flat assembler
Message board for the users of flat assembler.


Warning: sizeof(): Parameter must be an array or an object that implements Countable in /home/privalov/sites/board.flatassembler.net/attach_mod/displaying.php on line 626
Index > Windows > how to create export function from scratch(without macro) ?

Author
Thread Post new topic Reply to topic
ivan_tux



Joined: 23 Jun 2012
Posts: 27
Location: Indonesia
ivan_tux
I'm currently learning PE files...
i had been understood all the structures, and how to import function without macro function(like format pe, library, import..., and so on)

now, i want to try create export function in dll file without 'proc' macro..
but, how? can you give me some examples, please Smile ?
Post 30 Dec 2012, 08:10
View user's profile Send private message Reply with quote
edfed



Joined: 20 Feb 2006
Posts: 4240
Location: 2018
edfed
proc is a calling convention macro.
then, you just have to execute the instructions for this calling convention to create a proc.

to create the exports fields, you need to declare the labels and values of the exported functions accordinglly to the microsoft dll export sheme. Smile just look at the examples in the fasmw/example folder. Smile
Post 30 Dec 2012, 11:03
View user's profile Send private message Visit poster's website Reply with quote
ivan_tux



Joined: 23 Jun 2012
Posts: 27
Location: Indonesia
ivan_tux
Ya, then how to reads parameter from stack????
Shocked
Post 31 Dec 2012, 05:49
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17450
Location: In your JS exploiting you and your system
revolution
It is there in the examples section of the fasm download. edfed already pointed you there. See PEDLL.ASM
Code:
; fasm example of writing PE dynamic link library

format PE console DLL
entry DLL_init

macro align value { rb (value-1) - (RVA $ + value-1) mod value }

section '.code' code readable executable

DLL_init:
        mov     eax,1                   ; successful initialization
 ret     0Ch

align 4                              ; dword alignment

WriteText:                         ; edx must point to zero padded text
        push    -11
 call    [GetStdHandle]
      mov     ebx,eax
     mov     edi,edx
     or      ecx,-1
      xor     al,al
       repne   scasb
       neg     ecx
 sub     ecx,2
       push    0
   push    bytes_count
 push    ecx
 push    edx
 push    ebx
 call    [WriteFile]
 ret

section '.data' data readable writeable

  bytes_count dd ?

section '.idata' import data readable writeable

  dd 0,0,0,RVA kernel_name,RVA kernel_table
  dd 0,0,0,0,0

  kernel_table:
    GetStdHandle dd RVA _GetStdHandle
    WriteFile dd RVA _WriteFile
    dd 0

  kernel_name db 'KERNEL32.DLL',0

  _GetStdHandle dw 0
    db 'GetStdHandle',0
  _WriteFile dw 0
    db 'WriteFile',0

section '.edata' export data readable

  dd 0,0,0,RVA dlldemo_name,1
  dd 1,1,RVA addresses_table,RVA names_table,RVA ordinal_table

  addresses_table:
    dd RVA WriteText

  names_table:
    dd RVA _WriteText
  ordinal_table:
    dw 0

  dlldemo_name db 'PEDLL.DLL',0

  _WriteText db 'WriteText',0

section '.reloc' fixups data readable discardable    
Post 31 Dec 2012, 05:56
View user's profile Send private message Visit poster's website Reply with quote
ivan_tux



Joined: 23 Jun 2012
Posts: 27
Location: Indonesia
ivan_tux
Hey, thanks all...
but i think i've found what i ask.... Very Happy
Post 04 Jan 2013, 12:12
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on YouTube, Twitter.

Website powered by rwasa.