How to use Rundll32 to execute DLL Function?
Using the ShellExecute documentation as a reference:
I run the following from the command line:
C:\>RUNDLL32.EXE SHELL32.DLL,ShellExecute handle,"open","C:\Documents and Settings\admin\Desktop\tmp",NULL,NULL,SW_SHOWNORMAL
This results in an exception error.
I don't know what this means:
HINSTANCE ShellExecute(
__in_opt HWND hwnd,
__in_opt LPCTSTR lpOperation,
__in LPCTSTR lpFile,
__in_opt LPCTSTR lpParameters,
__in_opt LPCTSTR lpDirectory,
__in INT nShowCmd
);
But in the description, a handle (HWND), and a pointer to a null-terminated string (LPCTSTR), are mentioned, but it is very confusing.
Any help would be greatly appreciated. I would also like to learn more, so any references (book, web links, etc) would also be great!
Answer
Rundll32 only supports running DLL exports with the following signature:
void CALLBACK
EntryPoint(HWND hwnd, HINSTANCE hinst, LPSTR lpszCmdLine, int nCmdShow);
It does not support running arbitrary entry points. Since ShellExecute does not have that signature, clearly bad things will happen.
INFO: Windows Rundll and Rundll32 Interface has more info on the rundll32 interface.
If you want to do the equivelent of ShellExecute from the command line, just use start:
C:\>start "C:\Documents and Settings\admin\Desktop\tmp"