flat assembler
Message board for the users of flat assembler.
Index
> Windows > Import a DLL by hand? Goto page Previous 1, 2 |
Author |
|
RedGhost 15 Aug 2006, 12:37
f0dder wrote: RedGhost: you just lost Win9x support there - that does matter to a few people. I thought it was kernel32.dll or ntdll.dll which I was implying, thanks for correcting me. It is exactly the same for Win9x but the location in PEB is a bit different, someone on this forum posted a code solution for it _________________ redghost.ca |
|||
15 Aug 2006, 12:37 |
|
Xanfa 15 Aug 2006, 12:44
Never heard about PEB before ! Can you explain more ?
|
|||
15 Aug 2006, 12:44 |
|
karl 15 Aug 2006, 21:39
Process Environment Block
check structure here : http://undocumented.ntinternals.net/UserMode/Undocumented%20Functions/NT%20Objects/Process/PEB.html "Structure PEB (Process Enviroment Block) contains all User-Mode parameters associated by system with current process. " |
|||
15 Aug 2006, 21:39 |
|
karl 15 Aug 2006, 21:44
ooo, found wonderful information here:
http://www.microsoft.com/mspress/books/sampchap/4354.asp sample of the awesome Inside Windows book. search for Figure 6-4 |
|||
15 Aug 2006, 21:44 |
|
karl 23 Aug 2006, 13:15
i've been trying to import without macros for a while. you can write out the .exe manually (search for manual .exe in windows forum) but now i see you can do it how tomasz does it:
Code: format PE entry start start: push 0 push caption push message push 0 call [MessageBox] push 0 call [ExitProcess] caption db 'warning',0 message db 'you are importing without a macro',0 section '.idata' import data readable writeable dd 0,0,0,rva kernel_name,rva kernel_table dd 0,0,0,rva user32_name,rva user32_table dd 0,0,0,0,0 kernel_table: ExitProcess dd rva _ExitProcess dd 0 user32_table: MessageBox dd rva _MessageBox dd 0 kernel_name db 'KERNEL32.DLL',0 user32_name db 'USER32.DLL',0 _ExitProcess dw 0 db 'ExitProcess',0 _MessageBox dw 0 db 'MessageBoxA',0 pretty cool, huh? |
|||
23 Aug 2006, 13:15 |
|
karl 23 Aug 2006, 14:44
first line should be 'format PE gui'
|
|||
23 Aug 2006, 14:44 |
|
karl 23 Aug 2006, 14:45
first line should be 'format PE gui'
|
|||
23 Aug 2006, 14:45 |
|
Goto page Previous 1, 2 < Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.