flat assembler
Message board for the users of flat assembler.

Index > Windows > DLL Export Forwarding

Goto page Previous  1, 2
Author
Thread Post new topic Reply to topic
AE



Joined: 07 Apr 2022
Posts: 70
AE 13 Apr 2022, 01:10
macomics wrote:

Code:
format PE64 GUI 5.0 DLL
entry DllEntryPoint
include 'win64a.inc'

section '.text' code readable executable

proc DllEntryPoint hinstDLL,fdwReason,lpvReserved
        cmp rdx, DLL_PROCESS_ATTACH
        jne @f
    @RT:
        mov rax, TRUE
        ret
    @@:
        cmp rdx, DLL_THREAD_ATTACH
        jne @f
        ret
    @@:
        cmp rdx, DLL_THREAD_DETACH
        jne @f
        ret
    @@:
        cmp rdx, DLL_PROCESS_DETACH
        jne @f
        ret
    @@: ret
endp

; It's much shorter than creating a string for each function.
__forward_VerLanguageNameA:
        jmp [VerLanguageNameA]

section '.edata' export data readable

export 'version.dll',\
    __forward_VerLanguageNameA, 'VerLanguageNameA'
;    __forward_VerLanguageNameA db 'C:\Windows\System32\version.dll.VerLanguageNameA',0

section '.reloc' fixups data readable discardable
    if $=$$
        dd 0,8
    end if        


Not sure what did you mean, get this with your code

Image

Quote:
You can specify an absolute path in the import section

Could you clarify the implementation of this method in the context of the current task? Working example maybe? (If you don't mind)
Post 13 Apr 2022, 01:10
View user's profile Send private message Reply with quote
Ali.Z



Joined: 08 Jan 2018
Posts: 716
Ali.Z 13 Apr 2022, 02:59
according to your post here:
https://board.flatassembler.net/topic.php?p=222064#222064

it looks like you are trying to intercept or inject or alter some functionality in a software via dynamically loaded libraries, in either ways you are over complicating things here... perhaps you want to be clear regarding your end goals.

_________________
Asm For Wise Humans
Post 13 Apr 2022, 02:59
View user's profile Send private message Reply with quote
AE



Joined: 07 Apr 2022
Posts: 70
AE 13 Apr 2022, 03:30
Ali.Z wrote:
to be clear regarding your end goals

The goal is workin proxy dll (including Win7).
I know a lot of ways to implement this stuff (working ones) but I think that in this particular case the most elegant solution would be this one.

And eventually I'm just curious what it's kind of bug Smile

A few moments later...

It seems that fasm has nothing to do with it.
I wrote a similar dll in C++ and the result is the same...
Apparently it's a bug of old OSes

A few moments later...

Solved!
Everything works if we remove file extension from the full path Very Happy
Post 13 Apr 2022, 03:30
View user's profile Send private message Reply with quote
Ali.Z



Joined: 08 Jan 2018
Posts: 716
Ali.Z 14 Apr 2022, 01:21
AE wrote:
The goal is workin proxy dll


I have to be honest, at first I didn't understand the meaning of proxy dll. I had to read the entire thread. (never heard or read this term)

And it is clear now that what you meant is just a JUMP TABLE...

_________________
Asm For Wise Humans
Post 14 Apr 2022, 01:21
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.