| |
| |
|
| - Page 1 - |
|
Frank
Abbing | A small Tool of me on API-Hooking Base. In of/ one Listbox go any Dlls aufgelistest, The straight of Programs loaded get.
simply Exe Starting and then any programs started. its Dlls should now gelistet and be it pieps short.
Please testing time, whether it yet somewhere hakt. |
|
| |
| |
| |
|
| |
| |
| - Page 4 - |
|
|
RGH | hey, hey, Frank, the was indeed sooner as Joke virtual. 
Both has hold its advantages: dynamisches or statisches left.
what about me contradict Yes not, that statisches left faster is. The Hauptgrund for is, that at dynamic left to the Call even one GetProcAdress necessary is, that at static left wegfällt. (this is indeed one reason, and so, The OpenGL-DLLs for XProfan-Own OGL-function in XProfan static gelinkt are. the went naturally only, because each XProfan-able Windowsversion OpenGL supported.)
Both can itself too with XProfan program:
CompileMarkSeparation $H Windows.ph WindowsHeaderdatei nutzen
Declare hDLL&, Time&, Text$
hDLL& = @UseDLL(USER32.DLL)
Print Dynamisches Linken mit DEF: ;
Def GetWText(3) !User32.dll, GetWindowTextA
Text$ = @Space$(40)
Time& = &GetTickCount
whileLoop 1, 100000
GetWText(%hWnd, @Addr(Text$), 40)
endwhile
print Int(&GetTickCount - Time&)
Print Dynamisches Linken mit EXTERNAL: ;
Text$ = @Space$(40)
Time& = &GetTickCount
whileLoop 1, 100000
External(User32.dll, GetWindowTextA, %hWnd, @Addr(Text$), 40)
endwhile
print Int(&GetTickCount - Time&)
Print Dynamisches Linken mit Header-Datei: ;
Text$ = @Space$(40)
Time& = &GetTickCount
whileLoop 1, 100000
~GetWindowText(%hWnd, @Addr(Text$), 40)
endwhile
print Int(&GetTickCount - Time&)
Print Statisches Linken: ;
Declare GetWText&
GetWText& = ~GetProcAddress(hDLL&, GetWindowTextA)
Text$ = @Space$(40)
Time& = &GetTickCount
whileLoop 1, 100000
@Call(GetWText&, %hWnd, @Addr(Text$), 40)
endwhile
print Int(&GetTickCount - Time&)
waitinput
/../Function-References/XProfan/end/'>end
around the static left To vereinfachen, could one naturally a additional function install, about:
GetWText& = GetLibAddr(User32.DLL, GetWindowTextA)
Greeting
Roland |
|
| |
| Intel Duo E8400 3,0 GHz / 4 GB RAM / 1000 GB HDD - ATI Radeon HD 4770 512 MB - Windows 7 Home Premium 32Bit - XProfan X4 | 03/27/07 ▲ |
|
| |
|
|
RGH | Andreas Hötker
I could me present, that there GetProcAdress under Umständen plenty More Time uses.
Sag I still!
two ..., one thought! 
Greeting
Roland |
|
| |
| Intel Duo E8400 3,0 GHz / 4 GB RAM / 1000 GB HDD - ATI Radeon HD 4770 512 MB - Windows 7 Home Premium 32Bit - XProfan X4 | 03/27/07 ▲ |
|
| |
|
|
| what I so say wished:
If I the in the moment correctly. see, divides windows The Handles in different Kathegorien on - and save also different ex (Kernel-, GDI-, Userhandles...). Handles on loaded DLLs become You not under whom Kernelhandles finden; The go means (very so How Handles on Speicherbereiche) gesondert treats.
If I the right see, must but with GetProcAdress under Umständen up to 1000 different Pointer looked through go...  |
|
| |
| |
| |
|
|
RGH | |
| |
| Intel Duo E8400 3,0 GHz / 4 GB RAM / 1000 GB HDD - ATI Radeon HD 4770 512 MB - Windows 7 Home Premium 32Bit - XProfan X4 | 03/27/07 ▲ |
|
| |
|
|
Frank
Abbing |
as Untermauerung the supposition, that ~GetProcAdress More Time cost:
Oooch Roland. have but unregarded, the one in the program GetProcAdress() per function only EINMAL using must. to that Save the address sufficient then a simple Variable. your code goes integrally on the Topic past, so your comparison powerful limp... 
If I the in the moment correctly. see, divides windows The Handles in different Kathegorien on - and save also different ex (Kernel-, GDI-, Userhandles...). Handles on loaded DLLs become You not under whom Kernelhandles finden; The go means (very so How Handles on Speicherbereiche) gesondert treats.
If I the right see, must but with GetProcAdress under Umständen up to 1000 different Pointer looked through go...
Yes, if You it correctly. see would. have you got you whom Source time respected? I Have reingesehen... the has so but mere quite nothing To do.
I said already, GetProcAdress is only once per function necessary. with this engineering is not necessary Daueraufrufe To produzieren, How Roland it presently power. Dass Profancodes effizienter carryed out go can, shows XPSE More as explicit. have you got the too time tested, Roland? i think - No.
Have your code one small little modifiziert and now functions it so, How WhichDlls it dargelegt has. there see it rabenschwarz from for your engineering. The Geschwindigkeitszuwachs with static address totals 100 percent, is means twice so quick...
CompileMarkSeparation
hehe  |
|
| |
| |
| |
|
|
 | the reminds me still very on whom xpse-Selbsttest: [...] 
I find the shows already very very whom Geschwindigkeitsunterschied.
I find the XProfan of House from these xpseTechnik bring along ought to - and give Frank right so if it meant the XProfan here in whom most Make completely exorbitant and unnecessary The Funktionsadresse each time new determined or quite The DLL LoadLibrary loading wants. For which should the well his? |
|
| |
| |
| |
|
|
RGH | Frank Abbing
Oooch Roland. have but unregarded, the one in the program GetProcAdress() per function only EINMAL using must. to that Save the address sufficient then a simple Variable.
Oooch Frank, have You do not mind, that my erstes Program GetProcAdress() too only once aufruft and the second only moreover serves, whom Zeitaufwand between GetProcAdress() and LoadLibrary() To vergleichen, to determine, who at dynamic appeal The Time verbrät?
If I in XProfan the dynamic left bevorzuge, then must I The address then to determine, if The function the first time akin becomes. as they then on another place in the program again akin becomes, must I tappt im dunkeln again to determine or I should in a scheduler look over, whether The already famous (and yet validly) is and then use. the would zusätzlicher Verwaltungsaufwand.
The others alternative is the conversion in a static appeal, as it the XPSE (and my obiges example) power. there the with zeitkritischen Things sense can make, have I Yes already suggested, the into next XProfan-Version as alternative incorporate. As I said: both mutants having your to- and detriments.
Greeting
Roland |
|
| |
| Intel Duo E8400 3,0 GHz / 4 GB RAM / 1000 GB HDD - ATI Radeon HD 4770 512 MB - Windows 7 Home Premium 32Bit - XProfan X4 | 03/27/07 ▲ |
|
| |
|
|
Frank
Abbing |
and the second only moreover serves, whom Zeitaufwand between GetProcAdress() and LoadLibrary() To vergleichen, to determine, who at dynamic appeal The Time verbrät?
How already said - on the Topic past.
it's located me remote you something vorschreiben To want what about me likes such Diskussionen too none. you have here a Possibility The efficiency of XProfan yet To enhance. what You letztendlich from it make, and whether and How You The review your User umsetzt, is your thing. |
|
| |
| |
| |
|
|
| Hello Roland...
time To your code:
can it his, that You there something mogelst? Usedll is still one static appeal and GetProcAdress - becomes the there not dynamic called???  |
|
| |
| |
| |
|
|
| Hello Frank...
have you got you whom Source time respected? I Have reingesehen... the has so but mere quite nothing To do.
be everything else as one expert for ASM. what mach the Code GetProcAdress because very? search the not whom Table to the angegebenen function?
learn gladly what moreover.  |
|
| |
| |
| |
|
|
| where lying the fallacy in folgendem code:
CompileMarkSeparation $H Windows.ph WindowsHeaderdatei nutzen
Declare hDLL&, Time&, DLL$,LoadLibraryA&,GetProcAddress&,Funktion$,StringAddr&
LET DLL$=Kernel32.DLL
hDLL& = ~LoadLibraryA(@addr(DLL$))
LET Funktion$=GetProcAddress
LET GetProcAddress&=~GetProcAddress(hDLL&, @addr(Funktion$))
LET Funktion$=LoadLibraryA
LET LoadLibraryA&=~GetProcAddress(hDLL&, @addr(Funktion$))
LET DLL$=USER32.DLL
hDLL& = ~LoadLibraryA(@addr(DLL$))
Print Ohne irgendwas: ;
Time& = &GetTickCount
whileLoop 1, 100000
endwhile
print Int(&GetTickCount - Time&)
LET DLL$=$SYSPATH+USER32.DLL
Print LoadLibraryA +DLL$+ :;
StringAddr& = addr(DLL$)
Time& = &GetTickCount
whileLoop 1, 100000
call(LoadLibraryA&,StringAddr&)
endwhile
print Int(&GetTickCount - Time&)
LET DLL$=USER32
Print LoadLibraryA +DLL$+ :;
StringAddr& = addr(DLL$)
Time& = &GetTickCount
whileLoop 1, 100000
call(LoadLibraryA&,StringAddr&)
endwhile
print Int(&GetTickCount - Time&)
Print GetProcAdress ActivateKeyboardLayout: ;
Let Funktion$=ActivateKeyboardLayout
StringAddr& = addr(Funktion$)
Time& = &GetTickCount
whileLoop 1, 100000
call(GetProcAddress&,hDLL&, StringAddr&)
endwhile
print Int(&GetTickCount - Time&)
Print GetProcAdress wvsprintfW: ;
Let Funktion$=wvsprintfW
StringAddr& = addr(Funktion$)
Time& = &GetTickCount
whileLoop 1, 100000
call(GetProcAddress&,hDLL&, StringAddr&)
endwhile
print Int(&GetTickCount - Time&)
waitinput
ss=s4 href='./../../Function-References/XProfan/end/'>end
|
|
| |
| |
| |
|
|
RGH | Andreas Hötker
what mach the Code GetProcAdress because very? search the not whom Table to the angegebenen function?
its hold a API-function, The The absolute address of/ one function one loaded Moduls zurückgibt. How tappt im dunkeln the power, entzieht itself of my Kenntnis. there Microsoft its Source code (weitestgehend C C++ with ASM-sharing) not published, is it neither integrally simply the to get. (Also would the eh not help on.)
I suspect but simply the following: an DLL contains in her Header a list the in your exportierten functions with the Einsprungadressen. I take therefore on, that GetProcAdress over the lever the DLL on these list zugreift.
Greeting
Roland |
|
| |
| Intel Duo E8400 3,0 GHz / 4 GB RAM / 1000 GB HDD - ATI Radeon HD 4770 512 MB - Windows 7 Home Premium 32Bit - XProfan X4 | 03/28/07 ▲ |
|
| |
|
(763)
Deutsch
English
Français
Español
Italia