Take Control of the Compiler

Author's Note: This is article is a rewritten excerpt of an
original written by John Chamberlain, a director of software development at
Clinical NetwoRx (cnrx.com). He can be reached by e-mail at jchamber@lynx.dac.neu.edu.
Give credit and props for the original code and article to him. I am merely
rewriting this to put everything into a better perspective for most of the
people on PSC.

Objectives

In the accompanying article and source code, you will learn how
to write an add-in that allows you to do the following:

1. 
   

   View your application's native/object source



2. 
   

   Perform selective compilation of your project



3. 
   

   Statically link non-VB modules (use true in-line
   C, C++, and assembly code in your projects)



4. 
   

   Export functions in your program to a normal, non-ActiveX
   DLL (an API DLL)



5. 
   

   Hook API calls by patching the import address table (IAT)
   (sometimes called the "thunk table")



6. 
   

   Access CPU registers



7. 
   

   Increase your program's stack



8. 
   

   Change your program's entry point



9. 
   

   Increase the maximum number of modules



10. 
    

    Call procedures by address

Required Tools

In order to perform the presented objectives, you will need the
following:

• 
  

  Visual Basic 5.0 or 6.0 (sorry, VB.NET doesn't work with
  this code)



• 
  

  A C compiler, preferably Visual C++



• 
  

  A debugger, such as SoftIce (if you don't want to spend the
  money or time downloading a debugger, you'll be able to write your own after
  reading this article)



• 
  

  An assembler, preferably Macro Assembler (MASM)

Background Information You Need To Read

Despite what people may think, Visual Basic isn't a true
language.  What many people don't understand is that Visual Basic's
compiler only generates native code.  This gives your programs better
performance, and above all, bullet-proof security for your source.  After
all, how many VB5 and VB6 decompilers do you know of?  All this
means you have less control over how your binary programs are complied, which
can give you a major headache when you want to keep the number of dependent
files to a bare minimum.  Alas, all is not lost.  You now have the
power to seize control of Visual Basic and give it back to your program. 
As you read, you will be able to intercept VB's native code generation and link
custom object modules into your project

However, this after-the-fact added availability has a
forewarning that is worth mentioning: Microsoft will NOT like the idea that
there are programs out there that can now intercept internal API calls of the VB
environment (and most of Windows for that matter).  This rules out giving
you access to compiler.  But that is exactly what this article and code
accomplishes.

**CRASH-YOUR-COMPUTER WARNING** You
can safely view the assembly source code of your projects using this add-in,
but you can count on seeing a lot of General Protection Faults if you
use the add-in to start inserting your own C or assembly code in a VB
binary.  I'm not saying it shouldn't be done, but I am saying you need to
consider the power vs. danger trade-off carefully, as you do with any advanced
technique.

Basic Info On The Visual Basic Compiler and How To Harness It

VB's compiler consists of two programs: C2.exe and Link.exe. 
Link.exe does just that: it links your object code with intermediate library
code and writes the executable.  C2 is an older version of Microsoft's
second-pass C compiler; Microsoft modified it specifically for use with VB, and
it is called once for every file in your project.

C2 and Link are activated with the kernel function CreateProcess. 
This is where the magic starts.  By hooking the CreateProcess API call, you
are able to intercept and modify commands sent to C2 and Link.  You're
probably thinking "How in the heck do you hook an API call in a VB
program?"  Indeed, this process is complex to say the least, but if
NuMega can do it with SoftIce, you can do it with Visual Basic.

Final Notes Before Downloading the Code

I strongly recommend reading the original article by John
Chamberlain (which is included in the ZIP), following it step-by-step, and reading
it very carefully until you really understand what's going on. Once you understand how the controller works, you will find it easy to
use; if you skip ahead, you may experience frustration. It goes without saying that this is a sophisticated tool that is appropriate only for advanced programmers. When you use it, you leave the world of the help file behind and enter into uncharted territory. The challenges and risks of forging into this wilderness are substantial, but the potential reward is well worth it: nearly total control over your VB executable.

Microsoft includes an assembler called ML.EXE in its Win98 DDK,
which is available for download at http://www.microsoft.com/ddk/ddk98.htm. Theoretically, you can buy MASM from Microsoft, but I could not find out how to buy it. You might have to have wax one of Bill's cars or something before they sell it to you. Microsoft seems to be adopting the same position toward assembly that the government has towards uranium.

You won't get far with the Compile Controller unless you have a working knowledge of assemblers and assembly language. If the last program you assembled was on punched cards, now wouldn't be a
bad time to brush up on your skills. I found the printed (yes, printed!) MASM 6.1 manuals invaluable for this purpose. You will also absolutely need a programmer's reference manual on the x86 instruction set. To get this, call (800) 548-4725 (the Intel literature distribution center). The best book on x86 assembly in print that is easily available is Master Class Assembly Language, but this book is in no way a substitute for the MASM manuals. Check out the assembly language newsgroups and their FAQs for more information. Also, note that the Microsoft knowledge base has a number of useful articles on mixed language development that are relevant.

Now go forth and kick tail, programmer!