|
|
| It is currently Thu Jun 20, 2013 6:29 am |
|
All times are UTC |
Moderator: Moderators
  |
Page 2 of 2 |
[ 21 posts ] | Go to page Previous 1, 2 |
| Print view | Previous topic | Next topic |
| Author | Message |
|---|---|
|
Moderator
Joined: Tue Oct 23, 2007 10:05 am Posts: 387 Location: 127.0.0.1 
|
 Re: Linked Code in external FileQuote: dll have some part where the names of functions listed This is known as the export list. Quote: after that you have to get the address of that functions and base address What do you mean by this? In a process, you have a linear virtual memory model into which the library is loaded. Quote: all functions' declarations have to be written in alphabetic way Why? Function names are arbitrary lengths. If you are not using a sparse method for storing names then alphabetic naming doesnt help serching at all. If you are using a sparse method then you are most likely wasting a lot of space. Quote: end of function is declared via 0xC3 No. 0xC3 is the binary for the ret instruction. There is no gurentee that there will be a single ret instruction per function. For example Code: void myFunction(int arg) { if(arg == 0) return; //Some really really long function return; } This example will most likely have two ret instructions in it. On the other hand, there is no gurantee that a function will have any ret instruction. for example Code: pop ebp mov eax,[esp] jmp eax That results in a function returning properly (albeit trashing the return value, but that doesnt matter for void functions) Sorry to pick and point but it is a good habbit to be accurate  ~Andrew _________________ 
|
| Thu Nov 12, 2009 9:57 pm |
   |
|
|
 Joined: Sun Feb 15, 2009 8:49 pm Posts: 30 Location: Kyiv, Ukraine
|
Re: Linked Code in external File Quote: No. 0xC3 is the binary for the ret instruction. There is no gurentee that there will be a single ret instruction per function. try on read it hex redactor... anyway, have your function one or more ret instructions. this will looks like that: B8 A0 C3 D9 E4 11 23 4F 3D 6A BB 7D 1A 2D 3E 49 8D E2 FE FA A0 20 3E 1C 5E 6A C3 CC CC CC CC CC See, after C3 meets just one time if you write in C(C++) and after that go CC's. Daniel. _________________ Thinking of great - thinking of little, thinking of little - thinking of great. |
| Fri Nov 13, 2009 2:48 pm |
|
|
|
|
Joined: Sun Feb 15, 2009 8:49 pm Posts: 30 Location: Kyiv, Ukraine
|
Re: Linked Code in external File So, there is one way more:
look for binary 0xCC... but if function length is exactly 0x20 (or 0x40, 0x60, etc.) so there will no any 0xCC, but 0xC3 will be anyway. _________________ Thinking of great - thinking of little, thinking of little - thinking of great. |
| Fri Nov 13, 2009 2:50 pm |
|
|
|
|
Moderator
Joined: Tue Oct 23, 2007 10:05 am Posts: 387 Location: 127.0.0.1
|
Re: Linked Code in external File Quote: So, there is one way more: look for binary 0xCC... but if function length is exactly 0x20 (or 0x40, 0x60, etc.) so there will no any 0xCC, but 0xC3 will be anyway. This is only if the methods are aligned on paragraph boundaries. The layout of them is highly compiler dependent which means using it as a defintive test is a poor idea. Either way, none of this explains why you want to find the end of the function. All you need is the entry address and then you call it. why does it matter where the function ends? ~Andrew _________________
|
| Sat Nov 14, 2009 4:38 am |
|
|
|
|
Joined: Sun Jan 24, 2010 2:20 pm Posts: 23
|
Re: Linked Code in external File erazzzor, ich kann ein bißchen Deutsch.
 Wenn du ein Problem mit Englisch haben, sendest mir ein PM. Mein Deutsch ist vermutlich nicht genug für komplizierte programmierung Themen, jedoch glaube ich wir können die Sprachbarriere überwunden. Es tut mir leid wenn mein Grammatik ist schlecht!  |
| Mon Feb 01, 2010 9:37 pm |
|
|
|
|
Joined: Mon Aug 23, 2010 10:17 am Posts: 2
|
Re: Linked Code in external File hey what kind of linked code in external file
please tell me about it i just faced so many problems for it ___________________________________ "Want to get-on Google's first page and loads of traffic to your website? Hire a SEO Specialist from Ocean Groups seo pecialist " |
| Mon Aug 23, 2010 10:32 am |
|
|
|
Page 2 of 2 |
[ 21 posts ] | Go to page Previous 1, 2 |
Who is online |
Users browsing this forum: No registered users and 1 guest |
| You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot post attachments in this forum |