NO

Author Topic: Compiler and BL <offset>ADR  (Read 6920 times)

_SIL_

  • Guest
Compiler and BL <offset>ADR
« on: February 11, 2013, 07:41:37 AM »
Hi!
I modify an exe file (systeminformation.exe). Added new section .text2. In Pelles I create my project, compilled my exe and manually in hexeditor put my code from my exe to target exe. Currently I have 100% worked hacked systeminformation.exe with loading PNG file!

In my project I use this branching code:
Code: [Select]
#define ADRofFindWindowW 0x1234 // address in import table in hacked exe
#define chunc_code(adr) {__asm LDR R12,[PC];__asm LDR PC,[R12];__asm dd adr;}

static __declspec(naked) HWND __stdcall myFindWindowW(LPCWSTR lpClassName, LPCWSTR lpWindowName)
chunc_code(ADRofFindWindowW)

#define FindWindowW(a,b)  myFindWindowW(a,b)


int WINAPI WinMain{
...
HWND hw=FindWindowW(L"HHTaskBar",NULL);
...
return 0;
}

I would like to change type of myFindWindowW to "__inline" and get compiler to make code like BL offset ADRofFindWindowW without LDR PC, [dcd_YYY]; dd YYY . It's possible in Pelles C?

__asm  BL #0x1234; - worked but not properly (compiled to "34 12 00 EB")
__asm  BL offset 0x1234; - error #3151: [asm] Syntax error.
__asm  BL #(offset 0x1234); - error #3151: [asm] Syntax error + error #3152: [asm] Expected ')'.
__asm BL #(PC-0x1234)/4; - error #3140: [asm] Relocation expression is too complex.
__asm label_curadr: BL #( (label_curadr-0x1234)/4-2 ); - error #3140: [asm] Relocation expression is too complex.
__asm BL #( (0x11040-0x1234)/4-2 ); - compilled properly, but this way very silly. Current address of asm instruction is not constant and changing all the time

Please help!

_SIL_

  • Guest
Re: Compiler and BL <offset>ADR
« Reply #1 on: February 18, 2013, 06:54:12 AM »
Solved! My way is long but work perfectly. Compiller now maked instructions BL <My_label>

1. Look at sections on target file (systeminformation.exe).
.text  00011000-0001E000
.rdata 0001E000-0001F000
.pdata 00021000-00022000
.idata 0001F000-0001F184
.data  0001F184-00021000


2. In my Pelles C project I adder this 000.asm:
Code: [Select]
...
EXPORT _0x1DEF8; addr of FindWindow in systeminformation.exe
...
AREA .content, DATA
_0x11000: dcd 0
_0x11004: dcd 0
_0x11008: dcd 0
_0x1100C: dcd 0
_0x11010: dcd 0
...
_0x1DEF8: dcd 0
...
_0x209F8: dcd 0
_0x209FC: dcd 0

align 0x1000
dcd 0,0,0,0


3. In main.c:
Code: [Select]
#pragma comment(linker,"/BASE:0x10000")
#pragma comment(linker,"/align:0x1000")
#pragma comment(linker,"/merge:.data=.SIL.")
#pragma comment(linker,"/merge:.text=.SIL.")
#pragma comment(linker,"/merge:.pdata=.content")
#pragma comment(linker,"/noentry")
...
#define chunk_declare2(adr, func) extern void adr(void); typedef func;
...
chunk_declare2(_0x1DEF8, HWND __stdcall FindWindowW_(LPCWSTR lpClassName, LPCWSTR lpWindowName));
#define FindWindowW (*(FindWindowW_*)_0x1DEF8)
...
extern void HideTaskBar(void){
HWND hwnd=FindWindow(L"HHTaskBar",0);
if(hwnd) ShowWindow(hwnd,0);
}
...


4. Done. Sections in my project.exe: .content: 00011000-00022000, .SIL.: 00022000-00025000.
Copy section .SIL. from project.exe to systeminformation.exe (start address of sections is same!)
Look at IDA on my function HideTaskBar:
Code: [Select]
...
.SIL.:00022220 sub_22220
.SIL.:00022220 var_4           = -4
.SIL.:00022220                 STR     LR, [SP,#var_4]!
.SIL.:00022224                 LDR     R0, =aHhtaskbar
.SIL.:00022228                 MOV     R1, #0
.SIL.:0002222C                 BL       FindWindowW
.SIL.:00022230                 CMP     R0, #0
.SIL.:00022234                 BEQ     locret_22240
.SIL.:00022238                 MOV     R1, #0
.SIL.:0002223C                 BL      ShowWindow
.SIL.:00022240 locret_22240
.SIL.:00022240                 LDR     PC, [SP+4+var_4],#4
...
.text:0001DEF8 FindWindowW
.text:0001DEF8                 LDR     R12, =__imp_FindWindowW
.text:0001DEFC                 LDR     PC, [R12]
.text:0001DF00 off_1DF00       DCD __imp_FindWindowW 
...[color=red][/color]