DispCallFunc


Author: David Zimmer
Date: 01.17.23 - 7:12pm



Finally getting around to playing with DispCallFunc to call class methods on VB objects (including private functions in the vtable).

I was having problems getting return values and some weirdness when trying to use it from VB. Using it from VB directly adds an extra layer of confusion because of the VB6 Api Declare translation of things.

So I ditched that and went to using a vb6 class called from C where you have explicit control of the arguments without any translation layer involved.

Now I can take another run at doing it from VB or devise an alternative strategy with more explicit control.

I have created a github gist with the code.

This coupled with the ability to enumerate all live class instances in a running vb6 executable will be pretty interesting.

For public methods you dont need this, you can use the remote scripting trick

Coupled with the data output from vbdec it will be a cake walk.

I would still like to implement a thing in vbdec to enum all live class instances, and then show all the public variables values with option to call public and private methods with user args. We are almost there.

There is also some embedded information about private variables held at the class and module level. It may only be for variable types which require cleanup such as objects, arrays, and strings. Not fully sure yet. Way nicer than having to scan teh disasm for references though. Still studying these. They can be found below ObjInfo.PublicBytes and ObjInfo.ModulePublic. Static bytes does the same thing, talked about it somewhere. Anyway one of them holds type information, the other the actual data I Believe.

Update: the live classes/ref count/pub vars UI is already out. This could actually be a handy profiling tool for any VB6 developer.








Comments: (0)

 
Leave Comment:
Name:
Email: (not shown)
Message: (Required)
Math Question: 78 + 38 = ? followed by the letter: Q 



About Me
More Blogs
Main Site
Posts: (All)
2024 ( 1 )
2023 (4)
     Yara Workbench Automation
     VS linker versions
     IDA decompiler comments
     DispCallFunc
2022 (5)
     VB6 Implements
     VB6 Stubs BS
     VB6 TypeInfo
     VB6 VTable Layout
     Yara isPCode rule
2021 (2)
     rtcTypeName
     VB6 Gosub
2020 (5)
     AutoIT versions
     IDA JScript 2
     Using VB6 Obj files from C
     Yara Corrupt Imports
     Yara Undefined values
2019 ( 6 )
2017 ( 5 )
2016 ( 4 )
2015 ( 5 )
2014 ( 5 )
2013 ( 9 )
2012 ( 13 )
2011 ( 19 )
2010 ( 11 )
2009 ( 1 )