skumria
asked on
HELP need to call function from another exe
i need to call a function from another .exe file .. which i dont have the source for
i disassembled the .exe and found the function i need so much .. tried to export disassembled output to an .asm file .. and with some effort compiled it into a new .exe .. but by old ida happened to have bugs .. disassembling wrong opcodes
whatever this doesnt make sense to me neither ..
i have a .exe file .. and want to write a program that .. calls a function within that .exe file and gets the output .. all i know is the offset to the function
the function i need to call .. uses 1 stack and 3 register parameters
i believe the program was built under delphi
x86/windows/masm32
thanks in advance
i disassembled the .exe and found the function i need so much .. tried to export disassembled output to an .asm file .. and with some effort compiled it into a new .exe .. but by old ida happened to have bugs .. disassembling wrong opcodes
whatever this doesnt make sense to me neither ..
i have a .exe file .. and want to write a program that .. calls a function within that .exe file and gets the output .. all i know is the offset to the function
the function i need to call .. uses 1 stack and 3 register parameters
i believe the program was built under delphi
x86/windows/masm32
thanks in advance
ASKER
:) luckily in my country (bulgaria) its still legal
ok another scenario .. i write an exe file with function and try to call it from another .exe ?
ok another scenario .. i write an exe file with function and try to call it from another .exe ?
skumria,
This is tricky. The PE loader has to load the other exe, then you can mount its memory by ReadProcessMemory()
(see http://msdn.microsoft.com/library/default.asp?url=/library/en-us/debug/base/readprocessmemory.asp) - BUT: As all process base addresses are in the same area and the code of the function won't be position-independent, you probably won't be able to map it at its original address. Also, mounting it won't give you write access to the other process. And the other process may not allow you to read its memory at all (it's a security problem to allow this).
This is tricky. The PE loader has to load the other exe, then you can mount its memory by ReadProcessMemory()
(see http://msdn.microsoft.com/library/default.asp?url=/library/en-us/debug/base/readprocessmemory.asp) - BUT: As all process base addresses are in the same area and the code of the function won't be position-independent, you probably won't be able to map it at its original address. Also, mounting it won't give you write access to the other process. And the other process may not allow you to read its memory at all (it's a security problem to allow this).
>>which i dont have the source for
Do you have any .lib or .obj files that make up the .EXE?
A second option:
In your program, malloc enough memory to fit the other EXE.
Read the EXE into your memory.
typedef a function pointer of the correct type and point it at the correct offset in the EXE.
Call it.
Paul
Do you have any .lib or .obj files that make up the .EXE?
A second option:
In your program, malloc enough memory to fit the other EXE.
Read the EXE into your memory.
typedef a function pointer of the correct type and point it at the correct offset in the EXE.
Call it.
Paul
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
>Perhaps it's worthwile to think about looking at the PE link format? It might be possible >o merge the other exe to yours, so both are loaded properly and non-overlapping >when you start your program.
have to try that .. as soon as i have the time
to Paul .. the program needed to set its memory space which involved some decoding
anyway .. the easiest way i found on the net is the CreateRemoteThread/LoadLib rary technique .. backed with some read/writeprocessmemory calls it turned not to be that hard
5.am here falling asleep sowwy about english
have to try that .. as soon as i have the time
to Paul .. the program needed to set its memory space which involved some decoding
anyway .. the easiest way i found on the net is the CreateRemoteThread/LoadLib
5.am here falling asleep sowwy about english
Be aware that disassembling existing programs to re-engineer their functions is illegal in many countries. We can't help you there.
Cheers!
Stefan