Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 33

Thread: How to add Function to Various System DLL.

  1. #16
    I still have the source code to Procdump in my archive. Since we are on 17 years now and G-RoM abandoned the scene around 10 years ago (if my memory hasn't completely failed me) I'll consider uploading for historical reference. From memory I recall that there was a plan to update it to v2 and some work was carried out to do so but a lot of planned functions were never implemented.

    Regards,

    CrackZ.

  2. #17
    Ah, there you go.

    It's really that simple.

    Mr. C! As always, you simply floor me.

    Have Phun
    Blame Microsoft, get l337 !!

  3. #18
    Windows XP Forever
    Join Date
    Jun 2016
    Location
    Oshaka,Japan
    Posts
    20
    Thanks Guys , For all help .
    PLEASE SEE THIS PAGE :: blog.livedoor.jp/blackwingcat/archives/1299806.html
    I wish to devlope such compabality layer for XP. That guy did for 2k
    please donot mind my english but i am good in japanese

  4. #19
    First I thought You are crazy. But then I've realized I've made my software compatible with Windows 95 in 2016 :P, keep it real XPFOREVER! Keep it gangsta and XP style :P
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  5. #20
    Teach, Not Flame Kayaker's Avatar
    Join Date
    Oct 2000
    Posts
    4,081
    Blog Entries
    5
    Howdy Bart,

    Good to see you around and that you're back developing PELock and other things. Good luck with all that.


    Cheers,
    Kayaker

  6. #21
    Red wine, not vodka! ZaiRoN's Avatar
    Join Date
    Oct 2001
    Location
    Italy
    Posts
    922
    Blog Entries
    17
    Talking about good old days I would recommend Code Snippet Creator by Iczelion, a must!!!

    ciao!
    ZaiRoN
    A mind is like a parachute. It doesnt work if it's not open.

  7. #22
    Windows XP Forever
    Join Date
    Jun 2016
    Location
    Oshaka,Japan
    Posts
    20
    Hi guys i failed to add most functions.
    You guys are more experienced than me.
    how can i add export with snippet creator?
    is there any plugin for ollydbg that can copy code and expand table then put the code on other pe file?
    is there any tool that can compare two files in assembly?
    Many guys /gals did this things with 9x but none wrote how they did it.
    there so many tools exists for import but none for export.
    I am new in reverse engineering started a month ago, i have no idea but no one can move me from XP
    Windows XP for ever!
    newer apps have few dependencies but i have no idea how to fix it.
    how to make wrapper libraries?
    please answer me my questions.
    please don't mind i have asked too many.
    please help me i am truly novice.
    sorry I am going little off topic ::
    i love xp as i like its stability ,speed and efficiency of it
    on today's modern hardware none modern windows can beat xp in matter of performance , speed and security.
    XP support ended two year back still i not got a virus with avast free but in my other laptop running 7 with Norton got 11 times infected.
    I don't know why whole world is saying bad of xp , isn't it a great os?

  8. #23
    Red wine, not vodka! ZaiRoN's Avatar
    Join Date
    Oct 2001
    Location
    Italy
    Posts
    922
    Blog Entries
    17
    Quote Originally Posted by XPFOREVER View Post
    how can i add export with snippet creator?
    Did you try the tool? Did you check the menu items?
    I see a lot of questions from you but no effort :/...
    A mind is like a parachute. It doesnt work if it's not open.

  9. #24
    Teach, Not Flame Kayaker's Avatar
    Join Date
    Oct 2000
    Posts
    4,081
    Blog Entries
    5
    I'd guess you're probably following this ongoing thread on Remodeling Windows XP Kernel32
    http://www.msfn.org/board/topic/175529-remodeling-windows-xp-kernel32/?page=5

    You can see that it's not easy modifying system files successfully. It's hard to help you without knowing exactly what you've done or are trying to do.

    You said that you got your graphics driver working. Great. What did you do? Did you add one of the 147 functions that you wanted to add to the XP kernel32.dll? Or did you modify one of the graphics driver/user files to get around the dependancy problems?

    You said you failed to add *most* functions. Were you able to add *any* functions successfully? Again, to what file and how did you do it?

    As for tools for comparing binary files, why don't you browse the Tool Library, there's a whole section on that.
    http://www.woodmann.com/collaborative/tools/index.php/Category:Executable_Diff_Tools

  10. #25
    Windows XP Forever
    Join Date
    Jun 2016
    Location
    Oshaka,Japan
    Posts
    20
    your guess is not correct.
    I have expanded the table , open the kernel32.dll with hex workshop then added some code shown up in stud pe then adjusted rva .

  11. #26
    Windows XP Forever
    Join Date
    Jun 2016
    Location
    Oshaka,Japan
    Posts
    20
    your guess is not correct.
    I have changed import binary to vernel32 ,vell32,vtoskrnl,vall from kernel32,shell32,ntoskrnl.
    taken win7 files then renamed vernel32 ,vell32,vtoskrnl,vall from kernel32,shell32,ntoskrnl.
    stetted min version of pe to 0
    copied files to system32
    then edited inf of driver (crimson device software from amd ) to accept nt5.1 x86 (XP)
    opened device manager and updated driver with modified one

    hex editing kernel32.dll making pc to not start in most cases.
    any of you here tried to mod systemfiles?
    please help me

  12. #27
    Super Moderator
    Join Date
    Dec 2004
    Posts
    1,487
    Blog Entries
    15
    woohoo great i m gonna dust my windows 3.1 and put the windows 10 files into it and fire it up to space what a great idea whodhavethunkit (pun intended)

  13. #28
    Windows XP Forever
    Join Date
    Jun 2016
    Location
    Oshaka,Japan
    Posts
    20
    Hey guys any of you can help me ?

  14. #29
    Windows XP Forever
    Join Date
    Jun 2016
    Location
    Oshaka,Japan
    Posts
    20
    snipet creator has only import option no export

  15. #30
    Teach, Not Flame Kayaker's Avatar
    Join Date
    Oct 2000
    Posts
    4,081
    Blog Entries
    5
    As far as I know there are no automagic tools to add exports. Don't know why, I guess there was never a need, most RE tasks of that sort can be done with import addition/code injection. Adding exports is a cool idea, there just isn't usually a call for it.

    One way or another you're going to have to completely understand the PE structure and learn to add exports manually to even contemplate what you're trying to do in the larger scheme. Notice that the few in that msfn forum thread I linked who CAN add exports to a system file still have troubles, and they aren't giving away any secrets. "CFF Explorer" was the closest I saw to a clue, but that's only part of the solution.

    There are plenty of resources around to understand the PE structure. Iczelion's PE tutorials are a good first resource. Get hold of 010 Editor and run and study the PE parsing template on simple dlls. I've always used the following as a reference when working on PE files in a hex editor:

    Exe file format with offsets rather than explanations
    http://www.woodmann.com/IDArchive/ID-RIP/database/essays/fboyjoe/exe_hdr.html

    Iczelion's tutorial #17 contains the most basic dll/exe example you can get. Use it to try to add sections/exports and study the differences from the original. You can start by adding _imports_ with some existing tool and see how it's done, how you would do that manually. Adding the structure/offsets for exports should be somewhat similar.

    People will help if you have a *specific* problem to some detail you can't understand and you can show you've done some work. You're asking things about something that's very difficult to do to start with, and a general plea for help isn't going to get you very far if no one even knows what the question is.

Similar Threads

  1. Function hooking on ARM
    By nothize in forum Advanced Reversing and Programming
    Replies: 0
    Last Post: October 15th, 2010, 01:57
  2. Function Analysis
    By REBlog in forum Blogs Forum
    Replies: 0
    Last Post: October 19th, 2007, 20:27
  3. DLL Function Parameter Help
    By FattyMiller in forum OllyDbg Support Forums
    Replies: 1
    Last Post: October 27th, 2004, 09:02
  4. The Function in PE
    By AlanZheng in forum The Newbie Forum
    Replies: 10
    Last Post: February 16th, 2004, 11:06
  5. The Mod Function
    By Acid_Cool_178 in forum Malware Analysis and Unpacking Forum
    Replies: 4
    Last Post: May 7th, 2001, 14:23

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •