Page 1 of 1
Posted: Thu Jul 04, 2002 10:57 pm
by BackupUser
Restored from previous forum. Originally posted by PB.
Anyone know if it's possible to call an API command by a variable name?
Like, to change Sleep_(136) to a$="Sleep_" : a$(136) or something similar?
Reason: To hide which APIs commands are being called in the final executable,
because they're plainly visible with any hex editor at the moment...
PB - Registered PureBasic Coder
Posted: Thu Jul 04, 2002 11:43 pm
by BackupUser
Restored from previous forum. Originally posted by El_Choni.
You can use this, I think:
Code: Select all
FunctionName = "MyFunction"
ModuleHandle = LoadLibrary_("DllName.dll")
FunctionPointer = GetProcAddress_(ModuleHandle, FunctionName$)
; here you use the asm 'push' opcode to pass parameters to the function IN REVERSE ORDER
; If the function syntax is MyFunction(a, b, c):
push c
push b
push a
; and the asm opcode 'call' to call the function
call FunctionPointer
Remember to enable inline asm to do this. Anyway ,I'm not 100% sure that this will hide the function name totally (even if you use some string encryption).
Well, tell us if it works and we'll know
, bye,
El_Choni
Posted: Fri Jul 05, 2002 4:30 am
by BackupUser
Restored from previous forum. Originally posted by Danilo.
If you can see the function name ("sleep") in the
HEX-Editor, its the import table for the .EXE
and you cant change that. Its no code, only
a table with the import names.
You can see the import names of every static
linked function. Thats how the static linking
works.
With dynamic linking a DLL to the .EXE (the way
El_Choni showed) you could encrypt the FunctionName$,
but all API functions that PureBasic needs are still
in the import section.
cya,
...Danilo
(registered PureBasic user)
Posted: Fri Jul 05, 2002 8:07 am
by BackupUser
Restored from previous forum. Originally posted by fred.
You can use this, I think:
Code: Select all
FunctionName = "MyFunction"
ModuleHandle = LoadLibrary_("DllName.dll")
FunctionPointer = GetProcAddress_(ModuleHandle, FunctionName$)
; here you use the asm 'push' opcode to pass parameters to the function IN REVERSE ORDER
; If the function syntax is MyFunction(a, b, c):
push c
push b
push a
; and the asm opcode 'call' to call the function
call FunctionPointer
Remember to enable inline asm to do this. Anyway ,I'm not 100% sure that this will hide the function name totally (even if you use some string encryption).
Well, tell us if it works and we'll know
, bye,
El_Choni
Why not using the buildin 'Library' library ? No need for asm and it's much easier to use. It's possible to hide the name by ciphering it
.
Fred - AlphaSND
Posted: Fri Jul 05, 2002 8:35 am
by BackupUser
Restored from previous forum. Originally posted by Rings.
Code: Select all
fn.s="peeB"
ln.s="23lenrek"
Procedure.s StringReturn(Instring.s)
dummy.s=""
For I= Len(Instring) To 1 Step -1
Dummy=Dummy + Mid(Instring,i,1)
Next
ProcedureReturn dummy
EndProcedure
ln=StringReturn(ln)
fn=StringReturn(fn)
;MessageRequester("Info",ln+Chr(13)+fn,0)
Result = OpenLibrary(1,ln)
If Result
Result = CallFunction(1,fn,1000,1000)
CloseLibrary(1)
Else
MessageRequester("Info","Cannot open Library",0)
EndIf
Its a long way to the top if you wanna .....CodeGuru
Posted: Fri Jul 05, 2002 11:53 am
by BackupUser
Restored from previous forum. Originally posted by El_Choni.
Why not using the buildin 'Library' library ? No need for asm and it's much easier to use. It's possible to hide the name by ciphering it
.
You can't teach new tricks to an old dog. I'm not used to the new commands yet, but I guess it makes sense to use them.
Sorry for the outdated advice. Bye,
El_Choni
Posted: Thu Jul 11, 2002 11:22 am
by BackupUser
Restored from previous forum. Originally posted by PB.
Thanks Rings, and everyone else who replied -- I will try all the tips.
PB - Registered PureBasic Coder