Most of us are already aware that PPC and smartphone edition are similar enough to be mostly compatible in their apps across the platforms.
That is, with enough coaxing and the help of input simulators like SPHelper, I've managed to run almost any Pocket PC app on a smartphone device.
Well, until now.
I've officialy run into my first brick wall of sorts, and I'm hoping someone here can shed some light onto the situation.
Since the MS implementation of A2DP has quality issues, I'm trying to run MSI Blueplayer app ( found at http://cweb.msi.com.tw/program/support/download/dld/spt_dld_detail.php?UID=619&kind=8) on a smartphone.
Analyzing the cab, I extracted 4 .dll's that go in the \windows dir (msibtstk.dll, msibtapi.dll, CHS.dll and TW.dll), and two .exe program files that go in program files\msi\blueplayer (STLoader.exe, and MPOBCE.exe).
Now, normally its as simple as running the .exe, at least it always has been in the past.
However, every time I hit MPOBCE.exe, all I get is:
"Alert
Can't find MPOBCE or one of its components. Make sure the path and filename are correct and that all the required libraries are available."
Just to control this experiment, I copied the exact same files over to a PPC device and ran it to find that it DOES work.
Now, I've never encountered PPC specific code before- in fact, I didn't even know such a thing was possible. Has anyone see/heard of this sort of thing before?
Can someone help me take this apart and find out what makes it work on a PPC only? Perhaps a PPC-specific path (if there is such a thing)?
At this point, as much as I'd like to get this working, I'm just as much intellectually curious as to what would cause a program to only operate on a PPC installation.
Hello Dishe.
Your problem is simple: Certain DLLs that come built in Pocket PC version of windows mobile do not exist in the Smartphone version. An example is MFC DLLs.
What you need to do is get hold of 'dependency walker' which is a neat little app that MS incorporated in to VS 6 (though I understand it was written by an independent developer and should be available separately).
It will show you exactly which DLL files each exe is linked to. You then have to get a good copy (from a ROM dump) of the needed DLL and put it in windows directory.
Hope this helps.
That's a great idea. Thanks! I never heard of the dependency walker before, but it sounds like a perfect tool for this. I'll have to check it out on my office computer (I don't have VS 6 at home).
I wont be back in my office until wed., so if anyone had a bit of spare time, I'll attach the files here for someone to examine.
If anyone wants to look into it and tell me what dll's are required, I can get ahold of them from a healthy Pocket PC image.
Thanks!
This zip file has the two .exe's contained in the installation. I think only mpobce.exe is complaining about missing components, though.
Oops, apparently I should have checked first...
Dependency Walker is a free app. I downloaded it and tried it out.
It lists a bunch of .dll's, most of which I had on smartphone.
However, the two missing ones are:
mfcce300.dll
olece300.dll
Now, I'm not exactly sure what these do, so I need to look into it some more. Does anyone have any clue what these are for? If I copy them from a Pocket PC, will they operate on a smartphone?
Hi Dishe.
I guess I should have been more clear: Dependency Walker was written as freeware by an independent developer, but M$ liked it so much they decided to grab it for VS.
Any way, mfcce300.dll is MFC version for PPC (if you are not familiar with MFC, it's a collection of "ready code" that simplifies writing apps in c++)
It comes built in for PPCs but not for smartphones for some reason. If you have a good dump check that DLL with dep. walker as well, I am pretty sure it is linked to a few others.
olece300.dll - is a COM support dll. I won't even go there because I really hate COM (that's Component Object Model, not com port) and I am really not sure my self what the DLL does.
If you do get a good version of those two you should be able to get the app running.
levenum said:
Hi Dishe.
I guess I should have been more clear: Dependency Walker was written as freeware by an independent developer, but M$ liked it so much they decided to grab it for VS.
Any way, mfcce300.dll is MFC version for PPC (if you are not familiar with MFC, it's a collection of "ready code" that simplifies writing apps in c++)
It comes built in for PPCs but not for smartphones for some reason. If you have a good dump check that DLL with dep. walker as well, I am pretty sure it is linked to a few others.
olece300.dll - is a COM support dll. I won't even go there because I really hate COM (that's Component Object Model, not com port) and I am really not sure my self what the DLL does.
If you do get a good version of those two you should be able to get the app running.
Click to expand...
Click to collapse
Thanks for the help, I'm realizing there's a lot more to this I should have known before embarking on such a task. I've never had such a problem doing this before, I guess MFC isn't so popular!
Anyway, I need a good ROM dump, I haven't been able to aquire one. In the mean time I tried some files I found searching google... didn't expect it to work, but tried it anyway. Still complained of missing files- you're right, I'll bet MFC is calling more dll's as well that I need.
Perhaps there's hope...
You were right... I just needed more .dlls!
I found a whole series of .dlls required by mfcce300.dll that my smartphone was missing, so I put them all in the program directory and it opened!
Problem is, its not so stable... the files were pulled from a ce.net-4.1 set of files since I don't have access to a wm5 rom image.
One more thong I should have thought about earlier:
Some COM dlls, maybe even olece300.dll have a function called DllRegisterServer that writes them to registry as COM provider (under HKCR\CLSID).
Check to see if I am right using Dep. Walker and if so try to get regsvr32.exe or something similar for the PPC. (On a PC you use regsvr32 somedll.dll to register a COM server)
This may help with stability issue.
Related
Hi,
Can someone assist me with how i might go about decompiling or viewing a dll, making changes to it and recompiling it? What tools can i use to do this?
I have tried copying some of the dlls from my device over to my local pc, however most of the time i get an "access violation" message.
Further, i realize i can use idlasm to disassemble .net files, but it seems most of the more interesting dlls and files may be standard c dlls. How can i take a look at the code in these and modify if wanted?
thanks much.
farseer: what level of experience do you have?
V
I'd like to think i am decent developer, but that may be in my own mind
However, i do not do a lot of "hacking", i.e., have not had the need to do much reverse engineering. I have been coding ground up apps for over 10 years however, uisng C++, Java, C#, VB, etc. You name the language, and i've probably done something in it .
vijay555 said:
farseer: what level of experience do you have?
V
Click to expand...
Click to collapse
was that the wrong answer?
farseer said:
I'd like to think i am decent developer, but that may be in my own mind
However, i do not do a lot of "hacking", i.e., have not had the need to do much reverse engineering. I have been coding ground up apps for over 10 years however, uisng C++, Java, C#, VB, etc. You name the language, and i've probably done something in it .
vijay555 said:
farseer: what level of experience do you have?
V
Click to expand...
Click to collapse
Click to expand...
Click to collapse
The correct answer should be "I know ARM assembler language, the structure of Win32 PE files, I know what is XIP DLL and why I cannot modify them directly, and I have read the WM5 source code".
In this case the process is simple - you decompile a DLL with IDA (www.datarescue.com), find the place you need, modify the code to suit your needs - and that is all. In most cases there is not enough place in DLL for your code, so you need to use virus-like techniques, my prefered method is to patch the code so that it loads my DLL and run it instead of original code. Or use some other hooking methods so that my code is executed instead of original.
Ah, thanks much, this was helpful. I do have a few follow up questions:
1. Is "Arm assembler" different than standard assembler? If so, any suggested readings?
2. There are some dlls that cannot be copied to my local pc (i get an access violation i believe). How does one extract an image of such dlls?
3. Where is the WM5 source code? and why would i need to read this to be able to hack/patch dlls?
thanks again.
mamaich said:
The correct answer should be "I know ARM assembler language, the structure of Win32 PE files, I know what is XIP DLL and why I cannot modify them directly, and I have read the WM5 source code".
In this case the process is simple - you decompile a DLL with IDA (www.datarescue.com), find the place you need, modify the code to suit your needs - and that is all. In most cases there is not enough place in DLL for your code, so you need to use virus-like techniques, my prefered method is to patch the code so that it loads my DLL and run it instead of original code. Or use some other hooking methods so that my code is executed instead of original.
Click to expand...
Click to collapse
Hi farseer!
I am nowhere near the level of mamaich or vijay555 but I have some experience in this and I believe I can give you some basic answers:
1. ARM is a different architecture then x86 processors and the assembler is different to accommodate it. There are some basic similarities like mov add and such, but even the registers are different (R0 - R15 if I am not mistaken). Sorry, I don't know any books on it, but if you google you will quickly find the list of commands with basic explanation.
2. Since the OS is in ROM you can't just copy and paste it's DLLs and EXEs. Look for ROM dumping tools on this forum, or already extracted images on the ftp. Keep in mind MS did some tricks to save memory and make it harder to get at the files, so like mamaich said, you need to learn about XIP and the ROM structure in general to understand whats going on.
3. Hmm... MS does have a program for sharing most of WM source code, but it's not for common people like us. (check out their site to see what I mean) I suspect there are other sources of getting the parts necessary to understand DLL hooking, but I have no idea what they might be.
Well that's my two cents until an expert can answer you. Hope this helps.
farseer: you gave a perfectly good answer IMHO, just needed to get an idea of what level to pitch a response without talking up or down to you!
It's well documented that I'm a self confessed newb to c++, and would say that your programming skills should certainly hold you in good stead. However, having a good knowledge of the Win32 API is certainly beneficial.
For decompiling, basically IDA. There is an IDA demo available on their website that should get you going, it's pretty much 100% functional other then it won't save, and closes itself (or crashes itself) after a reasonable, random period of time. IDA is "the daddy" for pretty much all mainstream reversing, although you could write your own decompiler/debugger.
Recompiling - that's a toughy. IDA won't permit recompiling on ARM AFAIK.
You'll have to hexedit into the target and patch directly. Otherwise you get into the exciting world of code injection, hooking etc, as Mamaich says.
For that area, read everything he's ever written, before you start reversing
Oh, and a helpful hint to all. Don't just read what Mamaich's written on this board, his posts on other boards are even more useful!
It's worth getting a good familiarity with reversing on x86 first, get used to how IDA works etc (and Soft Ice is very useful to give a good insight into x86, although AFAIK it's not available for WinCE). ARM assembler is different, but just grab a list of the opcodes and read through a few CPU developers' guides (online).
There are a number of tutorials on reversing ARM stuff online. In the usual places for that kind of stuff.
For getting access to the ROM files, easiest way is to grab a rom update file and decrypt it. Mamaich is once again your man, his romtools do the job. He also has a "live" rom grabber, that'll grab all the files/modules out of your running phone for your perusal.
Platform Builder is available free to give you (some) WinCE source code. Not all, but enough to give you years worth of reading.
V
Thanks all...very kind of you to respond in such detail. I look forward to dabbling a bit with IDA and some of mamaich tools. I suppose the first order of business is to do a lil more research and then just dive in! It's been a while since i wrote any assembly code (not since college!), but i am a bit excited at having an excuse to do so again.
thanks again.
Just remember that unless you really luck out and the developer left the symbol table intact, you're going to end up with garbage for the names of variables and subroutines.
I hate reading decompiled code.
Not sure if I have worded this properly as I'm at the edge of my knowledge but I wish to call a function that I am assuming is in a DLL which is contained in ROM. I know the name of the DLL but how can I get a list of functions available from it when I cannot copy it onto my PC?
Many Thanks
Hi Tailor.
First, what function exactly are you looking for? There may be some documentation on it somewhere.
To browse a ROM dll you need to get a ROM dump. The simplest way for your purpose, provided you have a WM5 device is to search for TESTWM5.exe by mamiac on this forum. It will dump all files to your SD. They won't be workable for coding purposes, but still good enough to use dependency walker to get exported functions from DLLs.
Unfortunately that still won't tell you the parameters the function expects. only its name.
Hi Levenum and thanks for your reply.
Its a Sony Sat Nav Windows CE 4.2 device so unforunately theres not much chance of a ROM dump or documentation. Then unit is sold as a finished product and not intended for further developement.
I have installed TomTom instead of the poor app already installed and was trying to get access to the hardware buttons and Light sensor on the unit and then intended to use the TomTom SDK to recreate their functions.
The keys don't not trigger a key press event but their are DLL's called something like powerbutton.dll and navbutton.dll and so it's a fair guess that they could be used to trigger these events.
Obviously without knowing their exported functions I'm not going to get much further.
Any further thoughts ?
Many Thanks
How exactly are you trying to catch the key events?
For what you describe, you don't just need to know function names, you need to know with what parameters to call them so this is definitely not the way to go.
If you are coding with C++ search for info on SetWindowsHook. I am not sure of its implementation on CE, but this might be what you need.
I'm using VB.Net 2005
I'll have a look at SetWindowsHook, Thanks.
Any ideas for the light sensor, there's a test app that Sony have left on the device, it gives a reading from 0 to 100?
How are they likely to be reading this value?
hey,
have any of u tried this application for pocket pc? check it out on this link http://simpleos.iroot.ca/index.php
apparently, it makes ur pocket pc GUI exactly similar to a MAC or Windows XP (an emulator of some sort). It comes with additonal plug-ins that you can download which emulates applications such as outlook, word, media player, etc
It's a freeware and it looks pretty interesting. My PPC has been in the shop for repair so I have not been able to try this (and probably wont be able to for at least a week) but if anyone out there can give it a shot, let me know ur feedback on this app (is it stable?does it mess up ur PPC?). from the screenshots and videos, a WM2003 version was used so I dont know if it's compatible with WM5 or WM6. I cant wait to try it out when my PPC gets back from the shop.
Initial testing shows that is it quite slow. But that maybe due to the wizards slow processor on WM6. Does not install as it should. I believe that to be an WM6 issue. Other then that overall looks good but not recommended for a wizard. Also get designed for VGA resolution. I think that is due to the fact that it doesn't install and does not configure the software.
My initial view is positive. but need to do some more testing. A cab install file would be useful.
Cheers,
thanks for checking it out! According to the support forums in the site, u can change the VGA setting. Quoted "if you unzip the files from zip, unside a "bin" folder there is a file "kernel.xml" open in notepad and change the 64 to 32 and save". Dont know if this will fix it though.
Also this application is open source i think, so if any of our great programmers here at xda-developers can have a crack at it, i'm sure someone can improve this promising application and make it fully operational for all of us here (like what A_C did with the ILock). The programmer did say that he is open to the idea of someone continuing the development of this program as he does not have a lot of free time to work on this (check the forums section in the site)
I have Wizards, a Blue Angel and a Hermes.
With the Wing I have discovered that some cab files from the other units don't execute properly or seem to have been written for very old versions of Windows Mobile. I am never sure if they are going to be resource hogs or are not going to release memory when they close and such like. (or is this more to do with the ROM than the applications I am trying to use?)
Or they ask me whether I am installing onto some elderly processor (mips or arm or etc) and I am never sure either which one to choose for the Wing. And often the ones I choose dont work
Where can I find repositories for cab files (or indeed exe files to be executed from the computer) which are new enough to work with the Wing please? Any applicatoin will do, games, utilities, etc etc
most apps will, and the only truly system specific ones are like customization and tweak stuff.
there a bunch of freeware sites with lots of fun stuff thats totally device inspecific.
You can startout by browesing www.pocketpcfreeware.com .
Once/if you get through that site, just google "ppc freeware"
Hope that helps.
If you are still looking try this:
http://forum.xda-developers.com/showthread.php?t=356480
Thanks for this specific answer guys: I was just unsure what to do when given a choice between installing an elderly program designed for a 2001 computer on the Wing when the hcoice seems to refer to installing for those elderly processors
Thanks for this specific answer guys: I was just unsure what to do when given a choice between installing an elderly program designed for a 2001 computer on the Wing when the hcoice seems to refer to installing for those elderly processors
I recently got myself an ATT Tilt (Kaiser), which I plan on taking with me to a conference in Europe next month, and I'm not planning on taking a laptop so I can travel lightly afterwards. The phone currently has WM6 on there (I'm not going to play with flashing the ROM until after my trip).
To the point: I want a C/C++ compiler on my phone that I can use for potentially testing a few things over there (assuming the application I have in mind will work, but that's another story). I'm assuming that if I get the compiler working, it will have access to the standard C libs, including network stack.
I've tried PocketGCC, but I can't get it to work. The cabs from pocketgcc.sourceforge.net install fine, but the CMD Prompt won't open (I click on the icon and nothing happens).
Searching these boards, the only reference I've found was to http://www.mobilitysite.com/boards/business-development/135816-pocket-c.html#post1187340, but the links it points to for getting the various files no longer work.
Any suggestions or alternate links on how to get a working compiler on my smartphone?
As a backup, is CeGCC the best option for pre-compiling for the phone? Anyone know if it runs under 64-bit linux? Or if not, under win32 cygwin? Ideally, I'd love to have a cygwin-equivalent on the phone...but I guess that'll be deprecated with Android later on.
Thanks,
- David
Hi David,
I'm also looking for this and the best aproach was a DOS emulator (I think it is called Pocket DOS and there is another one that is free but don't remember the name) and Turbo C. I used it just to test very basic software that was just displayed in the DOS windows. But it was a really really little software (a couple of FORs and couple of variable incrementing), it was not fast to copile/run.
Hope this helps a little.
there is a cool project here, it's C#, not C++ but it might be of interest.
This one is supposed to be C++, but it is old and you may have problems with it. From what I recall, the command shell isn't compatible with wm6, but if you look around you may be able to find one to replace it that works.
Here is a command shell that's supposed to work with WM5/6
Good luck and let us know if you find anything else.
Also, the link to Mamaich's Version on that page you referenced works
Digicrat said:
I
is CeGCC the best option for pre-compiling for the phone? Anyone know if it runs under 64-bit linux?
Click to expand...
Click to collapse
mingw32ce (cegcc) is used to compile haret and roadmap (afaik vlc too).
It runs on amd64 very well. Have not tried it on my old DEC alpha.
Thanks for the quick responses.
edgar: PocketDOS looks interesting, but where can I find versions of Turbo C/C++ compatible with the pocketPC?
The program I'll be testing is actually a simple command-line C application, but it does use networking, UDP to be precise.
The link to Mamiach's link works on that page, but not the links on there for PocketConsole, PocketCMD, or the .bat files, though the bat files can be taken from the rar file itself.
I tried the PocketConsole and PocketCMD versions from the pocketgcc.sourceforge.net site again, and managed to get them (mostly) working after changing the reg key value.
I tried the PocketGCC cab file from gforge. It kind of works, but the test program won't compile. I still had to manually set the path for this, and for some reason it doesn't include gcc but calls the various other parts of it.
I'll try uninstalling the PocketGCC Cab and extracting Mamiach's version again and see if I have better luck with that later in the week and see how that goes.
Looks like I got it working for the most part.
Compilation is slow, but I don't want to waste space on the internal memory extracting all those .rar libs, unless I can get it installed/moved to the SD card later and adjust the paths accordingly (using spaces in file paths is always annoying).
I'm using Mamiach's version of GCC from the link above (extracted to /pgcc), plus PocketConsole and PocketCMD cabs from the pocketgcc.sourceforge.net distribution.
The only lingering (and annoying) issue is that it does not save the PATH setting after closing the cmd prompt.
Correction, I just noticed another more important issue. After switching programs, the CMD prompt seems to disappear. If I open another application, and then close that program, it will take me back to the CMD prompt. However, if I return to the "Today" screen, that prompt is still open but I can't get it back. It does not appear in that little task-switcher icon, nor in the detailed 'Task Manager'.
Any ideas?
Thanks
Update:
I just installed Dotfred's Task Manager. It looks like the problem is that the CMD prompt is being seen as a Process and not as an application. Now the question is can I change that...