HELP need to call function from another exe

i need to call a function from another .exe file .. which i dont have the source for

i disassembled the .exe and found the function i need so much .. tried to export disassembled output to an .asm file .. and with some effort compiled it into a new .exe .. but by old ida happened to have bugs .. disassembling wrong opcodes
whatever this doesnt make sense to me neither ..

i have a .exe file .. and want to write a program that .. calls a function within that .exe file and gets the output .. all i know is the offset to the function

the function i need to call .. uses 1 stack and 3 register parameters
i believe the program was built under delphi

x86/windows/masm32

thanks in advance
LVL 1
skumriaAsked:
Who is Participating?
 
stefan73Connect With a Mentor Commented:
Yes, that's the problem. The linker fixups are necessary, but by default, you'll get overlapping address spaces for your own and the other exe.

Perhaps it's worthwile to think about looking at the PE link format? It might be possible to merge the other exe to yours, so both are loaded properly and non-overlapping when you start your program.

It'll be quite some work, though.
0
 
stefan73Commented:
Hi skumria,
Be aware that disassembling existing programs to re-engineer their functions is illegal in many countries. We can't help you there.

Cheers!

Stefan
0
 
skumriaAuthor Commented:
:) luckily in my country (bulgaria) its still legal

ok another scenario .. i write an exe file with function and try to call it from another .exe ?
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

 
stefan73Commented:
skumria,

This is tricky. The PE loader has to load the other exe, then you can mount its memory by ReadProcessMemory()
(see http://msdn.microsoft.com/library/default.asp?url=/library/en-us/debug/base/readprocessmemory.asp) - BUT: As all process base addresses are in the same area and the code of the function won't be position-independent, you probably won't be able to map it at its original address. Also, mounting it won't give you write access to the other process. And the other process may not allow you to read its memory at all (it's a security problem to allow this).
0
 
PaulCaswellCommented:
>>which i dont have the source for
Do you have any .lib or .obj files that make up the .EXE?

A second option:

In your program, malloc enough memory to fit the other EXE.
Read the EXE into your memory.
typedef a function pointer of the correct type and point it at the correct offset in the EXE.
Call it.

Paul
0
 
PaulCaswellConnect With a Mentor Commented:
Note: If you use my method, any linker fixups will not be performed.
This method will only work if the function you call only calls functions with relative addresses and does not require access to any data.

Paul
0
 
skumriaAuthor Commented:
>Perhaps it's worthwile to think about looking at the PE link format? It might be possible >o merge the other exe to yours, so both are loaded properly and non-overlapping >when you start your program.

have to try that .. as soon as i have the time

to Paul .. the program needed to set its memory space which involved some decoding

anyway .. the easiest way i found on the net is the CreateRemoteThread/LoadLibrary technique .. backed with some read/writeprocessmemory calls it turned not to be that hard


5.am here falling asleep sowwy about english
0
All Courses

From novice to tech pro — start learning today.