Forum > Other

Windows API schema targets utility

(1/1)

440bx:
Hello,

This utility is for programmers who routinely disassemble Windows system dlls. 

Starting with Windows 7, MS created API schemas that are just redirection stubs presumably to group APIs by their function instead of by the DLL that implements them.

This is inconvenient when looking at disassemblies because instead of seeing the real target dll (e.g, ntdll, kernel32, gdi32, etc) what appears is some long, not particularly enlightening name along the lines of api-ms-core-bla-bla-bla-l0-l1.dll

SchemaTargets (this utility) replaces all references to API schemas found in a dll with their real target dll names.  Therefore if api-ms-bla-bla-bla.dll refers to functions in ntdll, SchemaTargets replaces api-ms-bla-bla-bla.dll with ntdll.dll

Note that SchemaTargets _never_ modifies the original dlls (Windows wouldn't let it even if it tried), it creates patched dlls under directories named "x32" or "x64" (depending on the dll's bitness) and a subdirectory indicating the applicable Windows version.

Pascal source and, Lazarus project (for ease of compilation) included.  No executables included.  Sample run screenshot attached (note: make the console very wide, 160 columns or more.)  Read the "Notes.pas" file for additional information.

Questions and comments welcome.

Enjoy!

silvestre:
Nice code! ;D


--- Quote from: 440bx on November 14, 2022, 04:01:58 pm ---Hello,

This utility is for programmers who routinely disassemble Windows system dlls.... 


--- End quote ---

440bx:

--- Quote from: silvestre on November 14, 2022, 05:57:33 pm ---Nice code! ;D

--- End quote ---
Thank you :)

Navigation

[0] Message Index

Go to full version