Is there a way or a method to find out all the exported functions of a DLL?
Try the DumpPE.exe that is distributed with MASM32.
Thanks Michael. That's pretty cool but I didn't really ask the complete question. I should have ask Is there a way or a method to find out all the exported functions of a DLL and show what the function needs as arguments and what the functions returns?. Maybe this is going too far.
Some environments use name mangling(encode parameter types together with function name). Delphi and C++ compilers do so. But this is very compiler specific, and I'm not aware of a tool that universally decodes that.
Quote from: Robert Collins on February 04, 2005, 02:54:58 AMIs there a way or a method to find out all the exported functions of a DLL and show what the function needs as arguments and what the functions returns?
No, not on a standard dll, to get that sort of info you would have to reverse engineer it an study it real close. COM dlls are different, they should have a typelib accompanying them, you can check that to see what the parameters are.
Hi Robert,
You can check my dll2inc tool which extracts all the exported functions from a DLL:
http://www.vortex.masmcode.com/files/Dll2inc.zip
Vortex,
I'm having a real problem understanding what to do with your dll2inc tool. Can you give me some insight on what it does and what I do to use it?
Hi Robert,
I will try to explain the usage of my tool with an example.
Let's assume that you want to learn which functions are exported by kernel32.dll:
dll2inc kernel32.dll
You get a module definition file kernel32.def listing all the exported functions:
LIBRARY kernel32
EXPORTS
ActivateActCtx
AddAtomA
AddAtomW
AddConsoleAliasA
AddConsoleAliasW
AddLocalAlternateComputerNameA
.
.
.
The tool creates also an include file named kernel32.inc. This feature is intended to create include files from C run-time DLLs
OK, thanks :U That's a nice tool. It will come in very handy. BTW what does the 'C' mean in 'PROTO C :VARARG'?
Robert,
In the example you give the 'C' means that the function follows the 'C' calling convention.
THis is required when using Variable Arguments.
Ill leave you to look into the MASM help files for what the C calling convention means
as apposed to other calling conventions like PASCAL or FASTCALL etc.
As dll2inc was intended to process C run-time DLLs, it creates function prototypes for C functions.
OK, I see. Too bad you couldn't get the arguments as something like 'myfunction proto C:lpzString, :int, :int' but I suppose that there is no way to figure that out unless there was an already made .h file but that is probably going to far and even so one wouldn't always have .h files for all given DLLs. Oh well, your tool is still better than anything else I have see. DUMPE is good but doesn't do what your tool does.
Robert,
The problem is neither the DLL or a library for it contain that data for a procedure that uses the C calling convention. STDCALL procedures have a different name with the parameter data in a single byte count value which can be translated to DWORD values easily enough. The only way to get the data for a C calling function is have access at the reference material for it.