View Single Post
  #6  
Old 04-04-2018, 19:01
dosprog dosprog is offline
Friend
 
Join Date: Feb 2018
Posts: 114
Rept. Given: 0
Rept. Rcvd 17 Times in 16 Posts
Thanks Given: 33
Thanks Rcvd at 146 Times in 74 Posts
dosprog Reputation: 17
It's likely not a good idea.
Any of imported functions must be correctly declared individulally,
and thus must be called normally.
In addition - without of using __asm directive.
In addition2 - repeated calls will be performed much faster.
In addition3 - [less or more] universal solution for x32/x64.

..It's likely not a good idea but it works..

--Add--

Add 1st argument of function as enum {C_CALL,STD_CALL}
and produce separate __asm code for this conventions ?



--Add2--

Quote:
Originally Posted by 0xall0c View Post
Example :

Code:
DWORD dwResult = DynCall("ntdll.dll","NtUnmapViewOfSection",
					PI.hProcess,
					(LPVOID)(NtHeader->OptionalHeader.ImageBase),0xb33f
				);
Dont forget to add one extra paramater at end i.e 0xb33f
This example rewritten without of DynCall():
Quote:
DWORD(__stdcall*_NtUnmapViewOfSection)(DWORD,DWORD);

void main(void)
{
DWORD result;

if(!(_NtUnmapViewOfSection=(DWORD(__stdcall*)(DWORD,DWORD))GetProcAddress(LoadLibrary("ntdll.dll"),"NtUnmapViewOfSection")))goto dos_exit;

result=_NtUnmapViewOfSection(0,0);

dos_exit:;
}



Last edited by dosprog; 04-05-2018 at 07:24.
Reply With Quote
The Following User Says Thank You to dosprog For This Useful Post:
Indigo (07-19-2019)