| |
| |
|
Stefan
Schnell | Hello Community,
enclosed one small Program, that it plainer make should, Include-Files for Profan from DLL-Files create: [...] 
of these Program can a arbitrary DLL opened and be then becomes from this a Include-File for Profan, in the equal directory, generiert.
Einziges Manko, The Number of übergebenen Parameter cannot determined and be must therefore by hand nachgetragen go, but circa Tipparbeit To save already time one beginning.
Greeting
Stefan |
|
| |
| |
| |
|
|
| The Number of Params could one Perhaps with of/ one manner Brute-Force-forward line check. 
salvo. |
|
| |
| |
| |
|
|
Stefan
Schnell | Hello Community,
enclosed a improved Version, The next to Include- too Header-Files from DLL-Files produce can.
Greeting
Stefan
P.s. Thanks the Code Andreas go now too The Parameter determined  |
|
| |
| |
| |
|
|
Stefan
Schnell | Hello David, Hello Community,
have Thou a idea as we the in forward line take can? (in the wahrsten senses the Wortes)
same another others question afterwards:
so far I it understood have, can over the (E)SP [=Stackpointer] Yes The amount notwendigen Bytes of/ one function in a DLL determined go. has there someone a Ansatz How the To release is? be for Notes and hints grateful.
Greeting
Stefan |
|
| |
| |
| |
|
|
| well there kommwa the thing already bisl hither,- Perhaps helps us one freeware-disassembler on Consolenbasis the trouble To fixn. 
salvo. |
|
| |
| |
| |
|
|
Andreas
Miethe
 | [quote:65there66e5a3=Stefan quick]Hello David, Hello Community,
have Thou a idea as we the in forward line take can? (in the wahrsten senses the Wortes)
Greeting
Stefan[/quote:65there66e5a3]
Hello Stefan,
not yet found on of my Page ?? [...] |
|
| |
| Gruss Andreas ________ ________ ________ ________ _ Profan 3.3 - XProfanX2 Win 95,98,ME,2000,XP,Vista - Win 7 32 / 64 Bit ASUS X93S - Intel Core I7-NVIDIA GForce 540M 8GB Arbeitsspeicher Homepage : [...] | 10/20/04 ▲ |
|
| |
|
|
Stefan
Schnell | Hello Andreas,
No, not yet seen or heard... but cool... 
can You time whom code-Snippet, for investigation the Number of Parameter, here publish or a fountain name? interested me How the made becomes. 
thanks and Greeting
Stefan |
|
| |
| |
| |
|
|
Andreas
Miethe
| [quote:046234beca=Stefan quick]Hello Andreas,
No, not yet seen or heard... but cool...
can You time whom code-Snippet, for investigation the Number of Parameter, here publish or a fountain name? interested me How the made becomes.
thanks and Greeting
Stefan[/quote:046234beca]
can I gladly make. this is Pure-Basic code, no idea, whether You so something begin can.
kompletter code :
!DisplayErrors.l = 1
Procedure.l hex2dec(h$)
h$=UCase(h$)
For r=1 To Len(h$)
d<<4 : a$=Mid(h$,r,1)
If Asc(a$)>60
d+Asc(a$)-55
Else
d+Asc(a$)-48
EndIf
Next
ProcedureReturn d
EndProcedure
Procedure GetNumberOfParam(Pointer)
Repeat
Pointer=DisASMCommand(Pointer)
ASM_Code.s=UCase(GetDisASMString())
Until FindString(ASM_Code.s,"RET",1)
Bytes=hex2dec(Right(ASM_Code.s,Len(ASM_Code.s)-4))
If Bytes%4 Or Bytes>200:Bytes=-1:EndIf
If Bytes>=0:Bytes=Bytes>>2:EndIf
ProcedureReturn Bytes
EndProcedure
Procedure BadName(name.s)
Result=0
If FindString(UCase(name.s),"DLLENTRYPOINT",1):Result=-1:EndIf
If FindString(UCase(name.s),"DLLCANUNLOADNOW",1):Result=-1:EndIf
If FindString(UCase(name.s),"DLLGETCLASSOBJECT",1):Result=-1:EndIf
If FindString(UCase(name.s),"DLLREGISTERSERVER",1):Result=-1:EndIf
If FindString(UCase(name.s),"DLLUNREGISTERSERVER",1):Result=-1:EndIf
If UCase(name.s)="ATTACHPROCESS":Result=-1:EndIf
If UCase(name.s)="DETACHPROCESS":Result=-1:EndIf
If UCase(name.s)="ATTACHTHREAD":Result=-1:EndIf
If UCase(name.s)="DETACHTHREAD":Result=-1:EndIf
If UCase(name.s)="DLLINITIALIZE":Result=-1:EndIf
If Len(name.s)>100:Result=-1:EndIf
If Left(name.s,1)="?":Result=-1:EndIf
If UCase(name.s)="DUMMY":Result=-1:EndIf
ProcedureReturn Result
EndProcedure
DLL.s=ProgramParameter() ;<- executable create and simply Dll droppen.
If DLL = ""
MessageRequester("Include_Generator","Die desired Dll by Drag&Drop on INC_Gen.Exe wander!",64)
End
EndIf
Pbl.s=DLL
Point=FindString(Pbl,".",1)
Pbl=Left(Pbl,Point-1)+".Inc"
DllName.s = GetFilePart(Dll)
FullPath.s = Space(#MAX_PATH)
GetModuleFileName_(0,FullPath,#MAX_PATH)
;MessageRequester(Fullpath,GetPathPart(Fullpath),0)
FullPath = GetPathPart(Fullpath)
Inst=OpenLibrary(1,DLL.s)
If Inst=0
MessageRequester("Fehler","Die DLL "+DLL+" couldn't opened go.")
End
EndIf
If CreateFile(0,FullPath+ReplaceString(GetFilePart(DLL),GetExtensionPart(DLL),"Inc"))=0
MessageRequester("Fehler","Die File "+Pbl+" couldn't prepares go.")
End
EndIf
WriteStringN("############################################")
WriteStringN("generiert of Include-Generator for XProfan")
WriteStringN("############################################")
WriteStringN("Original-PB-Code Stefan Möbius")
WriteStringN("bearbeitet for XProfan of Andreas Miethe")
WriteStringN("############################################")
WriteStringN(FormatDate("%dd.%mm.%yyyy", Date()) )
WriteStringN("############################################")
WriteStringN("")
If ExamineLibraryFunctions(1)
While NextLibraryFunction()<>0
name.s=LibraryFunctionName()
Addr=GetProcAddress_(Inst,name)
Param=GetNumberOfParam(Addr)
BadName=BadName(name)
If DisplayErrors
If Param=-1
Text$="Falsche Parameteranzahl with the function "+name+" ."+Chr(13)
Text$=Text$+"Möchten tappt im dunkeln The Number of Parameter manually prompt ?"
If MessageRequester("Fehler",Text$,#MB_YESNO)=#IDYES
Param=Val(InputRequester(LibraryFunctionName()+":","Parameteranzahl","0"))
EndIf
EndIf
If BadName
Text$="Es won't recommended, The function "+name.s+" To export."+Chr(13)
Text$=Text$+"Soll tappt im dunkeln nevertheless export go ?"
If MessageRequester("Frage",Text$,#MB_YESNO)=#IDYES:BadName=0:EndIf
EndIf
EndIf
If BadName=0 And Param>=0
WriteStringN("DEF "+ name+"("+Str(Param)+") ! "+Chr(34)+Dllname+Chr(34)+","+Chr(34)+name+Chr(34))
; WriteStringN(name+" "+Str(Param))
Anz+1
EndIf
AnzGes+1
Wend
Else
MessageRequester("Fehler","Die DLL "+DLL+" couldn't screen go.")
End
EndIf
CloseLibrary(1)
CloseFile(1)
MessageRequester("Information:",Pbl+" watts successful prepares."+Chr(13)+Str(Anz)+"/"+Str(AnzGes)+" functions export.",#MB_ICONINFORMATION)
RunProgram("Notepad.exe", FullPath+ReplaceString(GetFilePart(Dll),GetExtensionPart(Dll),"Inc"), "", 0)
End
|
|
| |
| Gruss Andreas ________ ________ ________ ________ _ Profan 3.3 - XProfanX2 Win 95,98,ME,2000,XP,Vista - Win 7 32 / 64 Bit ASUS X93S - Intel Core I7-NVIDIA GForce 540M 8GB Arbeitsspeicher Homepage : [...] | 10/20/04 ▲ |
|
| |
|
|
| Sag I still,- disassembling. 
see I the wrong Andreas,- or determined The Proc only Longints ?
salvo,- iF |
|
| |
| |
| |
|
|
Stefan
Schnell | Hello Andreas,
3,14159267 time Thanks for the Listing, this is really very interestingly and becomes me sure some to that cogitate give. 
Hello David,
>see I the wrong Andreas,- or determined The Proc only Longints ?
Hmm, following DLL have I even ausprobiert:
How you see go different Variablentypen (byte and Long) transfer. Andreas Program generiert from it the following Listing:
and this is Yes correctly. so.
the disassemblierte Listing sees so from:
Test2x4
=========
:100013A7 53 push ebx
:100013A8 51 push ecx
:100013A9 55 push ebp
:100013AA 56 push esi
:100013AB 57 push edi
:100013AC 89E6 mov esi, esp
:100013AE 83EC04 sub esp, 00000004
:100013B1 89E0 mov eax, esp
:100013B3 89C2 mov edx, eax
:100013B5 83C204 add edx, 00000004
---------
:100013B8 C70000000000 mov dword[eax], 00000000
:100013BE 83C004 add eax, 00000004
:100013C1 39D0 cmp eax, edx
:100013C3 75F3 jne 100013B8
:100013C5 8B4618 mov eax, dword[esi+18]
:100013C8 880424 mov byte[esp+esp], al
:100013CB 8B461C mov eax, dword[esi+1C]
:100013CE 88442401 mov byte[esp+01], al
:100013D2 31C0 xor eax, eax
:100013D4 83C404 add esp, 00000004
:100013D7 5F pop edi
:100013D8 5E pop esi
:100013D9 5D pop ebp
:100013DA 59 pop ecx
:100013DB 5B pop ebx
:100013DC C20800 ret 0008
the surprised me now something, there the Parameterermittlung the RET relating and here, withal zweier byte-variables, The number 8 transfer becomes, understand I do not.
just as see it namely with the procedure Test8 from:
Test8
=========
:10001414 53 push ebx
:10001415 51 push ecx
:10001416 55 push ebp
:10001417 56 push esi
:10001418 57 push edi
:10001419 89E6 mov esi, esp
:1000141B 83EC08 sub esp, 00000008
:1000141E 89E0 mov eax, esp
:10001420 89C2 mov edx, eax
:10001422 83C208 add edx, 00000008
---------
:10001425 C70000000000 mov dword[eax], 00000000
:1000142B 83C004 add eax, 00000004
:1000142E 39D0 cmp eax, edx
:10001430 75F3 jne 10001425
:10001432 8B4618 mov eax, dword[esi+18]
:10001435 890424 mov dword[esp+esp], eax
:10001438 8B461C mov eax, dword[esi+1C]
:1000143B 89442404 mov dword[esp+04], eax
:1000143F 31C0 xor eax, eax
:10001441 83C408 add esp, 00000008
:10001444 5F pop edi
:10001445 5E pop esi
:10001446 5D pop ebp
:10001447 59 pop ecx
:10001448 5B pop ebx
:10001449 C20800 ret 0008
go Perhaps with DLLs, alike which Variablentyp indicated becomes, always LongInts transfer? then is Davids assumption correctly.
who can my spirit erhellen?
thanks and Greeting
Stefan |
|
| |
| |
| |
|
|
Andreas
Miethe
| Hello Stefan,
I have me now already so some Dlls respected ( Dependency Walker ) and with some can it integrally well discern. per Parameter becomes always 4 dazugezaehlt, alike circa what fuer a Parameter it itself deals. |
|
| |
| Gruss Andreas ________ ________ ________ ________ _ Profan 3.3 - XProfanX2 Win 95,98,ME,2000,XP,Vista - Win 7 32 / 64 Bit ASUS X93S - Intel Core I7-NVIDIA GForce 540M 8GB Arbeitsspeicher Homepage : [...] | 10/21/04 ▲ |
|
| |
|
|
| Jepp,- can I confirm.
salvo. |
|
| |
| |
| |
|
(893)
Deutsch
English
Français
Español
Italia