I had developed a software. The software are using the external dll library, how can I compile the exe embedded *.dlls??
PS: I am using a VS 2005, Language: VB.net
Also I would like to know how to protect my application code avoid the decompiler to decompile ???
sorry for my poor english.
Welcome to the forum.
Your English is fine, but unfortunately there is no simple answer to your questions.
I will start with the last one first:
There is no one simple way to protect your code. There are whole books and articles written on it and if you google you will even find commercial products that "scramble" compiled apps to make it difficult to disassemble and reverse engineer.
Unfortunately I can not give you more specific info like book titles since I am not too interested on the subject.
I can tell you this: whether you app gets hacked or not is a matter of how much it costs vs. how useful / desirable it is. That means that if your program is really grate and everyone wants it but it costs a lot someone will put in the effort and eventually crack it no matter what you do.
As for your first question: unless you have source code or the obj files for the DLL to link to there is no way to combine it with your exe. If something was released as a DLL library and only as a DLL library it will remain just that.
Like mentioned above; the only possibility to 'protect' your .NET application is to obfuscate the code. there are some good (but commercial) tools out there. Google for it and if you're lucky you can find a comparison as well. (hopefully somebody tested some tools already to compare them)
You cannot recompile a DLL unless you've the source code as well.
it's easier to do if one dont use .net
Related
mamaich said:
Occasionally I've found this page - http://blogs.msdn.com/sloh/archive/2005/05/27/422605.aspx
It has an interesting code at the bottom. I've already made a program that can hook system calls, I'll try to hook EnterCriticalSection and WaitForMultipleObjects and force them to use that code. Maybe this would reduce the occasional lockdowns.
Click to expand...
Click to collapse
I've made such a program. It gave no noticeable improvements for me, but I've attached it to this post with source code.
Source code would be interesting to people, who need to hook kernel functions that are implemented in nk.exe.
The function uses LoadKernelLibrary to load DLL, DLL relocates SystemAPISets table to writeable memory and hooks needed functions.
Code has no comments and looks ugly, but is short and should be easy to understand.
mamaich: thanks so much for this. I need all the hooking code I can get my hands on right now.
Will look at this ASAP. In your debt
V
Thanks...I've just started programming in EVC++ 4, so it might be useful.
Project is compiled with VS2005, it can be ported to eVC4. And it is designed for WM5, but should work also with older OSes, maybe minor modifications in internal OS structures may be necessary.
Hi,
Can someone assist me with how i might go about decompiling or viewing a dll, making changes to it and recompiling it? What tools can i use to do this?
I have tried copying some of the dlls from my device over to my local pc, however most of the time i get an "access violation" message.
Further, i realize i can use idlasm to disassemble .net files, but it seems most of the more interesting dlls and files may be standard c dlls. How can i take a look at the code in these and modify if wanted?
thanks much.
farseer: what level of experience do you have?
V
I'd like to think i am decent developer, but that may be in my own mind
However, i do not do a lot of "hacking", i.e., have not had the need to do much reverse engineering. I have been coding ground up apps for over 10 years however, uisng C++, Java, C#, VB, etc. You name the language, and i've probably done something in it .
vijay555 said:
farseer: what level of experience do you have?
V
Click to expand...
Click to collapse
was that the wrong answer?
farseer said:
I'd like to think i am decent developer, but that may be in my own mind
However, i do not do a lot of "hacking", i.e., have not had the need to do much reverse engineering. I have been coding ground up apps for over 10 years however, uisng C++, Java, C#, VB, etc. You name the language, and i've probably done something in it .
vijay555 said:
farseer: what level of experience do you have?
V
Click to expand...
Click to collapse
Click to expand...
Click to collapse
The correct answer should be "I know ARM assembler language, the structure of Win32 PE files, I know what is XIP DLL and why I cannot modify them directly, and I have read the WM5 source code".
In this case the process is simple - you decompile a DLL with IDA (www.datarescue.com), find the place you need, modify the code to suit your needs - and that is all. In most cases there is not enough place in DLL for your code, so you need to use virus-like techniques, my prefered method is to patch the code so that it loads my DLL and run it instead of original code. Or use some other hooking methods so that my code is executed instead of original.
Ah, thanks much, this was helpful. I do have a few follow up questions:
1. Is "Arm assembler" different than standard assembler? If so, any suggested readings?
2. There are some dlls that cannot be copied to my local pc (i get an access violation i believe). How does one extract an image of such dlls?
3. Where is the WM5 source code? and why would i need to read this to be able to hack/patch dlls?
thanks again.
mamaich said:
The correct answer should be "I know ARM assembler language, the structure of Win32 PE files, I know what is XIP DLL and why I cannot modify them directly, and I have read the WM5 source code".
In this case the process is simple - you decompile a DLL with IDA (www.datarescue.com), find the place you need, modify the code to suit your needs - and that is all. In most cases there is not enough place in DLL for your code, so you need to use virus-like techniques, my prefered method is to patch the code so that it loads my DLL and run it instead of original code. Or use some other hooking methods so that my code is executed instead of original.
Click to expand...
Click to collapse
Hi farseer!
I am nowhere near the level of mamaich or vijay555 but I have some experience in this and I believe I can give you some basic answers:
1. ARM is a different architecture then x86 processors and the assembler is different to accommodate it. There are some basic similarities like mov add and such, but even the registers are different (R0 - R15 if I am not mistaken). Sorry, I don't know any books on it, but if you google you will quickly find the list of commands with basic explanation.
2. Since the OS is in ROM you can't just copy and paste it's DLLs and EXEs. Look for ROM dumping tools on this forum, or already extracted images on the ftp. Keep in mind MS did some tricks to save memory and make it harder to get at the files, so like mamaich said, you need to learn about XIP and the ROM structure in general to understand whats going on.
3. Hmm... MS does have a program for sharing most of WM source code, but it's not for common people like us. (check out their site to see what I mean) I suspect there are other sources of getting the parts necessary to understand DLL hooking, but I have no idea what they might be.
Well that's my two cents until an expert can answer you. Hope this helps.
farseer: you gave a perfectly good answer IMHO, just needed to get an idea of what level to pitch a response without talking up or down to you!
It's well documented that I'm a self confessed newb to c++, and would say that your programming skills should certainly hold you in good stead. However, having a good knowledge of the Win32 API is certainly beneficial.
For decompiling, basically IDA. There is an IDA demo available on their website that should get you going, it's pretty much 100% functional other then it won't save, and closes itself (or crashes itself) after a reasonable, random period of time. IDA is "the daddy" for pretty much all mainstream reversing, although you could write your own decompiler/debugger.
Recompiling - that's a toughy. IDA won't permit recompiling on ARM AFAIK.
You'll have to hexedit into the target and patch directly. Otherwise you get into the exciting world of code injection, hooking etc, as Mamaich says.
For that area, read everything he's ever written, before you start reversing
Oh, and a helpful hint to all. Don't just read what Mamaich's written on this board, his posts on other boards are even more useful!
It's worth getting a good familiarity with reversing on x86 first, get used to how IDA works etc (and Soft Ice is very useful to give a good insight into x86, although AFAIK it's not available for WinCE). ARM assembler is different, but just grab a list of the opcodes and read through a few CPU developers' guides (online).
There are a number of tutorials on reversing ARM stuff online. In the usual places for that kind of stuff.
For getting access to the ROM files, easiest way is to grab a rom update file and decrypt it. Mamaich is once again your man, his romtools do the job. He also has a "live" rom grabber, that'll grab all the files/modules out of your running phone for your perusal.
Platform Builder is available free to give you (some) WinCE source code. Not all, but enough to give you years worth of reading.
V
Thanks all...very kind of you to respond in such detail. I look forward to dabbling a bit with IDA and some of mamaich tools. I suppose the first order of business is to do a lil more research and then just dive in! It's been a while since i wrote any assembly code (not since college!), but i am a bit excited at having an excuse to do so again.
thanks again.
Just remember that unless you really luck out and the developer left the symbol table intact, you're going to end up with garbage for the names of variables and subroutines.
I hate reading decompiled code.
Most of us are already aware that PPC and smartphone edition are similar enough to be mostly compatible in their apps across the platforms.
That is, with enough coaxing and the help of input simulators like SPHelper, I've managed to run almost any Pocket PC app on a smartphone device.
Well, until now.
I've officialy run into my first brick wall of sorts, and I'm hoping someone here can shed some light onto the situation.
Since the MS implementation of A2DP has quality issues, I'm trying to run MSI Blueplayer app ( found at http://cweb.msi.com.tw/program/support/download/dld/spt_dld_detail.php?UID=619&kind=8) on a smartphone.
Analyzing the cab, I extracted 4 .dll's that go in the \windows dir (msibtstk.dll, msibtapi.dll, CHS.dll and TW.dll), and two .exe program files that go in program files\msi\blueplayer (STLoader.exe, and MPOBCE.exe).
Now, normally its as simple as running the .exe, at least it always has been in the past.
However, every time I hit MPOBCE.exe, all I get is:
"Alert
Can't find MPOBCE or one of its components. Make sure the path and filename are correct and that all the required libraries are available."
Just to control this experiment, I copied the exact same files over to a PPC device and ran it to find that it DOES work.
Now, I've never encountered PPC specific code before- in fact, I didn't even know such a thing was possible. Has anyone see/heard of this sort of thing before?
Can someone help me take this apart and find out what makes it work on a PPC only? Perhaps a PPC-specific path (if there is such a thing)?
At this point, as much as I'd like to get this working, I'm just as much intellectually curious as to what would cause a program to only operate on a PPC installation.
Hello Dishe.
Your problem is simple: Certain DLLs that come built in Pocket PC version of windows mobile do not exist in the Smartphone version. An example is MFC DLLs.
What you need to do is get hold of 'dependency walker' which is a neat little app that MS incorporated in to VS 6 (though I understand it was written by an independent developer and should be available separately).
It will show you exactly which DLL files each exe is linked to. You then have to get a good copy (from a ROM dump) of the needed DLL and put it in windows directory.
Hope this helps.
That's a great idea. Thanks! I never heard of the dependency walker before, but it sounds like a perfect tool for this. I'll have to check it out on my office computer (I don't have VS 6 at home).
I wont be back in my office until wed., so if anyone had a bit of spare time, I'll attach the files here for someone to examine.
If anyone wants to look into it and tell me what dll's are required, I can get ahold of them from a healthy Pocket PC image.
Thanks!
This zip file has the two .exe's contained in the installation. I think only mpobce.exe is complaining about missing components, though.
Oops, apparently I should have checked first...
Dependency Walker is a free app. I downloaded it and tried it out.
It lists a bunch of .dll's, most of which I had on smartphone.
However, the two missing ones are:
mfcce300.dll
olece300.dll
Now, I'm not exactly sure what these do, so I need to look into it some more. Does anyone have any clue what these are for? If I copy them from a Pocket PC, will they operate on a smartphone?
Hi Dishe.
I guess I should have been more clear: Dependency Walker was written as freeware by an independent developer, but M$ liked it so much they decided to grab it for VS.
Any way, mfcce300.dll is MFC version for PPC (if you are not familiar with MFC, it's a collection of "ready code" that simplifies writing apps in c++)
It comes built in for PPCs but not for smartphones for some reason. If you have a good dump check that DLL with dep. walker as well, I am pretty sure it is linked to a few others.
olece300.dll - is a COM support dll. I won't even go there because I really hate COM (that's Component Object Model, not com port) and I am really not sure my self what the DLL does.
If you do get a good version of those two you should be able to get the app running.
levenum said:
Hi Dishe.
I guess I should have been more clear: Dependency Walker was written as freeware by an independent developer, but M$ liked it so much they decided to grab it for VS.
Any way, mfcce300.dll is MFC version for PPC (if you are not familiar with MFC, it's a collection of "ready code" that simplifies writing apps in c++)
It comes built in for PPCs but not for smartphones for some reason. If you have a good dump check that DLL with dep. walker as well, I am pretty sure it is linked to a few others.
olece300.dll - is a COM support dll. I won't even go there because I really hate COM (that's Component Object Model, not com port) and I am really not sure my self what the DLL does.
If you do get a good version of those two you should be able to get the app running.
Click to expand...
Click to collapse
Thanks for the help, I'm realizing there's a lot more to this I should have known before embarking on such a task. I've never had such a problem doing this before, I guess MFC isn't so popular!
Anyway, I need a good ROM dump, I haven't been able to aquire one. In the mean time I tried some files I found searching google... didn't expect it to work, but tried it anyway. Still complained of missing files- you're right, I'll bet MFC is calling more dll's as well that I need.
Perhaps there's hope...
You were right... I just needed more .dlls!
I found a whole series of .dlls required by mfcce300.dll that my smartphone was missing, so I put them all in the program directory and it opened!
Problem is, its not so stable... the files were pulled from a ce.net-4.1 set of files since I don't have access to a wm5 rom image.
One more thong I should have thought about earlier:
Some COM dlls, maybe even olece300.dll have a function called DllRegisterServer that writes them to registry as COM provider (under HKCR\CLSID).
Check to see if I am right using Dep. Walker and if so try to get regsvr32.exe or something similar for the PPC. (On a PC you use regsvr32 somedll.dll to register a COM server)
This may help with stability issue.
Greetings,
I'm software developer on PC platform (few successful projects - for example quite innovative picture, comic viewer) - actually with .NET Basic by choice(I never was up to all C++, C# etc.)
I'm looking for someone who would realize, compile, use given code/algorithm to create working image viewer.
More precisely, I've on mind code that would simulate "multi-touch" zooming etc. Furthermore I've wrote basic eVB code - but didn't manage to run it from unknown reason :/
I am afraid you are out of luck as far as eVB is concerned.
It is not supported on the new OS, and by new I mean anything after WM 2002 (I think 2003 woks, but buggy).
You have two choices: convert your code to VB .NET or get someone to convert it to C / C++ / C#.
By the way C# is very similar to VB .NET so if you put your mind to it you should have no trouble learning it.
I do not know what your plans are for this software - sell it, distribute for free or what ever, but if you wan community help with the entire source it would probably be better if you published it.
Of course thats up to you, but if you intend to give people your code and have them help with development it would be a good idea to state the conditions upon which the code is given in advance to avoid unpleasant misunderstandings later on.
levenum said:
I am afraid you are out of luck as far as eVB is concerned.
It is not supported on the new OS, and by new I mean anything after WM 2002 (I think 2003 woks, but buggy).
Click to expand...
Click to collapse
Nah I thought about other way than eVB.
levenum said:
You have two choices: convert your code to VB .NET or get someone to convert it to C / C++ / C#.
Click to expand...
Click to collapse
I program in VB.net, about C# & C++ too - but I dislike them.
levenum said:
By the way C# is very similar to VB .NET so if you put your mind to it you should have no trouble learning it.
Click to expand...
Click to collapse
Matter of removing few operators and structures. And still most of operations is purely made on logic, mathematic level. So language doesn't matter except basic GUI.
levenum said:
I do not know what your plans are for this software - sell it, distribute for free or what ever, but if you wan community help with the entire source it would probably be better if you published it.
Click to expand...
Click to collapse
I assume it should be open source - however software that I develop on my own is freeware for non-commercial use with closed code. But as said - in this case I think it should be open source.
levenum said:
Of course thats up to you, but if you intend to give people your code and have them help with development it would be a good idea to state the conditions upon which the code is given in advance to avoid unpleasant misunderstandings later on.
Click to expand...
Click to collapse
Know that.
Unlucky few touch-interface based image viewers are developed, few commercially, rest isn't something special. From my own programing experience I know it's not hard to add some solutions.
.NET decompiler with support for XAP applications. Allows hackers developers to decompile assemblies and resources in a code editor, make changes and compile the code back to the assembly.
Click to expand...
Click to collapse
View on GitHub
Features:
Decompile .NET assemblies to C# and allow editing/compiling the high-level code back to CIL
Edit CIL instructions in method bodies
Modify assembly structure
Edit and extract assembly resources
Edit the contents of a XAP by adding, removing or swapping files, or using internal editors for certain resource types.
Integrated editors for text, hex, manifest, resource, XML and XAML.
XAP package manager (compatible with Windows Phone and Silverlight applications) allowing to view and extract XAP contents.
Does laundry, has mastered Italian cuisine, cleans and makes mind-blowjobs when asked kindly and treated right.
Click to expand...
Click to collapse
Some of your skills that could be useful may be:
Blogging: You can write down the results of your testing, your ideas and stuff about .NET Rain the way you see it.
UI/UX design: You don't have to bother with WPF implementation. Photoshop designs are good enough.
C#/WPF programming: You can contribute to the code quality and all user-related features of the application.
C# Reflection mastery: The "core" is in a very alpha state and is full of bugs. The are many planned new features, too.
Donations: They will be wisely spent.
Crowd-funding experience: You can help with raising money to pay for community-hired professionals to write code that will later remain open-source.
Virgin goat blood: For recreational uses.
Click to expand...
Click to collapse
Not going to lie, I laughed at that last part in the description. Very good work. Thanks for sharing!
I laughed at the git hub title for DLL editing : DLL Deep Throat XD
lol WUT!
Edit : Screen****s ? XD
jepp nice way to word some things , but please let us not use the kind of words here
and yes real good jop
I live to serve the forum rules, so fear not. GitHub is quite liberal, on the other hand
Let me know how do you like it because as of a while I'm experimenting with great new substances.
The effects of which include, but are not limited to, reviving this old project into The Tool for Windows 10.
So I'd love some (a lot of) "pre-"feedback. Try it out. Open issues on GitHub. Help me make it awesome.
Cheers