load own executable into other process

uall · Post by **uall** » Wed Apr 20, 2005 4:38 pm

Is it possible to load the own executable into an other process with your madCollection.

Problem is that i cant set dll flag for an executable (then windows dowsnt load it)
If u inject the executable without the dll flag is set, then the target process is loading it but doesnt call dllmain

so do you thinks its good to inject the own exe that way:

Code: Select all

  asm
    push 0
    push 0
    push dllpath
    call LoadLibraryEx
    push eax
    push 0
    call GetModuleHandle
    mov ebx, offset dllmain
    sub ebx, eax
    pop eax
    add ebx, eax
    call ebx
  end;

Post by **madshi** » Thu Apr 21, 2005 6:58 am

As long as the exe can be relocated, I guess that you can somehow load it into another process and execute it there. The problem is that not every exe will work that way. E.g. the exe could do this:

if GetModuleHandle(0) <> HInstance then
ExitProcess(0);

Why would it do that? No idea. But you get the idea. It's possible that exes will behave strangely if they are not the real base module.

Also I'm not sure how the Delphi RTL behaves. It behaves different for dlls and exes. Which path will it run through when you load the exe as a module in another process? I'm not sure...

uall · Post by **uall** » Thu Apr 21, 2005 9:43 am

ill test it today and report the results