IIDKing allows you to add imports to ANY PE file's import table, thereby
eliminating the need to have to do LoadLibrary then GetProcAddress.

Whats New:
-Added the ability to add an unlimited number of DLL(s) and their
corresponding Function(s) to the target exe.

-You can now run IIDKing an unlimited number of times on any given target and
IIDKing will only ever use ONE section called ".IIDKING" in your target. Old
versions of IIDKing required more.

-When you run IIDKing on a target that has already been modified via IIDKing
v1/v2 it will notify you of this fact and subsequently load the previously
added DLL(s)/Function(s) into the IIDKing dialog. This allows you to re-run
IIDKing for the purpose of removing or adding to past import additions to
your targets.

-Added an easy to use interface for adding DLL(s)/Function(s) in the form of a
list dialog. You simply select the DLL filename as you wish and it will list
all it's available exports for you to choose from. Leaves no room for case
sensitive or spelling errors when adding DLL(s)/Function(s).

-IIDKing v2 is much more intuitive in handling user actions and hence can be
kept open and used continuously on the same target or any given number of
targets. No need to restart iidking ever.

Crudd [RET]

If you cant d/l from here, its on the RET site.

This isnt my tool, i just posted it for SantMat. Its his and he deserves all the thanks.

Looks great, thanks for sharing.

It is always good to see members trying to make tools for the rest of us to try. Particularily for those of us who have no time to try to code our own.

Regards,

Great work, Crudd. Thank you for sharing.
The tool run fine on my Win2K machine at work, but it run no stability on my WinXP (no service pack) machine at home. It delete all the import part of system dll, leave only the import part of adding DLL. When click the "Pick DLL" button, click cancel or click cancel when list of export functions showed, later, click "Pick DLL" will not show anything.
Regards,
TQN

The issue on WinXP machines has now been handled and a new and fixed version of IIDKing v2 will be up as soon as possible at www.reteam.org

Furthermore, IIDKing v2.1 is due to be out by this or next weekend as per the ETA on the www.reteam.org projects' page.

Thank you for using IIDKing and giving updates on any bugs you encounter. There should be no more issues concerning the smooth running of IIDKing in the future on any windows os. The only issues after this update will be what new features to add

As soon as IIDKing is up on www.reteam.org you will be able to tell by looking at the 'site updates'.


Thanks,

SantMat[RET]

I'm curious, what kind of bug was it?
I've seen things running on XP but not on 2K, but rarely the other way around.

An updated version has been posted on http://www.reteam.org.

Great work !
Thanks for fast update. But the program will crash when open a PE file have readonly attribute or being used by another process.
I have debugged IIDKing with OllyDbg at this night, and I found a bug in your code. I have some ideas which I wish to share with you if you don't mind.
You call CreateFile with GENERIC_READ | GENERIC_WRITE, but you did not check the return value of this call, and pass return handle directly to CreateFileMapping function. CreateFileMapping return NULL, and program will go to the cleanup code: CloseHandle with two above handle.
As MSDN and Kayaker have said in a post, CloseHandle with a wrong handle value will throw an exception if we are in debugging mode. If we installed VS .NET, mdm.exe (Machine debug service) will run as a startup service. So a exception will throwed although we did not run IIDKing under a debugger.
This is my suggest code to fix this bug:
/* Assign default value to all handle variables */
HANDLE hFile = INVALID_HANDLE_VALUE;
HANDLE hMap = NULL;
LPVOID lpMap = NULL;
....
hFile = CreateFile(xxx);
....
hMap = CreateFileMapping(xxx);
...
lpMap = MapViewOfFile(xxx);
....
Cleanup:
if (NULL != lpMap)
{
UnmapViewOfFile(lpMap);
lpMap = NULL:
}
if (NULL != hMap)
{
CloseHandle(hMap);
hMap = NULL:
}
if (INVALID_HANDLE_VALUE != hFile)
{
CloseHandle(hFile);
hFile = INVALID_HANDLE_VALUE;
}
Best regards,
TQN

I will certainly look into that and have all that patched for the v2.1 which is coming soon. Thanks for the feedback TQN.

SantMat[RET]

thx so much
u r the best .

Thanx Crudd for your tool !

I remember using the first one. That was great !

Nice improvements.

Regards, Neitsa.

Just to clarify...

I, SantMat, coded IIDKing. I released IIDKing v1 through the Immortal Descendants in 2000 and this latest release, v2, through RET


SantMat[RET]

Hello SantMat, Nice to meet you !

The first version is always in my DD.

I must say it has helped me a lot when I wasn't knowing how to do those things "with my hands". Even knowing how to do it now, I should say I've used it a lot for many reversing purposes. I think I've learned how to do it when disassembling modified files by IIDKing v1.0.

This is trully a good work, and it has learned me a lot.

My best regards, Neitsa.