| |
| |
|
 | | How can I in MASM functions a strangers DLL Call? |
|
| |
| |
| |
|
|
Frank
Abbing | | Call and through the Macros Scall. |
|
| |
| |
| |
|
|
| To Call need I a address - correctly.? Mmmh...
GetProcAdress can I in a driver not using, to hardship could I but the required Adressen in the Usermode detect un on whom driver over give... |
|
| |
| |
| |
|
|
Frank
Abbing | | If you to the Dll no Libray own, must You GetProcAdress() using, correctly.. there's too Tools, from of/ one Dll a Library produce. Perhaps should You time in this direction detect. |
|
| |
| |
| |
|
|
| it's about a function from the NTDLL. The LIB and INC have I - I but at the same time The LIB and INC the NTOSKRNL.EXE using must and so then some things twice declared go, white I do not very, whether it somewhere Perhaps crash.
ought to it Problems give, bräuchte I a Workarround without LIB and INC.
there The NTDLL in each Process on The same address loaded becomes, should it over CALL and the investigation the address in the Usermode really functions. |
|
| |
| |
| |
|
|
Frank
Abbing | the must You testing, whether your both Incs bump.
there's too a Possibility by Extern-Definition. so can you The Libraries How dwelt integrate. in lieu of the conventional Inc-File can you you a new Inc-File basteln, so looks:
externdef _imp__Funktionname@0 TR pr4
Funktionname equ <_imp__Funktionname@0>
so verfährst You with all functions, The You in your Program Call want, where PTR pr4 The Number of Parameter angibt, which The function needed. in this example means 4.
functions, so declared go, can you integrally normal with Invoke Call. |
|
| |
| |
| |
|
|
| Hello Frank...
so, I must call use, the standing now solid. have you got time one small example for call, with the a API with several functions called becomes (z.B. Messagebox produce)?
Greeting
Andreas |
|
| |
| |
| |
|
|
 | Params simply inverse on the Stack pack. MessageBoxApi has 4 Parameter?
|
|
| |
| |
| |
|
|
| Moin...
very understood, I know wished.
The first Parameter must means lastly draufgepackt will be, so it first again heruntergeholt go can - correctly.?
as kid has it me always on the most Fun made, The Bauklötze of under from the Turm To wander - but here's the somehow well not appropriate  .
 |
|
| |
| |
| |
|
|
RGH | [quote:95081de37f=Andreas Hötker]as kid has it me always on the most Fun made, The Bauklötze of under from the Turm To wander - but here's the somehow well not appropriate . [/quote:95081de37f]
i think, the has already then To marvellous crash led! ;)
Greeting
Roland |
|
| |
| Intel Duo E8400 3,0 GHz / 4 GB RAM / 1000 GB HDD - ATI Radeon HD 4770 512 MB - Windows 7 Home Premium 32Bit - XProfan X4 | 11/28/06 ▲ |
|
| |
|
|
Frank
Abbing | To Call there one Macro, SCall. so can you The Parameter How with Invoke indicate. with only light Einschränkungen:
Scall MACRO name:REQ,p1,p2,p3,p4,p5,p6,p7,p8,p9,p10,p11,p12,p13,p14,p15,p16,p17,p18,p19,p20,p21,p22
FOR bad,<p22,p21,p20,p19,p18,p17,p16,p15,p14,p13,p12,p11,p10,p9,p8,p7,p6,p5,p4,p3,p2,p1>
IFNB <bad>
push bad
ENDIF
ENDM
call name
ENDM
Scall Messagebox, a, b, c, d |
|
| |
| |
| |
|
|
| Have call and push taken, goes wonderful. The address have I the driver from the Usermode Komponente transfer.
best Thanks
Andreas |
|
| |
| |
| |
|
(266)
Deutsch
English
Français
Español
Italia