2. Tech
  3. Dynamic 1: Calling function named function name

Dynamic 1: Calling function named function name

xiaoxiao2021-03-06  53

Foreword: This article is from a question of a question in the 9CBS Forum. It is now organized to help friends with the same needs.

Friends who have been dynamically loaded with DLL should be clearly getprocaddress this API, which is to obtain this function from the DLL module through a function name, and then convert it into a corresponding function pointer for us to call. This is a typical example of calling a function through a function name. Below we simulate this function, the main idea is to create a function mapping table.

#include

Using

Namespace

STD;

/ / Define function entry structure

Typedef

Void (* fun_ptr)

Void);

Struct fun_ENTRY

{

Const

Char * fun_name;

// Function Name

Fun_PTR FUN_PTR;

// Function pointer, actually the data type here can also be integer

}

// Define two different prototypes

Void foo1 () {cout <<

"foo1" << Endl;

INT foo2

INT i) {cout <<

"foo2:" << i << endl;

Return 0;}

// Define function mapping table

FUN_ENTRY FUN_ENTRY_TABLE [] =

{

{

"foo1", (fun_ptr) foo1},

{

"foo2", (fun_ptr) foo2}

}

// Simulation GetProcaddress

Fun_ptr Get_Proc_Address (Const)

Char * fun_name)

{

FOR

INT i = 0; i <

SIZEOF (fun_entry_table) /

SIZEOF (fun_entry_table [0]); i )

{

IF (strcmp (fun_name, fun_entry_table [i] .fun_name) == 0)

RETURN FUN_ENTRY_TABLE [I] .fun_ptr;

}

Return NULL;

}

int main ()

{

Typedef

Void (* foo1_ptr)

Void);

Typedef

INT (* foo2_ptr)

Int);

FOO1_PTR PFOO1 = (Foo1_Ptr) Get_Proc_Address

"foo1");

// Get the function entry address and convert to a function pointer

IF (PFOO1) PFOO1 ();

// Vire to call functions

Foo2_ptr pfoO2 = (foo2_ptr) get_proc_address (

"foo2");

IF (PFOO2) PFOO2 (100);

SYSTEM

"PAUSE");

Return 0;

}

Is it very simple, how can get procaddress implement? This is still not clear, but we know that there are function symbol information in the DLL, which can easily locate the entrance address of a function. If there is a function name in the binary code of the ordinary program, then it is not very cool! But this is exposed to the internal implementation of the program, which can greatly facilitate hackers, :).

Today is 9.18, don't forget the national humiliation, revitalize China!

(Freefalcon at 2004.09.18)

转载请注明原文地址:https://www.9cbs.com/read-115541.html

9cbs

New Post(0)