Making dll functions names

Forum

Forum
Beginners
Making dll functions names

Making dll functions names

Pages: 12

I have dll file from which i need to get parameters it receive, i am thinking i would make the same dll file with the same functions names but instead of doing something it will just log parameters it receive, but i am having trouble writing c++ code. This is maybe closest i am near solution:

//VM.h
class IKlass {
public:
    virtual void destroy() = 0;
    virtual int do_stuff(int param) = 0;
    virtual void do_something_else(double f) = 0;
};

//VM.cpp
#include "VM.h"
#include <iostream>
#include <windows.h>

using namespace std;

class MyClass : public IKlass {
public:
    MyClass()
        : m_data(0)
    {
        cerr << "MyClass constructor\n";
    }

    ~MyClass()
    {
        cerr << "MyClass destructor\n";
    }

    void destroy()
    {
        delete this;
    }

    int do_stuff(int param)
    {
        m_data += param;
        return m_data;
    }

    void do_something_else(double f)
    {
        int intpart = static_cast<int>(f);
        m_data += intpart;
    }
private:
    int m_data;
};

extern "C" __declspec(dllexport) IKlass* __cdecl create_class(unsigned int pro)
{
    return new MyClass;
}

With the help of DLL export viewer i see some ~40 function and they all look similar to one of these:

public: bool __thiscall UserClient::DeleteAllKeys(char const *)
public: bool __thiscall UserInterface::IsHandshakeVerified(void)
public: char const * __thiscall UserInterface::GetVersion(void)
public: enum UserInterface::UserClientError_t __thiscall UserClient::Decrypt(unsigned char *,unsigned long &,enum UserInterface::MethodInfo,char const *,unsigned char const *,unsigned int)
public: long __thiscall UserClient::RemainingKeyExpiration(char const *)
public: static class UserClient * __cdecl UserClient::GetInstance(void)
public: void __thiscall UserClient::GetStoredAssetIds(class std::vector<char *,class std::allocator<char *> > &)

My question is how do i write c++ code to get functions names like these?

Last edited on

jonnin (11347)

you write a .h file for the functions in the dll file; that is almost always provided with a dll file, so check where you got it from to see if you already have it.

you may need to have some dllimport commands, similar to the exports you see. You will have to do a web search if you need to do that to get the syntax etc down.

Last edited on

Bojan 1 (12)

I will try to find that .h file but i don't have access right now to the file.
Does that .h file look like this:

#ifndef _DLLTUT_DLL_H_
#define _DLLTUT_DLL_H_

#if defined DLL_EXPORT
#define DECLDIR __declspec(dllexport)
#else
#define DECLDIR __declspec(dllimport)
#endif

extern "C"
{
	// Declare 2 functions
    DECLDIR int Add( int a, int b );
    DECLDIR void Function( void );
}

// End the inclusion guard
#endif

Do you know where i could find some example with all of this?
And also do i need to make it exact what i get from dll export or i could let's say instead of
public: char const * __thiscall UserInterface::GetVersion(void)
make it like this
UserInterface::GetVersion(void)
will it also work?

Last edited on

adam2016 (1529)

@jonnin

but you just do it manually either right?

for example link to the dll lib file,include the header and include the dll in the same folder as the executable,

and everything should run fine?

jonnin (11347)

right. Its possible to do some magic that lets you pull in code; many programs have 'hooks' that predefine what the third party code can look like, and once provided and made aware, the program pulls that functionality in. Most of that seems to be in xml these days, not actual binary compiled code. Notepadd++ for example

I don't know the details of such things. Ive really just done what you said above mostly -- linked in at compile time. I thought windows had a preferred way of doing the hooks, if I am remembering the words that might be what the com thing was all about (?).

If that is what you are trying to do, I don't have specifics on it. But it is possible; you are just not using the right words to get the search or help you need.

Last edited on

Bojan 1 (12)

@jonnin @adam2016 Can one of you point me in right direction how could i get parameters dll file receive, it could be some blog, tutorial, documentation, anything that i can see what i need to get parameters? Right now i don't have access to where i got .dll file so i don't know if there is .lib and header file alongside dll. If i have header and lib file alongside dll, with the help of hooks i will be able to get parameters dll file receive?

jonnin (11347)

if you have the header and lib you *have* the parameters. It looks just like any other function... something like

dllfunc(type param1, type2 param2); //you will HAVE this and can just use it like anything else.
The only difference is you can't see the function body as text/code.

Last edited on

Bojan 1 (12)

@jonnin Maybe i didn't express myself as i what i mean, by parameter i mean value function receive. Let's say i have this function in dll export, with just dll file, no header or lib:
public: enum UserInterface::UserClientError_t __thiscall UserClient::SetPrimaryService(unsigned int)
I am guessing SetPrimaryService method in UserClient class receive unsigned integer number, and i would like to know what that number is when this function is called from another program, I am thinking i could get that number or value and i think i could get that number or value by making another dll file with the same class and function names but they will only log what they receive to a file. If you know some other way to get values function receive, please don't be shy. I tried to make something but i could only get function names or class names. Also what is the purpose of
public: enum UserInterface::UserClientError_t __thiscall
?

Last edited on

jonnin (11347)

you want to see the value sent to a function by a different program?
It is not designed to work that way. A dll spawns a local instance of the code for each program using it, they can't talk to each other unless explicitly coded to do so. If they are code you have, you can modify it to do this using interprocess communications or a disk file or windows messages or something. It may be possible with hackery, but nothing legit that I know of can do it.

that line is information. Dll functions in code have some extra headers (calling convention type, import vs export, etc keywords) that tell the compiler what to do; its nonstandard c++ microsoftisms. If I read it right (I have been on unix for a while, and my microsoft is rusty) Its a public method of type enum belonging to class userinterface with inheritance that eventually leads you to function decrypt(stuff). I don't recall how much of that you would see in the code, and how much of it is explict info cooked up by the dll viewer program to try to clarify exactly what the thing is.

Last edited on

Bojan 1 (12)

@jonnin Yes, i want to see values sent by different program.
Will it work if i replace original dll file with a new dll that will log values to a file it receive in functions, and then replace original dll, so instead of program calling original dll it will call my dll, and i will hopefully get values in log file?
If i understand you correctly, i can't have 2 programs using same dll file and talk to each other, i am not planning that, i will only have one program run dll, the program dll came from.

jonnin (11347)

It sounds like it would work, yes.

Bojan 1 (12)

@jonnin Do you know where i can find some example how the code should look to get this kind of function names?

How is this
public: enum UserInterface::UserClientError_t __thiscall UserClient::SetPrimaryService(unsigned int)
function called from from another program, is it just the function SetPrimaryService with value or UserClient::SetPrimaryService with value or some other way, is there any importance in:public: enum UserInterface::UserClientError_t __thiscall when i call function names?

jonnin (11347)

https://msdn.microsoft.com/en-us/library/ms235636.aspx

You are confusing the output from your tool with what code looks like. That mess isn't code.

Last edited on

Bojan 1 (12)

@jonnin I know this isn't a code what i am getting, but this should be the name of class(UserClient) and function name (SetPrimaryService) in this
UserClient::SetPrimaryService
right?
If this is correct, how is SetPrimaryService function called from another program, so i know how dll code should look, i am guessing this function is called by UserClient::SetPrimaryService(), right?
If not how would i call this function from another program?

Bojan 1 (12)

It looks like i made a mistake. In dll export 'undecorate c++ function names' was checked that's why the function names were like this, so instead of this:

public: bool __thiscall UserClient::DeleteAllKeys(char const *)
public: bool __thiscall UserInterface::IsHandshakeVerified(void)
public: char const * __thiscall UserInterface::GetVersion(void)
public: enum UserInterface::UserClientError_t __thiscall UserClient::Decrypt(unsigned char *,unsigned long &,enum UserInterface::MethodInfo,char const *,unsigned char const *,unsigned int)
public: long __thiscall UserClient::RemainingKeyExpiration(char const *)
public: static class UserClient * __cdecl UserClient::GetInstance(void)
public: void __thiscall UserClient::GetStoredAssetIds(class std::vector<char *,class std::allocator<char *> > &)

i like this:

?DeleteAllKeys@UserClient@@QAE_NPBD@Z
?IsHandshakeVerified@UserInterface@@QAE_NXZ
?GetVersion@UserInterface@@QAEPBDXZ
?Decrypt@UserClient@@QAE?AW4UserClientError_t@UserInterface@@PAEAAKW4MethodInfo@3@PBDPBEI@Z
?RemainingKeyExpiration@UserClient@@QAEJPBD@Z
?GetInstance@UserClient@@SAPAV1@XZ
?GetStoredAssetIds@UserClient@@QAEXAAV?$vector@PADV?$allocator@PAD@std@@@std@@@Z

for now i have this

// MathLibrary.h - Contains declaration of Function class  
#pragma once  

#ifdef MATHLIBRARY_EXPORTS  
#define MATHLIBRARY_API __declspec(dllexport)   
#else  
#define MATHLIBRARY_API __declspec(dllimport)   
#endif  




namespace MathLibrary  
{  
    // This class is exported from the MathLibrary.dll  
    class UserClient  
    {  
    public:  
        // Returns a + b  
        //static MATHLIBRARY_API double Add(double a, double b);  

        // Returns a * b  
        static MATHLIBRARY_API double ResetStream(unsigned int a);  

        // Returns a + (a * b)  
        static MATHLIBRARY_API double RetrieveAMM(char const a);  
    };  
}

and in MathLibrary.cpp:

#define BUILD_DLL
#include "MathLibrary.h"  

namespace MathLibrary  
{  
    double UserClient::ResetStream(unsigned int a)  
    {  
        return 852.2514554;  
    }  

    double UserClient::RetrieveAMM(char const a)  
    {  
        return 5.62511;  
    }  
}

with this commands i get dll:

[/code]g++ -c -DSMPInfrastructureDemoCPP3_DLL_EXPORTS Mathlibrary.cpp
g++ -shared -o MathLibrary.dll Mathlibrary.o -Wl,--out-implib,libexample_dll.a
[/code]

with this code i get this in dll export with undecorate c++ function unchecked:

1
2

_ZN11MathLibrary10UserClient11ResetStreamEj
_ZN11MathLibrary10UserClient11RetrieveAMMEc

Or if i don't use namespace MathLibrary i get:

1
2

_ZN10UserClient11ResetStreamEj
_ZN10UserClient11RetrieveAMMEc

I know i am missing something but i don't know what?
Every advice is helpful.

jonnin (11347)

Not sure. I don't normally see a dll file in the compile and link phase, that seems odd. Should be using a lib, or .o or .so or something for g++. It could be right though, I haven't messed with this in quite a while.

I feel like I am missing something you are doing that is the issue but I don't see it from what you have provided so far.

are there any kernels of wisdom in here? Even if using another g++ the approach should be close...
https://cygwin.com/cygwin-ug-net/dll.html

Last edited on

Bojan 1 (12)

I tried with this from cygwin but i get the same output and for last 4-5 days i tried everything i could think about, but no luck.

Ok, let's start from the beginning, if i have this in dll export
?DeleteAllKeys@UserClient@@QAE_NPBD@Z
and if i undecorate this function i get
public: bool __thiscall UserClient::DeleteAllKeys(char const *)
and this works when i try to run it with cmd like:
rundll32 WM.dll,?DeleteAllKeys@UserClient@@QAE_NPBD@Z
i don't get missing entry like i would with wrong frunction names, i get 'just rundll32 just stopped working', and that's probably because of wrong parameters. I am looking how the c++ code should look so when i enter in cmd :
rundll32 test_my_dll.dll,?DeleteAllKeys@UserClient@@QAE_NPBD@Z
i don't get "missing entry:..." .
I know i am missing something but i don't have a idea what exactly.

EDIT:It seems like the problem is in GCC, I installed MSVC++ and it seems for now that it could be done

Last edited on

Bojan 1 (12)

I made it look alike in MSVC++, but i am having a few problem to look exactly.
This is working part of my code, this is header.h:

///.H
#pragma once
#ifndef __MYCLASS_H
#define __MYCLASS_H

#pragma once  

#ifdef MATHLIBRARY_EXPORTS  
#define MATHLIBRARY_API __declspec(dllexport)   
#else  
#define MATHLIBRARY_API __declspec(dllimport)   
#endif  


#include <iostream>
#include <vector>

namespace namespaced {

	using namespace std;

	enum ClientError { HIDController = 1, UVCController = 2 };

	class Client {
	private:
		ClientError _controller;
	public:
		Client();
		~Client();
		ClientError MATHLIBRARY_API SetCallbackClass(class Callbacks * scc);

	};
};
#endif

and cpp:

#include "Header.h"

namespace namespaced {
	ClientError Client::SetCallbackClass(class Callbacks * scc) {
		return _controller;
	}
}

tthis is what i get when compile dll file
demangled function name is:

public: enum namespaced::ClientError __thiscall namespaced::Client::SetCallbackClass(class namespaced::Callbacks *)

and mangled:
?SetCallbackClass@Client@namespaced@@QAE?AW4ClientError@2@PAVCallbacks@2@@Z

but this is what i need, unmangled function name:
public: enum namespace::ClientError __thiscall Client::SetCallbackClass(class Callbacks *)

and mangled:
?SetCallbackClass@Client@@QAE?AW4ClientError_t@namespaced@@PAVCallbacks@@@Z

So basically i need to get rid of namespaced before class names(callbacks and Client)

Second problem i have is,i get warning "

Warning	C4273	'namespaced::Client::SetCallbackClass': inconsistent dll linkage	testingdll

What does this mean? I also get "is not a valid win32 application when i compile dll" i am guessing that is because of this warning?

And third problem i have is writing this:
public: static class Client * __cdecl Client::GetInstance(void)

i managed to make it look like this

public: static class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > __cdecl namespaced::Client::GetInstance(void)

So basically i need 'Client' instead of "std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >"
This i part of code i am using this is in header file-class Client:

static string MATHLIBRARY_API GetInstance();
and in cpp:

1
2
3

string Client::GetInstance() {
		return "anytext";
	}

I think i need to replace string with class, but i don't know what i need to return?

Any help is appreciate.

Last edited on

jonnin (11347)

it is really hard to visually spot this kind of problem :(

__cdecl <--- this says to use C style binary names, that is, it removes the mangling. it really should be on everything being exported. You don't have to, but its a lot easier if you do.

it seems to me you have missed putting this on something, but I don't know exactly what as I am a bit rusty with this stuff. I want to help but am not sure that I can offer much more at this point. Try direct searches for *everything* you want to expose in the library --- if you want to expose an enum, google 'dll export enum' or a class, or whatever, see if you spot something that is off.

Last edited on

Bojan 1 (12)

@jonnin I solved two problems, the only remaining is is when i compile i get "...is not a valid Win32 application" and that warning i get "inconsistent dll linkage" but if you say thats because i use mangled function names (not using extern c), than i can't do anything about that as i need mangled function names.

Do you know how i would implement this dll in another c++ program just to see if everything works fine(does that error mean something) or in python that would also work? I know i could run it in CMD with command: "rundll32 test.dll,?SetCallbackClass@Client@namespaced@@QAE?AW4ClientError@2@PAVCallbacks@2@@Z" but when i run it this way i get"rundll32 has stopped working" and as i have class in dll, i suppose i should first create object but i can't find any example?

Pages: 12