Reading exe in windows c# - c#-4.0

I am planning to create a Licensing Module which can be commonly used for all Desktop Applications. So i thought of making it so simple without any or less coding in the existing applications which are going to be activated by this Licensing Module.
So is there any way where if the user passes the exe location, the system should capture the exe available in the particular location, and the system should get all the windows forms available inside that exe?
Am not sure whether it is possible or not but i need to know whether there is any way to do it. It would be helpful for me to develop this with less complications.

You can read the actual executable image data from its path and in case, its a managed (.NET) executable, you can use the metadata to do some analysis. In this case, you can browse through all types within the executable assembly (and perhaps other assemblies from the same directory) and find out the number of classes/types that are inherited from System.Windows.Forms.Form.
However, considering that these applications are probably in your control, the saner approach would be have an public API in these executable that will provide you the relevant information.

Guys i found a solution for this....i used the following method...
Assembly SampleAssembly = Assembly.LoadFrom("Assembly path here");
// Display all the types contained in the specified assembly.
foreach (Type oType in SampleAssembly.GetTypes())
{
Console.WriteLine(oType.Name);
}
this worked perfectly for me....
VinayC thanks for your support buddy...really appreciate it....:)

Related

How to bundle COM dlls into a portable app?

I need to write a program that uses some COM objects, accessed from the python comtypes package. I use the clsid and/or progid to create and use them. These objects are provided by a third party, and normally they are installed with a normal installer (setup.exe or MSI file).
Let's suppose that these DLL files have a license that allows me to ship them together with my program. Is it possible to load these DLL files into memory, and use them from a portable app without actually registering them? Or alternatively, can I register them from my program?
A related question is this: how to determine the chain of DLL files that are needed to create a given COM object? (Other than trial and error.)
Background: in reality, there are multiple libs and the main problem is that I do not want the users to run 4 different installers before they can start the actual program. That would be too difficult for an average user.
You're asking a lot of questions here. There are a lot of ways to accomplish what you're trying to accomplish, and it's hard to answer such a broad set of questions. If you have specific questions on how to do a specific thing, please start new posts for those.
That said, I will try to give you some information to help you figure out what you need/want to do.
Can you use a COM DLL without registering it?
Yes. There are several ways, depending on the needs of the COM DLL and the platform you're using. However, some options won't always work, and other options are very challenging.
DllGetClassObject - In some cases, depending on the COM object you're trying to load, you can just load the DLL, call the DllGetClassObject function directly, and use the returned IClassFactory to create your object. This is the easiest way -- if it works. If the class you create requires that the DLL be registered (maybe it does a CoCreateInstance internally, or maybe it needs proxy support), this won't work for you. To determine if this will work, it's either trial-and-error, or you have to ask the developer of the COM DLL.
Registration-free COM - This is how it's done in .NET. I'm not sure if you can do anything like this easily in Python.
CoRegisterClassObject - If you are going to create your own registration-free COM implementation, this function is going to be critical. I believe this is a fundamental implementation detail for Microsoft's registration-free COM. However, be aware that this would be a very challenging thing to do, and it would require a very good understanding of COM.
Can you register a COM DLL from your program?
Yes. There are a few ways. However, you are likely to run into security issues here -- typically, COM components register themselves in HKEY_LOCAL_MACHINE, and you typically need admin rights to write here. Some COM components/installers are designed to register themselves in HKEY_CURRENT_USER, which would get around the security thing. However, you may have no control over where a component registers itself, and even if you do, registering in HKEY_CURRENT_USER isn't a perfect solution.
regsvr32.exe - One option is to programmatically invoke regsvr32.exe on the DLL.
DllRegisterServer or DllInstall - If a COM DLL can be registered with regsvr32.exe, then it has at least one of these functions exported. You can load the DLL manually and call these functions just like regsvr32.exe does. DllInstall is less common than DllRegisterServer. If DllInstall is present, it may give you the option of installing in HKEY_CURRENT_USER. If not, you have to just do whatever DllRegisterServer does, since there are no options you can provide to that function.
Write the registry values yourself -- If you can figure out all the registry settings that are needed, there's nothing stopping you from putting them into the registry manually. This would get around the HKEY_LOCAL_MACHINE/HKEY_CURRENT_USER issue -- you can write them wherever you like (but HKEY_LOCAL_MACHINE still probably requires admin rights).
regedit.exe - Another way to write the registry values yourself is to store them in a .reg file and call regedit.exe to merge them.
How do you determine dependencies of a DLL?
Ideally, the developer of that DLL knows and can tell you. That's the only way that's truly fool-proof.
For COM dependencies, it may be impossible to figure this out any other way than asking the developer or trial-and-error. This is because a COM dependency may exist simply because some code in the DLL just calls CoCreateInstance to create some third-party COM object, and since this is something that is only expressed in source code, there is no metadata on the DLL that will help you find these dependencies.
The above is also true for any dynamically-loaded dependencies. For example, if some code just calls LoadLibrary directly, there is no way for you to determine the dependency from the outside.
For statically-loaded dependencies, you can use tools like Dependency Walker. Note that a lot of the dependencies you will see are system dependencies -- you don't want to include, for example, user32.dll and kernel32.dll because these are installed with Windows.
How do you install third-party dependencies?
If you know exactly what files to write, where to write them and what registry settings (etc) need to be applied, you can do all of that yourself. For some dependencies, it can be easier to just include the third-party installer in your installer and just execute it silently. Many installers support a silent mode for just this reason. A good example of this is the Visual C++ runtime (msvcrt*.dll) -- many applications need this dependency, and many installers just include Microsoft's installer as a part of their distribution, and the primary installer just calls the secondary installers silently.

How to localize a win32 (Non-MFC) DLL

I have few win32 DLL's (Non-MFC) along with individual .rc files for different languages, presently we replace the rc file and build the full DLL again for each locale.
I am trying to find out a better way of doing it and found that MFC DLL's have something called satellite dll's wherein we can have a single DLL for the code and other resource DLL's for individual rc files.
But this resource/satellite DLL's solution doesn't seems to be working for Non-MFC dll's.
Could somebody tell me what would be the best way to localize such non-MFC dll's so that we do not need to regenerate the full Dll for each individual locales.
Thanks in advance
Rahul
There's no reason why you can't do the same with non-MFC dlls - I have done so many times.
You just need to create a set of resource-only DLLs, one for each supported language, and (from your main DLL) either load dynamically at runtime, or give them all the same names and just deploy the correct version during installation.
This MSDN page describes how to create a resource-only DLL. Although it mentions that it's helpful for MFC, there is no necessity to use MFC at all - you can apply the same logic that MFC uses to decide which satellite to load.
Partial screenshot

securing the source code in a node-webkit desktop application

first things first , i have seen nwsnapshot. and its not helping.
i am building an inventory management system as a desktop app using node-webkit . the project being built is using compoundjs (mvc javascript library). which have a definite folder structure (you know mvc) and multiple javascript files inside them.
the problem is nwsnapshot allows the app to have only a single snapshot file but the logic of application is spread over all the folders in different javascript files.
so how do i secure my source code before shipping it to client? Or any other work-around Or smarter way (yes, i know about obfuscating).
You can use nodewebkit command called nwsnapshot to compile the javascript code into binary which will be loaded into the app without specifying any js file
nwsnapshot --extra-code application.js application.bin
in your package.json add this:
snapshot: 'application.bin'
It really depends on what you mean by "secure".
You can obfuscate your javascript code fairly well (as well as potentially improve performance) by using the Google Closure Compiler.
I'm not aware of any off-the-shelf solutions to encrypt/decrypt your javascript, and honestly I would question the need for that.
Some people think they need to make it impossible to view their source code, because they're used to dealing with compiled languages where you only ship binaries to users. The fact is, reverse-engineering that binary code was never as difficult as some people think it is, so if there's any financial incentive, there is practically no difference between shipping source code and the traditional shipping of binaries.
Some languages have offered genuine encryption of deployed assets, such as Microsoft's SLPS. It seems to me that the market for this was so small that Microsoft gave it to a partner (just my view). The truth is that most customers are not interested in taking your source code; they're far more interested in your ability to service and support that code in an efficient manner, while they get on with their job.
You may consider to merge the JS files into one in the build process and compile it.

Is it possible to intercept dns queries using LSP/SPI?

I wrote my own LSP which is working fine. However, I can not catch dns queries. For example there is no function like WSPGetHostByName or WSPGetAddrInfo.
My lsp also supports UDP protocol but it is not working. If I run nslookup from console (cmd.exe) it seems working but i can not catch gethostbyname. Does anyone know how to do that? I don't think writing NSP (Name Service Provider) is a solution. But I might be wrong.
Thanks
We have developed a LSP that can "intercept" DNS queries. The only way to do it is by hooking into all of the DNS functions, keep in mind there are a few challenges you need to solve:
You need to use a good hooking library that will support both 32bit and 64bit code.
The library license must be right for your application, there are some free libraries, but can be used freely only with free projects.
When you hook the functions, you need to make sure not to modify certain values that are not IP based and defer the query to the real function.
Intercepting UDP will not work since the queries are going out from MS DNS client, so unless you write a low level driver like: TDI, NDIS or WFP you must hook the functions (or write a NSP). NSLookup works for you because it creates the DNS queries itself.
My solution would be as follows:
Take the well known web browser: firefox.exe
copy it into a new name: icefoxy.exe
modify the EXE so it will load a custom DLL.
I have already done this a few months ago, but since Firefox is constantly getting updates, that means:
EITHER: keep one version and do not update (at your own risk, may cause security problems since that means vulnerabilities will not be fixed)
OR: Update your modification every time firefox.exe changes.
The DLL can easily be written using Delphi.
The Firefox modification needs assembly language, unless you know how to download all necessary files to compile firefox yourself, have access to a C/C++ compiler (likely mingw-gcc), and be prepared of the fact that there are 2 mutually exclusive standards of C++, and if your g++ (part of the gcc suite) is incompatible with your Firefox source, then your attempt will fail.
I am not a C++ expert myself, so I took the (for me, at least) easier route using machine language, that way I do not need to be a C/C++ expert to get the job done.
Some relative points:
What functions must be hooked to intercept all Firefox's access to dns server(s) ?
I noticed, that if you load a Delphi DLL into Icefoxy.exe (a renamed copy of Firefox.exe)
then a Delphi form's colors are missing, eg. if you set (either in object ispector or in code):
Label1.Color := clLime;
you still see a label withOUT lime background color. I do not know the exact reason, but it seems that Delphi VCL is relying to be used in an EXE, and when you use Delphi VCL components inside a DLL instead of an EXE, some things (such as color) does not work as intended.
I'd be happy to post my code (both assembly language modifications to Firefox and the Delphi DLL source code) , but how/where can I post it so it is publicly viewable ?
I used Delphi 7 to make the DLL.
if you use Delphi 2009 or later, you need to take extra care that any string data passed between the Delphi code and any non-Delphi code has the correct encoding, due to the fact that In Delphi 2009 and all newer versions, the type String is an alias to unicodestring, where in older Delphi versions, the type String is an alias to AnsiString.
At the time I did this, it was just a small experiment to find out if I can force Firefox to load my own DLL inti it's process address space.
Another interesting idea would be to get access to the DOM (Document Object Model) of Firefox from a Delphi DLL, that would give a working alternative to using TWebBrowser (based on ActiveX version of Microsoft's Internet Explorer).
I know there have been components like TWebBrowser based on Firefox, but their problem is that nobody cared to update them for a very long time, so they are compatible only with some very outdated version of Firefox.

Crash using variables declared __declspec(thread)

I have a DLL (written in C) that uses static thread local storage (__declspec(thread)), and I want to use this DLL from a Visual Basic graphic interface.
Unfortunately, when running the interface on Windows XP that DLL which use static thread local storage crashes when it try to acess its thread variables.
How can I solve this problem?
Thanks,
Regards
G.B.
PS
I would like to not modify the DLL.
This is a known limitation of static TLS. Although you aren't explicitly calling LoadLibrary(), the VB runtime does so on your behalf.
Note that this limitation has been lifted from Vista. The most comprehensive reference that I know of is on Ken Johnson's blog.
You may be able to get around the problem if you could get the DLL included in the imports table of the generated .exe, which would likely involve some PE hacking and I'm far from certain it's a viable strategy. Otherwise you'll need to change the DLL.

Resources