Sunday, May 4, 2014

Leaving Windows Metro API jail

I'm still playing in the WoA (Windows on ARM) realm these days. I was porting a nice test framework library which enables remote execution of the tested piece of code. Then it turned out that native Windows socket API is hidden from Metro applications...

The SDK of Windows Phone 8 let's you use them but the Windows RT devices not.  Microsoft suggests using .NET socket libraries. I don't want to get into bit politics but this is quite annoying.

So I've asked myself what the poor bit-welder could do?! I guessed that winsock DLL is still around in the system somewhere. Why would they throw it out?! This guess turned out to be a good one. The problem was how to load the DLL and how to find the addresses in the memory. In other words I needed LoadLibrary and GetProcAddress. But of course they are also hidden, otherwise this API jail wouldn't mean too much.

To break these restrictions I have wrote a mini library. It enables the code to get the original LoadLibrary and GetProcAddress and from there everything is working as like a charm :)

The library parses the Windows internal structures (which are haven't really changed from win32) . It gets from the Thread Environment Block (TEB) to Process Environment Block (PEB). The PEB contains a list of loaded modules which of course contains kernel32.dll. From there we only need to parse the export table of kernel32.dll to get to LoadLibrary and GetProcAddress.

Simpler then it sounds :)

Grab the source!