rundll32 is not a good choice if you need to invoke arbitrary Windows functions. The many reasons have discussed at length by Raymond Chen (1, 2, 3). Another pitfall that is not often mentioned is that there is no way to pass arguments to the function you call. Well, you can pass a single string if the function's signature matches what rundll32 expects. rundll32 will not parse out any numbers for you; in fact, it won't split the extra command line parts at all. All it does is pass a pointer to that string (LPSTR) at a certain point on the stack.
So, if you're trying to call a function that takes any set of arguments other than(HWND, HINSTNACE, LPSTR, int), you will, in effect, be passing random parameters. And by "random" I don't mean "something bizarrely different than what you intended" but "actually nondeterministic", as in the function very well might do completely different things from one run to the next.
If you need to call arbitrary functions from DLLs, consider using PowerShell to P/Invoke the API, or just write a real program to do it.
No comments:
Post a Comment