Run *.tmp DLL

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
#include <stdio.h>
#include <windows.h>
typedef DWORD (__cdecl *t_Func)(DWORD magic_val);
t_Func loadFunc(HMODULE hLib, char *name)
{
t_Func func = (t_Func) GetProcAddress(hLib, name);
if (func == NULL) {
printf("Could not get the %s\n", name);
return NULL;
}
printf("Got the %s: %p!\n", name, func);
return func;
}
int main(int argc, char *argv[])
{
char *path = "5003.tmp";
if (argc >= 2) {
path = argv[1];
}
printf("Trying to load DLL: %s\n", path);
HMODULE hLib = LoadLibraryA(path);
if (hLib == NULL) {
printf("Could not load the DLL!\n");
system("pause");
return (-1);
} else {
printf("DLL loaded at: %p\n", hLib);
}
t_Func func1 = loadFunc(hLib, "Func1");
t_Func func2 = loadFunc(hLib, "Func2");
if (func1 == NULL || func2 == NULL) {
system("pause");
return (-1);
}
printf("Calling Func1:\n");
DWORD ret = func1(0x48b58f59);
printf("Returned: %x\n", ret);
printf("Calling Func2:\n");
ret = func2(0x6d14d59c);
printf("Returned: %x\n", ret);
system("pause");
return 0;
}