list dll dependency in listbox1, list dll module in listbox2

i have a code that gets dll dependencies BUT it includes the dll modules and other unknown characters,  if you have a code that list the dep and mod in list1 and list2, please, kindly load it up.

And other problem with that code? it produces some access violation in other .dll, I hope someone could look at the code and fix it.
unit Unit1;

interface

uses
  Windows, Messages, SysUtils, Classes, Graphics, Controls, Forms, Dialogs,
  StdCtrls;

const
  IMAGE_DOS_SIGNATURE    = $5A4D;       { MZ }
  IMAGE_OS2_SIGNATURE    = $454E;       { NE }
  IMAGE_OS2_SIGNATURE_LE = $454C;       { LE }
  IMAGE_VXD_SIGNATURE    = $454C;       { LE }
  IMAGE_NT_SIGNATURE     = $00004550;   { PE00 }

  IMAGE_SIZEOF_SHORT_NAME            = 8;
  IMAGE_SIZEOF_SECTION_HEADER        = 40;
  IMAGE_NUMBEROF_DIRECTORY_ENTRIES   = 16;
  IMAGE_RESOURCE_NAME_IS_STRING      = $80000000;
  IMAGE_RESOURCE_DATA_IS_DIRECTORY   = $80000000;
  IMAGE_OFFSET_STRIP_HIGH            = $7FFFFFFF;
  DIRECTORY_ENTRY_EXPORT             = 0;   // Export Directory
  IMAGE_DIRECTORY_ENTRY_IMPORT       = 1;   // Import Directory
  IMAGE_DIRECTORY_ENTRY_RESOURCE     = 2;   // Resource Directory
  IMAGE_DIRECTORY_ENTRY_EXCEPTION    = 3;   // Exception Directory
  IMAGE_DIRECTORY_ENTRY_SECURITY     = 4;   // Security Directory
  IMAGE_DIRECTORY_ENTRY_BASERELOC    = 5;   // Base Relocation Table
  IMAGE_DIRECTORY_ENTRY_DEBUG        = 6;   // Debug Directory
  IMAGE_DIRECTORY_ENTRY_COPYRIGHT    = 7;   // Description String
  IMAGE_DIRECTORY_ENTRY_GLOBALPTR    = 8;   // Machine Value (MIPS GP)
  IMAGE_DIRECTORY_ENTRY_TLS          = 9;   // TLS Directory
  IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG  = 10;   // Load Configuration Directory
  IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT = 11;   // Bound Import Directory in headers
  IMAGE_DIRECTORY_ENTRY_IAT          = 12;

type
plist_entry = ^LIST_ENTRY;
LIST_ENTRY = record
  Flink:pLIST_ENTRY;
  Blink:pLIST_ENTRY;
end;

type IMAGE_EXPORT_DIRECTORY= packed record
Characteristics:DWORD;
TimeDateStamp:DWORD;
MajorVersion:WORD;
MinorVersion:WORD;
Name:DWORD;
Base:DWORD;
NumberOfFunctions:DWORD;
NumberOfNames:DWORD;
pAddressOfFunctions:PDWORD;
pAddressOfNames:PDWORD;
pAddressOfNameOrdinals:PWORD;
end;
PIMAGE_EXPORT_DIRECTORY= ^IMAGE_EXPORT_DIRECTORY;

type FPO_DATA =packed record
ulOffStart: DWORD;             // offset 1st byte of function code
cbProcSize:DWORD ;             // # bytes in function
cdwLocals:DWORD;              // # bytes in locals/4
cdwParams:WORD ;              // # bytes in params/4
cbProlog:WORD;           // # bytes in prolog
cbRegs:WORD;           // # regs saved
fHasSEH:WORD;           // TRUE if SEH in func
fUseBP:WORD;           // TRUE if EBP has been allocated
reserved:WORD;           // reserved for future use
cbFrame:WORD;           // frame type
end;
PFPO_DATA=^FPO_DATA;

type
IMAGE_FUNCTION_ENTRY=packed record
  StartingAddress:dword;
  EndingAddress:dword;
  EndOfPrologue:dword;
end;
PIMAGE_FUNCTION_ENTRY=^IMAGE_FUNCTION_ENTRY;

type
  PIMAGE_DOS_HEADER = ^IMAGE_DOS_HEADER;
  IMAGE_DOS_HEADER = packed record      { DOS .EXE header }
    e_magic         : WORD;             { Magic number }
    e_cblp          : WORD;             { Bytes on last page of file }
    e_cp            : WORD;             { Pages in file }
    e_crlc          : WORD;             { Relocations }
    e_cparhdr       : WORD;             { Size of header in paragraphs }
    e_minalloc      : WORD;             { Minimum extra paragraphs needed }
    e_maxalloc      : WORD;             { Maximum extra paragraphs needed }
    e_ss            : WORD;             { Initial (relative) SS value }
    e_sp            : WORD;             { Initial SP value }
    e_csum          : WORD;             { Checksum }
    e_ip            : WORD;             { Initial IP value }
    e_cs            : WORD;             { Initial (relative) CS value }
    e_lfarlc        : WORD;             { File address of relocation table }
    e_ovno          : WORD;             { Overlay number }
    e_res           : packed array [0..3] of WORD; { Reserved words }
    e_oemid         : WORD;             { OEM identifier (for e_oeminfo) }
    e_oeminfo       : WORD;             { OEM information; e_oemid specific }
    e_res2          : packed array [0..9] of WORD; { Reserved words }
    e_lfanew        : Longint;          { File address of new exe header }
  end;

  PIMAGE_FILE_HEADER = ^IMAGE_FILE_HEADER;
  IMAGE_FILE_HEADER = packed record
    Machine              : WORD;
    NumberOfSections     : WORD;
    TimeDateStamp        : DWORD;
    PointerToSymbolTable : DWORD;
    NumberOfSymbols      : DWORD;
    SizeOfOptionalHeader : WORD;
    Characteristics      : WORD;
  end;

  PIMAGE_DATA_DIRECTORY = ^IMAGE_DATA_DIRECTORY;
  IMAGE_DATA_DIRECTORY = packed record
    VirtualAddress  : DWORD;
    Size            : DWORD;
  end;

  PIMAGE_OPTIONAL_HEADER = ^IMAGE_OPTIONAL_HEADER;
  IMAGE_OPTIONAL_HEADER = packed record
   { Standard fields. }
    Magic           : WORD;
    MajorLinkerVersion : Byte;
    MinorLinkerVersion : Byte;
    SizeOfCode      : DWORD;
    SizeOfInitializedData : DWORD;
    SizeOfUninitializedData : DWORD;
    AddressOfEntryPoint : DWORD;
    BaseOfCode      : DWORD;
    BaseOfData      : DWORD;
   { NT additional fields. }
    ImageBase       : DWORD;
    SectionAlignment : DWORD;
    FileAlignment   : DWORD;
    MajorOperatingSystemVersion : WORD;
    MinorOperatingSystemVersion : WORD;
    MajorImageVersion : WORD;
    MinorImageVersion : WORD;
    MajorSubsystemVersion : WORD;
    MinorSubsystemVersion : WORD;
    Reserved1       : DWORD;
    SizeOfImage     : DWORD;
    SizeOfHeaders   : DWORD;
    CheckSum        : DWORD;
    Subsystem       : WORD;
    DllCharacteristics : WORD;
    SizeOfStackReserve : DWORD;
    SizeOfStackCommit : DWORD;
    SizeOfHeapReserve : DWORD;
    SizeOfHeapCommit : DWORD;
    LoaderFlags     : DWORD;
    NumberOfRvaAndSizes : DWORD;
    DataDirectory   : packed array [0..IMAGE_NUMBEROF_DIRECTORY_ENTRIES-1] of IMAGE_DATA_DIRECTORY;
  end;

  PIMAGE_SECTION_HEADER = ^IMAGE_SECTION_HEADER;
  IMAGE_SECTION_HEADER = packed record
    Name            : packed array [0..IMAGE_SIZEOF_SHORT_NAME-1] of Char;
    PhysicalAddress : DWORD; // or VirtualSize (union);
    VirtualAddress  : DWORD;
    SizeOfRawData   : DWORD;
    PointerToRawData : DWORD;
    PointerToRelocations : DWORD;
    PointerToLinenumbers : DWORD;
    NumberOfRelocations : WORD;
    NumberOfLinenumbers : WORD;
    Characteristics : DWORD;
  end;

  PIMAGE_NT_HEADERS = ^IMAGE_NT_HEADERS;
  IMAGE_NT_HEADERS = packed record
    Signature       : DWORD;
    FileHeader      : IMAGE_FILE_HEADER;
    OptionalHeader  : IMAGE_OPTIONAL_HEADER;
  end;

  PIMAGE_RESOURCE_DIRECTORY = ^IMAGE_RESOURCE_DIRECTORY;
  IMAGE_RESOURCE_DIRECTORY = packed record
    Characteristics : DWORD;
    TimeDateStamp   : DWORD;
    MajorVersion    : WORD;
    MinorVersion    : WORD;
    NumberOfNamedEntries : WORD;
    NumberOfIdEntries : WORD;
  end;

  PIMAGE_RESOURCE_DIRECTORY_ENTRY = ^IMAGE_RESOURCE_DIRECTORY_ENTRY;
  IMAGE_RESOURCE_DIRECTORY_ENTRY = packed record
    Name: DWORD;        // Or ID: Word (Union)
    OffsetToData: DWORD;
  end;

  PIMAGE_RESOURCE_DATA_ENTRY = ^IMAGE_RESOURCE_DATA_ENTRY;
  IMAGE_RESOURCE_DATA_ENTRY = packed record
    OffsetToData    : DWORD;
    Size            : DWORD;
    CodePage        : DWORD;
    Reserved        : DWORD;
  end;

  PIMAGE_RESOURCE_DIR_STRING_U = ^IMAGE_RESOURCE_DIR_STRING_U;
  IMAGE_RESOURCE_DIR_STRING_U = packed record
    Length          : WORD;
    NameString      : array [0..0] of WCHAR;
  end;

type LOADED_IMAGE = record
  ModuleName:pchar;
  hFile:thandle;
  MappedAddress:pchar;
  FileHeader:PIMAGE_NT_HEADERS;
  LastRvaSection:PIMAGE_SECTION_HEADER;
  NumberOfSections:integer;
  Sections:PIMAGE_SECTION_HEADER ;
  Characteristics:integer;
  fSystemImage:boolean;
  fDOSImage:boolean;
  Links:LIST_ENTRY;
  SizeOfImage:integer;
end;
PLOADED_IMAGE= ^LOADED_IMAGE;

type IMAGE_LOAD_CONFIG_DIRECTORY = packed record
    Characteristics:DWORD;
    TimeDateStamp:DWORD;
    MajorVersion:WORD;
    MinorVersion:WORD;
    GlobalFlagsClear:DWORD;
    GlobalFlagsSet:DWORD;
    CriticalSectionDefaultTimeout:DWORD;
    DeCommitFreeBlockThreshold:DWORD;
    DeCommitTotalFreeThreshold:DWORD;
    LockPrefixTable:Pointer;
    MaximumAllocationSize:DWORD;
    VirtualMemoryThreshold:DWORD;
    ProcessHeapFlags:DWORD;
    ProcessAffinityMask:DWORD;
    Reserved: array[0..2] of DWORD;
  end;
PIMAGE_LOAD_CONFIG_DIRECTORY=^IMAGE_LOAD_CONFIG_DIRECTORY;

type IMAGE_IMPORT_BY_NAME = packed record
  Hint:WORD;
  Name:DWORD;
end;
PIMAGE_IMPORT_BY_NAME=^IMAGE_IMPORT_BY_NAME;

type IMAGE_THUNK_DATA =packed record
  ForwarderString:PBYTE;
  Func:PDWORD;
  Ordinal:DWORD;
  AddressOfData:PIMAGE_IMPORT_BY_NAME;
end;
PIMAGE_THUNK_DATA=^IMAGE_THUNK_DATA;

type IMAGE_IMPORT_DESCRIPTOR= packed record
  Characteristics:DWORD;
  TimeDateStamp:DWORD;
  ForwarderChain:DWORD;
  Name:DWORD;
  FirstThunk:DWORD;
end;
PIMAGE_IMPORT_DESCRIPTOR = ^IMAGE_IMPORT_DESCRIPTOR;


type
  TForm1 = class(TForm)
    Button1: TButton;
    Memo1: TMemo;
    OpenDialog1: TOpenDialog;
    procedure Button1Click(Sender: TObject);
  private
    { Private declarations }
  public
    procedure ProcessFile;
  end;

var
  Form1: TForm1;
  h1,hmap:integer;
  bptr:pointer;
  gptr:pbyte;
  ntsign:plongword;
  doshd:PIMAGE_DOS_HEADER;
  pehd:PIMAGE_FILE_HEADER;
  peoptn:PIMAGE_OPTIONAL_HEADER;
  sectionheads:array of PIMAGE_SECTION_HEADER;
  offsetmem:longword;
  idataphysicaladress:pbyte;
  idata:PIMAGE_IMPORT_DESCRIPTOR;
  modulename,functionname:pchar;
  dptr:plongword;
  ord:word;
  pexpdir:PIMAGE_EXPORT_DIRECTORY;
  pexpnames:pdword;
  expfname:pchar;
implementation

{$R *.DFM}

procedure TForm1.Button1Click(Sender: TObject);
begin
memo1.Lines.Clear;
processfile;
end;

procedure TForm1.ProcessFile;
var
i,j:integer;
begin
if opendialog1.Execute=false  then
  exit
else
  h1:=fileopen(opendialog1.FileName,fmShareDenyNone or fmOpenRead);
hmap:=CreateFileMapping(h1,nil,PAGE_READONLY,0,0,nil);
doshd:=PIMAGE_DOS_HEADER(mapviewoffile(hmap,FILE_MAP_READ,0,0,0));
bptr:=doshd;
memo1.Lines.Clear;
memo1.lines.add('DOS Header');
memo1.Lines.Add(' -e_magic='+inttostr(doshd.e_magic));
memo1.Lines.Add(' -e_cblp='+inttostr(doshd.e_cblp));
memo1.Lines.Add(' -e_cp='+inttostr(doshd.e_cp));
memo1.Lines.Add(' -e_crlc='+inttostr(doshd.e_crlc));
memo1.Lines.Add(' -e_cparhdr='+inttostr(doshd.e_cparhdr));
memo1.Lines.Add(' -e_minalloc='+inttostr(doshd.e_minalloc));
memo1.Lines.Add(' -e_maxalloc='+inttostr(doshd.e_maxalloc));
memo1.Lines.Add(' -e_ss='+inttostr(doshd.e_ss));
memo1.Lines.Add(' -e_sp='+inttostr(doshd.e_sp));
memo1.Lines.Add(' -e_csum='+inttostr(doshd.e_csum));
memo1.Lines.Add(' -e_ip='+inttostr(doshd.e_ip));
memo1.Lines.Add(' -e_cs='+inttostr(doshd.e_cs));
memo1.Lines.Add(' -e_lfarlc='+inttostr(doshd.e_lfarlc));
memo1.Lines.Add(' -e_ovno='+inttostr(doshd.e_ovno));
memo1.Lines.Add(' -e_oemid='+inttostr(doshd.e_oemid));
memo1.Lines.Add(' -e_oeminfo='+inttostr(doshd.e_oeminfo));
memo1.Lines.Add(' -e_lfanew='+inttostr(doshd.e_lfanew));
gptr:=bptr;
inc(gptr,doshd.e_lfanew);
ntsign:=plongword(gptr);
if (ntsign^=IMAGE_NT_SIGNATURE) then
  begin
   memo1.Lines.Add('NT Signature<'+inttostr(IMAGE_NT_SIGNATURE)+'>='+inttostr(ntsign^));
   memo1.Lines.Add('Windows Executable');
   memo1.lines.add('------------------------------------------');
   gptr:=bptr;
   inc(gptr,doshd.e_lfanew+4);
   pehd:=PIMAGE_FILE_HEADER(gptr);
   memo1.lines.add('PE Header');
   memo1.Lines.Add(' -Machine='+inttostr(pehd.Machine));
   memo1.Lines.Add(' -Number of Sections='+inttostr(pehd.NumberOfSections));
   memo1.Lines.Add(' -TimeDateStamp='+IntToStr(pehd.TimeDateStamp));
   memo1.Lines.Add(' -PointerToSymbolTable='+IntToStr(pehd.PointerToSymbolTable));
   memo1.Lines.Add(' -Number of Symbols='+IntToStr(pehd.NumberOfSymbols));
   memo1.Lines.Add(' -SizeOfOptionalHeader='+IntToStr(pehd.SizeOfOptionalHeader));
   memo1.Lines.Add(' -Characteristics='+IntToStr(pehd.Characteristics));
   memo1.lines.add('------------------------------------------');
   gptr:=pbyte(pehd);
   inc(gptr,sizeof(IMAGE_FILE_HEADER));
   peoptn:=PIMAGE_OPTIONAL_HEADER(gptr);
   memo1.lines.add('PE Optional Header');
   memo1.Lines.Add(' -Magic='+inttostr(peoptn.Magic));
   memo1.Lines.Add(' -MajorLinkerVersion='+inttostr(peoptn.MajorLinkerVersion));
   memo1.Lines.Add(' -MinorLinkerVersion='+inttostr(peoptn.MinorLinkerVersion));
   memo1.Lines.Add(' -SizeOfCode='+inttostr(peoptn.SizeOfCode));
   memo1.Lines.Add(' -SizeOfInitializedData='+inttostr(peoptn.SizeOfInitializedData));
   memo1.Lines.Add(' -SizeOfUninitializedData='+inttostr(peoptn.SizeOfUninitializedData));
   memo1.Lines.Add(' -AddressOfEntryPoint='+inttostr(peoptn.AddressOfEntryPoint));
   memo1.Lines.Add(' -BaseOfCode='+inttostr(peoptn.BaseOfCode));
   memo1.Lines.Add(' -BaseOfData='+inttostr(peoptn.BaseOfData));
   memo1.Lines.Add(' -ImageBase='+inttostr(peoptn.ImageBase));
   memo1.Lines.Add(' -SectionAlignment='+inttostr(peoptn.SectionAlignment));
   memo1.Lines.Add(' -FileAlignment='+inttostr(peoptn.FileAlignment));
   memo1.Lines.Add(' -MajorOperatingSystemVersion='+inttostr(peoptn.MajorOperatingSystemVersion));
   memo1.Lines.Add(' -MinorOperatingSystemVersion='+inttostr(peoptn.MinorOperatingSystemVersion));
   memo1.Lines.Add(' -MajorImageVersion='+inttostr(peoptn.MajorImageVersion));
   memo1.Lines.Add(' -MinorImageVersion='+inttostr(peoptn.MinorImageVersion));
   memo1.Lines.Add(' -MajorSubsystemVersion='+inttostr(peoptn.MajorSubsystemVersion));
   memo1.Lines.Add(' -MinorSubsystemVersion ='+inttostr(peoptn.MinorSubsystemVersion ));
   memo1.Lines.Add(' -Reserved1 ='+inttostr(peoptn.Reserved1));
   memo1.Lines.Add(' -SizeOfImage ='+inttostr(peoptn.SizeOfImage));
   memo1.Lines.Add(' -SizeOfHeaders ='+inttostr(peoptn.SizeOfHeaders));
   memo1.Lines.Add(' -CheckSum ='+inttostr(peoptn.CheckSum));
   memo1.Lines.Add(' -SubSystem ='+inttostr(peoptn.Subsystem));
   memo1.Lines.Add(' -DllCharacteristics ='+inttostr(peoptn.DllCharacteristics));
   memo1.Lines.Add(' -SizeOfStackReserve ='+inttostr(peoptn.SizeOfStackReserve));
   memo1.Lines.Add(' -SizeOfStackCommit ='+inttostr(peoptn.SizeOfStackCommit));
   memo1.Lines.Add(' -SizeOfHeapReserve ='+inttostr(peoptn.SizeOfHeapReserve));
   memo1.Lines.Add(' -SizeOfHeapCommit ='+inttostr(peoptn.SizeOfHeapCommit));
   memo1.Lines.Add(' -LoaderFlags ='+inttostr(peoptn.LoaderFlags));
   memo1.Lines.Add(' -NumberOfRvaAndSizes ='+inttostr(peoptn.NumberOfRvaAndSizes));
   memo1.lines.add('------------------------------------------');
   setlength(sectionheads,pehd.NumberOfSections);
   for i:=0 to pehd.NumberOfSections -1 do
    begin
     gptr:=pbyte(peoptn);
     inc(gptr,sizeof(IMAGE_OPTIONAL_HEADER)+i*sizeof(IMAGE_SECTION_HEADER));
     sectionheads[i]:=PIMAGE_SECTION_HEADER(gptr);
    end;
   if peoptn.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].Size=0 then
    begin
     memo1.lines.add('No Export Table Present');
     memo1.lines.add('------------------------------------------');
    end
   else
    begin
     memo1.lines.add('Export Table Present');
     for i:=pehd.NumberOfSections-1 downto 0 do
      begin
       if peoptn.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress>=sectionheads[i].VirtualAddress then
        begin
         offsetmem:=sectionheads[i].PointerToRawData-sectionheads[i].VirtualAddress;
         break;
        end;
      end;
     gptr:=bptr;
     inc(gptr,offsetmem+peoptn.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress);
     pexpdir:=PIMAGE_EXPORT_DIRECTORY(gptr);
     pexpnames:=pdword(longint(bptr)+integer(PIMAGE_EXPORT_DIRECTORY(gptr).pAddressOfNames));
     for i:=0 to pexpdir.NumberOfNames-1 do
      begin
       expfname:=pchar(integer(bptr)+integer(pexpnames^));
       memo1.lines.add(' -'+expfname);
       inc(pexpnames);
      end;
     memo1.lines.add('------------------------------------------');
    end;
   if peoptn.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].Size=0 then
    memo1.lines.add('No Import Table Present')
   else
    begin
     memo1.lines.add('Import Table Present');
     for i:=pehd.NumberOfSections-1 downto 0 do
      begin
       if peoptn.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress>=sectionheads[i].VirtualAddress then
        begin
         offsetmem:=sectionheads[i].PointerToRawData-sectionheads[i].VirtualAddress;
         break;
        end;
      end;
     gptr:=bptr;
     inc(gptr,offsetmem+peoptn.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress);
     idataphysicaladress:=gptr;
     i:=0;
     j:=0;
     while true do
      begin
       gptr:=idataphysicaladress;
       inc(gptr,i*sizeof(IMAGE_IMPORT_DESCRIPTOR));
       idata :=PIMAGE_IMPORT_DESCRIPTOR(gptr);
       if idata.Name = 0 then
        break;
       gptr:=bptr;
       inc(gptr,offsetmem+idata.Name);
       modulename:=pchar(gptr);

       memo1.Lines.Add('Module Name:             '+ modulename);
       while true do
        begin
         if (idata.FirstThunk + j*4)= 0 then
          break;
         gptr:=bptr;
         inc(gptr,offsetmem+idata.FirstThunk +j*4);
         dptr:=plongword(gptr);
         gptr:=bptr;
         inc(gptr,offsetmem+dptr^);
         if isbadcodeptr(gptr) then
          break;
         ord:=pword(gptr)^;
         inc(gptr,2);
         functionname:=pchar(gptr);
         if isbadcodeptr(functionname) then
          break;
         if functionname=nil then
         break;
         memo1.Lines.Add('  -Ord:'+inttohex(ord,3)+' Function Name:    ' + functionname);
         inc(j);
        end;
       inc(i);
      end;
    end;
  end;
UnmapViewOfFile(bptr);
closehandle(hmap);
fileclose(h1);
end;

end.

Open in new window

LVL 14
systanAsked:
Who is Participating?
 
briangochnauerCommented:
Guess you have an environment issue; cause it works fine for me (see image) when I compile and run it. Learn how to use the integrated debugger to fix your own program.
I guess I just wasted 3 days trying to help you. for nothing.

Clip127.jpg
0
 
briangochnauerCommented:
for 5000 pts  :)
 
0
 
systanAuthor Commented:
Why would I do that?
I've given the code,  if experts wants to answer? he will just filter the;
dll depedency in listbox1 and imported modules in listbox2

see the image i mean;;


dlldep2.JPG
0
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
briangochnauerCommented:
Many tool already do this; are we 'reinventing the wheel' here?
(GExperts for one;Delphi add-on)
I compiled and got the exception and see the problem.
Do you have documention that shows the relationships each data structure has to one another?
0
 
systanAuthor Commented:
Many tool already do this; are we 'reinventing the wheel' here?
I just want to code it

>>I compiled and got the exception and see the problem.
ok, nice, please show it

>>Do you have documention that shows the relationships each data structure has to one another?
actually i dont have, but as far as i undertand the given code can perform what i want.
0
 
briangochnauerCommented:
>> but as far as i undertand the given code can perform what i want.
not without Exception though; *something* was lost in the translation.
Do you have the original code.?
0
 
systanAuthor Commented:
0
 
briangochnauerCommented:
the owesome link is really awesome;
since he's done all the work and it's free to use why don't you take advantage of the work he's done, that's why he is giving it away???
Turns your program into a few lines;
 
implementation
uses u_c_pe;
{$R *.DFM}

procedure TForm1.Button1Click(Sender: TObject);
begin
     memo1.Lines.Clear;
     processfile;
end;

procedure TForm1.ProcessFile;
var   cpe : c_pe;
begin
    if opendialog1.Execute=false  then
     exit
    else
    begin
        cpe := c_pe.Create(opendialog1.FileName,Memo1.Lines);
        cpe.analyze_nt_header;
        cpe.analyze_imported_dlls(memo2.lines);
    end;
end;
END.

ExeExplorer.zip
0
 
systanAuthor Commented:
briangochnauer;
I downloaded the zip file,
put it in the folder
delete the .res
open .dpr with delphi and delphi created the .res
removed the  Application.MainFormOnTaskbar := True;, because of delphi7
change the path of unit7.pas
run the application
pointed it to a dll
then
error saying "integer overflow"
I removed the checked mark on compiler runtime errors range checking, io checking, overflow checking
and
the error is the same.

then I added all the .pas in the project
errors on tdirectory listbox and tfilelistbox, i ignored it,
then
run the program, errors still the same.
0
 
briangochnauerCommented:
You don't need to delete the .res file.
I loaded it into Delphi 5 in a VMWare machine; deleted the MainformOnTaskbar line and it compiled fine.
Using the attached file it worked fine too.
Try the attached file and see if works with your compilation.

DelphiBand.dll
0
 
systanAuthor Commented:
briangochnauer;
why are you sending me a .dll?
0
 
briangochnauerCommented:
Got the wrong unit7.pas in there, somehow.
Try these files;

ExeExplorer.zip
0
 
briangochnauerCommented:
The DLL I sent earlier was for you to read in against your compiled version of the exe to see if it would 'parse' the *that* dll properly. Not all DLL's have all data structures.
0
 
systanAuthor Commented:
briangochnauer;
same error,
the earlier exeexplorer.zip youve send was not good, many .pas but it only uses 1, the unit7.pas
0
 
briangochnauerCommented:
Now I'm getting the integer overflow, but I didn't originally. I'll check into it.
0
 
briangochnauerCommented:
The others are automatically included through the uses statement starting with
implementation
uses u_c_pe;
0
 
briangochnauerCommented:
Works beautifully under Delphi 5.  probably string issues; working on it.
What version of Delphi are you using?
 
0
 
briangochnauerCommented:
Heres' the D5 compiled exe.

Project11.exe
0
 
systanAuthor Commented:
yes, I see that, but it doesn't seem to solve the problem, integer always overflow.
0
 
systanAuthor Commented:
I download the project11.exe, test it and found good, yes it find dll dependency, but wheres the modules?
anyway I could not start the code because I dont know where did the integeroverflow comes from.
error saying "integer overflow"
I removed the checked mark on compiler runtime errors range checking, io checking, overflow checking
and
the error is the same.
0
 
briangochnauerCommented:
Read carefully.. like I said before...
I'm working on it.   BE PATIENT.
 What verson of the Delphi compiler are you using?
0
 
systanAuthor Commented:
removed the  Application.MainFormOnTaskbar := True;, because of delphi7
0
 
briangochnauerCommented:
Try these files
ExeExplorer.zip
0
 
systanAuthor Commented:
no errors now during run time, but ill be patient to wait about the dll module used by the refering dll
0
 
briangochnauerCommented:
I don't understand "the dll module used by the refering dll".
The code allows the interogation of the DLL and EXE imports.
0
 
briangochnauerCommented:
Reviewing your jpg you uploaded I think you mean to say;
"DLL functions used by imported DLL"
more clearly;
DLL imports (dependencies) in listbox1 and imported functions for selected DLL (listbox1) in listbox2
Modules = DLL making "DLL module" redundant

 

ExeExplorer.zip
0
 
systanAuthor Commented:
error on that
if Assigned(cpe) then FreeAndNil(c_pe);?
0
 
systanAuthor Commented:
 //if Assigned(cpe) then FreeAndNil(c_pe);
I removed it, then run the program, pick some dlls, it says access violation.
0
 
systanAuthor Commented:
if Assigned(cpe) then FreeAndNil(cpe);
its ok now with that

but access violation when I click one of the dll listted in listbox2
0
 
systanAuthor Commented:
Actually I found the problem, it does not accept dlls

 procedure c_pe.analyze_imported_functions(p_dll_name: String; p_c_strings: tStrings;
        p_borland: String);
begin
...
...
 if not m_is_file_exe
          then begin
              display_pe('only for .EXE file');
              exit;
            end;


any idea to solve this?
0
 
briangochnauerCommented:
It that because what you're clicking on is 'no imports' in Listbox1?
 

ExeExplorer.zip
0
 
briangochnauerCommented:
"Actually I found the problem, it does not accept dlls"
Not true; I've already used this program to view EXE and DLLs, works fine.
0
 
briangochnauerCommented:
udpate to show interally loaded DLLs (running exe)

ExeExplorer.zip
0
 
systanAuthor Commented:
briangochnauer;
I test your .exe and it runs accepting .dlls, but if i compile my own .exe, it errors, no problem about that, i'll fix that some time.

the problem is when i click listbox1? it displays to the memo1 even the event is assigned to listbox2
cpe.analyze_imported_functions(ListBox1.Items[listbox1.ItemIndex],      listbox2.items,   '');
AND no functions displayed, instead it displays back the dlls.

Since we are having hardtime to debug some changes with Felix John COLIBRI code,
lets by pass it, put it away and pause.
I hope it's Ok for you.

Instead I have original code debugged and produces good result, but not excellent because the last dll picked-up is not displaying the functions, but the others are.

Here's the new code, please test the new code why the last dll is not showing functions.
I have also attact your form that I strech to see no functions listed around.

unit Unit1;

interface

uses
  Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
  Dialogs, structures, StdCtrls;

type 
  TForm1 = class(TForm) 
    Button1: TButton; 
    OpenDialog1: TOpenDialog;
    ListBox1: TListBox;
    ListBox2: TListBox;
    procedure Button1Click(Sender: TObject);
    procedure ListBox1Click(Sender: TObject);
  private 
    { Private declarations } 
  public 
    procedure ProcessFile; 
  end; 

var 
  Form1: TForm1; 
  h1,hmap:longint; 
  bptr:pointer; 
  gptr:pbyte; 
  ntsign:plongword; 
  doshd:PIMAGE_DOS_HEADER; 
  pehd:PIMAGE_FILE_HEADER; 
  peoptn:PIMAGE_OPTIONAL_HEADER; 
  sectionheads:array of PIMAGE_SECTION_HEADER; 
  offsetmem:longword; 
  idataphysicaladress:pbyte; 
  idata:PIMAGE_IMPORT_DESCRIPTOR; 
  modulename,functionname:pchar; 
  dptr:plongword; 
  ord:word; 
  pexpdir:PIMAGE_EXPORT_DIRECTORY; 
  pexpnames:pdword; 
  expfname:pchar;

  tst:TStringList;

implementation 

{$R *.DFM} 

procedure TForm1.Button1Click(Sender: TObject); 
begin
tst:=TStringList.Create;
listbox1.Clear;
listbox2.Clear;
processfile;
end; 

procedure TForm1.ProcessFile; 
var 
i,j:longint; 
begin

if opendialog1.Execute=false  then 
  exit
else 
h1:=fileopen(opendialog1.FileName,fmShareDenyNone or fmOpenRead);

hmap:=CreateFileMapping(h1,nil,PAGE_READONLY,0,0,nil); 
doshd:=PIMAGE_DOS_HEADER(mapviewoffile(hmap,FILE_MAP_READ,0,0,0));
bptr:=doshd;
gptr:=bptr;
inc(gptr,doshd.e_lfanew);
ntsign:=plongword(gptr);

if (ntsign^=IMAGE_NT_SIGNATURE) then
  begin

   gptr:=bptr;
   inc(gptr,doshd.e_lfanew+4);
   pehd:=PIMAGE_FILE_HEADER(gptr);

   gptr:=pbyte(pehd);
   inc(gptr,sizeof(IMAGE_FILE_HEADER));
   peoptn:=PIMAGE_OPTIONAL_HEADER(gptr);

   setlength(sectionheads,pehd.NumberOfSections);
   for i:=0 to pehd.NumberOfSections -1 do
    begin
     gptr:=pbyte(peoptn);
     inc(gptr,sizeof(IMAGE_OPTIONAL_HEADER)+i*sizeof(IMAGE_SECTION_HEADER));
     sectionheads[i]:=PIMAGE_SECTION_HEADER(gptr);
    end;

   if peoptn.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].Size=0 then 
    exit
   else
    begin 

     for i:=pehd.NumberOfSections-1 downto 0 do 
      begin 
       if peoptn.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress>=sectionheads[i].VirtualAddress then
        begin 
         offsetmem:=sectionheads[i].PointerToRawData-sectionheads[i].VirtualAddress; 
         break; 
        end; 
      end;

     gptr:=bptr; 
     inc(gptr,offsetmem+peoptn.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress); 
     idataphysicaladress:=gptr;
     i:=0;
     j:=0;

     while true do
      begin
       gptr:=idataphysicaladress;
       inc(gptr,i*sizeof(IMAGE_IMPORT_DESCRIPTOR));
       idata :=PIMAGE_IMPORT_DESCRIPTOR(gptr);
       if idata.Name = 0 then break;
       gptr:=bptr;
       inc(gptr,offsetmem+idata.Name);
       modulename:=pchar(gptr);

       if listbox1.Items.IndexOf(modulename)<0 then
       listbox1.Items.Add(modulename);


       while true do
        begin
         if (idata.FirstThunk + j*4)= 0 then break;
         gptr:=bptr;
         inc(gptr,offsetmem+idata.FirstThunk +j*4);
         dptr:=plongword(gptr);
         gptr:=bptr;
         inc(gptr,offsetmem+dptr^);
         if isbadcodeptr(gptr) then break;
         ord:=pword(gptr)^;
         inc(gptr,2);
         functionname:=pchar(gptr);
         if isbadcodeptr(functionname) then break;
         if functionname=nil then break;

         tst.Add(modulename+'='+functionname);

         inc(j); 
        end;


       inc(i);
      end;


    end; 
  end;

UnmapViewOfFile(bptr); 
closehandle(hmap); 
fileclose(h1); 
end; 

procedure TForm1.ListBox1Click(Sender: TObject);
var i:integer;
st, lt:string;
begin
listbox2.clear;
lt := listbox1.Items[listbox1.itemindex];
for i:= 0 to tst.Count-1 do
begin
if pos(lt, tst[i])> 0 then
begin
st:=copy(tst[i], length(lt)+2,255);
listbox2.Items.Add(st);
end;
end;
end;




end.

Open in new window

linkcomp.JPG
0
 
briangochnauerCommented:
Memo1 is just a 'log' window it is probably not very useful except to see what the code is doing interally. You could hide the Memo1
I'm not having a hard time with COLIBRI 's code.
No offence intended here;  but your code is a mess.
One big long procedure, no structure, no error checking.
I looked though COLIBRI 's code and there is a spot where he calculates the offset needed by using a 32-bit integer and letting it over-flow (CF) which is normally an error but is necessary in this instance. I could not figure out how/why .
Now you want to try and RE-Implement that in your code....
Iv'e been programming in Pascal since late 1987 and Delphi since version 1, I'm not interested in understanding that much about EXE formats when somebody has already done the work.
You're so close to being done using COLIBRI's and you want to start over?
I suggest you read COLIBRI's website ****Very Carefully and thourghly ****

ExeExplorer.zip
0
 
briangochnauerCommented:
"the event is assigned to listbox2"
the event is supposed to be assigned to listbox1, not listbox2
0
 
systanAuthor Commented:
briangochnauer;
Thank you for the effort, but the result is always negative.
Heres the output of the code, I attached it in an image.
I don't know how you test it.

I think this conversation is to long.
I decided not to use colibres code.
Why?
So many codes, crumbled, rambled, and most of all,  youve send different errors from colibres codes,
and the new attached file? codes are long but where only getting small.

Since I am the asker, please kindly support what I want;
Please continue to see my code in id: #33745764

Original code debugged and produces good result,  but not excellent because the last dll picked-up is not displaying the functions, but the others are.

I am just a newbie for a long time, sorry for that.
linkcomp.JPG
0
 
briangochnauerCommented:
Maybe you're running Win7 64-bit.
That is a problem, if you're trying to parse 32 and 64 bit DLLs.
The code I sent was for 32 bit.
0
 
systanAuthor Commented:
>>Maybe you're running Win7 64-bit.
No, Im not.
Im also running 32bit windows

As I see your image shown they are not the same, there must be wrong with the code your sending.

How could it be that there different.
linkcomp.JPG
0
 
briangochnauerCommented:
What mine is outputing is the list of functions imported when I clicked on Listbox1 (successfully).
Try the exe attached using the DLL attached and see what results you have.

Project11.exe
DelphiBand.dll
0
 
systanAuthor Commented:
I got it running shows fine ONLY in your DelphiBand.dll,   other dlls I have?  its not working.  Now the problem is not on my side, its in your side?
0
 
briangochnauerCommented:
send a DLL that doesn't work.
0
 
systanAuthor Commented:
ok, actually all the dlls I have doesn't work on your project11, but in yours, it work pretty much.
hide.dll
0
 
briangochnauerCommented:
Nice. maybe your whole system is infected. Blocked by my firewall.
Virus was detected in the content (virus_detected)
Content contained "Mal/Behav-136" virus

The virus was blocked and was not downloaded to your system. Details Virus: Mal/Behav-136; File: hide.dll; Sub File: No file name available; Vendor: Sophos, Plc.; Engine error code: 0x20040203; Engine version: 3.12.1; Pattern version: 4.58G.2031302.1346887699; Pattern date: 2010/09/23 16:23:00
0
 
systanAuthor Commented:
I'm using malwarebytes, bitdepender and no signs of virus.   Sophos? then its not a virus, I made that hide.dll, just a test with zWopenFile function uner ntdll.
0
 
briangochnauerCommented:
Sophos (british company); a very well know virus scanner, been around for many years.
Try something you didn't create.
0
 
systanAuthor Commented:
0
 
briangochnauerCommented:
That one loads but there is not imports or exports; does it get an error?
0
 
briangochnauerCommented:
Do you have one you didn't create but gets an error;
 when you either
1. click on listbox1
2. loading/opening
USING the Project11.exe I sent you?
0
 
systanAuthor Commented:
Ok, that one last, has imported modules
GrFinger.dll
0
 
systanAuthor Commented:
>>
Do you have one you didn't create but gets an error; YES ALL, including my created dll
when you either

1. click on listbox1
2. loading/opening

USING the Project11.exe I sent you? YES
0
 
briangochnauerCommented:
Update 6 Rewrite;
ExeExplorer.zip
Project11.exe
0
 
systanAuthor Commented:
briangochnauer;
You have now known that the dlls I've sent to you are not infected with a virus.

ExeExplorer.zip remains the same error.  "Access Violation"
The New Project11.exe has different form and is Ok getting every dlls,  and I don't know where did you get that code  and you ddn't attach it,  while you keep sending your old code along with the code from colibres site.

Anyway, I have solved my own code problem;
Errors that produces unsatisfied result,  and not excellent because the last dll picked-up is not displaying the functions, but the others are.

Now?  my small function code works excellent getting the right dll dependency and functions imported.
Even you called it "code is a mess."

Thanks for the effort, I don't really know wheres the big problem of the code your sending.  One thing I'm sure that the code your sending is complicated,  large code large problem.

I will accept your comments as a help, even though did not really get the exact codes that will run fine.

The important subject why closing this post because I already did answer my own code with a small clear function.


Thanks for the time
0
 
briangochnauerCommented:
The last ExeExplorer.zip contains *ALL* the files necessary to compile the project.
>>I don't know where did you get that code  and you ddn't attach it,
I tossed out ALL of COLIBRI's code and replaced it with GX_PEInfo.
This *very much* simplified the code needed.
If my Project11.exe works on every DLL; and you can't compile the source I gave you to work the same; then it is your compiler environment that is the problem.

Good luck with your new code. I'll try to avoid unproductive answers in the future.
 
0
 
systanAuthor Commented:
your New project11.exe has a different form that works,   the latest zip youve send along with the code and form design is different from your new project11.exe.    You keep sending old code but the code from your latest project11.exe that works was not really there for test.

anyway we dont really know wheres the big problem, i know its not from my compiler and if not from yours too.


Thank you for the time spending replys
I'm just a newbied spending time with different codes, please understand.
Without the error codes youve send I'll not react to make my own code that works now.

Thank you for that.
0
 
briangochnauerCommented:
Sorry about that zip issue;
I've posted the correct incase others following or find it useful.

ExeExplorer.zip
0
 
systanAuthor Commented:
Thanks, its all working now, do you really have to step a long conversation before you give the right one, your a trill.
See you at some other post.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.