JohnOne

dllall possible bitness issue

9 posts in this topic

#1 ·  Posted (edited)

This simple dllcall sets @error == 1 (cannot use dll file)

I suspect bitness issue and hoping someone on x86 can try it.

;#AutoIt3Wrapper_UseX64=y
$BUFFER = DllStructCreate("CHAR VAR[2048]")
$PBUFFER = DllStructGetPtr($BUFFER)
$SIZE = DllStructCreate("DWORD")
$PSIZE = DllStructGetPtr($SIZE)

$call = DllCall("C:\Windows\System32\Urlmon.dll", "LONG", "ObtainUserAgentString", "DWORD", 0, "STR*", $PBUFFER, "DWORD*", $PSIZE)

;ConsoleWrite(@error & @CRLF)
MsgBox(0, @AutoItX64, @error)

Compiled as either x86 or x64 @error is always 1.

Win10 x64

 

EDIT: never mind I used ^ instead of *

New screen res, and i'm blind.

Edited by JohnOne
1 person likes this

AutoIt Absolute Beginners    Require a serial    Pause Script    Video Tutorials by Morthawt   ipify 

Monkey's are, like, natures humans.

Share this post


Link to post
Share on other sites



#3 ·  Posted (edited)

I'm as blind as a dodo.

Also I still cannot get the results I want, the string is always appears to be empty even though it is reported as a size of 70 chars.

#include<NomadMemory.au3>

$BUFFER = DllStructCreate("CHAR[2048]")
$PBUFFER = DllStructGetPtr($BUFFER)
$SIZE = DllStructCreate("DWORD")
$PSIZE = DllStructGetPtr($SIZE)

$call = DllCall("C:\Windows\System32\Urlmon.dll", "LONG", "ObtainUserAgentString", "DWORD", 0, "STR*", $PBUFFER, "DWORD", $PSIZE)
ConsoleWrite("DllCall @error: " & @error & @CRLF)
ConsoleWrite("The pointer to the string: " & $call[2] & @LF)
ConsoleWrite("The size of the string: " & DllStructGetData($SIZE, 1) & @LF)

$_MemoryOpen = _MemoryOpen(@AutoItPID) ;0x0400
ConsoleWrite("_MemoryOpen @error: " & @error & @CRLF)

$_MemoryRead = _MemoryRead(Binary($call[2]), $_MemoryOpen, "char[" & DllStructGetData($SIZE, 1) & "]")
ConsoleWrite("_MemoryRead @error: " & @error & @CRLF)

_MemoryClose($_MemoryOpen)

ConsoleWrite("The string: " & $_MemoryRead & @LF)
DllCall @error: 0
The pointer to the string: 0x00D459F0
The size of the string: 70
_MemoryOpen @error: 0
_MemoryRead @error: 0
The string:

My au3 is a bit rusty though, can anyone see a glaring mistake?

Edited by JohnOne

AutoIt Absolute Beginners    Require a serial    Pause Script    Video Tutorials by Morthawt   ipify 

Monkey's are, like, natures humans.

Share this post


Link to post
Share on other sites

Maybe there's a whitespace in $_MemoryRead, try 

ConsoleWrite("The string: " & StringStripWS($_MemoryRead,8) & @LF)

 

1 person likes this

Share this post


Link to post
Share on other sites

You have rights to read your own process memory :S.

 

Local $tUserAgent=DllStructCreate("char String[512]")
Local $aRet = DllCall("Urlmon.dll", "LONG", "ObtainUserAgentString", "DWORD", 0, "ptr", DllStructGetptr($tUserAgent), "dword*", DllStructGetSize($tUserAgent))
ConsoleWrite( $tUserAgent.String & @CRLF)

Saludos

 

 

1 person likes this

Share this post


Link to post
Share on other sites
3 hours ago, Danyfirex said:

You have rights to read your own process memory :S.

 

Local $tUserAgent=DllStructCreate("char String[512]")
Local $aRet = DllCall("Urlmon.dll", "LONG", "ObtainUserAgentString", "DWORD", 0, "ptr", DllStructGetptr($tUserAgent), "dword*", DllStructGetSize($tUserAgent))
ConsoleWrite( $tUserAgent.String & @CRLF)

Saludos

Thanks, I was way over complicating it.

 


AutoIt Absolute Beginners    Require a serial    Pause Script    Video Tutorials by Morthawt   ipify 

Monkey's are, like, natures humans.

Share this post


Link to post
Share on other sites

#8 ·  Posted (edited)

Hello You're right. maybe I check how it works internally later.

 

Saludos

Edited by Danyfirex

Share this post


Link to post
Share on other sites

#9 ·  Posted (edited)

I found that when au3 script is compiled, it gives the same agent as c and c# in vs 

script: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko

compiled script: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/8.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)

EDIT:

So thinking process gets current user agent string from  its parent, which is desktop/progman when run directly by user, or autoit when run by autoit uncompiled.

 

EDIT 2: actually, the above are made with autoit, the below is from vs

Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/8.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)

Notice "Windows NT 6.2"

EDIT 3: actually that was from c++ in vs, the following is pinvoked in c# which is different again.

Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/8.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)

EDIT 4: ok getting a bit happier now, below is autoit uncompiled using x64

Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; Win64; x64; Trident/8.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)

Edited by JohnOne

AutoIt Absolute Beginners    Require a serial    Pause Script    Video Tutorials by Morthawt   ipify 

Monkey's are, like, natures humans.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now