Replacing the Import Table in PE file by standart LoadLibrary...

Posted by user308368 on Stack Overflow See other posts from Stack Overflow or by user308368
Published on 2010-04-03T16:46:56Z Indexed on 2010/04/03 17:23 UTC
Read the original article Hit count: 158

Filed under:

dllimport

Hello.

I have an executable (PE) file that load a dll file as represented in the Import table... let say: PEFile.exe Modules.dll

my question is how can i remove Modules.dll's import_descriptor from the imports and do its work by loadLibrary without the rely on the import table and without destroy the file???...

My bigger problem his i could not understand exactly how the Import thing works... after the loader read the information he needs to do the import's thing, i believe he use the LoadLibrary, GetProcAddress APIs... but i couldn't understated what he doing with the pointers he get... he putting them somewhere in memory... and then what just call them?!?

all the papers i found in the net explain the structure of the import table, but i didn't found a paper that explain how it is really work and get used...

i hope you cold understand my Gibberish English...

Thank you!

Related posts about dllimport

DllImport and char*

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a method I want to import from a DLL and it has a signature of: BOOL GetDriveLetter(OUT char* DriveLetter) I've tried [DllImport("mydll.dll")] public static extern bool GetDriveLetter(byte[] DriveLetter); and [DllImport("mydll.dll")] public static extern bool GetDriveLetter(StringBuilder… >>> More
System.AccessViolation in DllImport method after redeploy

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi Everyone, My environment: Windows 2003, VS 2008, .NET 3.5 C# .NET application. During loading my application I call method from C++ dll (Knowl.dll) through my third-party dll library (Common.dll) written in C#. After first deploy (from VS to Developing server) evrything works fine. Then I stops… >>> More
GetDC() DllImport for x64 apps

as seen on Stack Overflow - Search for 'Stack Overflow'
If you make a little research on the internet you'll see many DLLImport styles for this user32.dll function: HDC GetDC(HWND hWnd); The question is: what type is more appropriate for .NET x64 apps (either compiled with the Platform target as AnyCPU on a x64 machine or specifically as x64)? IntPtr… >>> More
32 bit dllimport generating incorrect format error (0x8007000b) on win7 x64 platform

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello, I'm trying to install and run a 32 bit application on a Win7 x64 machine. The application is built as a Win32 app. It runs fine on 32 bit platforms. On the x64 machine it installs correctly in the Programs(x86) directory and runs fine until I make a call into a 32 bit dll. At that time… >>> More
System.EntryPointNotFoundException

as seen on Stack Overflow - Search for 'Stack Overflow'
thank, but by using this i am getting the output c2@ubuntu:~/Desktop$ mcs testingsrp.cs -lib:/home/c2/Desktop/libsrp/libsrp.so c2@ubuntu:~/Desktop$ nm -D /home/c2/Desktop/libsrp/libsrp.so | grep SRP_initialize_library c2@ubuntu:~/Desktop$ MONO_LOG_LEVEL="debug" MONO_LOG_MASK="dll" mono testingsrp… >>> More

Developer IT