Results 1 to 7 of 7

Thread: Porting a single method of dissassbled dll in c / c++ / VC++

  1. #1
    Noman
    Guest

    Porting a single method of dissassbled dll in c / c++ / VC++

    Hi

    As the previous posts i have posted.

    I want to port a single method to be compileable with c / c++ / VC++ of the disassembled dll into c / c++/ VC++.

    How it is done ?
    M i right ?
    From where i have to start ?

    Regards

    with a hope that some one response me
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    Super Moderator
    Join Date
    Dec 2004
    Posts
    1,529
    Blog Entries
    15

    Porting a single method of dissassbled dll in c / c++ / VC++

    dear noman
    try to stick to just one thread for queries relating to same matter
    do not create multiple threads for same topic
    it is will be better for navigation and answering for you as well as us

    as far as your query is concerned i would suggest you to get the LoadDll tut from olehs site and walk through with it once or twice till you understand the concepts

    after that load your dll and run it and use debug-->view dll export context menu to peek into the function of dll and go on from there

    btw i dont understand what you mean by using same code in c /c++ /vc++

    c has a set of functionalites which c++ doesnt have and c++ has certain function which c doesnt have
    the first this that comes to my mind is
    #include <stdio.h> in c and #include <iostream.h> in c++
    and then printf() to cout() scanf() to cin ()
    would you please clarify yourself on what you want and clarify it to us and what do you expect as an answer

  3. #3
    Noman
    Guest

    Porting a single method of dissassbled dll in c / c++ / VC++

    Thanks anon

    Ok u r right. Now i will do it to put whole problem in one query.

    I have read the Loaddll tut from the OLLY's site and under stand it

    But i have the problem.

    A dll which is made by me and i m using it with VC++, do the same thing as the Olly's tut.

    But with the required dll when Debug->Call dll export is pressed then nothing happen and no dialog appears and Call dll export option is disabled . So i can not see my functions there.

    As u r saying that what is meant by using the same code in c/c++/vc++.

    Because in each and every language, function can be implemented.

    If i will get the required function and its working in the dll . that function can be implemented in c / c++ or vc++

    One thing more i have an exe file which is using the dll dynamically.

    So What i do.

    In Olly debugger that dll is exporting only two functions one is <Module Entry Point> and the other is DriverProc.

    I have got these exported functions from "Names(in Olly) " that the Dll is using, by
    right clicking->seraching for -> Names(labels) in the current Module

    Tell me .

    What i will do next.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  4. #4
    Super Moderator
    Join Date
    Dec 2004
    Posts
    1,529
    Blog Entries
    15

    Porting a single method of dissassbled dll in c / c++ / VC++

    well olly when loading a dll will stop at Module Entry point which is used for initialization of dll this does not mean that the olly has loaded the dll completely
    for example when you load any exe it will stop at entry point and will not run the exe automatically it is same logic that is used in dlls too
    you have to either single step or run the exe (f7,f8,f9,run to selection etc etc etc) like wise you have to run the dll first to let it complete its initialization process (the Module Entry point can be used to perform n number of actions search for a post by me in this forum i think the topic is error 11 there is an mskb link to the details about Module Entry point or better use google for updated info)
    if you happen try the view debug dll export before the dll has initialized it wont be available

    you should let olly complete the initialization of dll and say running in status bar instead of paused before you try to use the view debug dllexport menu

    only then it wil pop up the dialog
    after this you can look for its exported function ,view in dissembler,set bp
    call function etc etc

    now this can also be achieved if you have the exe that uses this dll
    options --> debugging options--->events --->break on dll load
    when a dll is loaded olly will stop and notify you of the event
    then you can right click follow the ep and search for names on the specific
    then do a find referance by right clicking on names window and set bp on
    calls in the dll

    or rather load the exe use find names in current module ,then find referances to it and set bp directly

    there are lot of ways
    some more hacks would be to hexedit the ep of dll to infinte jump
    eb fe and make it loop for ever and then use f12 to pause

    and some more hacks would be to change the dlls charecteristics to
    that of exe and load it directly as exe instead of it being dll

    or if you know that dll imports some standard functions and you are using
    OS >= w2k then you can set bp on that fuction and when it breaks
    look into call stack to see the call or its return and follow from there

    i can go on and on and on so let me stop here
    the only way you are going to understand every bit of my ramblings
    would be to experiment and read the help file and especially GOOGLE
    for info nothing will be available on a platter at one place but everything is available in bits and pieces some where on this whole wide world

    well i dont think you are going to read till here
    goodluck to you if you finished reading and find out what to do

  5. #5
    Noman
    Guest

    Porting a single method of dissassbled dll in c / c++ / VC++

    ep
    eb
    fe
    stands for what, as bp is for break points
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  6. #6
    Super Moderator
    Join Date
    Dec 2004
    Posts
    1,529
    Blog Entries
    15

    Porting a single method of dissassbled dll in c / c++ / VC++

    as i said google would have given you the results even before you finished typing the post and posted it
    http://www.google.co.in/search?hl=en&q=infinite+jump+eb+fe&spell=1
    and any way i am not going to spoon feed you

  7. #7
    Noman
    Guest

    Porting a single method of dissassbled dll in c / c++ / VC++

    thanx oh me anon

    i m not finding words for thanx , ur small metetrial helps

    me a lot. Now i landed into my own fuction . Again thanx.

    It is done through ur first point in the second mail.

    Regards
    I promise that I have read the FAQ and tried to use the Search to answer my question.

Similar Threads

  1. Replies: 0
    Last Post: May 10th, 2008, 23:40
  2. How to emulate single step execution?
    By luocong in forum Plugins (General)
    Replies: 1
    Last Post: September 2nd, 2004, 08:57
  3. How do you bpx on a class method??
    By Jacques in forum The Newbie Forum
    Replies: 5
    Last Post: May 31st, 2004, 00:05
  4. OT: Porting VB ole automation to asm
    By acab in forum Advanced Reversing and Programming
    Replies: 0
    Last Post: February 23rd, 2002, 08:07
  5. new method for softlocx
    By HypnoticZ/TNT in forum Malware Analysis and Unpacking Forum
    Replies: 0
    Last Post: October 6th, 2001, 12:21

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •