Solved Making a COM dll proxy.

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

WildoTheDildo

Newbie
Feb 14, 2017
2
12
0
Im not new to programming either C++ or ASM but Im looking for some pointers as where to start.

This is actually a work thing rather than a game but Im finding "Stack Overflow" and such like is full of morons and this forum seems to be right up my street so to speak.

I have a IE Addon that I want to proxy.

Lets say the original addon COM dll is at c:\File\IEComfile.dll.

This file has two methods (I know not quite C++ but just for simplicity), int Method1(string blah), string Method2(Int blah).

I want to rename the original COM file c:\File\IEComfile-Old.dll then create a new one called c:\File\IEComfile.dll (this one now called instead of the original which then calls the original).

The new DLL calls Method1 is if nothing has changed. Method2 I still called but intercepted and made to change the result.

Im not after just some code for an answer but to also understand whats going on. I want to code in Visual C++ and i do have a basic understanding of COM vtables etc.

I sort of think I know where to start but could just do with some pointers to get me started.

This does seem to be slightly different to injecting code into the DLL itself (I might be wrong). Im being restricted as to doing it this way for political reasons as this is a work thing.

:)
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,205
78,998
2,400
So it's DLL hijacking -> proxying function calls. I believe there are some legit implementation for proxying, just google "proxying dll".

I can't speak much on the implementation you find online but the general idea I believe is, for each export in the original DLL you will have to duplicate the symbol names these will just be wrappers that then call the original functions exported from the original DLL and then you modify the arguments and return values to do whatever you want to do.
 

WildoTheDildo

Newbie
Feb 14, 2017
2
12
0
Rake;47743 said:
So it's DLL hijacking -> proxying function calls. I believe there are some legit implementation for proxying, just google "proxying dll".

I can't speak much on the implementation you find online but the general idea I believe is, for each export in the original DLL you will have to duplicate the symbol names these will just be wrappers that then call the original functions exported from the original DLL and then you modify the arguments and return values to do whatever you want to do.
What Im finding is that most of the online stuff assumes you have the source (which I dont) its a long gone company that wrote the original which is where Im tripping up rather.
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,205
78,998
2,400
Well you don't need the source code, there is a pointer to the Export Table in the PE Header. So you can copy the export table from the original DLL, put it into your DLL just copy it byte by byte, point the export table pointer to your new export table. Then make all the function pointers point to your function wrappers, import all the functions from the original DLL and call them in your wrapper functions. The DLL will get hijacked most likely just by putting it in the correct folder. Probably an easier way but that is how I would go about it, without using someone else's source code.
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods