LINK: Grafting Compiled Code: The Ultimate in Code Reuse [Archive]

View Full Version : LINK: Grafting Compiled Code: The Ultimate in Code Reuse

Cthulhu

November 6th, 2007, 06:41

Quote:

Introduction

This article will demonstrate techniques to incorporate compiled machine code into an existing project using ASM source files. The assembly source file will be created from the compiled machine code. In addition, it will detail the limitation of Imagehlp.dll (single thread safety requirement), and show techniques for converting a compiled STDCALL procedure to a C-CALL assembly language routine.

Eample one will present a standard C++ console application. The program add two numbers and returns the results. The example will present a few of the basic obstacles to overcome. Sample two will incorporate the graft using compiled machine code of Add() from the first.

Finally, example three will use machine code from imagehlp.dll to supplement the PE Checksum program. This will remove the requirement of the library dependency from a project and fully demonstrate the techniques.

http://www.codeproject.com/useritems/CodeGraft.asp

OHPen

November 6th, 2007, 08:20

Nice articel Jeffrey, but i think that this technique probaly most interesting for people which are not interested to understand what asm code is doing.

It can be probably used by a newbie who want to rip an algo without understanding what it is doin'.

Anyway, i read worser articles

Regards.

dELTA

November 6th, 2007, 13:12

No matter if you understand the code or not, these techniques can be very useful at times. Thanks for the link Cthulhu.

Cthulhu

November 6th, 2007, 13:20

You're welcome

LLXX

November 10th, 2007, 03:40

Quote:

[Originally Posted by OHPen;70075]It can be probably used by a newbie who want to rip an algo without understanding what it is doin'.

That's an example of a bad way in which this can be used...

You still have to understand the code, otherwise you'd be unable to figure out the memory references/stack parameters/calling convention/etc.

Interesting to see a rather low-level article on codeproject.com -- the site is mainly high-level stuff.