Memberlist- Type=Exe
- Form=Form\frmMain.frm
- Module=Module\modMain.bas
- HelpFile="help_file_name.hlp"
- Title="this_is_the_project_title"
- ExeName32="CommonApp"
- Name="this_is_the_project_name"
- CompilationType=-1
 |
VB Decompiler Hosted by TheAutomaters.com
|
| CommonApp 1.0 - Show & Tell |
Moderator
Joined: 24 Sep 2002
Posts: 194
| Posted: Sun Dec 22, 2002 2:45 pm Post subject: | |
|
And at what point were you going to share the secrets of getting that output with us?
Seriously, this is neat stuff! So much for those "can't decompile" smarta??es. I get the feeling you guys are way ahead of me in the actual decompile ability! Guess I'm spending too much time on RACE and not enough on my decompiler. Good job. Sarge |
|
Site Admin
Joined: 21 Sep 2002
Posts: 385
Location: California
| Posted: Sat Dec 28, 2002 9:32 pm Post subject: bout dang time | |
|
well i finally made the link....and i got the name of the Imports...
heres what i did... I looked at CommonApp's Imports....and then loaded the PE stuff for the requesting DLLs[only one in this case MSVBVM60.DLL] and Cross Referenced the Exports for MSVBVM60 with the Imports in CommonApp....this includes the FunctionName,Hint,Ordinal,Offset then a created a Collection with the Index of the AddressesOffsets Also...I made a Part Called FunctionAlias.... to get the Alias i trim a couple of prefixes[rtc,_,__] and suffixes[Var,Bstr,Char] ok i think im about done with CA1... on to CA2 _________________ -MrU |
|
New User
Joined: 10 Feb 2008
Posts: 0
| Posted: Sun Dec 29, 2002 12:35 pm Post subject: | |
|
MrU:
Eww! At the moment, im just sticking with the ordinal. I dont like the sound of chopping up strings to suit the user (; Like we discussed, MrU there are many circumstances that this method would break. I try to stay away from string manipuation as much as possible heehee. Oh well, I guess you have a time-constraint to stick to... (; Sarge: As far as I can see, we're not *that* far ahead of you now. Basically, you need to implement the argument string handler for the opcodes and you'll automagically be up to the same ability. If you need help in doing that, then ask away! But MrU and I do have a couple of difference in processing the arguments. For example, MrU would sometimes use "u" to push things onto the stack, whereas I would not. Both approaches are just as effective as you can see, but we're gonna have to be careful not to get confused |
|
New User
Joined: 10 Feb 2008
Posts: 0
| Posted: Sun Dec 29, 2002 6:59 pm Post subject: | |
|
Well, I decided to look at this section today in more depth. I always try and relate to the logic of "if VB can do it, then so can I". So, I messed around with the type library stuff a little more. You'll like this:
@ MSVBVM??.DLL is com-compatible. @ There is a function GetDLLEntry. A sample use of this follows: [vb:rawj59kf]
This returns a member in the type library when given an ordinal number. It is almost encapsulated providing the following points are noted: @ Private TLI As New TLIApplication @ Private TypeLibInfo As TypeLibInfo @ Set TypeLibInfo = TLI.TypeLibInfoFromFile(<filename>) And of course, the type library must be loaded I was going to say something else... nope its gone. Oh well, couldnt have been that important hehe! Sorry, in a bit of a rush - pub is calling! Ciao, moog |
|
New User
Joined: 10 Feb 2008
Posts: 0
| Posted: Wed Mar 05, 2003 4:18 pm Post subject: All-in-one? | |
|
Guys (and Gals),
Do you like the idea of making all achieved techniques/algorithms/programs for decompiling parts of VB EXE as a bundle of classes/procedures so that it can be easilly enhanced when someone finds something new? |
|
New User
Joined: 10 Feb 2008
Posts: 0
| Posted: Thu Mar 06, 2003 1:44 am Post subject: | |
|
Well, it WOULD make things somewhat easier and convenient. But there's the problem of VersionControl; that is, testing/debugging by others, or even propagation of a flawed version to the outside world. Maybe each procedure/wrapper/class for the various parts of the "VB Investigator" should be in a separate section/thread to allow mods/updates/fixes by various supporting/contributing individuals. That way, when everyone agrees that a particular procedure is right, it most likely will be. At that point, make it an officially available offering.
Or maybe some other equivalent method could be used so that there aren't 45 different code blocks out there, of which none agree with the Master that we would have here. Anyone volunteer to admin THAT mess? Sarge |
|
New User
Joined: 10 Feb 2008
Posts: 0
| Posted: Thu Mar 06, 2003 5:56 am Post subject: Re: All-in-one? | |
|
[="Anonymous":210lsgea]Guys (and Gals),
Do you like the idea of making all achieved techniques/algorithms/programs for decompiling parts of VB EXE as a bundle of classes/procedures so that it can be easilly enhanced when someone finds something new?[/:210lsgea] That would be a great idea. I support you. Keep on. When do we expect this move? |
|
New User
Joined: 10 Feb 2008
Posts: 0
| Posted: Fri Mar 14, 2003 12:17 pm Post subject: Re: All-in-one? | |
|
[="Anonymous":3lnmlorw]Guys (and Gals),
Do you like the idea of making all achieved techniques/algorithms/programs for decompiling parts of VB EXE as a bundle of classes/procedures so that it can be easilly enhanced when someone finds something new?[/:3lnmlorw] To some extent, we have tried to standardise the decompiling procedure by listing some of the standard structures in a vb exe file. This is really all you need (with a base understanding of file handling in your desired language) to create a vb file analyser. I dont believe that we should start giving out specific classes etc because we then effectively get a decompiler to the masses, and this could be a bad thing from some peoples' points of view. |
|
New User
Joined: 03 Jan 2003
Posts: 4
Location: France
| Posted: Mon Aug 25, 2008 1:01 am Post subject: Re: CommonApp 1.0 - Show & Tell | |
|
Hello,
here is what we get after using it with the last version of VBReFormer (5.3) on the commonapp (native): [url:3d0e7bo5]http://www.decompiler-vb.net/documentation/commonapp_output_by_vbreformer.zip[/url:3d0e7bo5] Example: [code=text:3d0e7bo5]
| |
[code=text:3d0e7bo5]
- ' ////////////////////////////////////////////////////////
- ' // VBReFormer 2008 © Sylvain Bruyere
- ' // Assembly: this_is_the_project_name.frmMain (Form)
- '////////////////////////////////////////////////////////
- 'Event for cmdAdd
- Private Sub cmdAdd_Click
- Set var_pv2 = Me.lstItems()
- Set var_pv3 = Me.txtItem()
- var_pv4 = var_pv3.Text()
- Call var_pv2.AddItem(var_pv4)
- 'var_num6 = -52 - 12 + 12
- 'var_num6 = 'var_num6 + 12
- End Sub
- 'Event for Form
- Private Sub Form_Load
- Set var_pv2 = Me.lstItems()
- Call var_pv2.AddItem("this item added on form load")
- End Sub
- Private Sub Form_Click
- var_pv2 = ("form was clicked")
- var_pv3 = MsgBox(var_pv2, 0)
- 'var_num6 = -52 - 12 + 20
- 'var_num6 = 'var_num6 + 20
- End Sub