Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Use Rundll32.exe to execute function exported by DLL

I have a DLL which exports a function:

__declspec(dllexport) 
void __stdcall MyEntryPoint(char* params)
{
    MessageBoxA("MyEntryPoint",params,0,0);
}

How can I use rundll32.exe to load my DLL and call MyEntryPoint()?

like image 394
CnativeFreak Avatar asked Dec 27 '22 06:12

CnativeFreak


1 Answers

You need to define a function with a very specific signature in order for it to be callable by rundll32. Have a look at this blog entry for information, which includes details on how and why you may get crashes.

Also, take a look at this answer to a similar question, where the signature of the function is detailed.

Essentially for your function to be callable safely it would need to be defined as something like:

void CALLBACK MyEntryPoint(HWND hwnd, HINSTANCE hinst, LPSTR pszCmdLine, int nCmdShow);

or

void CALLBACK MyEntryPointW(HWND hwnd, HINSTANCE hinst, LPWSTR pszCmdLine, int nCmdShow);

Anything else will corrupt the stack and may (or may not) cause a crash. I think that in later versions of Windows, rundll will first look for the MyEntryPointW function, and if found call that - the difference is in the Unicode pszCmdLine parameter.

For more information on how to use rundll32, have a look at MSDN, which details what to expect for each of the parameters, etc.

like image 111
icabod Avatar answered Jan 07 '23 20:01

icabod