.
Hola, como estas, che una pregunta si no te molesta, podrias compartir el codigo que utilizas en
http://infrangelux.sytes.net/FileX/?file=Basic_API_Decompiler.exe&dir=/BlackZeroX/programas/Semi%20Decompiladores
me gustaria saber como haces para listar las apis de una aplicación
Saludos.
Se puede aun extraer mas informacion; como son los procesos, y sus parametros (con sus tipos de datos), Complementos (OCX), Formularios, Modulos, mm bueno TODO...
Este codigo solo se limita a la extraccion de las APIS de un Ejecutable en VB6
'
' /////////////////////////////////////////////////////////////
' // Autor: BlackZeroX ( Ortega Avila Miguel Angel ) //
' // //
' // Web: http://InfrAngeluX.Sytes.Net/ //
' // //
' // |-> Pueden Distribuir Este codigo siempre y cuando //
' // no se eliminen los creditos originales de este codigo //
' // No importando que sea modificado/editado o engrandecido //
' // o achicado, si es en base a este codigo //
' /////////////////////////////////////////////////////////////
Option Explicit
Private Const MAX_PATH As Long = 260
Public Type IMAGE_DOS_HEADER
Magic As Integer
NumBytesLastPage As Integer
NumPages As Integer
NumRelocates As Integer
NumHeaderBlks As Integer
NumMinBlks As Integer
NumMaxBlks As Integer
SSPointer As Integer
SPPointer As Integer
Checksum As Integer
IPPointer As Integer
CurrentSeg As Integer
RelocTablePointer As Integer
Overlay As Integer
ReservedW1(3) As Integer
OEMType As Integer
OEMData As Integer
ReservedW2(9) As Integer
ExeHeaderPointer As Long
End Type
Public Type IMAGE_DATA_DIRECTORY
DataRVA As Long
DataSize As Long
End Type
Public Type IMAGE_OPTIONAL_HEADER
Magic As Integer
MajorLinkVer As Byte
MinorLinkVer As Byte
CodeSize As Long
InitDataSize As Long
unInitDataSize As Long
EntryPoint As Long
CodeBase As Long
DataBase As Long
ImageBase As Long
SectionAlignment As Long
FileAlignment As Long
MajorOSVer As Integer
MinorOSVer As Integer
MajorImageVer As Integer
MinorImageVer As Integer
MajorSSVer As Integer
MinorSSVer As Integer
Win32Ver As Long
ImageSize As Long
HeaderSize As Long
Checksum As Long
Subsystem As Integer
DLLChars As Integer
StackRes As Long
StackCommit As Long
HeapReserve As Long
HeapCommit As Long
LoaderFlags As Long
RVAsAndSizes As Long
DataEntries(15) As IMAGE_DATA_DIRECTORY
End Type
Public Type VBStart_Header
PushStartOpcode As Byte
PushStartAddress As Double
CallStartOpcode As Byte
CallStartAddress As Double
End Type
Private Type VBHeader
lSignature As Long
iRuntimeBuild As Integer
sLanguageDLLName(13) As Byte
sSecLangDLLName(13) As Byte
iRuntimeDLLVersion As Integer
lLanguageID As Long
lSecLanguageID As Long
aSubMain As Long
aProjectInfo As Long
fMDLIntObjs As Long
fMDLIntObjs2 As Long
lThreadFlags As Long
lThreadCount As Long
iGUIObjectCount As Integer
iComponentCount As Integer
lThunkCount As Long
aGUIObjectArray As Long
aComponentArray As Long
aCOMRegData As Long
oProjectExename As Long
oProjectTitle As Long
oHelpFile As Long
oProjectName As Long
End Type
Private Type tProjectInfo
Signature As Long
aObjectTable As Long
Null1 As Long
aStartOfCode As Long
aEndOfCode As Long
Flag1 As Long
ThreadSpace As Long
aVBAExceptionhandler As Long
aNativeCode As Long
oProjectLocation As Integer
Flag2 As Integer
Flag3 As Integer
OriginalPathName(MAX_PATH * 2) As Byte
NullSpacer As Byte
aExternalTable As Long
ExternalCount As Long
End Type
Public Type tAPIList
strLibraryName As String
strFunctionName As String
End Type
Type ExternalTable
flag As Long
aExternalLibrary As Long
End Type
Type ExternalLibrary
aLibraryName As Long
aLibraryFunction As Long
End Type
Private St_DosHeader As IMAGE_DOS_HEADER
Private St_OptHeader As IMAGE_OPTIONAL_HEADER
Private St_VBStHeader As VBStart_Header
Private St_VBHeader As VBHeader
Private St_PInfo As tProjectInfo
Private St_ETable As ExternalTable
Private St_ELibrary As ExternalLibrary
Private int_NTFile As Integer
Public Function ExtractApisEXEVB6(StrPath As String) As tAPIList()
On Error GoTo End_:
Dim Tmp_APIList() As tAPIList
Dim Strs As String * 1024
Dim lng_PosNull As Long
Dim Lng_index As Long
Dim Lng_CantApis As Long
Dim NBytes(1 To 10) As Byte
If Dir(StrPath, vbArchive) = "" Then Exit Function
int_NTFile = FreeFile
Open StrPath For Binary As int_NTFile
If LOF(int_NTFile) > 0 Then
Get int_NTFile, , St_DosHeader
Get int_NTFile, _
St_DosHeader.ExeHeaderPointer + &H19, _
St_OptHeader ' // 20 <-> LenB(Header) + 5 => &H19
Get int_NTFile, St_OptHeader.EntryPoint + 1, NBytes
With St_VBStHeader
.PushStartOpcode = NBytes(1)
.PushStartAddress = GetDWord(NBytes(2), NBytes(3), NBytes(4), NBytes(5))
.CallStartOpcode = NBytes(6)
.CallStartAddress = GetDWord(NBytes(7), NBytes(8), NBytes(9), NBytes(10))
End With
Get int_NTFile, _
(St_VBStHeader.PushStartAddress - St_OptHeader.ImageBase + 1), _
St_VBHeader
Get int_NTFile, _
St_VBHeader.aProjectInfo + 1 - St_OptHeader.ImageBase, _
St_PInfo
Lng_CantApis = 0
With St_PInfo
For Lng_index = 0 To .ExternalCount - 1
Get int_NTFile, _
.aExternalTable + 1 + (Lng_index * 8) - St_OptHeader.ImageBase, _
St_ETable
If .ExternalCount > 0 And St_ETable.flag <> 6 Then
With St_ETable
Get int_NTFile, _
.aExternalLibrary + 1 - St_OptHeader.ImageBase, _
St_ELibrary
With St_ELibrary
If .aLibraryFunction <> 0 Then
ReDim Preserve Tmp_APIList(Lng_CantApis)
Seek int_NTFile, .aLibraryFunction + 1 - St_OptHeader.ImageBase
With Tmp_APIList(Lng_CantApis)
Do
Get int_NTFile, , Strs
lng_PosNull = InStr(1, Strs, Chr(0), vbBinaryCompare) - 1
.strFunctionName = .strFunctionName & Mid$(Strs, 1, lng_PosNull)
Loop Until lng_PosNull > 0
End With
Seek int_NTFile, .aLibraryName + 1 - St_OptHeader.ImageBase
With Tmp_APIList(Lng_CantApis)
Do
Get int_NTFile, , Strs
lng_PosNull = InStr(1, Strs, Chr(0), vbBinaryCompare) - 1
.strLibraryName = .strLibraryName & Mid$(Strs, 1, lng_PosNull)
Loop Until lng_PosNull > 0
End With
Lng_CantApis = Lng_CantApis + 1
End If
End With
End With
End If
Next Lng_index
End With
End If
Close 1
ExtractApisEXEVB6 = Tmp_APIList
Exit Function
End_:
On Error GoTo 0
Call Err.Clear
End Function
Private Function GetDWord(ByVal B1 As Byte, ByVal B2 As Byte, ByVal B3 As Byte, ByVal B4 As Byte) As Double
GetDWord# = GetWord(B1, B2) + 65536# * GetWord(B3, B4)
End Function
Private Function GetWord(ByVal B1 As Byte, ByVal B2 As Byte) As Double
GetWord# = B1 + 256# * B2
End Function
ejemplo:
Sub Main()
Dim St_APIList() As tAPIList
Dim Lng_index As Variant
St_APIList = ExtractApisEXEVB6("c:\a.exe")
If (Not St_APIList) = -1 Then Exit Sub
Debug.Print "Funciones", "Librerias"
For Lng_index = LBound(St_APIList) To UBound(St_APIList)
With St_APIList(Lng_index)
Debug.Print .strFunctionName, .strLibraryName
End With
Next
End Sub
Dulce Infierno Lunar!¡.
