Web Development

General discussion

Gravatar
Locked

Reverse engineering a DLL

By GuruOfDos ·
I program in VB Professional 3.0. Yes I KNOW it's 10 years old and only 16 bit, but that is precicely WHY I use it...I still have to support 16 bit platforms!

Also, with certain restrictions, VB3.0 programs run perfectly under 9x and NT4.0.

Here is my dilemma. Accessing hardware from VB is not a problem...there are plenty of 16 bit DLL's out there that allow VB3 to call functions within the DLL to talk to the outside world. I have several for ISA bus I/O, peripheral control etc and along with the DLL's I have the documentation on how to call the functions/routines within the DLL and what parameters are passed.

BUT....I have acquired a very interesting piece of hardware on an ISA card (what it does is not important) and have scoured the original software on the machine it was installed in, and found a DLL related to the card. Using QuickView allows me to see the names of the exports in the DLL but there I run out of information. I can use my knowledge of electronics to regenerate the circuit diagram of the card and find out HOW it works electronically, but I need a way of 'taking apart' the DLL to work out what the exported functions do and what parameters are passed to and from a routine (integer, single, long, arrays) etc. I know enough about assembly language to reverse engineer a *.com file, but how can I do the same for a DLL? Where can I find information on DLL structures or a tool to show the individual code chunks for each of the exports? I have used a program called Scanbin which gives me a little more info, but I need more data on DLL's themselves...preferably requiring little or no knowledge of C or Pascal!!

This conversation is currently closed to new comments.

16 total posts (Page 1 of 2)   01 | 02   Next
+ Follow this Discussion ·
| Thread display: Collapse - | Expand +

All Comments

gravatar
Collapse -

Reverse engineering a DLL

by Ann777 In reply to Reverse engineering a DLL
gravatar
Collapse -

Reverse engineering a DLL

by Ann777 In reply to Reverse engineering a DLL

If you do a search on "reverse engineer a 16 bit dll" you'll pull up several hits as well.

The above link says it'll work with a 32-bit dll ; but it does not mention the older 16-bit dlls.

gravatar
Collapse -

Reverse engineering a DLL

by GuruOfDos In reply to Reverse engineering a DLL

Does not support 16 bit DLL's for Windows 3.1! The freeware Borg Disassembler is the closest tool I have found that will break down a DLL into raw code, but it needs a lot of tweaking to distinguish between data and code.

gravatar
Collapse -

Reverse engineering a DLL

by maxwell edison In reply to Reverse engineering a DLL

Let me take a blindfolded shot in the dark at a moving target.

"Using the Document/View Architecture with a DLL"

http://tinyurl.com/5cny

gravatar
Collapse -

Reverse engineering a DLL

by GuruOfDos In reply to Reverse engineering a DLL

Thanks for the answer, but I don't do 'C' and don't intend to! The article refers to DLLs that you have written...not third party DLL's and refers to their use in Visual C.

I do appreciate your thoughts and effort though!

gravatar
Collapse -

Reverse engineering a DLL

by Joseph Moore In reply to Reverse engineering a DLL

Well, I looked around also, and didn't find anything good. I found a product, PE Explorer, that does exactly what you need for 32-bit DLL files; unfortunately, it does not work for 16-bit (the web site for it states that exactly).
So, no luck there.
My only suggestion (not being a programmer, I don't know if it will be of any use) is to try and use STRINGS.EXE a free downloadable tool from Sysinternals.
Here is their description of STRINGS:

"Working on NT and Win2K means that executables and object files will many times have embedded UNICODE strings that you cannot easily see with a standard ASCII strings or grep programs. So we decided to roll our own. Strings just scans the file you pass it for UNICODE (or ASCII) strings of a default length of 3 or more UNICODE (or ASCII) characters. Note that it works under Windows 95 as well."

The download page is here:
http://www.sysinternals.com/ntw2k/source/misc.shtml

So, you could run STRINGS against the DLL you have, and see what kind of information it will gleam. Perhaps it will be useful to you.

hope this helps

gravatar
Collapse -

Reverse engineering a DLL

by GuruOfDos In reply to Reverse engineering a DLL

Fine for working on NT or W2k....as it says!

I'm using 16 bit (W3.11) and W9x!!

gravatar
Collapse -

Reverse engineering a DLL

by GuruOfDos In reply to Reverse engineering a DLL

Point value changed by question poster.

gravatar
Collapse -

Reverse engineering a DLL

by GuruOfDos In reply to Reverse engineering a DLL

Restrictions include the fact that file dialogue boxes cannot handle long file names!!! Pain in the backside when bringing up file lists!!!

gravatar
Collapse -

Reverse engineering a DLL

by GuruOfDos In reply to Reverse engineering a DLL

Just for reference folks...Windows 16 bit .exe's and DLL's are in what is called NE (New Executeable) format. Win32 exe's and DLLS use the newer PE (Portable Executeable) format.

The difference? NE files have the original MS DOS Header and can actually be run in DOS...but all they do in DOS is generate a message stating 'This program requires Microsoft Windows!'. Anyway NE files still have the DOS header at offset $40h and PE's don't! This means that any disassembler or decoder for Win32 will not support NE's...unless explicitly stated on the pack!!

Back to Web Development Forum
16 total posts (Page 1 of 2)   01 | 02   Next

Start or search

Related Discussions

Related Forums