PureBasic Forums - English

Posted: **Sat May 19, 2007 8:20 pm**

I have a DLL that is injected in a program and I'd like to make it unload itself when i send some data to it on the network. However, I have no idea how to make it uninject itself... Anybody knows how to do this?

Posted: **Sat May 19, 2007 8:29 pm**

FreeLibrary_(Handle)?

Posted: **Sat May 19, 2007 8:35 pm**

@trond: i think he would like to uninject the dll from another process

Posted: **Sat May 19, 2007 8:37 pm**

Yes, the dll has to uninject itself when i send a command to it...

[edit]
The only code I found was this:

Code: Select all

//Prototype
void __declspec(noreturn) UninjectSelf(HMODULE);
//Function
void __declspec(naked) __declspec(noreturn) UninjectSelf(HMODULE Module)
{
   __asm
   {
      push -2
      push 0
      push Module
      mov eax, TerminateThread
      push eax
      mov eax, FreeLibrary
      jmp eax
   }
}

Posted: **Sat May 19, 2007 8:39 pm**

i meant that you need to make the process it is injected to call the freelibrary command.

oh i meant that you mean this: the DLL should have an uninject procedure that it can call. So when its loaded into a process it should be able to remove itself again

Posted: **Sat May 19, 2007 8:43 pm**

Well it works like this (pseudocode)

Code: Select all

;The main code:
InjectToHost("ProgramName")

;The Dll
Repeat
 Do stuff here
Until ReceivedQuitSignal()
;Remove hooks and clean all stuff
UninjectSelf()

Posted: **Sat May 19, 2007 9:28 pm**

Inf0Byt3 wrote:The only code I found was this:

Which, sure enough, calls FreeLibrary_() with a handle.

Posted: **Sat May 19, 2007 9:37 pm**

I have no idea why, but when I see assembler code, I inhibate... It works now, you were right, that are simple calls... I wonder why did they put them is ASM?

Here's what i've done:

Code: Select all

Global Mod.l
Declare Bla(a.l)

ProcedureDLL AttachProcess(Hmodule.l)
  
  Mod = Hmodule
 
  OpenConsole()
  CreateThread(@bla(),0)
 
EndProcedure

ProcedureDLL DetachProcess(Hmodule.l)
  
 ;This never gets executed :/
 MessageRequester("Exiting","Haha")
 
EndProcedure

Procedure bla(a.l)
 
 For x  = 1 To 5
  PrintN("Running!")
  Delay(1000)
 Next
 CloseConsole()
 
 TerminateThread_(GetCurrentThread_(),0)
 FreeLibrary_(Mod)

EndProcedure

Thanks!

Posted: **Sat May 19, 2007 9:39 pm**

Trond wrote:
Inf0Byt3 wrote:The only code I found was this:
Which, sure enough, calls FreeLibrary_() with a handle.

yep
We did try that but we forgot the terminate thread

Posted: **Sat May 19, 2007 10:43 pm**

Well that works but does not release the dll... But as allways, I found the cure hehe. Micro$oft is not that stupid afterall, they made my life easyer: Kernel32.dll exports "FreeLibraryAndExitThread" so I just called that and it works. Here is the final dll:

Code: Select all

Global Mod.l
Global mythread.l
Declare Bla(a.l)

ProcedureDLL AttachProcess(Hmodule.l)
  
  Mod = Hmodule
 
  OpenConsole()
  mythread = CreateThread(@bla(),0)
 
EndProcedure

ProcedureDLL DetachProcess(Hmodule.l)
  
 MessageRequester("Exiting","Haha")
 
EndProcedure

Procedure bla(a.l)
 
 For t  = 1 To 5
  PrintN("Running!")
  Delay(1000)
 Next
 FreeLibraryAndExitThread_(Mod,0)

EndProcedure

PureBasic Forums - English

DLL question

DLL question