0

I have the following 2 files:

RPM.dll

#include "stdafx.h"
#include <windows.h>
#include <iostream>
#include <stdio.h>

char name[70];
HINSTANCE hInst; 
DWORD DLLFunc,DLLFunc2;
HWND hWnd;

extern "C" __declspec(dllexport) void myRPM(HANDLE hProcess,LPCVOID lpBaseAddress,LPVOID lpBuffer,SIZE_T nSize,SIZE_T *lpNumberOfBytesRead)
{

__asm
{
mov edi, edi
push ebp
mov ebp, esp
jmp [DLLFunc]
}
}

extern "C" __declspec(dllexport) BOOL WINAPI __stdcall myPM(HWND hWnd, UINT Msg, WPARAM wParam, LPARAM lParam)
{

__asm
{
mov edi, edi
push ebp
mov ebp, esp
jmp [DLLFunc2]
}
}



BOOL APIENTRY DllMain (HINSTANCE hInst     /* Library instance handle. */ ,
                       DWORD reason        /* Reason this function is being called. */ ,
                       LPVOID reserved     /* Not used. */ )
{
    switch (reason)
    {
      case DLL_PROCESS_ATTACH:
        {
        if (DLLFunc == NULL) {
        hInst = LoadLibrary((LPCWSTR)"kernel32.dll");
        DLLFunc = (DWORD)GetProcAddress(hInst, "ReadProcessMemory") + 5; 
        }
		if (DLLFunc2 == NULL){
        hInst = LoadLibrary((LPCWSTR)"user32.dll");
        DLLFunc = (DWORD)GetProcAddress(hInst, "PostMessageA") + 5;
		}

        }
        break;


      case DLL_PROCESS_DETACH:
        {
        if (hInst != NULL) {
        // Un-Load DLL
        ::FreeLibrary(hInst);
        hInst = NULL;
        } 
        }
        break;

      case DLL_THREAD_ATTACH:
        {
        if (DLLFunc == NULL) {
        hInst = LoadLibrary((LPCWSTR)"kernel32.dll");
        DLLFunc = (DWORD)GetProcAddress(hInst, "ReadProcessMemory") + 5; 
        }
		if (DLLFunc2 == NULL){
        hInst = LoadLibrary((LPCWSTR)"user32.dll");
        DLLFunc = (DWORD)GetProcAddress(hInst, "PostMessageA") + 5;


        }
        break;

      case DLL_THREAD_DETACH:
        {
        if (hInst != NULL) {
        // Un-Load DLL
        ::FreeLibrary(hInst);
        hInst = NULL;
        } 
        }
        break;
    }

    /* Returns TRUE on success, FALSE on failure */
    return TRUE;
}
}

and the main app:

#include <windows.h>
  #include <iostream.h>
  #include <stdio.h>
  #include <conio.h>
  typedef void (*pfunc2)(HANDLE,LPCVOID,LPVOID,SIZE_T,SIZE_T);
  typedef BOOL WINAPI __stdcall (*pfunc3)(HWND,UINT,WPARAM,LPARAM);
  pfunc2 RPM;
  pfunc3 PM;
int main()
	{	
HINSTANCE hLib = LoadLibrary("RPM.dll");
  if(hLib==NULL)
	{
	cout << "Error! Can't open dll!";
	getch();
	return 1;}
	
	char dllpath[70],dllpath2[70];
	GetModuleFileName((HMODULE)hLib,(LPTSTR)dllpath,70);

	cout << "Dll loaded:" <<"\n"<< dllpath<<"\n"<< endl;
	RPM = (pfunc2)GetProcAddress((HMODULE)hLib, "myRPM");
	PM = (pfunc3)GetProcAddress((HMODULE)hLib, "myPM");

	if(RPM==NULL || PM==NULL)
    {
	cout << "Critical error! Can't load functions !" << endl;
	FreeLibrary((HMODULE)hLib);
	getch();
	return 1;}
	
	FreeLibrary((HMODULE)hLib);
	getch();
	return 0;
      }

Dll is compiled using Microsoft Visual Studio 2008 and main app with Dev-Cpp.

The problem is that PM is always NULL whatever i do!
I don't have much experience with hooking functions and ASM so any help would be appreciated greatly !
Any ideas?

2
Contributors
1
Reply
4
Views
5 Years
Discussion Span
Last Post by raptr_dflo
0

"myPM" is returning something to do with DLLFunc2 (at line31), but lines 51 and 76 are assigning DLLFunc (again) instead of DLLFunc2.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.