estimados..
como se puede leer y editar una DLL
existe algun descompilador o soft que deje ver el codigo interno
Board index FiveWin para Harbour/xHarbour SOBRE DLL
Hol谩, para archivo.DLL, archivo.RC 贸 archivo.RES, uso el editor de recursos: WORKSHOP.exe de Borland.
Regards, saludos.
Jo茫o Santos - S茫o Paulo - Brasil - Phone: +55(11)95150-7341
claudio.leiva wrote:estimados..Puedes ver el listado de las funciones que exporta, y usando el debugger de Visual Studio podrias seguir su ejecuci贸n
como se puede leer y editar una DLL
existe algun descompilador o soft que deje ver el codigo interno
Es de 32 贸 64 bits ? Proporciona un enlace para descargarla y la revisamos
Ser铆a interesante
poder ver las funciones y poder estudiar como trabajan
claro desde FWH
saludos maestro
Cesar Cortes Cruz
SysCtrl Software
Mexico
' Sin +- FWH es mejor "
SysCtrl Software
Mexico
' Sin +- FWH es mejor "
Estimado Claudio,
Abre la DLL usando esta utilidad:
https://github.com/FiveTechSoft/FWH_tools/blob/master/peinfo.exe
y selecciona en el folder "Exports"
Abre la DLL usando esta utilidad:
https://github.com/FiveTechSoft/FWH_tools/blob/master/peinfo.exe
y selecciona en el folder "Exports"
Este c贸digo en FWH devuelve todos los m贸dulos exportados de una DLL.
Funciona bien desde Visual Studio, pero construy茅ndolo con buildh.bat no.
Os agradezco si lo probais y me decis que valor os devuelve:
Funciona bien desde Visual Studio, pero construy茅ndolo con buildh.bat no.
Os agradezco si lo probais y me decis que valor os devuelve:
#include "FiveWin.ch"
function Main()
聽 聽 XBrowse( ExportedFunctions( "user32.dll" ) )
聽 聽
return nil 聽 聽
#pragma BEGINDUMP
#include <windows.h>
#include <tlhelp32.h>
#include <imagehlp.h>
#include <hbapi.h>
static void ExportedFunctions( const char * dllName )
{
聽 聽 HMODULE hModule = LoadLibrary( dllName );
聽 聽 PIMAGE_NT_HEADERS pNTHeaders = ImageNtHeader( hModule );
聽 聽 PIMAGE_EXPORT_DIRECTORY pExportDir = ( PIMAGE_EXPORT_DIRECTORY ) ImageRvaToVa( pNTHeaders, hModule, pNTHeaders->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress, NULL );
聽 聽 DWORD nFunctions = pExportDir->NumberOfFunctions;
聽 聽 PDWORD pNames = (PDWORD)ImageRvaToVa(pNTHeaders, hModule, pExportDir->AddressOfNames, NULL);
聽 聽 PWORD pOrdinals = (PWORD)ImageRvaToVa(pNTHeaders, hModule, pExportDir->AddressOfNameOrdinals, NULL);
聽 聽 PDWORD pAddresses = (PDWORD)ImageRvaToVa(pNTHeaders, hModule, pExportDir->AddressOfFunctions, NULL);
聽 聽 DWORD i;
聽 聽 hb_reta( nFunctions );
聽 聽 for( i = 0; i < nFunctions; i++)
聽 聽 {
聽 聽 聽 聽char * name = ( char * ) ImageRvaToVa( pNTHeaders, hModule, pNames[ i ], NULL );
聽 聽 聽 聽// WORD ordinal = pOrdinals[ i ];
聽 聽 聽 聽// FARPROC address = GetProcAddress(hModule, name);
聽 聽 聽 聽hb_arraySetC( hb_param( -1, HB_IT_ARRAY ), i + 1, name );
聽 聽 }
聽 聽 FreeLibrary( hModule );
}
HB_FUNC( EXPORTEDFUNCTIONS )
{
聽 聽ExportedFunctions( hb_parc( 1 ) );
}
#pragma ENDDUMPFuncionando. No se puede usar la t茅cnica anterior porque se obtiene la informaci贸n desde la memoria. Gracias a Bruno Cantero por su amistad y paciencia conmigo :-)
Con esta t茅cnica se obtienen los nombres de las funciones exportadas directamente desde el fichero DLL:
Con esta t茅cnica se obtienen los nombres de las funciones exportadas directamente desde el fichero DLL:
#include "FiveWin.ch"
function Main()
聽 聽XBROWSER ExportedFunctions( "c:\Windows\System32\user32.dll" ) ;
聽 聽 聽 SHOW RECID TITLE "user32.dll exported functions"
聽 聽
return nil 聽 聽
#pragma BEGINDUMP
#include <stdio.h>
#include <windows.h>
#include <hbapi.h>
// A helper function to convert RVAs to file offsets
DWORD RvaToFileOffset(DWORD rva, PIMAGE_SECTION_HEADER pSectionHeaders, WORD nSections)
{
聽 聽 WORD i;
聽 聽 for ( i = 0; i < nSections; i++)
聽 聽 {
聽 聽 聽 聽 if (rva >= pSectionHeaders[i].VirtualAddress && rva < pSectionHeaders[i].VirtualAddress + pSectionHeaders[i].SizeOfRawData)
聽 聽 聽 聽 {
聽 聽 聽 聽 聽 聽 return rva - pSectionHeaders[i].VirtualAddress + pSectionHeaders[i].PointerToRawData;
聽 聽 聽 聽 }
聽 聽 }
聽 聽 return 0;
}
// A function to list the names of the exported functions of a DLL without loading the DLL
void ExportedFunctions(LPCTSTR dllName)
{
聽 聽 // Declare the variables at the top
聽 聽 HANDLE hFile;
聽 聽 HANDLE hFileMapping;
聽 聽 LPVOID lpFileBase;
聽 聽 PIMAGE_DOS_HEADER pDosHeader;
聽 聽 PIMAGE_NT_HEADERS pNtHeaders;
聽 聽 PIMAGE_OPTIONAL_HEADER pOptionalHeader;
聽 聽 PIMAGE_DATA_DIRECTORY pDataDirectory;
聽 聽 PIMAGE_EXPORT_DIRECTORY pExportDirectory;
聽 聽 DWORD nNames, i;
聽 聽 PDWORD pAddressOfNames;
聽 聽 PDWORD pAddressOfFunctions;
聽 聽 PWORD pAddressOfNameOrdinals;
聽 聽 DWORD nameRva;
聽 聽 DWORD nameOffset;
聽 聽 LPSTR name;
聽 聽 // Open the DLL file and get a handle to it
聽 聽 hFile = CreateFile(dllName, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
聽 聽 if (hFile == INVALID_HANDLE_VALUE)
聽 聽 {
聽 聽 聽 聽 printf("Failed to open %s\n", dllName);
聽 聽 聽 聽 return;
聽 聽 }
聽 聽 // Create a file mapping object for the DLL file and get a handle to it
聽 聽 hFileMapping = CreateFileMapping(hFile, NULL, PAGE_READONLY, 0, 0, NULL);
聽 聽 if (hFileMapping == NULL)
聽 聽 {
聽 聽 聽 聽 printf("Failed to create file mapping for %s\n", dllName);
聽 聽 聽 聽 CloseHandle(hFile);
聽 聽 聽 聽 return;
聽 聽 }
聽 聽 // Map a view of the file mapping object into the address space of the current process and get a pointer to it
聽 聽 lpFileBase = MapViewOfFile(hFileMapping, FILE_MAP_READ, 0, 0, 0);
聽 聽 if (lpFileBase == NULL)
聽 聽 {
聽 聽 聽 聽 printf("Failed to map view of file for %s\n", dllName);
聽 聽 聽 聽 CloseHandle(hFileMapping);
聽 聽 聽 聽 CloseHandle(hFile);
聽 聽 聽 聽 return;
聽 聽 }
聽 聽 // Access the DOS header of the DLL file
聽 聽 pDosHeader = (PIMAGE_DOS_HEADER)lpFileBase;
聽 聽 // Access the PE header of the DLL file
聽 聽 pNtHeaders = (PIMAGE_NT_HEADERS)((DWORD)lpFileBase + pDosHeader->e_lfanew);
聽 聽 // Verify that the DLL file is a valid PE file
聽 聽 if (pNtHeaders->Signature != IMAGE_NT_SIGNATURE)
聽 聽 {
聽 聽 聽 聽 printf("%s is not a valid PE file\n", dllName);
聽 聽 聽 聽 UnmapViewOfFile(lpFileBase);
聽 聽 聽 聽 CloseHandle(hFileMapping);
聽 聽 聽 聽 CloseHandle(hFile);
聽 聽 聽 聽 return;
聽 聽 }
聽 聽 // Access the optional header of the DLL file
聽 聽 pOptionalHeader = &pNtHeaders->OptionalHeader;
聽 聽 // Access the data directory array of the DLL file
聽 聽 pDataDirectory = pOptionalHeader->DataDirectory;
聽 聽 // Access the export directory of the DLL file
聽 聽 pExportDirectory = (PIMAGE_EXPORT_DIRECTORY)((DWORD)lpFileBase + RvaToFileOffset(pDataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress, IMAGE_FIRST_SECTION(pNtHeaders), pNtHeaders->FileHeader.NumberOfSections));
聽 聽 // Get the number and addresses of exported names, functions, and ordinals
聽 聽 nNames = pExportDirectory->NumberOfNames;
聽 聽 hb_reta( nNames );
聽 聽 pAddressOfNames = (PDWORD)((DWORD)lpFileBase + RvaToFileOffset(pExportDirectory->AddressOfNames, IMAGE_FIRST_SECTION(pNtHeaders), pNtHeaders->FileHeader.NumberOfSections));
聽 聽 pAddressOfFunctions = (PDWORD)((DWORD)lpFileBase + RvaToFileOffset(pExportDirectory->AddressOfFunctions, IMAGE_FIRST_SECTION(pNtHeaders), pNtHeaders->FileHeader.NumberOfSections));
聽 聽 pAddressOfNameOrdinals = (PWORD)((DWORD)lpFileBase + RvaToFileOffset(pExportDirectory->AddressOfNameOrdinals, IMAGE_FIRST_SECTION(pNtHeaders), pNtHeaders->FileHeader.NumberOfSections));
聽 聽 // Loop through each exported name and print it
聽 聽 for ( i = 0; i < nNames; i++)
聽 聽 {
聽 聽 聽 聽 nameRva = pAddressOfNames[i];
聽 聽 聽 聽 nameOffset = RvaToFileOffset(nameRva, IMAGE_FIRST_SECTION(pNtHeaders), pNtHeaders->FileHeader.NumberOfSections);
聽 聽 聽 聽 name = (LPSTR)((DWORD)lpFileBase + nameOffset);
聽 聽 聽 聽 hb_arraySetC( hb_param( -1, HB_IT_ARRAY ), i + 1, name );
聽 聽 }
聽 聽 // Unmap the view of the file, close the file mapping object and the file handle
聽 聽 UnmapViewOfFile(lpFileBase);
聽 聽 CloseHandle(hFileMapping);
聽 聽 CloseHandle(hFile);
}
HB_FUNC( EXPORTEDFUNCTIONS )
{
聽 聽ExportedFunctions( hb_parc( 1 ) );
}
#pragma ENDDUMPExcelente maestro, vamos a probar
saludos !
Cesar Cortes Cruz
SysCtrl Software
Mexico
' Sin +- FWH es mejor "
SysCtrl Software
Mexico
' Sin +- FWH es mejor "