However I (you) still need to update the source/binary tomorrow:
Quote:
- add erase header functionality
- execute image's entry point
- add iat entry resolve by ordinal
- anti memory-leak (RAII mechanism for handles 'n stuff)
- add loadlibrary emulation
Note: If you are trying to update the source yourself, a few tips:
- Either zero-out the header after iat resolving or wait for the thread to complete by using WaitForSingleObject and then externally zero it out.
- To execute the dll's entry point grab entry point offset from nt header and utilize this type definition:
Code:using tDllMain = BOOL( __stdcall* )( HMODULE hinstDLL, DWORD dwReason, LPVOID lpReserved );
- IAT entry resolve by ordinal: Use GetProcAddress or parse export ordinal table.
- recall your manual mapping code for every IMAGE_IMPORT_DESCRIPTOR entry.
(I don't know an iterative approach since you don't know how many dependencies the current dependency needs to load into the target process)