libpeconv
libpeconv copied to clipboard
hasherezade
A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl
Here is code, ```cpp size_t v_size = 0; LPCTSTR pe_path = "C:\\windows\\notepad.exe"; BYTE* my_pe = peconv::load_pe_executable(pe_path, v_size); if (!my_pe) { return -1; } peconv::set_main_module_in_peb((HMODULE)my_pe); peconv::run_tls_callbacks(my_pe, v_size); DWORD ep_rva = peconv::get_entry_point_rva(my_pe);...
I haven't tried it on x86 but currently on x64 it is unable to inject `notepad.exe` into `calc.exe` other combinations works as shown |Payload| Target|Success| |---|---|---| |Calc.exe|Calc.exe| Sucess |Calc.exe|notepad.exe| **Fails**...
Hello, @hasherezade, In your old video on pe_unmapper (https://youtu.be/1kQibWVSQZA?t=382), when you unmap the file in cmd, you receive a lot of informative information. I've tried the latest build and it...
I found a rather peculiar edge case, which is not currently handled by libpeconv (and if it is, I am too dumb to figure it out). Consider following scenario: Payload...
Using the sample loader project on an Unreal Engine 4 compiled binary crashes with a null access within the initterm call in __scrt_common_main_seh. So far I haven't been able to...
Some pe files have tls callbacks that need to be executed for the pe file to run properly. Does the library support executing the tls callbacks when mapping and running...
Hi, not sure if you'd consider this something useful, this short batch script allows a user to drag & drop a file calling pe_unmapper.exe and presents a simple menu from...
Metadata
Owner
Metadata
A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl