• Welcome to Valhalla Legends Archive.
 

LoadLibrary from within memory?

Started by MyndFyre, August 23, 2006, 03:17 PM

Previous topic - Next topic
Print
|
Go Down Pages1
User actions

MyndFyre

August 23, 2006, 03:17 PM
Is it possible to have a memory representation (a byte stream, for instance) of a DLL and LoadLibrary()-or-equivalent it?  I've found one very involved thing that I don't want to use that involved reading the PE headers and stuff like that.  Not really what I was hoping for.

What it really boils down to is that I just don't want to write the temporary file.  :-|  I want to include a DLL as a resource in my application's binary.
QuoteEvery generation of humans believed it had all the answers it needed, except for a few mysteries they assumed would be solved at any moment. And they all believed their ancestors were simplistic and deluded. What are the odds that you are the first generation of humans who will understand reality?

After 3 years, it's on the horizon.  The new JinxBot, and BN#, the managed Battle.net Client library.

Quote from: chyea on January 16, 2009, 05:05 PM
You've just located global warming.

Skywing

#1
August 23, 2006, 06:14 PM
You would have to do most of the hard work yourself with setting up the in memory layout.  One option might be to hook NtCreateFile/NtCreateSection/NtMapViewOfSection in usermode and let the NTDLL loader manage the import snapping and all of that, with you instead returning a pointer to your own DLL in memory instead of going through the usual image section mapping process.

Note that this approach still requires you to setup the in-memory layout and protections correctly, but it does free you from doing your own import resolution and making the dll accessible to anything using the conventional dll resolution APIs (e.g. GetModuleHandle).

Yoni

#2
August 27, 2006, 11:46 AM
In other words... Disgusting.

MyndFyre

#3
August 27, 2006, 02:10 PM
Quote from: Yoni on August 27, 2006, 11:46 AM
In other words... Disgusting.
Hahaha yes, still more work than I wanted to do.  Thanks though :)
QuoteEvery generation of humans believed it had all the answers it needed, except for a few mysteries they assumed would be solved at any moment. And they all believed their ancestors were simplistic and deluded. What are the odds that you are the first generation of humans who will understand reality?

After 3 years, it's on the horizon.  The new JinxBot, and BN#, the managed Battle.net Client library.

Quote from: chyea on January 16, 2009, 05:05 PM
You've just located global warming.

Yoni

#4
August 28, 2006, 02:52 PM
You can find a usable temp filename using GetTempFileName (kernel32).

MyndFyre

#5
August 28, 2006, 08:21 PM
Quote from: Yoni on August 28, 2006, 02:52 PM
You can find a usable temp filename using GetTempFileName (kernel32).
Yeah, there's a C# API for that too, but I'm not sure I want to do that yet.   :o

QuoteEvery generation of humans believed it had all the answers it needed, except for a few mysteries they assumed would be solved at any moment. And they all believed their ancestors were simplistic and deluded. What are the odds that you are the first generation of humans who will understand reality?

After 3 years, it's on the horizon.  The new JinxBot, and BN#, the managed Battle.net Client library.

Quote from: chyea on January 16, 2009, 05:05 PM
You've just located global warming.

Joe[x86]

#6
September 10, 2006, 12:44 AM
I'm probably overlooking something but how does WarCraft III apply IX86BlueDrake.dll? I don't think it gets written to a file before it's loaded, just brought straight out of the MPQ.
Quote from: brew on April 25, 2007, 07:33 PM
that made me feel like a total idiot. this entire thing was useless.

UserLoser

#7
September 10, 2006, 02:38 PM
Quote from: Joex86] link=topic=15579.msg157728#msg157728 date=1157867092]
I'm probably overlooking something but how does WarCraft III apply IX86BlueDrake.dll? I don't think it gets written to a file before it's loaded, just brought straight out of the MPQ.

Downloads the ix86BlueDrake.mpq, extracts the file to your harddrive, hExtraWork = LoadLibrary(ix86BlueDrake.dll), ExtraWork = GetProcAddress(hExtraWork, "Extrawork"), ExtraWork(&ExtraWorkData).

Joe[x86]

#8
September 11, 2006, 09:16 PM
Eh, mmk.
Quote from: brew on April 25, 2007, 07:33 PM
that made me feel like a total idiot. this entire thing was useless.
Print
|
Go Up Pages1
User actions