逆向分析

DLL基础(2) 参数传递

//msgbox_arg.cpp #include<windows.h> extern "C" _declspec(dllexport) void __cdecl msgbox(HWND hwnd,HINSTANCE hinst, LPSTR lpszCmdLine,int nCmdShow); void msgbox(HWND hwnd,HINSTANCE hinst, LPSTR lpszCmdLine,int nCmdShow) { MessageBox(NULL,lpszCmdLine,"test",MB_OK); } //rundll32.exe msgbox_arg.dll,msgbox 123

DLL入口(DllMain entry point)

DllMain原型

BOOL WINAPI DllMain( _In_ HINSTANCE hinstDLL, _In_ DWORD fdwReason, _In_ LPVOID lpvReserved );

运行时动态链接(Run-Time Dynamic Linking)

创建sum的dll release项目 //sum.cpp extern "C" int __declspec(dllexport)add(int x, int y); int add(int x, int y) { return x + y; } 创建win32 Console项目，加载sum.dll //sum2.cpp //把sum.dll复制到该项目下 #include <stdio.h> #include <stdlib.h> #include <windows.h> typedef int(*lpAddFunc)(int,int); //宏定义函数指针类型 int main(int argc, char *argv[]) { HINSTANCE hDll; //DLL 句柄 lpAddFunc addFunc; //函数指针 hDll = LoadLibrary("sum.dll"); if(hDll != NULL) { addFunc = (lpAddFunc)GetProcAddress(hDll,"add"); if(addFunc != NULL) { int result = addFunc(2,3); printf("%d\n", result); system("pause"); } } FreeLibrary(hDll); return 0; }

dll静态调用

创建win32 Console项目

//static.cpp //复制 sum.dll sum.lib 到本项目下 #include<stdio.h> #include<stdlib.h> #pragma comment(lib,"sum.lib") //.lib 文件中仅仅是关于其对应 DLL 文件中函数的重定位信息 extern "C" __declspec(dllimport) add(int x, int y); int main(int argc, char* argv[]) { int result = add(2,3); printf("%d\n",result); system("pause"); return 0; }

参考

Microsoft dllmain : https://docs.microsoft.com/en-us/windows/win32/dlls/dllmain 参考