flat assembler
Message board for the users of flat assembler.
Index
> Windows > Loading .exe into memory and manually executing it? |
Author |
|
revolution 08 Oct 2009, 12:21
In general an exe file cannot be easily included within another exe. You have to properly load all the sections into memory, possibly also relocate the code, resolve all the imports, and a bunch of other stuff that the normal Windows loader will do.
Perhaps a better idea is to write the binary exe file (from the data section of your exe) to disk as a new exe file and then load it as a child process within your app. |
|||
08 Oct 2009, 12:21 |
|
keyoke 08 Oct 2009, 13:03
Thanks, this was my initial thought but was hoping to have a "cleaner"(the whole thing is not very clean I know), not having to have write permissions to a temp folder etc....
|
|||
08 Oct 2009, 13:03 |
|
r22 08 Oct 2009, 14:29
If you have the source code for the "OTHER" EXE then there's no need to embed it into your EXE just turn the functionality you need into a SUB ROUTINE / PROCEDURE or a separate DLL file.
If you don't have the source for the "OTHER" EXE then you should distribute it AS IS with your own EXE; if your true goal is for a "CLEAN" program. For your specific question, UPX does what you want. It unpacks an EXE in memory and runs it. http://upx.sourceforge.net/ |
|||
08 Oct 2009, 14:29 |
|
Defsanguje 08 Oct 2009, 20:59
The problem itself is very interesting. Z0mbie and yoda has done some work related to the subject:
InConEx - executing PE files in the own process memory context - Binaries & SRC |
|||
08 Oct 2009, 20:59 |
|
pal 08 Oct 2009, 22:27
I know exactly what you are talking about, but I cannot find a link to it. This guy has a website which has a POC for it. It is like Win32 fork(). Damn I cant find it, it is annoying. He his some Asian guy who's name is like Tan/Tang something something.
If I find it I will post it. Under VB it goes by the name of RunPE, but the original POC was done in C. It will execute a PE file loaded in your programs memory. It is not that hard to do to be honest. Interesting links Defsanguje. |
|||
08 Oct 2009, 22:27 |
|
f0dder 21 Oct 2009, 07:38
You can do it, but...
1) your exe file needs relocations (or has to be written to use position-independent code) 2) you need to fix up imports 3) you need to hook various API functions for the memory-exe... the most complicated is getting resources to work. |
|||
21 Oct 2009, 07:38 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.