Security Unplugged !!!: Windows System Programming: Grabbing Address of required Windows API from a DLL

Saturday, August 30, 2014

Windows System Programming: Grabbing Address of required Windows API from a DLL

Any program on Windows needs two API's to get all the imports in an executable.
LoadLibraryA
GetProcAddress

LoadLibraryA Takes DLL name as argument and returns handle to DLL. GetProcAddress Takes DLL handle and function name as arguments and returns address of the interested function.

#include"windows.h"

int main(int argc, char *argv[])
{
     HINSTANCE handle;
     LPWSTR procAddr;

     //handle=LoadLibrary(TEXT("C:\\WINDOWS\\system32\\kernel32.dll"));
     handle = LoadLibrary(argv[1]);    
     if(handle != NULL) {
         procAddr = (LPWSTR)GetProcAddress(handle,argv[2]);
         if(procAddr != NULL) {
             printf("In %s API \"%s\" is located at %#x\n",
                    argv[1], argv[2], procAddr);
         } else {
             printf("Address not found\n");
         }
     } else {
       printf("NULL handle");
     }
     
     //Free DLL Module
     FreeLibrary(handle);
     return 0;
}

Above program is compiled to ll_gp.exe and takes 2 arguments. To build and compile binary using Dev-C++ press F9 key.

Usage:
ll_gp.exe dll_name api_name

For Windows Programming below link can be used as reference

http://www.winprog.org/tutorial/

Security Unplugged !!!

Saturday, August 30, 2014

Windows System Programming: Grabbing Address of required Windows API from a DLL

No comments:

Post a Comment