How to find out API functions of DLL files?

问题

Is there a way to get all the API (Export) functions from a DLL file?

I know that programs such as Depends and PE Explorer can do that but none of them retrieve the argument list.

回答1:

Unless the exported functions are something like a COM DLL or C++ with munging, the information simply isn't there to provide the arguments. It's normally possible to find the total size of the arguments, and there's a pretty decent chance that dividing by 4 will give something close to the right number, but beyond that it's down to manual labor, reading the assembly code to figure out how arguments are used.

If it's a COM DLL, it may include a type library that tells all about the contents of the DLL and how to use it. In this case, there will typically be only a very few exported functions to look at though -- you'll have to use COM to get at the real functionality.

If they're munged C++ names, then it'll depend on the compiler/toolset used to create the DLL. For example, if it was created with VC++, you can use UnDecorateSymbolName() to get the full name and arguments.

回答2:

I propose this way (with vissual studio 2008 and windows):

open a cmd
go to

c:\..."mvs9.0"\vc\bin
exec

dumpbin "nameOfDll".dll /exports /out c:\dumpbin.txt
open dumpbin.txt

looks like this

    ordinal hint RVA      name

      1    0 00001070 ??0CMpeg4Dec@@QAE@XZ
      2    1 000011A0 ??1CMpeg4Dec@@QAE@XZ
      3    2 00001000 ??4CMpeg4Dec@@QAEAAV0@ABV0@@Z
      4    3 00001130 ?CheckFrameType@CMpeg4Dec@@QAEHXZ
      5    4 00001100 ?DecodeFrame@CMpeg4Dec@@QAEHPAE@Z
      6    5 00001150 ?GetHeight@CMpeg4Dec@@QAEHXZ
      7    6 00001160 ?GetPicture@CMpeg4Dec@@QAEPAEXZ
      8    7 00001140 ?GetWidth@CMpeg4Dec@@QAEHXZ
      9    8 000010E0 ?InitDecoder@CMpeg4Dec@@QAEHPAE@Z
     10    9 00001120 ?ReleaseDecoder@CMpeg4Dec@@QAEHXZ

exec

undname ??0CMpeg4Dec@@QAE@XZ

the output is

Microsoft (R) C++ Name Undecorator
Copyright (C) Microsoft Corporation. All rights reserved.

Undecoration of :- "??0CMpeg4Dec@@QAE@XZ" is :- "public: __thiscall CMpeg4Dec::CMpeg4Dec(void)"

回答3:

For C++ functions, you can see the arguments (and a few other properties), and Depends can de-mangle dem). For C, no luck (C linking is untyped).

来源：https://stackoverflow.com/questions/1917539/how-to-find-out-api-functions-of-dll-files