PureBoard

Das deutsche PureBasic-Forum
https://www.purebasic.fr/german/

DLL Funktionen+Adr. aus IMAGE_EXPORT_DIRECTORY auslesen?

https://www.purebasic.fr/german/viewtopic.php?t=26705

Seite 1 von 1

DLL Funktionen+Adr. aus IMAGE_EXPORT_DIRECTORY auslesen?

Verfasst: 28.04.2013 05:02
von kevv
komme beim auslesen der IMAGE_EXPORT_DIRECTORY Structure nicht weiter
bei meiner Test.dll
es wird nur der 1 Name und 1 Adresse richtig Augelesen aber warum?

DLL Functionen:
MeineFunction1
MZ -?
MZ -?

DLL Adressen:
268439661
268435456 -?
268435456 -?

bei user32.dll

DLL Functionen:
ActivateKeyboardLayout
AddClipboardFormatListener
AdjustWindowRect

DLL Adressen:
1961658827 -?
1961656465 -?
1961350848 -> ADRESSE ZUR ActivateKeyboardLayout APi


hier ist ne Beschreibung + skizze,das Problem ich kann kein englisch
http://msdn.microsoft.com/en-us/library/ms809762.aspx


vieleich kann sich das mal einer angucken
irgendwie muss noch das AddressOfNameOrdinals+nbase in einem array kombiniert werden.

Code: Alles auswählen

;DLL
ProcedureDLL MeineFunction1()
    MessageRequester("Function1", "", 0)
EndProcedure
    
 ProcedureDLL MeineFunction2()
    MessageRequester("Function2", "", 0)
EndProcedure
     

 ProcedureDLL MeineFunction3()
    MessageRequester("Function3", "", 0)
EndProcedure

Code: Alles auswählen

hIMAGE_DOS_SIGNATURE = $5A4D
hIMAGE_NT_SIGNATURE = $4550
#IMAGE_FILE_MACHINE_I386=$14c
#IMAGE_FILE_MACHINE_IA64 =200
#IMAGE_FILE_MACHINE_AMD64 =8664
#IMAGE_DIRECTORY_ENTRY_EXPORT=0
#IMAGE_DIRECTORY_ENTRY_IMPORT=1

;hUser32=LoadLibrary_("C:\Users\V\Desktop\messagebox\peheader\pe tests\testdll.dll")
hUser32=GetModuleHandle_("user32.dll")


;*********************************
*pDOSHead.IMAGE_DOS_HEADER
*pDOSHead = hUser32

If  *pDOSHead\e_magic <> hIMAGE_DOS_SIGNATURE
  Debug "Error Dos Header signature MZ" :End
Else
    Debug "Dos Header OK"
EndIf
 ;********************************


;*********************************
*pPEHeader.IMAGE_NT_HEADERS
*pPEHeader=*pDOSHead\e_lfanew

If PeekL(*pPEHeader+hUser32) <> hIMAGE_NT_SIGNATURE
  Debug "Error PE Header signature PE" :End
Else
  Debug "Pe Header OK"
EndIf
;*********************************


;*********************************
*FileHeader.IMAGE_FILE_HEADER
*FileHeader = hUser32+*pPEHeader\FileHeader

If *fileheader\Machine =#IMAGE_FILE_MACHINE_I386
  Debug "Intel x86 architecture"
  Debug ""
EndIf
;*********************************


*OptionHeader.IMAGE_OPTIONAL_HEADER
*OptionHeader = hUser32+*pPEHeader\OptionalHeader

*pImportDesc.IMAGE_EXPORT_DIRECTORY
*pImportDesc=hUser32+*OptionHeader\DataDirectory[#IMAGE_DIRECTORY_ENTRY_EXPORT]\VirtualAddress

Debug PeekS(*pImportDesc\nName+hUser32)
Debug ""




Dim FunctionNamesArray.l(*pImportDesc\NumberOfNames)
MoveMemory(*pImportDesc\AddressOfNames+hUser32, @FunctionNamesArray(), *pImportDesc\NumberOfNames)
;Debug PeekS(FunctionNamesArray(0)+hUser32)

Debug "DLL Functionen:"
For k = 0 To 2 
    Debug PeekS(FunctionNamesArray(k)+hUser32)
Next
Debug ""
Debug *pImportDesc\nBase



Dim FunctionAdressArray.l(*pImportDesc\NumberOfFunctions)
MoveMemory(*pImportDesc\AddressOfFunctions+hUser32, @FunctionAdressArray(), *pImportDesc\NumberOfFunctions)
;Debug FunctionAdressArray(0)+hUser32

Debug "DLL Adressen:"
For k = 0 To 2 
    Debug FunctionAdressArray(k)+hUser32
Next

Debug "---"
;Debug GetProcAddress_(hUser32,"MeineFunction1")
;Debug GetProcAddress_(hUser32,"MeineFunction2")
;Debug GetProcAddress_(hUser32,"MeineFunction3")

Re: DLL Funktionen+Adr. aus IMAGE_EXPORT_DIRECTORY auslesen?

Verfasst: 28.04.2013 15:38
von kevv
Problem gelöst :mrgreen:

Code: Alles auswählen

hIMAGE_DOS_SIGNATURE = $5A4D
hIMAGE_NT_SIGNATURE = $4550
#IMAGE_FILE_MACHINE_I386=$14c
#IMAGE_FILE_MACHINE_IA64 =200
#IMAGE_FILE_MACHINE_AMD64 =8664
#IMAGE_DIRECTORY_ENTRY_EXPORT=0
#IMAGE_DIRECTORY_ENTRY_IMPORT=1

;BaseAddress=LoadLibrary_("C:\Users\V\Desktop\messagebox\peheader\pe tests\testdll.dll")
BaseAddress=GetModuleHandle_("user32.dll")


;*********************************
*pDOSHead.IMAGE_DOS_HEADER
*pDOSHead = BaseAddress

If  *pDOSHead\e_magic <> hIMAGE_DOS_SIGNATURE
  Debug "Error Dos Header signature MZ" :End
Else
    Debug "Dos Header OK"
EndIf
 ;********************************


;*********************************
*pPEHeader.IMAGE_NT_HEADERS
*pPEHeader=*pDOSHead\e_lfanew

If PeekL(*pPEHeader+BaseAddress) <> hIMAGE_NT_SIGNATURE
  Debug "Error PE Header signature PE" :End
Else
  Debug "Pe Header OK"
EndIf
;*********************************


;*********************************
*FileHeader.IMAGE_FILE_HEADER
*FileHeader = BaseAddress+*pPEHeader\FileHeader

If *fileheader\Machine =#IMAGE_FILE_MACHINE_I386
  Debug "Intel x86 architecture"
  Debug ""
EndIf
;*********************************


*OptionHeader.IMAGE_OPTIONAL_HEADER
*OptionHeader = BaseAddress+*pPEHeader\OptionalHeader

*pImportDesc.IMAGE_EXPORT_DIRECTORY
*pImportDesc=BaseAddress+*OptionHeader\DataDirectory[#IMAGE_DIRECTORY_ENTRY_EXPORT]\VirtualAddress

Debug PeekS(*pImportDesc\nName+BaseAddress)
Debug ""


NameAddr.l      = *pImportDesc\AddressOfNames + BaseAddress
OrdinalAddres.l = *pImportDesc\AddressOfNameOrdinals + BaseAddress
FuncAddr.l      = *pImportDesc\AddressOfFunctions + BaseAddress

_step = 0
    For index.l = 0 To *pImportDesc\NumberOfNames - 1
        NameAddr + _step
        OrdinalAddres + _step/2 
        Debug PeekS(PeekL(NameAddr) + BaseAddress)
        Debug PeekL(FuncAddr + PeekW(OrdinalAddres)*4 ) + BaseAddress
        _step = 4                                 
    Next index


Debug ""
Debug "------------"
    
Debug GetProcAddress_(BaseAddress,"MeineFunction1")
Debug GetProcAddress_(BaseAddress,"MeineFunction2")
Debug GetProcAddress_(BaseAddress,"MeineFunction3")
Alle Zeiten sind UTC+02:00
Seite 1 von 1

Powered by phpBB® Forum Software © phpBB Limited

Deutsche Übersetzung durch phpBB.de