flat assembler
Message board for the users of flat assembler.

Index > Windows > DLL Data Sharing + LowLevelMouseHook example

Author
Thread Post new topic Reply to topic
r22



Joined: 27 Dec 2004
Posts: 805
r22 26 Nov 2006, 06:36
Say you have a DLL that has a chunk of data in it's data section that you'd like your process (that uses the DLL to have). Just export the data sections address (in the DLL) and import the address in the program (that uses the DLL).

You can always make Get* and Set* methods that return the address to and set the data, but this method seems a little cleaner.

Small Example: This is a PE64 DLL that contains a low level mouse hook. The mouse hook is used to help make randomly generated encyrption keys more random. There's a 16 byte (2x qword) peice of the data section that the process that uses the DLL would like to have.

DLL
Code:
format PE64 DLL
entry EntryPoint
include '%fasminc%\win64a.inc'

section '.code' code readable executable

EntryPoint:
        mov     qword[hMod],rcx ;;;instance handle
        mov     eax,TRUE
        ret     0

;;;LRESULT CALLBACK
;;;Input: rcx=nCode rdx=wParm r8=lParm
CallbackMouseHook:
        mov     rax,[r8] ;;;POINT struct at MSLLHOOKSTRUCT.pt
        sub     rsp,8*8 ;;; set up stack for later api calls
        cmp     edx,WM_MOUSEMOVE ;;;if NOT mousemove event skip logic
        jne     .skip
        add     qword[ForEncKey],rax
        add     qword[ForEncKey+4],rax
        bswap   rax
        sub     qword[ForEncKey+8],rax
        add     dword[ForEncKey+12],eax
        mov     qword[rsp+8*5],rcx
        mov     qword[rsp+8*6],rdx
        ;;;mov     qword[rsp+8*7],r8
        rdtsc
        mov     rcx,qword[rsp+8*5]
        mov     rdx,qword[rsp+8*6]
        ;;;mov     r8,qword[rsp+8*7]
        xor     dword[ForEncKey+12],eax
        sub     dword[ForEncKey+8],eax
        xor     dword[ForEncKey+4],eax
        add     dword[ForEncKey],eax
                not            dword[ForEncKey+12]
   .skip:
        call    [CallNextHookEx]
        add     rsp,8*8
        ret     0


section '.data' data readable writeable
;;;module handle
hMod      dq 0
;;;Shared information
SharedAddr:
ForEncKey dq 0,0

section '.idata' import data readable writeable
  library kernel32,'KERNEL32.DLL',\
          user32,'USER32.DLL'
  include '%fasminc%\apia\kernel32.inc'
  include '%fasminc%\apia\user32.inc'

section '.edata' export data readable

  export 'MouseHook.DLL',\
         SharedAddr,'SharedAddr',\
         CallbackMouseHook,'CallbackMouseHook'
    


Executable
Code:
...
section '.data' data readable writeable
ForEncKey dq 0,0
...
        mov     rax,qword[SharedAddr]
        mov     rcx,qword[rax] ;;;1st qword of ForEncKey
        mov     rax,qword[rax+8] ;;;2nd qword
        mov     qword[ForEncKey],rcx
        mov     qword[ForEncKey+8],rax
...
section '.idata' import data readable writeable
;;;API imports
  library kernel32,'KERNEL32.DLL',\
          user32,'USER32.DLL',\
          utils,'MouseHook.DLL'

        import MouseHook,\
               SharedAddr,'SharedAddr' ;;;Not a function dll shared data ptr
  include '%fasminc%\apia\kernel32.inc'
  include '%fasminc%\apia\user32.inc'

    



Any thoughts?
Do you think having a function that returns the address and then using a memcpy api is more appropriate in this situation, or is exporting the address just as good?
Post 26 Nov 2006, 06:36
View user's profile Send private message AIM Address Yahoo Messenger Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.