImpersonateClient,'DdeImpersonateClient',\
    DdeInitializeA,'DdeInitializeA',\
        DdeInitializeW,'DdeInitializeW',\
        DdeKeepStringHandle,'DdeKeepStringHandle',\
      DdeNameService,'DdeNameService',\
        DdePostAdvise,'DdePostAdvise',\
  DdeQueryConvInfo,'DdeQueryConvInfo',\
    DdeQueryNextServer,'DdeQueryNextServer',\
        DdeQueryStringA,'DdeQueryStringA',\
      DdeQueryStringW,'DdeQueryStringW',\
      DdeReconnect,'DdeReconnect',\
    DdeSetQualityOfService,'DdeSetQualityOfService',\
        DdeSetUserHandle,'DdeSetUserHandle',\
    DdeUnaccessData,'DdeUnaccessData',\
      DdeUninitialize,'DdeUninitialize',\
      DefDlgProcA,'DefDlgProcA',\
      DefDlgProcW,'DefDlgProcW',\
      DefFrameProcA,'DefFrameProcA',\
  DefFrameProcW,'DefFrameProcW',\
  DefMDIChildProcA,'DefMDIChildProcA',\
    DefMDIChildProcW,'DefMDIChildProcW',\
    DefRawInputProc,'DefRawInputProc',\
      DefWindowProcA,'DefWindowProcA',\
        DefWindowProcW,'DefWindowProcW',\
        DeferWindowPos,'DeferWindowPos',\
        DeleteMenu,'DeleteMenu',\
        DeregisterShellHookWindow,'DeregisterShellHookWindow',\
  DestroyAcceleratorTable,'DestroyAcceleratorTable',\
      DestroyCaret,'DestroyCaret',\
    DestroyCursor,'DestroyCursor',\
  DestroyIcon,'DestroyIcon',\
      DestroyMenu,'DestroyMenu',\
      DestroyReasons,'DestroyReasons',\
        DestroyWindow,'DestroyWindow',\
  DeviceEventWorker,'DeviceEventWorker',\
  DialogBoxIndirectParamA,'DialogBoxIndirectParamA',\
      DialogBoxIndirectParamAorW,'DialogBoxIndirectParamAorW',\
        DialogBoxIndirectParamW,'DialogBoxIndirectParamW',\
      DialogBoxParamA,'DialogBoxParamA',\
      DialogBoxParamW,'DialogBoxParamW',\
      DisableProcessWindowsGhosting,'DisableProcessWindowsGhosting',\
  DispatchMessageA,'DispatchMessageA',\
    DispatchMessageW,'DispatchMessageW',\
    DisplayExitWindowsWarnings,'DisplayExitWindowsWarnings',\
        DlgDirListA,'DlgDirListA',\
      DlgDirListComboBoxA,'DlgDirListComboBoxA',\
      DlgDirListComboBoxW,'DlgDirListComboBoxW',\
      DlgDirListW,'DlgDirListW',\
      DlgDirSelectComboBoxExA,'DlgDirSelectComboBoxExA',\
      DlgDirSelectComboBoxExW,'DlgDirSelectComboBoxExW',\
      DlgDirSelectExA,'DlgDirSelectExA',\
      DlgDirSelectExW,'DlgDirSelectExW',\
      DragDetect,'DragDetect',\
        DragObject,'DragObject',\
        DrawAnimatedRects,'DrawAnimatedRects',\
  DrawCaption,'DrawCaption',\
      DrawCaptionTempA,'DrawCaptionTempA',\
    DrawCaptionTempW,'DrawCaptionTempW',\
    DrawEdge,'DrawEdge',\
    DrawFocusRect,'DrawFocusRect',\
  DrawFrame,'DrawFrame',\
  DrawFrameControl,'DrawFrameControl',\
    DrawIcon,'DrawIcon',\
    DrawIconEx,'DrawIconEx',\
        DrawMenuBar,'DrawMenuBar',\
      DrawMenuBarTemp,'DrawMenuBarTemp',\
      DrawStateA,'DrawStateA',\
        DrawStateW,'DrawStateW',\
        DrawTextA,'DrawTextA',\
  DrawTextExA,'DrawTextExA',\
      DrawTextExW,'DrawTextExW',\
      DrawTextW,'DrawTextW',\
  EditWndProc,'EditWndProc',\
      EmptyClipboard,'EmptyClipboard',\
        EnableMenuItem,'EnableMenuItem',\
        EnableScrollBar,'EnableScrollBar',\
      EnableWindow,'EnableWindow',\
    EndDeferWindowPos,'EndDeferWindowPos',\
  EndDialog,'EndDialog',\
  EndMenu,'EndMenu',\
      EndPaint,'EndPaint',\
    EndTask,'EndTask',\
      EnterReaderModeHelper,'EnterReaderModeHelper',\
  EnumChildWindows,'EnumChildWindows',\
    EnumClipboardFormats,'EnumClipboardFormats',\
    EnumDesktopWindows,'EnumDesktopWindows',\
        EnumDesktopsA,'EnumDesktopsA',\
  EnumDesktopsW,'EnumDesktopsW',\
  EnumDisplayDevicesA,'EnumDisplayDevicesA',\
      EnumDisplayDevicesW,'EnumDisplayDevicesW',\
      EnumDisplayMonitors,'EnumDisplayMonitors',\
      EnumDisplaySettingsA,'EnumDisplaySettingsA',\
    EnumDisplaySettingsExA,'EnumDisplaySettingsExA',\
        EnumDisplaySettingsExW,'EnumDisplaySettingsExW',\
        EnumDisplaySettingsW,'EnumDisplaySettingsW',\
    EnumPropsA,'EnumPropsA',\
        EnumPropsExA,'EnumPropsExA',\
    EnumPropsExW,'EnumPropsExW',\
    EnumPropsW,'EnumPropsW',\
        EnumThreadWindows,'EnumThreadWindows',\
  EnumWindowStationsA,'EnumWindowStationsA',\
      EnumWindowStationsW,'EnumWindowStationsW',\
      EnumWindows,'EnumWindows',\
      EqualRect,'EqualRect',\
  ExcludeUpdateRgn,'ExcludeUpdateRgn',\
    ExitWindowsEx,'ExitWindowsEx',\
  FillRect,'FillRect',\
    FindWindowA,'FindWindowA',\
      FindWindowExA,'FindWindowExA',\
  FindWindowExW,'FindWindowExW',\
  FindWindowW,'FindWindowW',\
      FlashWindow,'FlashWindow',\
      FlashWindowEx,'FlashWindowEx',\
  FrameRect,'FrameRect',\
  FreeDDElParam,'FreeDDElParam',\
  GetActiveWindow,'GetActiveWindow',\
      GetAltTabInfoA,'GetAltTabInfoA',\
        GetAltTabInfoW,'GetAltTabInfoW',\
        GetAncestor,'GetAncestor',\
      GetAppCompatFlags,'GetAppCompatFlags',\
  GetAppCompatFlags2,'GetAppCompatFlags2',\
        GetAsyncKeyState,'GetAsyncKeyState',\
    GetCapture,'GetCapture',\
        GetCaretBlinkTime,'GetCaretBlinkTime',\
  GetCaretPos,'GetCaretPos',\
      GetClassInfoA,'GetClassInfoA',\
  GetClassInfoExA,'GetClassInfoExA',\
      GetClassInfoExW,'GetClassInfoExW',\
      GetClassInfoW,'GetClassInfoW',\
  GetClassLongA,'GetClassLongA',\
  GetClassLongW,'GetClassLongW',\
  GetClassNameA,'GetClassNameA',\
  GetClassNameW,'GetClassNameW',\
  GetClassWord,'GetClassWord',\
    GetClientRect,'GetClientRect',\
  GetClipCursor,'GetClipCursor',\
  GetClipboardData,'GetClipboardData',\
    GetClipboardFormatNameA,'GetClipboardFormatNameA',\
      GetClipboardFormatNameW,'GetClipboardFormatNameW',\
      GetClipboardOwner,'GetClipboardOwner',\
  GetClipboardSequenceNumber,'GetClipboardSequenceNumber',\
        GetClipboardViewer,'GetClipboardViewer',\
        GetComboBoxInfo,'GetComboBoxInfo',\
      GetCursor,'GetCursor',\
  GetCursorFrameInfo,'GetCursorFrameInfo',\
        GetCursorInfo,'GetCursorInfo',\
  GetCursorPos,'GetCursorPos',\
    GetDC,'GetDC',\
  GetDCEx,'GetDCEx',\
      GetDesktopWindow,'GetDesktopWindow',\
    GetDialogBaseUnits,'GetDialogBaseUnits',\
        GetDlgCtrlID,'GetDlgCtrlID',\
    GetDlgItem,'GetDlgItem',\
        GetDlgItemInt,'GetDlgItemInt',\
  GetDlgItemTextA,'GetDlgItemTextA',\
      GetDlgItemTextW,'GetDlgItemTextW',\
      GetDoubleClickTime,'GetDoubleClickTime',\
        GetFocus,'GetFocus',\
    GetForegroundWindow,'GetForegroundWindow',\
      GetGUIThreadInfo,'GetGUIThreadInfo',\
    GetGuiResources,'GetGuiResources',\
      GetIconInfo,'GetIconInfo',\
      GetInputDesktop,'GetInputDesktop',\
      GetInputState,'GetInputState',\
  GetInternalWindowPos,'GetInternalWindowPos',\
    GetKBCodePage,'GetKBCodePage',\
  GetKeyNameTextA,'GetKeyNameTextA',\
      GetKeyNameTextW,'GetKeyNameTextW',\
      GetKeyState,'GetKeyState',\
      GetKeyboardLayout,'GetKeyboardLayout',\
  GetKeyboardLayoutList,'GetKeyboardLayoutList',\
  GetKeyboardLayoutNameA,'GetKeyboardLayoutNameA',\
        GetKeyboardLayoutNameW,'GetKeyboardLayoutNameW',\
        GetKeyboardState,'GetKeyboardState',\
    GetKeyboardType,'GetKeyboardType',\
      GetLastActivePopup,'GetLastActivePopup',\
        GetLastInputInfo,'GetLastInputInfo',\
    GetLayeredWindowAttributes,'GetLayeredWindowAttributes',\
        GetListBoxInfo,'GetListBoxInfo',\
        GetMenu,'GetMenu',\
      GetMenuBarInfo,'GetMenuBarInfo',\
        GetMenuCheckMarkDimensions,'GetMenuCheckMarkDimensions',\
        GetMenuContextHelpId,'GetMenuContextHelpId',\
    GetMenuDefaultItem,'GetMenuDefaultItem',\
        GetMenuInfo,'GetMenuInfo',\
      GetMenuItemCount,'GetMenuItemCount',\
    GetMenuItemID,'GetMenuItemID',\
  GetMenuItemInfoA,'GetMenuItemInfoA',\
    GetMenuItemInfoW,'GetMenuItemInfoW',\
    GetMenuItemRect,'GetMenuItemRect',\
      GetMenuState,'GetMenuState',\
    GetMenuStringA,'GetMenuStringA',\
        GetMenuStringW,'GetMenuStringW',\
        GetMessageA,'GetMessageA',\
      GetMessageExtraInfo,'GetMessageExtraInfo',\
      GetMessagePos,'GetMessagePos',\
  GetMessageTime,'GetMessageTime',\
        GetMessageW,'GetMessageW',\
      GetMonitorInfoA,'GetMonitorInfoA',\
      GetMonitorInfoW,'GetMonitorInfoW',\
      GetMouseMovePointsEx,'GetMouseMovePointsEx',\
    GetNextDlgGroupItem,'GetNextDlgGroupItem',\
      GetNextDlgTabItem,'GetNextDlgTabItem',\
  GetOpenClipboardWindow,'GetOpenClipboardWindow',\
        GetParent,'GetParent',\
  GetPriorityClipboardFormat,'GetPriorityClipboardFormat',\
        GetProcessDefaultLayout,'GetProcessDefaultLayout',\
      GetProcessWindowStation,'GetProcessWindowStation',\
      GetProgmanWindow,'GetProgmanWindow',\
    GetPropA,'GetPropA',\
    GetPropW,'GetPropW',\
    GetQueueStatus,'GetQueueStatus',\
        GetRawInputBuffer,'GetRawInputBuffer',\
  GetRawInputData,'GetRawInputData',\
      GetRawInputDeviceInfoA,'GetRawInputDeviceInfoA',\
        GetRawInputDeviceInfoW,'GetRawInputDeviceInfoW',\
        GetRawInputDeviceList,'GetRawInputDeviceList',\
  GetReasonTitleFromReasonCode,'GetReasonTitleFromReasonCode',\
    GetRegisteredRawInputDevices,'GetRegisteredRawInputDevices',\
    GetScrollBarInfo,'GetScrollBarInfo',\
    GetScrollInfo,'GetScrollInfo',\
  GetScrollPos,'GetScrollPos',\
    GetScrollRange,'GetScrollRange',\
        GetShellWindow,'GetShellWindow',\
        GetSubMenu,'GetSubMenu',\
        GetSysColor,'GetSysColor',\
      GetSysColorBrush,'GetSysColorBrush',\
    GetSystemMenu,'GetSystemMenu',\
  GetSystemMetrics,'GetSystemMetrics',\
    GetTabbedTextExtentA,'GetTabbedTextExtentA',\
    GetTabbedTextExtentW,'GetTabbedTextExtentW',\
    GetTaskmanWindow,'GetTaskmanWindow',\
    GetThreadDesktop,'GetThreadDesktop',\
    GetTitleBarInfo,'GetTitleBarInfo',\
      GetTopWindow,'GetTopWindow',\
    GetUpdateRect,'GetUpdateRect',\
  GetUpdateRgn,'GetUpdateRgn',\
    GetUserObjectInformationA,'GetUserObjectInformationA',\
  GetUserObjectInformationW,'GetUserObjectInformationW',\
  GetUserObjectSecurity,'GetUserObjectSecurity',\
  GetWinStationInfo,'GetWinStationInfo',\
  GetWindow,'GetWindow',\
  GetWindowContextHelpId,'GetWindowContextHelpId',\
        GetWindowDC,'GetWindowDC',\
      GetWindowInfo,'GetWindowInfo',\
  GetWindowLongA,'GetWindowLongA',\
        GetWindowLongW,'GetWindowLongW',\
        GetWindowModuleFileNameA,'GetWindowModuleFileNameA',\
    GetWindowModuleFileNameW,'GetWindowModuleFileNameW',\
    GetWindowPlacement,'GetWindowPlacement',\
        GetWindowRect,'GetWindowRect',\
  GetWindowRgn,'GetWindowRgn',\
    GetWindowRgnBox,'GetWindowRgnBox',\
      GetWindowTextA,'GetWindowTextA',\
        GetWindowTextLengthA,'GetWindowTextLengthA',\
    GetWindowTextLengthW,'GetWindowTextLengthW',\
    GetWindowTextW,'GetWindowTextW',\
        GetWindowThreadProcessId,'GetWindowThreadProcessId',\
    GetWindowWord,'GetWindowWord',\
  GrayStringA,'GrayStringA',\
      GrayStringW,'GrayStringW',\
      HideCaret,'HideCaret',\
  HiliteMenuItem,'HiliteMenuItem',\
        IMPGetIMEA,'IMPGetIMEA',\
        IMPGetIMEW,'IMPGetIMEW',\
        IMPQueryIMEA,'IMPQueryIMEA',\
    IMPQueryIMEW,'IMPQueryIMEW',\
    IMPSetIMEA,'IMPSetIMEA',\
        IMPSetIMEW,'IMPSetIMEW',\
        ImpersonateDdeClientWindow,'ImpersonateDdeClientWindow',\
        InSendMessage,'InSendMessage',\
  InSendMessageEx,'InSendMessageEx',\
      InflateRect,'InflateRect',\
      InitializeLpkHooks,'InitializeLpkHooks',\
        InitializeWin32EntryTable,'InitializeWin32EntryTable',\
  InsertMenuA,'InsertMenuA',\
      InsertMenuItemA,'InsertMenuItemA',\
      InsertMenuItemW,'InsertMenuItemW',\
      InsertMenuW,'InsertMenuW',\
      InternalGetWindowText,'InternalGetWindowText',\
  IntersectRect,'IntersectRect',\
  InvalidateRect,'InvalidateRect',\
        InvalidateRgn,'InvalidateRgn',\
  InvertRect,'InvertRect',\
        IsCharAlphaA,'IsCharAlphaA',\
    IsCharAlphaNumericA,'IsCharAlphaNumericA',\
      IsCharAlphaNumericW,'IsCharAlphaNumericW',\
      IsCharAlphaW,'IsCharAlphaW',\
    IsCharLowerA,'IsCharLowerA',\
    IsCharLowerW,'IsCharLowerW',\
    IsCharUpperA,'IsCharUpperA',\
    IsCharUpperW,'IsCharUpperW',\
    IsChild,'IsChild',\
      IsClipboardFormatAvailable,'IsClipboardFormatAvailable',\
        IsDialogMessageA,'IsDialogMessageA',\
    IsDialogMessageW,'IsDialogMessageW',\
    IsDlgButtonChecked,'IsDlgButtonChecked',\
        IsGUIThread,'IsGUIThread',\
      IsHungAppWindow,'IsHungAppWindow',\
      IsIconic,'IsIconic',\
    IsMenu,'IsMenu',\
        IsRectEmpty,'IsRectEmpty',\
      IsServerSideWindow,'IsServerSideWindow',\
        IsWinEventHookInstalled,'IsWinEventHookInstalled',\
      IsWindow,'IsWindow',\
    IsWindowEnabled,'IsWindowEnabled',\
      IsWindowInDestroy,'IsWindowInDestroy',\
  IsWindowUnicode,'IsWindowUnicode',\
      IsWindowVisible,'IsWindowVisible',\
      IsZoomed,'IsZoomed',\
    KillSystemTimer,'KillSystemTimer',\
      KillTimer,'KillTimer',\
  LoadAcceleratorsA,'LoadAcceleratorsA',\
  LoadAcceleratorsW,'LoadAcceleratorsW',\
  LoadBitmapA,'LoadBitmapA',\
      LoadBitmapW,'LoadBitmapW',\
      LoadCursorA,'LoadCursorA',\
      LoadCursorFromFileA,'LoadCursorFromFileA',\
      LoadCursorFromFileW,'LoadCursorFromFileW',\
      LoadCursorW,'LoadCursorW',\
      LoadIconA,'LoadIconA',\
  LoadIconW,'LoadIconW',\
  LoadImageA,'LoadImageA',\
        LoadImageW,'LoadImageW',\
        LoadKeyboardLayoutA,'LoadKeyboardLayoutA',\
      LoadKeyboardLayoutEx,'LoadKeyboardLayoutEx',\
    LoadKeyboardLayoutW,'LoadKeyboardLayoutW',\
      LoadLocalFonts,'LoadLocalFonts',\
        LoadMenuA,'LoadMenuA',\
  LoadMenuIndirectA,'LoadMenuIndirectA',\
  LoadMenuIndirectW,'LoadMenuIndirectW',\
  LoadMenuW,'LoadMenuW',\
  LoadRemoteFonts,'LoadRemoteFonts',\
      LoadStringA,'LoadStringA',\
      LoadStringW,'LoadStringW',\
      LockSetForegroundWindow,'LockSetForegroundWindow',\
      LockWindowStation,'LockWindowStation',\
  LockWindowUpdate,'LockWindowUpdate',\
    LockWorkStation,'LockWorkStation',\
      LookupIconIdFromDirectory,'LookupIconIdFromDirectory',\
  LookupIconIdFromDirectoryEx,'LookupIconIdFromDirectoryEx',\
      MBToWCSEx,'MBToWCSEx',\
  MB_GetString,'MB_GetString',\
    MapDialogRect,'MapDialogRect',\
  MapVirtualKeyA,'MapVirtualKeyA',\
        MapVirtualKeyExA,'MapVirtualKeyExA',\
    MapVirtualKeyExW,'MapVirtualKeyExW',\
    MapVirtualKeyW,'MapVirtualKeyW',\
        MapWindowPoints,'MapWindowPoints',\
      MenuItemFromPoint,'MenuItemFromPoint',\
  MenuWindowProcA,'MenuWindowProcA',\
      MenuWindowProcW,'MenuWindowProcW',\
      MessageBeep,'MessageBeep',\
      MessageBoxA,'MessageBoxA',\
      MessageBoxExA,'MessageBoxExA',\
  MessageBoxExW,'MessageBoxExW',\
  MessageBoxIndirectA,'MessageBoxIndirectA',\
      MessageBoxIndirectW,'MessageBoxIndirectW',\
      MessageBoxTimeoutA,'MessageBoxTimeoutA',\
        MessageBoxTimeoutW,'MessageBoxTimeoutW',\
        MessageBoxW,'MessageBoxW',\
      ModifyMenuA,'ModifyMenuA',\
      ModifyMenuW,'ModifyMenuW',\
      MonitorFromPoint,'MonitorFromPoint',\
    MonitorFromRect,'MonitorFromRect',\
      MonitorFromWindow,'MonitorFromWindow',\
  MoveWindow,'MoveWindow',\
        MsgWaitForMultipleObjects,'MsgWaitForMultipleObjects',\
  MsgWaitForMultipleObjectsEx,'MsgWaitForMultipleObjectsEx',\
      NotifyWinEvent,'NotifyWinEvent',\
        OemKeyScan,'OemKeyScan',\
        OemToCharA,'OemToCharA',\
        OemToCharBuffA,'OemToCharBuffA',\
        OemToCharBuffW,'OemToCharBuffW',\
        OemToCharW,'OemToCharW',\
        OffsetRect,'OffsetRect',\
        OpenClipboard,'OpenClipboard',\
  OpenDesktopA,'OpenDesktopA',\
    OpenDesktopW,'OpenDesktopW',\
    OpenIcon,'OpenIcon',\
    OpenInputDesktop,'OpenInputDesktop',\
    OpenWindowStationA,'OpenWindowStationA',\
        OpenWindowStationW,'OpenWindowStationW',\
        PackDDElParam,'PackDDElParam',\
  PaintDesktop,'PaintDesktop',\
    PaintMenuBar,'PaintMenuBar',\
    PeekMessageA,'PeekMessageA',\
    PeekMessageW,'PeekMessageW',\
    PostMessageA,'PostMessageA',\
    PostMessageW,'PostMessageW',\
    PostQuitMessage,'PostQuitMessage',\
      PostThreadMessageA,'PostThreadMessageA',\
        PostThreadMessageW,'PostThreadMessageW',\
        PrintWindow,'PrintWindow',\
      PrivateExtractIconExA,'PrivateExtractIconExA',\
  PrivateExtractIconExW,'PrivateExtractIconExW',\
  PrivateExtractIconsA,'PrivateExtractIconsA',\
    PrivateExtractIconsW,'PrivateExtractIconsW',\
    PrivateSetDbgTag,'PrivateSetDbgTag',\
    PrivateSetRipFlags,'PrivateSetRipFlags',\
        PtInRect,'PtInRect',\
    QuerySendMessage,'QuerySendMessage',\
    QueryUserCounters,'QueryUserCounters',\
  RealChildWindowFromPoint,'RealChildWindowFromPoint',\
    RealGetWindowClassA,'RealGetWindowClassA',\
      RealGetWindowClassW,'RealGetWindowClassW',\
      ReasonCodeNeedsBugID,'ReasonCodeNeedsBugID',\
    ReasonCodeNeedsComment,'ReasonCodeNeedsComment',\
        RecordShutdownReason,'RecordShutdownReason',\
    RedrawWindow,'RedrawWindow',\
    RegisterClassA,'RegisterClassA',\
        RegisterClassExA,'RegisterClassExA',\
    RegisterClassExW,'RegisterClassExW',\
    RegisterClassW,'RegisterClassW',\
        RegisterClipboardFormatA,'RegisterClipboardFormatA',\
    RegisterClipboardFormatW,'RegisterClipboardFormatW',\
    RegisterDeviceNotificationA,'RegisterDeviceNotificationA',\
      RegisterDeviceNotificationW,'RegisterDeviceNotificationW',\
      RegisterHotKey,'RegisterHotKey',\
        RegisterLogonProcess,'RegisterLogonProcess',\
    RegisterMessagePumpHook,'RegisterMessagePumpHook',\
      RegisterRawInputDevices,'RegisterRawInputDevices',\
      RegisterServicesProcess,'RegisterServicesProcess',\
      RegisterShellHookWindow,'RegisterShellHookWindow',\
      RegisterSystemThread,'RegisterSystemThread',\
    RegisterTasklist,'RegisterTasklist',\
    RegisterUserApiHook,'RegisterUserApiHook',\
      RegisterWindowMessageA,'RegisterWindowMessageA',\
        RegisterWindowMessageW,'RegisterWindowMessageW',\
        ReleaseCapture,'ReleaseCapture',\
        ReleaseDC,'ReleaseDC',\
  RemoveMenu,'RemoveMenu',\
        RemovePropA,'RemovePropA',\
      RemovePropW,'RemovePropW',\
      ReplyMessage,'ReplyMessage',\
    ResolveDesktopForWOW,'ResolveDesktopForWOW',\
    ReuseDDElParam,'ReuseDDElParam',\
        ScreenToClient,'ScreenToClient',\
        ScrollChildren,'ScrollChildren',\
        ScrollDC,'ScrollDC',\
    ScrollWindow,'ScrollWindow',\
    ScrollWindowEx,'ScrollWindowEx',\
        SendDlgItemMessageA,'SendDlgItemMessageA',\
      SendDlgItemMessageW,'SendDlgItemMessageW',\
      SendIMEMessageExA,'SendIMEMessageExA',\
  SendIMEMessageExW,'SendIMEMessageExW',\
  SendInput,'SendInput',\
  SendMessageA,'SendMessageA',\
    SendMessageCallbackA,'SendMessageCallbackA',\
    SendMessageCallbackW,'SendMessageCallbackW',\
    SendMessageTimeoutA,'SendMessageTimeoutA',\
      SendMessageTimeoutW,'SendMessageTimeoutW',\
      SendMessageW,'SendMessageW',\
    SendNotifyMessageA,'SendNotifyMessageA',\
        SendNotifyMessageW,'SendNotifyMessageW',\
        SetActiveWindow,'SetActiveWindow',\
      SetCapture,'SetCapture',\
        SetCaretBlinkTime,'SetCaretBlinkTime',\
  SetCaretPos,'SetCaretPos',\
      SetClassLongA,'SetClassLongA',\
  SetClassLongW,'SetClassLongW',\
  SetClassWord,'SetClassWord',\
    SetClipboardData,'SetClipboardData',\
    SetClipboardViewer,'SetClipboardViewer',\
        SetConsoleReserveKeys,'SetConsoleReserveKeys',\
  SetCursor,'SetCursor',\
  SetCursorContents,'SetCursorContents',\
  SetCursorPos,'SetCursorPos',\
    SetDebugErrorLevel,'SetDebugErrorLevel',\
        SetDeskWallpaper,'SetDeskWallpaper',\
    SetDlgItemInt,'SetDlgItemInt',\
  SetDlgItemTextA,'SetDlgItemTextA',\
      SetDlgItemTextW,'SetDlgItemTextW',\
      SetDoubleClickTime,'SetDoubleClickTime',\
        SetFocus,'SetFocus',\
    SetForegroundWindow,'SetForegroundWindow',\
      SetInternalWindowPos,'SetInternalWindowPos',\
    SetKeyboardState,'SetKeyboardState',\
    SetLastErrorEx,'SetLastErrorEx',\
        SetLayeredWindowAttributes,'SetLayeredWindowAttributes',\
        SetLogonNotifyWindow,'SetLogonNotifyWindow',\
    SetMenu,'SetMenu',\
      SetMenuContextHelpId,'SetMenuContextHelpId',\
    SetMenuDefaultItem,'SetMenuDefaultItem',\
        SetMenuInfo,'SetMenuInfo',\
      SetMenuItemBitmaps,'SetMenuItemBitmaps',\
        SetMenuItemInfoA,'SetMenuItemInfoA',\
    SetMenuItemInfoW,'SetMenuItemInfoW',\
    SetMessageExtraInfo,'SetMessageExtraInfo',\
      SetMessageQueue,'SetMessageQueue',\
      SetParent,'SetParent',\
  SetProcessDefaultLayout,'SetProcessDefaultLayout',\
      SetProcessWindowStation,'SetProcessWindowStation',\
      SetProgmanWindow,'SetProgmanWindow',\
    SetPropA,'SetPropA',\
    SetPropW,'SetPropW',\
    SetRect,'SetRect',\
      SetRectEmpty,'SetRectEmpty',\
    SetScrollInfo,'SetScrollInfo',\
  SetScrollPos,'SetScrollPos',\
    SetScrollRange,'SetScrollRange',\
        SetShellWindow,'SetShellWindow',\
        SetShellWindowEx,'SetShellWindowEx',\
    SetSysColors,'SetSysColors',\
    SetSysColorsTemp,'SetSysColorsTemp',\
    SetSystemCursor,'SetSystemCursor',\
      SetSystemMenu,'SetSystemMenu',\
  SetSystemTimer,'SetSystemTimer',\
        SetTaskmanWindow,'SetTaskmanWindow',\
    SetThreadDesktop,'SetThreadDesktop',\
    SetTimer,'SetTimer',\
    SetUserObjectInformationA,'SetUserObjectInformationA',\
  SetUserObjectInformationW,'SetUserObjectInformationW',\
  SetUserObjectSecurity,'SetUserObjectSecurity',\
  SetWinEventHook,'SetWinEventHook',\
      SetWindowContextHelpId,'SetWindowContextHelpId',\
        SetWindowLongA,'SetWindowLongA',\
        SetWindowLongW,'SetWindowLongW',\
        SetWindowPlacement,'SetWindowPlacement',\
        SetWindowPos,'SetWindowPos',\
    SetWindowRgn,'SetWindowRgn',\
    SetWindowStationUser,'SetWindowStationUser',\
    SetWindowTextA,'SetWindowTextA',\
        SetWindowTextW,'SetWindowTextW',\
        SetWindowWord,'SetWindowWord',\
  SetWindowsHookA,'SetWindowsHookA',\
      SetWindowsHookExA,'SetWindowsHookExA',\
  SetWindowsHookExW,'SetWindowsHookExW',\
  SetWindowsHookW,'SetWindowsHookW',\
      ShowCaret,'ShowCaret',\
  ShowCursor,'ShowCursor',\
        ShowOwnedPopups,'ShowOwnedPopups',\
      ShowScrollBar,'ShowScrollBar',\
  ShowStartGlass,'ShowStartGlass',\
        ShowWindow,'ShowWindow',\
        ShowWindowAsync,'ShowWindowAsync',\
      SoftModalMessageBox,'SoftModalMessageBox',\
      SubtractRect,'SubtractRect',\
    SwapMouseButton,'SwapMouseButton',\
      SwitchDesktop,'SwitchDesktop',\
  SwitchToThisWindow,'SwitchToThisWindow',\
        SystemParametersInfoA,'SystemParametersInfoA',\
  SystemParametersInfoW,'SystemParametersInfoW',\
  TabbedTextOutA,'TabbedTextOutA',\
        TabbedTextOutW,'TabbedTextOutW',\
        TileChildWindows,'TileChildWindows',\
    TileWindows,'TileWindows',\
      ToAscii,'ToAscii',\
      ToAsciiEx,'ToAsciiEx',\
  ToUnicode,'ToUnicode',\
  ToUnicodeEx,'ToUnicodeEx',\
      TrackMouseEvent,'TrackMouseEvent',\
      TrackPopupMenu,'TrackPopupMenu',\
        TrackPopupMenuEx,'TrackPopupMenuEx',\
    TranslateAcceleratorA,'TranslateAcceleratorA',\
  TranslateAcceleratorW,'TranslateAcceleratorW',\
  TranslateMDISysAccel,'TranslateMDISysAccel',\
    TranslateMessage,'TranslateMessage',\
    TranslateMessageEx,'TranslateMessageEx',\
        UnhookWinEvent,'UnhookWinEvent',\
        UnhookWindowsHook,'UnhookWindowsHook',\
  UnhookWindowsHookEx,'UnhookWindowsHookEx',\
      UnionRect,'UnionRect',\
  UnloadKeyboardLayout,'UnloadKeyboardLayout',\
    UnlockWindowStation,'UnlockWindowStation',\
      UnpackDDElParam,'UnpackDDElParam',\
      UnregisterClassA,'UnregisterClassA',\
    UnregisterClassW,'UnregisterClassW',\
    UnregisterDeviceNotification,'UnregisterDeviceNotification',\
    UnregisterHotKey,'UnregisterHotKey',\
    UnregisterMessagePumpHook,'UnregisterMessagePumpHook',\
  UnregisterUserApiHook,'UnregisterUserApiHook',\
  UpdateLayeredWindow,'UpdateLayeredWindow',\
      UpdatePerUserSystemParameters,'UpdatePerUserSystemParameters',\
  UpdateWindow,'UpdateWindow',\
    User32InitializeImmEntryTable,'User32InitializeImmEntryTable',\
  UserClientDllInitialize,'UserClientDllInitialize',\
      UserHandleGrantAccess,'UserHandleGrantAccess',\
  UserLpkPSMTextOut,'UserLpkPSMTextOut',\
  UserLpkTabbedTextOut,'UserLpkTabbedTextOut',\
    UserRealizePalette,'UserRealizePalette',\
        UserRegisterWowHandlers,'UserRegisterWowHandlers',\
      VRipOutput,'VRipOutput',\
        VTagOutput,'VTagOutput',\
        ValidateRect,'ValidateRect',\
    ValidateRgn,'ValidateRgn',\
      VkKeyScanA,'VkKeyScanA',\
        VkKeyScanExA,'VkKeyScanExA',\
    VkKeyScanExW,'VkKeyScanExW',\
    VkKeyScanW,'VkKeyScanW',\
        WCSToMBEx,'WCSToMBEx',\
  WINNLSEnableIME,'WINNLSEnableIME',\
      WINNLSGetEnableStatus,'WINNLSGetEnableStatus',\
  WINNLSGetIMEHotkey,'WINNLSGetIMEHotkey',\
        WaitForInputIdle,'WaitForInputIdle',\
    WaitMessage,'WaitMessage',\
      Win32PoolAllocationStats,'Win32PoolAllocationStats',\
    WinHelpA,'WinHelpA',\
    WinHelpW,'WinHelpW',\
    WindowFromDC,'WindowFromDC',\
    WindowFromPoint,'WindowFromPoint',\
      keybd_event,'keybd_event',\
      mouse_event,'mouse_event',\
      wsprintfA,'wsprintfA',\
  wsprintfW,'wsprintfW',\
  wvsprintfA,'wvsprintfA',\
        wvsprintfW,'wvsprintfW'

section '.reloc' fixups readable discardable
    


Description:
Download
Filename: user32.zip
Filesize: 14.29 KB
Downloaded: 69 Time(s)

Post 26 Oct 2009, 06:02
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17716
Location: In your JS exploiting you and your system
revolution
I suggest you try your test on something less damaging and simpler than user32.dll. I am certainly not going to install it and test it on my system.

Write your own simple DLL and the forward that with another DLL. Only when that is all tested and working then you can move on to the next level. I don't think you should go messing up your system with unproven code.
Post 26 Oct 2009, 06:58
View user's profile Send private message Visit poster's website Reply with quote
asmfan



Joined: 11 Aug 2006
Posts: 392
Location: Russian
asmfan
1. name topic correctly. "sos!" is terrible dunno if rules allow this kind of names)
2. align labels/addresses for sure on their natural sizes (strings on 2) i counted 5 "align"ments that could be there not sure they're all necessary there but several for sure.
3. where this proxy-dll can be used?

It doesn't handle exports by ordinals as shown in MS pecoff ref.
Post 26 Oct 2009, 12:11
View user's profile Send private message Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3170
Location: Denmark
f0dder
You're not going to be very successful in patching up system DLLs in this way, for several reasons, so don't even try.

Export forwarding itself can be a useful feature, though.
Post 27 Oct 2009, 08:08
View user's profile Send private message Visit poster's website Reply with quote
asmfan



Joined: 11 Aug 2006
Posts: 392
Location: Russian
asmfan
*Actually 1 alignment can be made at the very beginning if all strings are relocated to the end (incl. dll export name itself)

f0dder wrote:

Export forwarding itself can be a useful feature, though.

Is there any example that could reveal its value? Except for R3 kernel-level shortcuts from userland to ntdll call gates (if any but not always - mostly mere R3 code) in kenrel32. Where else such "shortcut redirection" is useful?

_________________
Any offers?
Post 27 Oct 2009, 12:38
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on GitHub, YouTube, Twitter.

Website powered by rwasa.