dEEpEst
☣☣ In The Depths ☣☣
Staff member
Administrator
Super Moderator
Hacker
Specter
Crawler
Shadow
- Joined
- Mar 29, 2018
- Messages
- 13,861
- Solutions
- 4
- Reputation
- 32
- Reaction score
- 45,552
- Points
- 1,813
- Credits
- 55,350
7 Years of Service
56%
README.md
Memory PE Injector
A tool that reads a PE file from a byte array buffer and injects it into memory.
Symmary
Memory PE Injector is a C++ class which reads an executable file (PE) from a byte array and maps it into the memory space of another process. This is commonly known as Process Forking or RunPE. To accomplish this, the code follows these steps:
Usage and Tips
This code can be used in various scenarios. One of these scenarios is a case where you want to pack another program with your own one, but you'd like to deploy one executable only. You can add your second program in the resources of your first one, in an RT_RCDATA resource, then read the bytes and inject it directly into memory, without dropping it on the disk.
Usage:
Injector *injector = new Injector();
unsigned char *lpByteBuffer = injector->ReadFileBytes(L"C:/The/path/to/your/executable.exe");
injector->Inject(lpByteBuffer);
Download:
Memory PE Injector
A tool that reads a PE file from a byte array buffer and injects it into memory.
Symmary
Memory PE Injector is a C++ class which reads an executable file (PE) from a byte array and maps it into the memory space of another process. This is commonly known as Process Forking or RunPE. To accomplish this, the code follows these steps:
- The code launches a second instance of the program containing the code, in suspended mode.
- It unmaps the PE from the virtual memory space where it is loaded
- The given PE byte array is then mapped in place.
- The process is resumed and the end result is the PE file of the byte array running instead.
Usage and Tips
This code can be used in various scenarios. One of these scenarios is a case where you want to pack another program with your own one, but you'd like to deploy one executable only. You can add your second program in the resources of your first one, in an RT_RCDATA resource, then read the bytes and inject it directly into memory, without dropping it on the disk.
Usage:
Injector *injector = new Injector();
unsigned char *lpByteBuffer = injector->ReadFileBytes(L"C:/The/path/to/your/executable.exe");
injector->Inject(lpByteBuffer);
Download:
This link is hidden for visitors. Please Log in or register now.