Denying linkage to a DLL from within the DLL itself - c++

I am attempting to develop a DLL that can only be linked once by a single program/thread and deny all attempts to link by other programs/threads after it has already been linked once. The state pertaining to whether the DLL is linked or not is stored and tracked via a Boolean variable but I cant figure out how to deny the linkage from within the DLL.
extern BOOL isReferenced; // To allow for only a single reference to the dll
BOOL APIENTRY DllMain( HMODULE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH: // Linked to the library for the first time
if (isReferenced != TRUE) {
InitializeDll();
isReferenced = TRUE;
}
else {
// How does one deny access to the DLL?
}
case DLL_THREAD_ATTACH: // Linked to the library through a program thread
break;
case DLL_PROCESS_DETACH: // Unlinked from the library
UninitializeDll();
isReferenced = FALSE;
case DLL_THREAD_DETACH: // Unlinked from the library through a program thread
break;
}
return TRUE;
}
Thanks in advance.

Related

Can't find RequireSignedAppinit_DLLs in Registery

I am trying to do a small dll injection on my computer, and it doesn't seem to work.
I updated AppInit_DLLs with the path to my dll, and I read online that I need to set LoadAppinit_DLLs to 1 (which I have) and RequireSignedAppinit_DLLs to 0 for the injection to work.
but I can't find RequireSignedAppinit_DLLs in the registery..
My Registery
And here is my dll code: (It's very messy I am just trying to see if it will work before I actually make it clean)
#include "pch.h"
#define DLL_EXPORT
#include "mydll.h"
extern "C"
{
DECLDIR void Share()
{
MessageBox(NULL, (LPCWSTR)L"DLL injection!", (LPCWSTR)L"Hacked", 0);
}
void Keep()
{
MessageBox(NULL, (LPCWSTR)L"DLL injection!", (LPCWSTR)L"Hacked", 0);
}
DECLDIR void openWindow()
{
MessageBox(NULL, (LPCWSTR)L"DLL injection!", (LPCWSTR)L"Hacked", 0);
}
}
BOOL APIENTRY DllMain(HANDLE hModule, // Handle to DLL module
DWORD ul_reason_for_call,
LPVOID lpReserved) // Reserved
{
openWindow();
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
// A process is loading the DLL.
Keep();
Share();
openWindow();
break;
case DLL_THREAD_ATTACH:
// A process is creating a new thread.
Keep();
Share();
openWindow();
break;
case DLL_THREAD_DETACH:
// A thread exits normally.
Keep();
Share();
openWindow();
break;
case DLL_PROCESS_DETACH:
// A process unloads the DLL.
Keep();
Share();
openWindow();
break;
}
return TRUE;
}
Hope anyone can help...
Just create the RequireSignedAppinit_DLLs REG_WORD value yourself.
This is fine for experimentation but a real application should not modify these values because it decreases the security of the system.

Injected DLL Main loop crashes the process

I'm currently trying to inject a DLL into a project, but everytime i use a while loop the process crashes.
This is the code:
BOOL APIENTRY DllMain( HMODULE hModule, DWORD ul_reason_for_call,LPVOID lpReserved ){
switch(ul_reason_for_call){
case DLL_PROCESS_ATTACH:
while(char c = getch()){
if(c == 'p'){
MessageBox(0,L"CAPT",L"CAPT",MB_OK);
}
}
break;
}
return TRUE;
}
Since you changed your original question, I'll rearrange my answer a bit...
There are significant limits on what you can safely do in a DLL entry point.
Please read carefully through the remaks on the following page:
https://msdn.microsoft.com/en-us/library/windows/desktop/ms682583(v=vs.85).aspx
and
https://msdn.microsoft.com/en-us/library/windows/desktop/aa370448(v=vs.85).aspx
For example, it shouldn't take more than 300ms (recommended time) during the DLL_PROCESS_ATTACH. You're also not returning anything (should be a boolean).
However, I think the main reason your software hangs is because MessageBox and/or getch() probably creates a deadlock there. Regarding the MessageBox use OutputDebugString instead, refer to this answer: https://stackoverflow.com/a/10981735/5874704
Also as suggested in comments:
Don't put the while loop in DllMain. Use CreateThread in DllMain to launch a new thread. Put the while loop there
Previously you also asked about the definition of the DLLMain. This is the "bare"-function of the DllMain:
BOOL WINAPI DllMain(
HINSTANCE hDllHandle,
DWORD nReason,
LPVOID Reserved)
{
BOOL bSuccess = TRUE;
switch ( nReason )
{
case DLL_PROCESS_ATTACH:
break;
case DLL_PROCESS_DETACH:
break;
case DLL_THREAD_ATTACH:
break;
case DLL_THREAD_DETACH:
break;
}
return bSuccess;
}

How to load single DLL in multiple process in vc++

I have created a dll in c++ which is loaded in all active processes.I want to know is there any way by which this dll load only one time and that single copy will be shared by all processes.
CPhoneticProcessor * g_pPhoneticProcessor = NULL;
BOOL APIENTRY DllMain( HMODULE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
g_pProcessor = new CPProcessor();
break;
case DLL_THREAD_ATTACH:
break;
case DLL_THREAD_DETACH:
break;
case DLL_PROCESS_DETACH:
if(g_pProcessor)
delete g_pProcessor;
g_pProcessor = NULL;
break;
}
return TRUE;
}
Every Process When loads dll it create new instance of class CPProcessor so i want only one instance to be shared between all the processes.
Can anyone help me ?
You can use the data_seg feaure.Plese check following link.
https://msdn.microsoft.com/en-us/library/h90dkhs0(VS.80).aspx

Terminating thread on DLL unload

I'm trying to write a DLL plug-in for a third-party software.In the plug in i'm creating a thread in an initialization function which is called by the hosting program. However, there is no shutdown routine in which I could properly terminate the thread. I'm tried this code:
DLL_EXPORT void InitFunction() // is called by the host application
{
myThread = std::move(std::thread{myThreadFunction});
}
bool WINAPI DllMain( HINSTANCE hDll, DWORD fdwReason, LPVOID lpvReserved )
{
switch (fdwReason)
{
case DLL_PROCESS_ATTACH:
{
DisableThreadLibraryCalls(hDll);
} break;
case DLL_PROCESS_DETACH:
{
IsRunning.store(false); // tell the thread it's time to terminate;
if(myThread.joinable())
myThread.join();
}break;
case DLL_THREAD_ATTACH:
break;
case DLL_THREAD_DETACH:
break;
}
return true;
}
I know this won't work, because windows would call DllMain upon thread termintation, but the DllMain is still running and therefore would deadlock. I tried using DisableThreadLibraryCalls() in different places in the Dll, but that didn't work either. So, How can I terminate the threads in my DLL properly?

Pantheios logging in C++ DLL

Here is scenario:
I have testApp.cpp that has main function. And this testApp.cpp uses misc.dll and common.dll library.
I would like to create a log to file rather than to console.
So in testApp.cpp main() function, I use the following:
pantheios::pantheios_init();
pantheios_be_file_setFilePath("mylogfile.log");
pantheios::log_NOTICE(" START TESTAPP");
// Call function from misc.dll and common.dll
pantheios::log_NOTICE(" END TESTAPP ");
pantheios_be_file_setFilePath(NULL);
This WILL create mylogfile.log file with content 'START TESTAPP'
NOW THE PROBLEM:
I would also like to adding logging from misc.dll and common.dll to mylogfile.log.
In other words, if I add log in testMiscfunction() in misc.dll, I would like that log from
testMiscfunction() to be written to mylogfile.log.
And of course, same things with common.dll.
Now here is sample of DLL Entry for misc.dll
#include "pantheios/pantheios.hpp"
#include "pantheios/backends/bec.file.h"
#include "pantheios/implicit_link/core.h"
#include "pantheios/implicit_link/be.file.h"
extern "C" const char PANTHEIOS_FE_PROCESS_IDENTITY[] = "MISC_DLL";
BOOL APIENTRY DllMain( HANDLE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
pantheios::pantheios_init();
break;
case DLL_THREAD_ATTACH:
break;
case DLL_THREAD_DETACH:
break;
case DLL_PROCESS_DETACH:
pantheios::pantheios_uninit();
break;
}
return TRUE;
}
So now in
testMiscFunction() { pantheios::log_NOTICE("I am testMiscFunction"); }
So "I am testMiscFunction" is not being written to mylogfile.txt Question is: Why? What need to be done.
Thanks....
The DLLs should link to Pantheios dynamically, so they'll use the same data. In this case you don't need to call Pantheios init/uninit functions from the DLL entry point (which is probably a bad idea anyway).