Get all functions of a DLL file. Useful to build DLL proxy projects.

getdllfunctions.py

# Install dependencies
# pip install pefile

import pefile
import optparse
import os

def test(path):
    if os.path.exists(path) == False:
        print("[-] File Not Found: {}".format(path))
    else:
        # Check if the path starts with ".\" and remove it if present
        if path.startswith(".\\") or path.startswith("./"):
            # Remove the ".\" prefix and the ".dll" extension
            dllname = os.path.splitext(path[2:])[0]
        else:
            # Split the path into root and extension parts and remove ".dll" extension
            root, extension = os.path.splitext(path)
            if extension.lower() == ".dll":
                dllname = root
            else:
                dllname = path

            # Replace backslashes with double backslashes in the dllname
            dllname = dllname.replace("\\", "\\\\")

        # Wrap the full path in quotes if it contains spaces
        if " " in dllname:
            dllname = '\\"{}\\"'.format(dllname)

        formats = "#pragma comment(linker,\"/export:{function}={dllname}.{function_},@{ordinal}\")"
        pe = pefile.PE(path)
        modules = pe.DIRECTORY_ENTRY_EXPORT.symbols
        for module in modules:
            modulename = module.name.decode()
            print(formats.format(function=modulename, dllname=dllname, function_=modulename, ordinal=module.ordinal))

if __name__ == '__main__':
    parser=optparse.OptionParser()
    parser.add_option('-f',dest="file",help="Original DLL file location to proxy")
    (option,args)=parser.parse_args()
    if option.file:
        test(option.file)
    else:
        parser.print_help()
        print("\nUsage examples:")
        print("1) Full path to original DLL: \n\tpython getdllfunctions.py -f \"C:\\Program Files\\Notepad++\\updater\\libcurl.dll\"")
        print("2) Original DLL is renamed and in the same folder: \n\tpython getdllfunctions.py -f .\original-libcurl.dll")