flat assembler
Message board for the users of flat assembler.
![]() |
Author |
|
Trinitek
https://www.joachim-bauch.de/tutorials/loading-a-dll-from-memory/
It basically says that you need to write your own PE loader. Seems trivial as far as I can tell. |
|||
![]() |
|
MUFOS
Trinitek wrote: https://www.joachim-bauch.de/tutorials/loading-a-dll-from-memory/ In other words; should I just follow that guide and translate the code to fasm? |
|||
![]() |
|
revolution
Trinitek wrote: It basically says that you need to write your own PE loader. Seems trivial as far as I can tell. |
|||
![]() |
|
MUFOS
revolution wrote:
So that guide won't work? |
|||
![]() |
|
revolution
It depends upon your DLL file. Some DLLs are simple and don't load any other resources, some are not. If you have the source to the DLL then it is probably easier to just statically compile it into your exe. Or maybe try statically linking it, but not its dependencies.
|
|||
![]() |
|
MUFOS
What I want is an addon system. Would it be possible to just inject an addon that only contains assembly code (e.g. .bin assembled) without PE? If I am not thinking completely wrong, it's like injecting shellcode?
|
|||
![]() |
|
revolution
MUFOS wrote: What I want is an addon system. Would it be possible to just inject an addon that only contains assembly code (e.g. .bin assembled) without PE? If I am not thinking completely wrong, it's like injecting shellcode? You could always just us a DLL, it is designed for the job (: |
|||
![]() |
|
MUFOS
revolution wrote:
What I want to accomplish is a plugin system. For instance I could send the plugin over the internet so that code could remain protected (one usage example). And in addition others could develop further on the program. However, my requirement is that the plugin can be loaded from memory, e.g. never stored on the disk. |
|||
![]() |
|
typedef
You can define your own file structure then.
Your plugin file's header will contain information about which DLLs to load and where to place the jump/function pointer. Your main program loads the required DLLs if not already loaded. Your plugin must use relative jumps to so that way your host application can fill in those function pointer. plugin.bin Code: MAX_NAME equ 0xFF MAX_FN_NAME equ 0x80 ; align to some bit-width boundary here .ddMagic dd $123 ; some file identifier here .dwLibs dd 1 ; number of DLLs to load ; Begin import structure .pzsDllName1 du "user32.dll",....,0 ; <--- Unicode string of length MAX_NAME .ddFuncs2 dd 1 ; <-- Number of functions ; user32 functions .pszName db "MessageBoxW",...0 ; MAX_FN_NAME .dwOrdinal dw $00000 .dwMessageBoxW dd $00000 ; Either ordinal or name ; End import structure ; your data area placed in data section. .ddDataSize dd 123456 .ddDataOffset dd .my_data ; Relative offset from the beginning of the file. Since the whole thing will be in memory .ddFlags dd $0000000 ;<--- Define access flags here ; your exported code .ddCodeSize dd 123455 .ddSectionAddress dd .code_section .ddAccessFlags dd 1234 .ddNumberOfExportedFunctions dd 1 ; export function structure .pszFuncName db "my_function",....,0 ; MAX_FN_NAME .ddFuncAddress dd my_function ; You code section here .code_section: ; void __stdcall my_function() my_function: push ebp mov ebp, esp push 0 push .pszHello push .pszHello push 0 call dword ptr[.dwMessageBoxW] mov esp, ebp pop ebp retn .my_data: .pszHello du "Hello",0 To make it simple, you can just lay it out FLAT in memory so that way resolving function calls will be easier. Also make sure you align and padd all sections. |
|||
![]() |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2020, Tomasz Grysztar. Also on GitHub, YouTube, Twitter.
Website powered by rwasa.