1 Attachment(s)
[VB6] Calling a function in an injected DLL
Greetings,
I'm currently building a litle project for my computer sience class. This project consists of a Dll injector + the injected dll .I've choosen vb6 for the injector and masm32 for the dll, because I've started C/C++ a few moths ago and still have problems with the pointers stuff :sick:. But anyway the Dll is pretty easy to make. The probleme is about the injector.
I've successfuly implemented the code that injects/uninjects the dll. I'm currently having troubles with calling, from the local process (injector) but in the target process memory space, a function exported in the injected dll. I've tried to do that based on some code snippets from different forums, as you can see in "CallFunction" (see attachement), but its just not working. Sometimes it crashes (even the built .exe) with a "memory can't be read exception", or it just returns -1
I've put the whole project in the zip along with the dll so you can examine it.
Thank you.
ps : this is my first post so I don't now if my presentation is good enough .:)
Re: [VB6] Calling a function in an injected DLL
I am confused! Are you saying you can't reference the dll in the project?
Re: [VB6] Calling a function in an injected DLL
Quote:
Originally Posted by
Nightwalker83
I am confused! Are you saying you can't reference the dll in the project?
Hi :wave:,
First of all, thank you for your response , and sorry for my late post.
I think that I've not been so clear :). What I've meant is that I'm actually injecting this Dll into another process, but I need a way of calling an exported function from this injected Dll, as if it was the other process that is calling the function.
I don't actually need to reference the Dll in my project, and anyway I can't do that because it's not an "ActiveX" Dll, it's just an ordinary Dll built using MASM32.
I hope I've been clear enough.
Cordially.
Re: [VB6] Calling a function in an injected DLL
Calling a DLL without declaring the exported function is a bit difficult in VB6. And since that function will be in another process; even more so.
Here's one idea
1) Have your DLL, once injected, create a simple hidden window
2) That DLL will then subclass that window
3) Your VB6 app can use SendMessage to that window to communicate with the injected DLL
Now if your injected DLL is already monitoring some other window or is a process hook, you can send custom messages to that window that your DLL would intercept & not forward, but process
Re: [VB6] Calling a function in an injected DLL
Quote:
Originally Posted by
LaVolpe
Calling a DLL without declaring the exported function is a bit difficult in VB6. And since that function will be in another process; even more so.
Here's one idea
1) Have your DLL, once injected, create a simple hidden window
2) That DLL will then subclass that window
3) Your VB6 app can use SendMessage to that window to communicate with the injected DLL
Now if your injected DLL is already monitoring some other window or is a process hook, you can send custom messages to that window that your DLL would intercept & not forward, but process
Hi,
Thank you for responding.
Your idea is pretty good, but I've faced 2 issues with this way :
1) I've heard that doing heavy tasks in the DllMain (such as creating a window) is not recommended (by Microsoft as well as other programmers on forums). I've also heard that the code in the DllMain is not guaranteed to be fully executed. That would be a probleme in the case of creating a window. Please see this.
2) How can I retreive the return value of a sent message from Vb6. Ex: from VB6, I send my user-message PM_FUNC1 wish calls "function1", then I want to retreive the returned value of that function from VB6, how can I do that ?
The good point is that subclassing is quite easy in MASM32 (at least for me ^^).
I was also wondering if you could view my code (1st Post), so you can help me finding the wrong stuff. I've also implemented a logger in that code.
I'll try to find a way out with your idea while waiting for your response.
Cordially.
ps: sorry for the late response, I was at school.