flat assembler
Message board for the users of flat assembler.

Index > Windows > My DLL how load my dll not use LoadLibrary & GetProcAdre

Goto page 1, 2  Next
Author
Thread Post new topic Reply to topic
Roman



Joined: 21 Apr 2012
Posts: 1847
Roman 21 Aug 2013, 12:36
I create my DLL. DLL show MessageBox 'Hello World'
I must load my dll and run.
But not use WinAPI functions LoadLibrary and GetProcAddress.

My loader use WinAPI function ReadFile for load MyDLL.
My loader does not know anything about the MessageBoxA .


How do this? Help me, please.


Last edited by Roman on 22 Aug 2013, 04:09; edited 1 time in total
Post 21 Aug 2013, 12:36
View user's profile Send private message Reply with quote
bitRAKE



Joined: 21 Jul 2003
Posts: 4073
Location: vpcmpistri
bitRAKE 21 Aug 2013, 15:25
It is exactly the same as system DLLs. Imported functions used need to be added to IAT, along with DLL name.

<See the \EXAMPLES\DLL\LASTERR.ASM within the download.>
Post 21 Aug 2013, 15:25
View user's profile Send private message Visit poster's website Reply with quote
DOS386



Joined: 08 Dec 2006
Posts: 1905
DOS386 21 Aug 2013, 15:59
> My DLL how load my dll not use LoadLibrary & GetProcAdre

Put your DLL into the import area. Check out my DeLL HeLL too : http://board.flatassembler.net/topic.php?t=11170
Post 21 Aug 2013, 15:59
View user's profile Send private message Reply with quote
HaHaAnonymous



Joined: 02 Dec 2012
Posts: 1178
Location: Unknown
HaHaAnonymous 21 Aug 2013, 16:03
[ Post removed by author. ]


Last edited by HaHaAnonymous on 28 Feb 2015, 20:09; edited 1 time in total
Post 21 Aug 2013, 16:03
View user's profile Send private message Reply with quote
DOS386



Joined: 08 Dec 2006
Posts: 1905
DOS386 21 Aug 2013, 16:06
> I think he wants to load the DLL by using a different function, i.e.:
> recreate the ordinary Windows' function (a.k.a. the unnecessary hard way).

Hog memory, load the file, parse PE structures, resolve imports (recursive deal), ...
Post 21 Aug 2013, 16:06
View user's profile Send private message Reply with quote
Roman



Joined: 21 Apr 2012
Posts: 1847
Roman 22 Aug 2013, 04:06
Yes. My DLL use WinAPI function MessageBoxA.
But my loader does not know anything about the MessageBoxA.
Post 22 Aug 2013, 04:06
View user's profile Send private message Reply with quote
DOS386



Joined: 08 Dec 2006
Posts: 1905
DOS386 22 Aug 2013, 05:44
> But my loader does not know anything about the MessageBoxA.

You can find the function in [AB]USER32.DLL ... check whether it's already loaded (most likely it is) ... load it if not or you want a private copy ... walk through the export name list and find "MessageBoxA" function ... peek it's address and patch it into your EXE importing it ... voila Smile Smile Smile Smile Smile Smile Smile
Post 22 Aug 2013, 05:44
View user's profile Send private message Reply with quote
Roman



Joined: 21 Apr 2012
Posts: 1847
Roman 22 Aug 2013, 06:10
I get addres user32.dll.
But how walk the export name list ?
Post 22 Aug 2013, 06:10
View user's profile Send private message Reply with quote
DOS386



Joined: 08 Dec 2006
Posts: 1905
DOS386 22 Aug 2013, 06:51
Roman wrote:
I get addres user32.dll. But how walk the export name list ?


You must understand the (flawed, by M$) structure of PE very well. Get some docs about PE, check my DeLL HeLL (see above, it's about it), learn to brew PE, learn to parse PE (MZ header -> PE header -> Optional header -> Directories+Sexions -> RVA of Export Descriptor -> List of function names -> List of Ordinals -> List of function addresses -> Yeah !!! Idea ), search for exports in system DLL's. 1 2 3 4 Shocked
Post 22 Aug 2013, 06:51
View user's profile Send private message Reply with quote
Roman



Joined: 21 Apr 2012
Posts: 1847
Roman 22 Aug 2013, 07:05
I mean list of functions in USER32.DLL !
I going walk on USER32.DLL names of functions.
If we open in WinNotePad the file USER32.DLL. We can find text 'MessageBoxA'
But after text 'MessageBoxA' comes the space and new text 'MessageBoxExA'
On this basis how do know the actual address the MessageBoxA ?

If it was that easy I would have used GetProcAddress and did not suffer.
Post 22 Aug 2013, 07:05
View user's profile Send private message Reply with quote
DOS386



Joined: 08 Dec 2006
Posts: 1905
DOS386 22 Aug 2013, 07:10
Roman wrote:
I mean list of functions in USER32.DLL !


Me too, see previous post.

> If we open in WinNotePad the file USER32.DLL.
> We can find text 'MessageBoxA'

Seems you need a simpler challenge for now, this is too difficult for you.

_________________
Bug Nr.: 12345

Title: Hello World program compiles to 100 KB !!!

Status: Closed: NOT a Bug
Post 22 Aug 2013, 07:10
View user's profile Send private message Reply with quote
HaHaAnonymous



Joined: 02 Dec 2012
Posts: 1178
Location: Unknown
HaHaAnonymous 22 Aug 2013, 13:46
[ Post removed by author. ]


Last edited by HaHaAnonymous on 28 Feb 2015, 20:08; edited 1 time in total
Post 22 Aug 2013, 13:46
View user's profile Send private message Reply with quote
Roman



Joined: 21 Apr 2012
Posts: 1847
Roman 22 Aug 2013, 16:00
Please test my programm.
Do not worry no viruses.
Write for Windows 7 32 bits.
Please write your resultat (work or not).


Description:
Download
Filename: MyDLL2.rar
Filesize: 769 Bytes
Downloaded: 1272 Time(s)

Post 22 Aug 2013, 16:00
View user's profile Send private message Reply with quote
DOS386



Joined: 08 Dec 2006
Posts: 1905
DOS386 23 Aug 2013, 14:50
> write your resultat

source not found
Post 23 Aug 2013, 14:50
View user's profile Send private message Reply with quote
Roman



Joined: 21 Apr 2012
Posts: 1847
Roman 23 Aug 2013, 15:41
DOS386
My programm work on your window ?
Post 23 Aug 2013, 15:41
View user's profile Send private message Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3175
Location: Denmark
f0dder 23 Aug 2013, 20:42
HaHaAnonymous wrote:
Quote:

Get some docs about PE, check my DeLL HeLL...

So microsoft didn't release an official documentation. That's what I call incompetence.
But that's the maximum you can expect from microsoft (which doesn't deserve its name to be correctly typed).

Yep, you're right. Stupid, evil Microsoft - there's no official documentation.

_________________
Image - carpe noctem
Post 23 Aug 2013, 20:42
View user's profile Send private message Visit poster's website Reply with quote
HaHaAnonymous



Joined: 02 Dec 2012
Posts: 1178
Location: Unknown
HaHaAnonymous 23 Aug 2013, 21:00
[ Post removed by author. ]


Last edited by HaHaAnonymous on 28 Feb 2015, 20:07; edited 1 time in total
Post 23 Aug 2013, 21:00
View user's profile Send private message Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3175
Location: Denmark
f0dder 23 Aug 2013, 21:05
HaHaAnonymous wrote:
Quote:
Yep, you're right. Stupid, evil Microsoft - there's no official documentation.

Are you being sarcastic or is this really true? I just want to make things as clear as possible.

Yes, I'm being sarcastic - the PECOFF specification has been available for quite a while. And no, it doesn't document corner cases or extreme specifics about bugs and omissions of how the PE loader is implemented in various Windows versions... but the documentation was written for "normal" toolchain implementers, not "let's try to make something smaller than a 512-byte sector" obsessives Smile

HaHaAnonymous wrote:
And I'm still waiting for your reply on that topic... Not sure if you will reply to (I think no).

Which?

_________________
Image - carpe noctem
Post 23 Aug 2013, 21:05
View user's profile Send private message Visit poster's website Reply with quote
AsmGuru62



Joined: 28 Jan 2004
Posts: 1671
Location: Toronto, Canada
AsmGuru62 23 Aug 2013, 21:05
So, you did not download the documentation from MSDN on that link?
Before getting the document -- you must accept the agreement, however.
Post 23 Aug 2013, 21:05
View user's profile Send private message Send e-mail Reply with quote
Bargest



Joined: 09 Feb 2012
Posts: 79
Location: Russia
Bargest 23 Aug 2013, 21:05
If you follow the link, provided by f0dder, you will download this documentation. I've used it for my COFF parser.
Post 23 Aug 2013, 21:05
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page 1, 2  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.