export procedure from executable

[white scorpion]

Hi all,

i'm wondering how i must use the linker arguments to export a function from an executable so that basically i have a dll and exe file in one.

here's what i use as options so far:

\masm32\bin\link.exe /subsystem:windows /def:testfile.def testfile.obj

the result is:

Creating library testfile.lib and object testfile.exp
tesfile.exe: warning LNK4086: entrypoint "_start" is not __stdcall with 12 bytes of arguments; image may not run

here's the testfile.def:

Code Select Expand


LIBRARY testfile
EXPORTS myFunction


basically i have made a default executable without doing anything different in the file, i just have one main function and the myFunction function which are in the testfile.
if i try to run the program using the above linker options i get: "testfile.exe is not a valid Win32 application" in a MessageBox with MB_ICONERROR.

and in the console i get "Access Denied".

Any ideas on how to solve this? I know it shouldn't be so hard, i know how to do it in C, but i can't get it to work with masm32 :(


Thanks in advance!

[James Ladd]

What you are trying to do is a little strange.
As long as the function in the exe uses the stdcall convention it should be available outside of the exe.
However, im not sure you can load the exe as a dll ?

[Vortex]

Have you a LibMain function in your executable?

[AeroASM]

When your run it as an exe, Windows calls the entry point with no arguments. When you use it as a dll, Windows calls the entry point with 3 arguments: hInstDLL, reason and reserved. YOu need to check the value of the reason argument; if it is valid, then treat it as a dll and do stack balancing at the end of the proc; if it is invalid, treat is as an exe at at the end do no stack balancing.

[P1]

What you are trying to do is a little strange.

It's possible.  But it would be nice to know what & why are you trying to do this?

An exe that's a self loader to itself, with a rundll startup, so it's not visable to the normal process list of the OS.  Virus, Trojan, KeyLogger????

Security Software????  Be real dude!!!!

Regards,  P1  :8)

BTW, There are simplier ways of doing what ever your trying to do.  But because you pick almost arcane advantage of M$ ways of doing things.  It's smacks of undermining Windows for ______ purposes.  So please fill in the blank!

[white scorpion]

Well basically i have found a tutorial explaining you can set a systemwide hook without the use of an external dll. It contained sample source code but the sample sourcecode was written in C. I am wondering how one can achieve this in masm. I never thought this was possible, but since it is it created a new area for me which i want to explore.

I haven't used a LibMain in my program, but i could imagin i should use one, so i'm going to try it.....
btw, i'm not trying to use LoadLibrary to load the exe, but it should indeed be possible using this technique...

BTW, There are simplier ways of doing what ever your trying to do.  But because you pick almost arcane advantage of M$ ways of doing things.  It's smacks of undermining Windows for ______ purposes.  So please fill in the blank!

"learning" should be in the blank :)
i just love exploring new things, and since it can indeed be useful using systemwide hooks (which is not interesting to me atm), i am interested in how this works since it is so simple although the idea of the dll (functions which can be used by multiple app's at the same time) is indeed not very useful anymore, but that doesn't change my hunger to figure out how this works :lol

Kind regards,

Mark Vogels

[hutch--]

Mark,

We all understand curiosity and have no problems with that at all but most of us have been around for a long time and have seen every trick in the book as well. Its common knowledge that some hooks must be global while others can be local which is just part of the OS specifications but we will shut this topic down if it looks like something that can be used for stealth recording of data or any similar usages as it is outside the rules of the forum.

[P1]

Well basically i have found a tutorial explaining you can set a systemwide hook without the use of an external dll. It contained sample source code but the sample sourcecode was written in C. I am wondering how one can achieve this in masm. I never thought this was possible, but since it is it created a new area for me which i want to explore.
...
I haven't used a LibMain in my program, but i could imagin i should use one, so i'm going to try it.....
btw, i'm not trying to use LoadLibrary to load the exe, but it should indeed be possible using this technique...
...
"learning" should be in the blank :)
i just love exploring new things, and since it can indeed be useful using systemwide hooks (which is not interesting to me atm), i am interested in how this works since it is so simple although the idea of the dll (functions which can be used by multiple app's at the same time) is indeed not very useful anymore, but that doesn't change my hunger to figure out how this works :lol

Kind regards,  Mark Vogels

Mark,  Thank you for your reply. 

1.  Could you post a link to this example?  Hind sight thought:  You could have posted the link and asked get translation help with the parts you were having problems with.
2.  As you go through this 'learning' example, it should become apparent that programmers use the traditional approach of a standard dll for system wide hooks.
3.  A white hat hacker is still a hacker.  And some of your devolped material on your website is being patched by M$ as security breeches.
4.  Have you ever read the story about the Frog and the Scorpion?  Are we going to end up like the Frog?
5.  Knowing our concern about misuse and your hunger to learn extreme programming techniques.  You could be more considerate and explain yourself in your initial question, keeping in mind DMCA and this message board rules.  I know you do not live in the USA, but we must abide by the rules of the country of local jurisdiction.
6.  Campus is for Newbies and the basics of programming.  Some of this advance stuff does belong in 'The Laboratory'.  And maybe would not come off so obviously as 'want-a-be hacker' stuff.  This shows your ignorance of the board and it's rules.  Which is why your posts are monitored and checked.

It's my job, at my place of work, to maintain the security of our network.  I see all this stuff on the back side of killing it off here at work.  And then see the very same stuff here, asking for help to make it work or work better.  So in some sense, some of the help being asked for is behind the leading edge development of security vulnerabilities.  So I will offer this explanation, ask for your understanding of why I maintain a security awareness here.  Me personally, think we should start up the thread from the old message board on what we could do to virus writers, as punishment.  And you will realize, after having to deal with the results of a virus attack, there is plenty of frustration to let go.

These are my opinions.  But you would be wrong, if you think I'm the only one who feels this way.

Regards,  P1  :8)

[pbrennick]

P1,
Well said, and I am with you on this.  This board belongs to Hutch so he sets the tone and we endeavor to follow his lead.  All in all, we have an excellent userbase who work very hard helping each other.  This is the goal to work towards, the betterment of the language and not the perversion of it.

Paul

[white scorpion]

First, i know i am interested in security and yes i have things on my website that are not welcome here at the board. I respect that so i keep the 2 fields seperated. To me this board is a great resource for coding in masm and i since i like it more then C there is a good chance i will be stumbing in to some translation problems while mastering masm. This of course can be done via the traditional means, but in my experience i learn best when doing it myself. I'm sure a lot of you will agree..
The tutorial i was reading indeed had an example for a keylogger, but since i don't care about the keylogger (i could have written it in C if i wanted to) and since i know the rules of this board i decided not to link the tutorial since questions might arrise about my honesty while i only want to learn as much as possible about the windows OS in general. I have bought a book called "Windows Interals" by Mark Russinovich and David Solomon which is a great book and covers Windows so deeply i have to read a topic multiple times to understand it.
Yes of course the knowledge in that book could be used to write malicious software, you know that, i know that, but that doesn't necessarily mean that knowledge will be used for malicious software.
Should the writers have decided not to publish the book since it might contain information what an evil person could use to write malicious software?? i don't believe they should have (and i'm glad they didn't :)).
I believe knowledge should be available and openly accessable to anyone who desires to learn, it is not a weapon, it is merely a tool. If you go to the store tomorrow and buy a gun does that make you a robber? No. The same applies here. Yes i am interested in how virusses/trojans/keyloggers and every almost other malicious program works, but i'm also interested about everything else from windows as well. If i stumble into a program and it has an interesting feature then i would like to know how to code such a thing regardless of the malicious purpose of that program or maybe even a protective purpose.
In this case it is a keylogger which is using an interesting technique i like to master, but it just as easily could have been a cd recording program, a database manager or whatever.

Like i said before, i know the rules of this site and i respect them, that i why i didn't post the source. unfortunately i don't have the link to the tutorial anymore, but i know it was on astalavista.  i do have the sourcecode however, and i'm willing to post it here (if hutch approves) but i don't see the use of it. i do see the use of a partial source code containing the part regarding my question so here it is:

Code Select Expand



#define _WIN32_WINNT 0x0400

#include <windows.h>
#include <winuser.h>
#include <stdio.h>


__declspec(dllexport) LRESULT CALLBACK KeyEvent
{
printf("Hello World!");
return 0;
}

int main(void)
{
   printf("hello world number 2");
   return 0;
}
this is the most interesting part of the code, the rest isn't important to me..

As you may now believe (or not) i'm not trying to write a keylogger or whatever, i'm just interested in this technique although i actually doubt if i would ever use it ;)

For those who still don't trust me: I'm currently learning how to write kernel drivers are well, wouldn't this be a much more powerful approach to log keys then a systemwide hook which can be detected / prevented by most keylogger killers / anti-keylogger programs?
Of course this would be a much better approach, so why bother trying to prevent me from learning how this technique works while on the other hand i'm learning to write a much more powerful keylogger if i really wanted?
Really, i don't care about a keylogger, but i do care knowing what makes the little clock tick.....

Thanks in advance for your time and replies, and please tell me how to refrase my questions in the future to avoid these types of discussions here on the board since they aren't necessary IMO.

ps, i posted this in the campus part on purpose since it has something to do specifically with masm32 and the linker, and since i am still a newbie with masm32 i decided it should better fit in here then in the laboratory (to be honest i don't dare posting a question in the laboratory yet since i feel like i know too little about masm yet).

Kind regards,

Mark

[P1]

Mark,

I understand what your saying and I can respect that.  Please permit us to maintain a healthy balance between code technique and code purpose versus code legalities.  I know your new at this, but sometimes you come across in the wrong way.  This raises the Red Flag and we are to check it out.

If I had any serious doubts, I would have locked or moved this thread.  Seeing how you have reprensented yourself in a proper mannor in this, this topic will remain open.  Thank you for your cooperation.

I wish you the "Best in Class" in Assembler programming techniques.

Regards,  P1

[Infro_X]

I believe this would work, havn't ever done anything like that before.

Code Select Expand


DllEntry PROC hInst,reason,reserved1
invoke GetModuleHandle,NULL
cmp eax,[hInst]
jnz EXEPROFILE
DLLPROFILE:
;DLL CODE HERE
DllEntry ENDP


EXEPROFILE:
;EXE CODE HERE
invoke ExitProcess,NULL


[white scorpion]

Thanks P1, i really appreciate that  :U
It is hard for me to explain things to defend myself since english isn't my first language.. I always have to hope it will be read as i have meant it, but sometimes this isn't the case....

I'm just glad you understand what i mean  :green

Infro_X -> i will try it out, thanks for your help :)


Kind regards,

Mark

[AeroASM]

Hey, you thank Infro_X, but he is only doing what I posted on this thread earlier. Don't I get credit?

:bg :bg I am joking. No big deal about it!

[white scorpion]

Yep, your right, sorry about that  :U

Thanks to you as well :P

I still have to try it out, but i'm not home from work yet, so i'll try it asap ...