Bassmod as LIB

[Ufo-Pu55y]

lo,

anybody ever had 'luck' converting Bassmod.DLL into a .LIB ?

For static linking I mean... I guess lotsa ppl would love to have it.

I've tried the tool 'Dll To Lib' on it, but somehow it fails bigtime..

all generated symbols are crap.. useless. (and yes I've unpacked it before ofc ^^)

I don't know about any other tool.

Somebody out there having experience in this topic?

cheers

[ragdog]

Hi

This bassmod package have a lib this use this dll after compile

The other way is ripp this dll with ida and make a standalone lib without dll

Think i must work:confused:

Then gives a way this use i load dll from memory.

withou extract this dll to disk

cheers,

[Ufo-Pu55y]

This bassmod package have a lib this use this dll after compile

Yep, but there are 2 kinds of LIBs. One for dynamic linking and one for static.

The one that's shipped in the package is for the dynamic one.

I know the author has been asked 1000 times to release a damn static one,

but he simply doesn't wanna :\

Then gives a way this use i load dll from memory.

And I know that code very well, since I once converted it from C to C#.

It's just not a very stable approach.. trying to avoid it.

The other way is ripp this dll with ida and make a standalone lib without dll

I dunno about that one.. will have a look oO

EDIT/

Haven't seen anything useful in IDA (neither found a plugin) to do such a job.

Well, in spite of saving the whole stuff as *.asm... I guess you meant that :\

Edited April 11, 2010 by Ufo-Pu55y

[Killboy]

Here's an awesome idea (even better than ripping code from IDA and hand crafting a lib file :>):

Make sure the DLL is loaded at the exact same address as the beginning of the data section in your app (ok, this might get tricky)

Grab the whole DLL memory (including header section padding)

Copy that data into your app as a byte array

Make that array the first variable so it begins at the start of the data section

Make sure the data section protection has executable right

Find the IAT of the DLL and create code that fills it with the right API values with GetProcAddress etc.

Now, declare a pointer and assign the address of the APIs to it

Voila, call the pointer

Easy? Easy.

[ragdog]

Well, in spite of saving the whole stuff as *.asm... I guess you meant that :\

Yes that mean i save it as asm remove this dllentry **** and compile it with masm or other asm compiler

to static lib

Many keygener do but there is no other:^

If bassmod better as ufmod for use xm sound?

@Killboy

Make sure the DLL is loaded at the exact same address as the beginning of the data section in your app (ok, this might get tricky)

Grab the whole DLL memory (including header section padding)

Copy that data into your app as a byte array

Make that array the first variable so it begins at the start of the data section

Make sure the data section protection has executable right

Find the IAT of the DLL and create code that fills it with the right API values with GetProcAddress etc.

Now, declare a pointer and assign the address of the APIs to it

Voila, call the pointer

Is this same like my methode?

Then gives a way this use i load dll from memory.

@Ufo-Pu55y

as example

xm_lib		file	'ufmod.dmp' 	 ; must be at 0x00401000 !!!
xm_play 	=		xm_lib + 9158h
xm_stop 	=		xm_lib + 0D8h
xm_handle =		xm_lib + 1Ch
;--------------------------------------------------------------------
xm_file 	file	'glass.xm'
xm_size 	=		$-xm_file
;--------------------------------------------------------------------
caption 	db		'.:FASM:.',0
message 	db		'uFMOD ruleZ!',0
;--------------------------------------------------------------------
entry		$
		push	xm_size xm_file [GetProcAddress][GetModuleHandle]
		call	xm_play
		invoke MessageBox,0,message,caption,MB_ICONQUESTION
		push	dword [xm_handle]
		call	xm_stop
		invoke ExitProcess,0

Greets

Edited April 11, 2010 by ragdog

[Ufo-Pu55y]

Easy? Easy.

You mean doing the 'load-dll-from-memory'-thingy without having to care about relocations n stuff? oO

If bassmod better as ufmod for use xm sound?

Actually it's even better for playing XM. But that's not the reason.

I've been asked to make uPPP support other chiptune formats like MOD for example.

And I don't like the idea of saving it to disk first, before loading it into memory.

You know.. UAC and friends.. dunno.

xm_lib		file	'ufmod.dmp' 	 ; must be at 0x00401000 !!!
xm_play 	=		xm_lib + 9158h
xm_stop 	=		xm_lib + 0D8h

You forgot about the import stuff. I saw you mentioned 'SimplePack' which uses this approach

when using aPLib. Well, aPLib doesn't import anything.. that's why it's ok to use it like that.

Chiptune libs import lots of stuff. So this approach would work on your machine, while it crashes

on others at once.

[ragdog]

Yes SimplePack use this sam methode only with this aplib.dll

Download simplepack you can see it works

[ghandi]

Although i never completed it, i was working on an application which takes an executable and merges it with a dll file, relocating the dll to its new base address. It does work, but the concept i was following was for a protector stub embedding, so i didn't work on the import table or resources. Thats where i thought i'd find trouble with this idea, that anything calling GetModuleHandle and then trying to access stuff such as the resource directory would fail.

Hooking these functions, maybe you could spoof the base address and make it work, but its still hit and miss. What is unstable about the memory PE approach? If the dll is mapped correctly and gets entered into the linked list so that calls to GetModuleHandle and such succeed, where is the difference between that and the Windows loader?

HR,

Ghandi

[ghandi]

Okay after some rooting around i think i may have made something... Don't shoot me if it isnt 100%, i haven't tested it thoroughly, but here is a static library version of bass.dll.

What i did:

1. Unpacked file, restored imports.

2. Unpacked 2nd copy at different base address.

3. Rebuilt relocations using ReloX because the reloc table seemed corrupted.

4. Loaded unpacked file and header from package into Lib2Dll.

5. Removed linker settings about libc.lib and oldnames.lib

6. Converted file to static library.

Once i made that, i then took the example code from the MASM part of the bass.dll package and added a call to the dll entrypoint for DLL_PROCESS_ATTACH and DLL_PROCESS_DETACH and the player works without bass.dll. Once again though, i haven't tested this thoroughly so there may still be bugs from the conversion. Any feedback is appreciated.

HR,

Ghandi

BASS static lib - MASM player example.rar

[Ufo-Pu55y]

Haha!?!? I only got until your step 4.

Awesome, ghandi.. I will check it out asap when I'm home.

Thx for the effort !

[Killboy]

I guess I got carried away a little with the geek humor. Never mind my previous post unless it makes you laugh

EDIT: Maybe I should have spilled more smilies

Edited April 12, 2010 by Killboy

[Ufo-Pu55y]

Hip hip hurray! Here's my new try looking at the one from Ghandi:

BASSMOD.STATIC.LIB.7z (also with demo project)

It's 30kb or less when nicely packed. So it's not much bigger than ufMod !

Therefor you can load MOD, IT.. ah **** it.. I won't tell about it.

Chiptune loverz will know about the sound diff

@ghandi:

4. Loaded unpacked file and header from package into Lib2Dll.

How did you add the header?

DllToLib v2.0 over here.. maybe I should d/l a newer version.

Anyway, the only thing I changed right now is, that I added the bassmod.lib from the package into DllToLib.

But maybe you meant that. Then it 'magically' worked here, too.. thx again ;P

Tho I'm still wondering why your lib is 4 times bigger oO

But simply calling it's DllMain wouldn't have come to my mind.. great!

Tho it even plays OK without calling DllMain, I'm sure it should be done.

But I'm also not sure if there a bugs in it, since I didn't fully test it.

@kill:

You know I'm a serious gal. Next time do beta !11

[Zool@nder]

His lib is bigger because he works on bass and not bassmod, the bass version supports match more audio stuff (inc MP3, MP2, MP1, OGG)

I have also a converted one, but crashes some times.

may be the relocs problem, have to test ghandi method

any way, thanks for the subject and for the static lib

Edited April 13, 2010 by Zool@nder

[ghandi]

Sorry man, i made a mistake. I meant to type 'lib' file but somewhere between the brain and the fingers the message got screwed up. I don't have Dll2Lib 2.0 , i only have 1.42. I got it ages ago and haven't looked for a (full) newer version, is there any improvement over 1.42? Aside from the nag messagebox, v3.0 claims to create fully functional lib files and the messagebox is easily patched out of the lib file, but i've not used it really.

HR,

Ghandi

Edited April 13, 2010 by ghandi

[Ufo-Pu55y]

His lib is bigger because he works on bass and not bassmod

Makes sense now.. should have known better since it's called 'bass' not 'bassmod'

@ghandi:

Version 3.00
==================================
+ Full support to Windows Vista.
+ Support attribute certificate table.
+ Support delayed-load import table.
+ Support HTML help and PDF help documents.
!! Fix the problem in processing the import table.
!! Fix some minor errors.Version 2.00
==================================
+ Completely rewrite the conversion engine.
+ Support to find unresolved symbols automatically.
+ Support to add prefix to the generated symbols.
+ Improve the compatibility.
!! Fix the problem in processing the base relocation table.
!! Fix some minor errors.

But I got no idea if these fixes are worth the download.. prolly not really

[ghandi]

I guess its more than just the messagebox which is different between the full version and the 'trial' version...

Calls to functions are replaced with:

0046062A       E8 01080000             CALL 00460E3000460E30       E8 23020000             CALL 00461058
00460E35     - 0F85 12D3FBFF           JNZ 0041E14D
00460E3B       C3                      RET

Which in turn calls:

00461058       50                     PUSH EAX
00461059       51                     PUSH ECX
0046105A       52                     PUSH EDX
0046105B       53                     PUSH EBX
0046105C       54                     PUSH ESP
0046105D       55                     PUSH EBP
0046105E       56                     PUSH ESI
0046105F       57                     PUSH EDI
00461060       33C0                   XOR EAX,EAX
00461062       BF 00304600            MOV EDI,00463000                         ; ASCII TAB,TAB,TAB...
00461067       8107 4B5F606A          ADD DWORD PTR [EDI],6A605F4B
0046106D       8187 04000000 175D6C65 ADD DWORD PTR [EDI+4],656C5D17
00461077       8187 08000000 5A6B6066 ADD DWORD PTR [EDI+8],66606B5A
00461081       8187 0C000000 6517606A ADD DWORD PTR [EDI+C],6A601765
0046108B       8187 10000000 175E5C65 ADD DWORD PTR [EDI+10],655C5E17
00461095       8187 14000000 5C69586B ADD DWORD PTR [EDI+14],6B58695C
0046109F       8187 18000000 5C5B1759 ADD DWORD PTR [EDI+18],59175B5C
004610A9       8187 1C000000 70175865 ADD DWORD PTR [EDI+1C],65581770
004610B3       8187 20000000 176C6569 ADD DWORD PTR [EDI+20],69656C17
004610BD       8187 24000000 5C5E606A ADD DWORD PTR [EDI+24],6A605E5C
004610C7       8187 28000000 6B5C695C ADD DWORD PTR [EDI+28],5C695C6B
004610D1       8187 2C000000 5B176D5C ADD DWORD PTR [EDI+2C],5C6D175B
004610DB       8187 30000000 696A6066 ADD DWORD PTR [EDI+30],66606A69
004610E5       8187 34000000 6517665D ADD DWORD PTR [EDI+34],5D661765
004610EF       8187 38000000 173B4343 ADD DWORD PTR [EDI+38],43433B17
004610F9       8187 3C000000 176B6617 ADD DWORD PTR [EDI+3C],17666B17
00461103       8187 40000000 43605918 ADD DWORD PTR [EDI+40],18596043
0046110D       8187 44000000 04010401 ADD DWORD PTR [EDI+44],1040104
00461117       8187 48000000 4B661769 ADD DWORD PTR [EDI+48],6917664B
00461121       8187 4C000000 5C5E606A ADD DWORD PTR [EDI+4C],6A605E5C
0046112B       8187 50000000 6B5C6917 ADD DWORD PTR [EDI+50],17695C6B
00461135       8187 54000000 70666C69 ADD DWORD PTR [EDI+54],696C6670
0046113F       8187 58000000 175A6667 ADD DWORD PTR [EDI+58],67665A17
00461149       8187 5C000000 7017665D ADD DWORD PTR [EDI+5C],5D661770
00461153       8187 60000000 173B4343 ADD DWORD PTR [EDI+60],43433B17
0046115D       8187 64000000 176B6617 ADD DWORD PTR [EDI+64],17666B17
00461167       8187 68000000 43605923 ADD DWORD PTR [EDI+68],23596043
00461171       8187 6C000000 1767635C ADD DWORD PTR [EDI+6C],5C636717
0046117B       8187 70000000 586A5C17 ADD DWORD PTR [EDI+70],175C6A58
00461185       8187 74000000 6D606A60 ADD DWORD PTR [EDI+74],606A606D
0046118F       8187 78000000 6B310401 ADD DWORD PTR [EDI+78],104316B
00461199       8187 7C000000 006E6E6E ADD DWORD PTR [EDI+7C],6E6E6E00
004611A3       8187 80000000 25596065 ADD DWORD PTR [EDI+80],65605925
004611AD       8187 84000000 58697024 ADD DWORD PTR [EDI+84],24706958
004611B7       8187 88000000 6A665D6B ADD DWORD PTR [EDI+88],6B5D666A
004611C1       8187 8C000000 255A6664 ADD DWORD PTR [EDI+8C],64665A25
004611CB       8187 90000000 2666695B ADD DWORD PTR [EDI+90],5B696626
004611D5       8187 94000000 5C69255F ADD DWORD PTR [EDI+94],5F25695C
004611DF       8187 98000000 6B640401 ADD DWORD PTR [EDI+98],104646B
004611E9       8187 9C000000 6669175A ADD DWORD PTR [EDI+9C],5A176966
004611F3       8187 A0000000 66656B58 ADD DWORD PTR [EDI+A0],586B6566
004611FD       8187 A4000000 5A6B3104 ADD DWORD PTR [EDI+A4],4316B5A
00461207       8187 A8000000 01006A58 ADD DWORD PTR [EDI+A8],586A0001
00461211       8187 AC000000 635C6A37 ADD DWORD PTR [EDI+AC],376A5C63
0046121B       8187 B0000000 59606558 ADD DWORD PTR [EDI+B0],58656059
00461225       8187 B4000000 6970246A ADD DWORD PTR [EDI+B4],6A247069
0046122F       8187 B8000000 665D6B25 ADD DWORD PTR [EDI+B8],256B5D66
00461239       66:8187 BC000000 5A66  ADD WORD PTR [EDI+BC],665A
00461242       8087 BE000000 64       ADD BYTE PTR [EDI+BE],64
00461249       80BF C0000000 00       CMP BYTE PTR [EDI+C0],00
00461250       74 07                  JE SHORT 00461259
00461252       B8 01000000            MOV EAX,1
00461257       EB 19                  JMP SHORT 00461272
00461259       C687 C0000000 01       MOV BYTE PTR [EDI+C0],1
00461260       57                     PUSH EDI
00461261       68 30200000            PUSH 2030
00461266       6A 00                  PUSH 0
00461268       57                     PUSH EDI
00461269       6A 00                  PUSH 0
0046126B       FF15 C0214600          CALL DWORD PTR [<&user32.MessageBoxA>]   ; user32.MessageBoxA
00461271       5F                     POP EDI
00461272       83E0 01                AND EAX,1
00461275       B9 BF000000            MOV ECX,0BF
0046127A       B0 09                  MOV AL,9
0046127C       FC                     CLD
0046127D       F3:AA                  REP STOS BYTE PTR ES:[EDI]
0046127F       5F                     POP EDI
00461280       5E                     POP ESI
00461281       5D                     POP EBP
00461282       5C                     POP ESP
00461283       5B                     POP EBX
00461284       5A                     POP EDX
00461285       59                     POP ECX
00461286       58                     POP EAX
00461287       C3                     RET

The above code simply morphs the tabs in the buffer to the nag string:

"This function is generated by an unregistered version of DLL to Lib!....To register your copy of DLL to Lib, please visit:...www.binary-soft.com/order.htm..or contact:...sales@binary-soft.com"

After the messagebox has executed it will then return to the callee which will jump to the intended function. Patching the messagebox away is simple, but what sort of overhead is introduced when all calls to functions are routed through this crap?

From reversing the app a little it actually builds individual obj files for each member of the library file, then it assembles them together to make the final archive. It appears to me that it has the nag code as a separate obj file because when it is used in a project the code for the nag is separate and below the jump table for the converted code. When it was converted, Dll2Lib made a handler for each call and pointed each function call to its respective label. Then the linker does the rest when its used in a project, actually linking the separate object files into the executable.

HR,

Ghandi

Edited April 14, 2010 by ghandi

[Accede]

wow great work Ufo-Pu55y and ghandi.

one question @Ufo-Pu55y what you us to rip the chiptune.inc file?

can you please give me are download link for the tool you used.

[Ufo-Pu55y]

I guess you already got one.. C:\masm32\bintodb.exe

I've seen several other GUI based ones in the past.. forgot their names.

The one I'm using is coded by myself, but you don't wanna use it,

cuz it has no GUI.. anyway here it is: Bin2Inc.7z

[Accede]

I will use it and it has no graphical user special surface is not bad.

I've already found out after two seconds as it is served.

Or is there some wrong Bin2inc Tiffi.xm tiffi.inc chiptune dd 8 8

I ask only because I see it here in the inc file db 000h, 000h, 000h

[Ufo-Pu55y]

wtf.. could u send me the XM? your commandline looks ok to me!

[Accede]

ok her is it.

After i del the db 000h, 000h, 000h it works

Tiffi.rar

Edited June 14, 2010 by accede

[Ufo-Pu55y]

I ask only because I see it here in the inc file db 000h, 000h, 000h

Ahhhh... I didn't get it first. I thought you got 3 times 000h and nothing else at all!

Your XM comes with an odd length.. that's the reason why it doesn't end with

a 'clean' DWORD in the .inc.

It was the main reason why I coded my own converter. In the past I saw that

other tools didn't correctly handle odd file sizes (maybe intentionally of course).

After i del the db 000h, 000h, 000h it works

No need to delete anything! It works like it is.. I've just tried it to be sure.

It probably won't crash when you delete these zeroes, cuz in memory it gets

refilled with zeroes again (due to section alignment or whatnot)..

but in theory it might since the song structure gets damaged.

cheers

[Accede]

I test it wight another xm file, i get the same db 000h, 000h, 000h.

I delete the db 000h, 000h, 000h and the sound works wight out crashing.

Next time i dont delete anything.

It works and your lib play all modules how bassmod.dll supports.

Edited June 14, 2010 by accede

[Ufo-Pu55y]

Can i us you tool on orther fasttracker modules(mod,it) usw.

erm... to get the drop on it, it works on pr00n vids and everything ^^

did you get it, that the *.inc output is just a source code conversion of

the input binary and nothing else :?

Edited June 14, 2010 by Ufo-Pu55y

[wunder]

Okay after some rooting around i think i may have made something... Don't shoot me if it isnt 100%, i haven't tested it thoroughly, but here is a static library version of bass.dll.

What i did:

1. Unpacked file, restored imports.

2. Unpacked 2nd copy at different base address.

3. Rebuilt relocations using ReloX because the reloc table seemed corrupted.

4. Loaded unpacked file and header from package into Lib2Dll.

5. Removed linker settings about libc.lib and oldnames.lib

6. Converted file to static library.

Once i made that, i then took the example code from the MASM part of the bass.dll package and added a call to the dll entrypoint for DLL_PROCESS_ATTACH and DLL_PROCESS_DETACH and the player works without bass.dll. Once again though, i haven't tested this thoroughly so there may still be bugs from the conversion. Any feedback is appreciated.

HR,

Ghandi

Hi I was wondering how did you use Lib2Dll?

I got my copy here:

http://www-soft.uni-...t/pd/RSXNT/BIN/

although the whole RSXNT compiler can be downloaded here:

http://willus.com/rsxnt.shtml

download:

http://willus.com/ar...xnt_install.exe

This is what I get for the Lib2Dll use:

http://www-soft.uni-...ML/RSXN1J3G.HTM

I attached my poor attempt ... If you have time ... Can uou please let me know how to use it...??

Thank you

my poor attempt.zip