 |
|
 |
When i try to make a proxy for ws2_32.dll with your tool, i get the following error:
Entry Point Not Found - The procedure entry point wsagetlasterror could not be located in the dynamic link library wsock32.dll
So i tried to proxy wsock32.dll too but then the program says it could not be initialized.
Any idea about what happening ?
|
| Sign In·View Thread·PermaLink | |
|
|
|
 |
|
|
 |
|
 |
"/def" ??
Is that a command i did not see and missed or are you talking about the generated def file? I work with visual C++ 8.
|
| Sign In·View Thread·PermaLink | |
|
|
|
 |
|
 |
http://msdn.microsoft.com/en-us/library/28d6s79h.aspx[^]
The /DEF option passes a module-definition file (.def) to the linker. Only one .def file can be specified to LINK. For details about .def files, see Module-Definition Files.
To set this linker option in the Visual Studio development environment Open the project's Property Pages dialog box. For details, see Setting Visual C++ Project Properties.
Click the Linker folder.
Click the Input property page.
Modify the Module Definition File property.
To specify a .def file from within the development environment, you should add it to the project along with other files and then specify the file to the /DEF option.
|
| Sign In·View Thread·PermaLink | |
|
|
|
 |
|
 |
Any idea about this means ?
http://img228.imageshack.us/img228/7624/again.jpg
When the program loads the proxy DLL this error occures.
modified on Wednesday, July 29, 2009 11:15 AM
|
| Sign In·View Thread·PermaLink | |
|
|
|
 |
|
|
 |
|
 |
Hi, I created this application based on the above to remove the dependencies to other tools (dumpbin). It is a test and can be improved. Regards.
#include "stdafx.h" #include "stdafx.h" #include "windows.h" #include "winnt.h" #include <assert.h> #include <stdio.h> #include <stdlib.h> #include "string.h"
int main(int argc, char* argv[]) { char DefFile[255]; char CppFile[255]; if(argc!=3) { printf("\nMissing parameters ex:"); printf("\nExtractDllExports ws2_32.dll ws2_32"); return 2; } memset(DefFile,0,sizeof(DefFile)); memset(CppFile,0,sizeof(CppFile)); sprintf(DefFile,"%s.def",argv[2]); sprintf(CppFile,"%s.cpp",argv[2]); FILE *fpdef; FILE *fpcpp; if((fpdef=fopen(DefFile, "w+"))==NULL) { printf("\Error in CreateFile %s",DefFile); return 1; } if((fpcpp=fopen(CppFile, "w+"))==NULL) { printf("\Error in CreateFile %s",CppFile); return 1; } HMODULE lib = LoadLibraryExA(argv[1], NULL, DONT_RESOLVE_DLL_REFERENCES); if(lib==NULL) { printf("\nError in LoadLibraryExA. Dll:%s",argv[1]); return 1; } assert(((PIMAGE_DOS_HEADER)lib)->e_magic == IMAGE_DOS_SIGNATURE); PIMAGE_NT_HEADERS header =PIMAGE_NT_HEADERS((BYTE *)lib + ((PIMAGE_DOS_HEADER)lib)->e_lfanew); assert(header->Signature == IMAGE_NT_SIGNATURE); assert(header->OptionalHeader.NumberOfRvaAndSizes > 0); PIMAGE_EXPORT_DIRECTORY exports = PIMAGE_EXPORT_DIRECTORY((BYTE *)lib + header->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress); PVOID names = (BYTE *)lib + exports->AddressOfNames; WORD *Ordinals = (WORD*)((BYTE *)lib + exports->AddressOfNameOrdinals); fputs("\n//**** remember to add the /def parameter to linker ****",fpcpp); fputs("\n#include <windows.h>",fpcpp); fputs("\n\nHINSTANCE hLThis = 0;",fpcpp); fputs("\nHINSTANCE hL = 0;",fpcpp); char Farproc[255]; memset(Farproc,0,sizeof(Farproc)); sprintf(Farproc,"\nFARPROC p[%d] = {0};",exports->NumberOfNames); fputs(Farproc,fpcpp); fputs("\nBOOL WINAPI DllMain(HINSTANCE hInst,DWORD reason,LPVOID)",fpcpp); fputs("\n{",fpcpp); fputs("\n if (reason == DLL_PROCESS_ATTACH)",fpcpp); fputs("\n {",fpcpp); fputs("\n hLThis = hInst;",fpcpp); char DllName[255]; memset(DllName,0,sizeof(DllName)); sprintf(DllName,"\n hL = LoadLibrary(\"%s\");",argv[1]); fputs(DllName,fpcpp); fputs("\n if (!hL) return false;",fpcpp);
fputs("EXPORTS",fpdef); for (int i = 0; i < exports->NumberOfNames; i++) { char txtFunction[255]; memset(txtFunction,0,sizeof(txtFunction)); WORD w=(WORD )(BYTE *)lib + ((WORD *)Ordinals)[i]+1; sprintf(txtFunction,"\n%s=__E__%d__ @%d", (BYTE *)lib + ((DWORD *)names)[i],i,w); fputs(txtFunction,fpdef); char txtPointer[255]; memset(txtPointer,0,sizeof(txtPointer)); sprintf(txtPointer,"\n p[%d] = GetProcAddress(hL,\"%s\");",i,(BYTE *)lib + ((DWORD *)names)[i]); fputs(txtPointer,fpcpp);
} fputs("\n }",fpcpp); fputs("\n if (reason == DLL_PROCESS_DETACH)",fpcpp); fputs("\n {",fpcpp); fputs("\n FreeLibrary(hL);",fpcpp); fputs("\n }",fpcpp); fputs("\n return 1;",fpcpp); fputs("\n}",fpcpp); fputs("\n// gethostname",fpcpp); fputs("\n// Example replace functions ",fpcpp); fputs("\n//extern \"C\" int __stdcall __E__92__(char *name, int namelen)",fpcpp); fputs("\n// {",fpcpp); fputs("\n//call original gethostname",fpcpp); fputs("\n// typedef int (__stdcall *pS)(char*,int);",fpcpp); fputs("\n// pS pps = (pS)p[92];",fpcpp); fputs("\n// int rv = pps(name,namelen);",fpcpp); fputs("\n// if(rv==0)",fpcpp); fputs("\n// {",fpcpp); fputs("\n// memset(name,0,namelen);",fpcpp); fputs("\n//Manipulate result",fpcpp); fputs("\n// strcpy(name,\"TestName\");",fpcpp); fputs("\n// }",fpcpp); fputs("\n// return rv;",fpcpp); fputs("\n// }",fpcpp); fputs("\n//end example;",fpcpp); for (int i = 0; i < exports->NumberOfNames; i++) { char Comentario[255]; char Encabezado[255]; char Salto[255]; memset(Comentario,0,sizeof(Comentario)); memset(Encabezado,0,sizeof(Encabezado)); memset(Salto,0,sizeof(Salto)); sprintf(Comentario,"\n\n//%s",(BYTE *)lib + ((DWORD *)names)[i]); sprintf(Encabezado,"\nextern \"C\" __declspec(naked) void __stdcall __E__%d__()",i); sprintf(Salto,"\n jmp p[%u*%u];",i,sizeof(void*)); fputs(Comentario,fpcpp); fputs(Encabezado,fpcpp); fputs("\n{",fpcpp); fputs("\n __asm",fpcpp); fputs("\n {",fpcpp); fputs(Salto,fpcpp); fputs("\n }",fpcpp); fputs("\n}",fpcpp);
} fcloseall(); return 0; }
|
| Sign In·View Thread·PermaLink | 2.00/5 |
|
|
|
 |
|
 |
There is an error in the last example. It must not be
pS pps = (pS)p[63*4];
but
pS pps = (pS)p[69];
Someone in previous comments got access violation - it is due to this error, not because "(naked)" or something else.
|
| Sign In·View Thread·PermaLink | |
|
|
|
 |
|
 |
Hi!
I am new to c++ programming so this question might sound silly.
I am trying to manipulate the parameters and proxy this function:
D3DXMATRIX* WINAPI D3DXMatrixLookAtRH ( D3DXMATRIX *pOut, CONST D3DXVECTOR3 *pEye, CONST D3DXVECTOR3 *pAt, CONST D3DXVECTOR3 *pUp );
And the code from my proxy dll looks like this:
extern "C" D3DXMATRIX* WINAPI __stdcall __E__205__(D3DXMATRIX *pOut,CONST D3DXVECTOR3 *pEye, CONST D3DXVECTOR3 *pAt, CONST D3DXVECTOR3 *pUp) {
typedef D3DXMATRIX* (WINAPI __stdcall *pS)(D3DXMATRIX*, CONST D3DXVECTOR3*, CONST D3DXVECTOR3*, CONST D3DXVECTOR3*); pS pps = (pS)p[205*4]; D3DXMATRIX* rv = pps(pOut,pEye,pAt,pUp);
return rv; }
I get an unhandled exception. Any idea what am I doing wrong?
|
| Sign In·View Thread·PermaLink | |
|
|
|
 |
|
 |
At first glance, I don't see anything wrong. Do ALL functions crash ? If not, then chances are that you calling the function with bad parameters.
1. Is it for a 64-bit dll ? (then you need 205*8!) 2. WINAPI = __stdcall so you do not need both. 3. Check the value of the rv while debugging.
|
| Sign In·View Thread·PermaLink | |
|
|
|
 |
|
 |
For the first test I just pass on the parameters on and don't manipulate them. What is interesting if I do this: (debugging it)
extern "C" D3DXMATRIX* __stdcall __E__205__(D3DXMATRIX *pOut,CONST D3DXVECTOR3 *pEye, CONST D3DXVECTOR3 *pAt, CONST D3DXVECTOR3 *pUp) {
std::ofstream outdata; outdata.open("C:\\out.txt"); outdata << "Eye:" << pEye->x << " " << pEye->y << " " << pEye->z << std::endl; outdata.close(); return NULL; }
The function calls seem to succeed. Because the parameters do have the right values. So I am shore the function is called.
Maybe it has something to do with the first function parameter being the [in, out] parameter? The function out parameter and the returning type are the same. (according to documentation: http://msdn.microsoft.com/en-us/library/bb205343(VS.85).aspx[^])
if I put the rest of the function in I get an unhandled exception at this line of code:
D3DXMATRIX* rv = pps(pOut,pEye,pAt,pUp);
|
| Sign In·View Thread·PermaLink | |
|
|
|
 |
|
 |
When i try to use "proxy2.exe dumpbin /exports wsock32.dll > exports.txt" i get the following written into the exports.txt :
Wrappit. Copyright (C) Chourdakis Michael
Usage: WRAPPIT
==================================================================
I tried diffrent dlls but it didnt work either...
Thanks for answers
Thelod
|
| Sign In·View Thread·PermaLink | |
|
|
|
 |
|
|
 |
|
 |
I 've created a second version which works without inline assembly, by using forwards - and it works with PPC and x64. If anyone interested, mail me , I should update the CP article soon.
|
| Sign In·View Thread·PermaLink | 5.00/5 |
|
|
|
 |
|
 |
Hey, it's a very handy tool, excellent work.
Can you email me your new version?
Thank you very much.
visit me at http://usuarios.lycos.es/hernandp
|
| Sign In·View Thread·PermaLink | |
|
|
|
 |
|
 |
Thanks for sharing your code with us. Can you send me version 2 please.
I can't make work v1 correctly with borland compiled dll. The original dll uses DLLEntyPoint, which seems to cause the calling application to crash when using the proxy dll.
Another issue in the original code is that the generated name of all functions was always the same because i was not incremented while parsing .
|
| Sign In·View Thread·PermaLink | |
|
|
|
 |
|
|
 |
|
|
 |
|
 |
WinCE (ARMV4) doesn't support inline assembly. Is there an alternative code to make the stub cpp file compile with WinCE? I don't know most of the parameters for the DLL so i was hoping there's another method to do the jmp.
Thanks
-- modified at 23:23 Monday 10th September, 2007
|
| Sign In·View Thread·PermaLink | |
|
|
|
 |
|
 |
There is a way to create a 'forward entry' in a dll, but i am not sure how.
For example, if you see wsock32.dll , many items are automatically forwarded to ws2_32.dll. In case you find the relative linker/def file option, let me know 
|
| Sign In·View Thread·PermaLink | |
|
|
|
 |
|
 |
Thanks for the tip. I manage to find it out.
First you need to create a .LIB from the original DLL LIB /MACHINE:X86 /DEF:original.def
where original.def goes something like this LIBRARY original EXPORTS ExpFunc1 @1 NONAME ExpFunc2 @2 NONAME ... WlxShutdown @48 WlxStartApplication @49 WlxWkstaLockedSAS @50
Then you need to create a forwarding .def file which goes into your project and goes something like this LIBRARY stub EXPORTS ExpFunc1=original.@1 @1 NONAME ExpFunc2=original.@2 @2 NONAME ... WlxShutdown=original.WlxShutdown @48 WlxStartApplication=original.WlxStartApplication @49 WlxWkstaLockedSAS=original.WlxWkstaLockedSAS @50
Also, link the LIB file which you have created previously.
Thats all.
|
| Sign In·View Thread·PermaLink | |
|
|
|
 |
|
|
 |
|
 |
Would you send me your test project ? xmic@freemail.gr
Because I am doing something wrong and the result DLL doesn't export anything. M.C.
|
| Sign In·View Thread·PermaLink | |
|
|
|
 |
|
|
 |
|
 |
I haven't tried it throughly yet. I tried for to stub a DLL for WM5 on ARM processor, but it seemed to crash my whole PDA when i tried to stub a dll that was called upon boot time. Not sure if my command line to stub an ARM processor dll was wrong or stubbing that will work on my PDA.
Hope it works for you.
|
| Sign In·View Thread·PermaLink | |
|
|
|
 |