从内存的位置加载DLL [英] Loading DLL from a location in memory
问题描述
由于这个问题说,我想在内存中,而不是将文件从一个位置加载DLL,同样给LoadLibrary(例)。我在WinAPI的不是专家,所以GOOGLE了一点,发现本文与MemoryModule库在一起pretty多少符合我的需要。
As the question says, I want to load a DLL from a location in memory instead of a file, similarly to LoadLibrary(Ex). I'm no expert in WinAPI, so googled a little and found this article together with MemoryModule library that pretty much meets my needs.
在另一方面,信息有相当老的库尚未一会儿更新过。所以我想知道如果有不同,更新,更好的方式来做到这一点。此外,如果有人使用了文章中提到的图书馆,他们可以提供什么我可能使用时面临的洞察力?
On the other hand the info there is quite old and the library hasn't been updated for a while too. So I wanted to know if there are different, newer and better ways to do it. Also if somebody has used the library mentioned in the article, could they provide insight on what I might be facing when using it?
只是为了好奇的人,我没有探索在磁盘上存储的解密版本加了一些插件应用程序的概念。
Just for the curious ones, I'm exploring the concept of encrypting some plug-ins for applications without storing the decrypted version on disk.
推荐答案
好了,你可以根据的这些说明,然后在内存中的DLL可以复制到那里的文件和使用的LoadLibrary()。
当然这如果您计划部署此为某种产品,因为人们会注意到一个司机正在安装不是很实用,安装后重新启动和我的电脑下一个新的驱动器号。此外,这无助于真正隐藏自其只是在RAM驱动器坐在那里供大家观赏DLL。
Well, you can create a RAM Drive according to these instructions, then copy the DLL you can in memory to a file there and the use LoadLibrary().
Of course this is not very practical if you plan to deploy this as some kind of product because people are going to notice a driver being installed, a reboot after the installation and a new drive letter under My Computer. Also, this does nothing to actually hide the DLL since its just sitting there in the RAM Drive for everybody to watch.
我有兴趣有关的另一件事是,为什么你真的想这样做吗?也许最终结果可以通过比中从存储器DLL的其他一些其它手段来实现。例如使用时,二进制封隔器,如 UPX ,你必须在磁盘上的DLL不同于的一个是最终执行。紧随DLL与调用LoadLibrary正常加载后,在解包踢并重写该DLL加载到与uncom pressed二进制文件(DLL头可确保有足够的分配空间)
Another thing I'm interested about is Why you actually want to do this? Perhaps your end result can be achieved by some other means other than Loading the DLL from memory. For instance when using a binary packer such as UPX, the DLL that you have on disk is different from the one that is eventually executed. Immediately after the DLL is loaded normally with LoadLibrary, The unpacker kicks in and rewrites the memory which the DLL is loaded to with the uncompressed binary (the DLL header makes sure that there is enough space allocated)
这篇关于从内存的位置加载DLL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
