Results 1 to 23 of 23

Thread: Load dll from memory ?

  1. #1

    Thread Starter
    Fanatic Member
    Join Date
    Nov 2013
    Posts
    658

    Question Load dll from memory ?

    Hi all,

    I was wondering if it is possible to load a dll from memory rather than from a file on disk.

    Can the bytes of the dll file be stored in an array and then load the dll in the calling/current process from that array ?

    I can't use the LoadLibrary API because it expects to be passed a file path in its argument.

    A web searched came up with this https://www.joachim-bauch.de/tutoria...l-from-memory/

    The code is written in C which I am not very good at .

    Does anybody know if this can be done with calssic VB ?

    Regards.

  2. #2
    VB-aholic & Lovin' It LaVolpe's Avatar
    Join Date
    Oct 2007
    Location
    Beside Waldo
    Posts
    19,541

    Re: Load dll from memory ?

    Why would you need to do this, why can't you just write the bytes to disk and call the DLL normally? If it's an ActiveX DLL, I doubt it could be done
    Insomnia is just a byproduct of, "It can't be done"

    Classics Enthusiast? Here's my 1969 Mustang Mach I Fastback. Her sister '67 Coupe has been adopted

    Newbie? Novice? Bored? Spend a few minutes browsing the FAQ section of the forum.
    Read the HitchHiker's Guide to Getting Help on the Forums.
    Here is the list of TAGs you can use to format your posts
    Here are VB6 Help Files online


    {Alpha Image Control} {Memory Leak FAQ} {Unicode Open/Save Dialog} {Resource Image Viewer/Extractor}
    {VB and DPI Tutorial} {Manifest Creator} {UserControl Button Template} {stdPicture Render Usage}

  3. #3

    Thread Starter
    Fanatic Member
    Join Date
    Nov 2013
    Posts
    658

    Re: Load dll from memory ?

    Quote Originally Posted by LaVolpe View Post
    Why would you need to do this, why can't you just write the bytes to disk and call the DLL normally? If it's an ActiveX DLL, I doubt it could be done
    Thanks for responding,

    It is a small rudimentary standard windows dll (not an ActiveX DLL) that I wrote in C++ which I can later use in Office/VBA applications.

    I prefer not having to have the dll file distributed along with the calling vba program but I also want this for educational reasons.

    One workaround that is usually used is to have the dll bytes stored somewhere in the program and then extract those bytes at run time and create a temporary dll file on disk .. finally, delete the dll file from the disk when done.

    I thought having the dll loaded from memory without storing the dll on disk is more flexible and worth learning.

    Regards.

  4. #4
    Smooth Moperator techgnome's Avatar
    Join Date
    May 2002
    Posts
    34,532

    Re: Load dll from memory ?

    I think it's possible. I'm pretty sure I've seen it done before, but I don't remember if it was in C++ or VB (yeah, I know the two aren't remotely close to each other and you would think the syntax would tip me off, but it was a long time ago.)

    Something to keep in mind, this isn't a common thing to do, so examples (if there are any) are going to be hard to find. Also, this kind of thing is something that could be exploited by viruses for deployment, so any action of that sort may result in you app being trapped by a virus scanner.

    -tg
    * I don't respond to private (PM) requests for help. It's not conducive to the general learning of others.*
    * I also don't respond to friend requests. Save a few bits and don't bother. I'll just end up rejecting anyways.*
    * How to get EFFECTIVE help: The Hitchhiker's Guide to Getting Help at VBF - Removing eels from your hovercraft *
    * How to Use Parameters * Create Disconnected ADO Recordset Clones * Set your VB6 ActiveX Compatibility * Get rid of those pesky VB Line Numbers * I swear I saved my data, where'd it run off to??? *

  5. #5
    VB-aholic & Lovin' It LaVolpe's Avatar
    Join Date
    Oct 2007
    Location
    Beside Waldo
    Posts
    19,541

    Re: Load dll from memory ?

    The link you provided appears to do just that. However, since the DLL is loaded into memory, that link scans/parses the DLL and basically builds it within memory, modifying DLL parts/sections as needed regarding memory locations. Additionally, any dependent DLLs must be manually loaded into the process, then the in-memory DLL can be called by its modified entry point. That site doesn't give all the code (from what I saw), it primarily outlines the steps and provides some sample code. Educational reasons? Yep, gonna be a good one & good luck. This is a gray area, regarding hacking/spying, and many may not be willing to offer code/ideas.
    Insomnia is just a byproduct of, "It can't be done"

    Classics Enthusiast? Here's my 1969 Mustang Mach I Fastback. Her sister '67 Coupe has been adopted

    Newbie? Novice? Bored? Spend a few minutes browsing the FAQ section of the forum.
    Read the HitchHiker's Guide to Getting Help on the Forums.
    Here is the list of TAGs you can use to format your posts
    Here are VB6 Help Files online


    {Alpha Image Control} {Memory Leak FAQ} {Unicode Open/Save Dialog} {Resource Image Viewer/Extractor}
    {VB and DPI Tutorial} {Manifest Creator} {UserControl Button Template} {stdPicture Render Usage}

  6. #6

    Thread Starter
    Fanatic Member
    Join Date
    Nov 2013
    Posts
    658

    Re: Load dll from memory ?

    Yes the link doesn't give all the code plus it says it uses MemoryModule which is a C-library needed to load a DLL from memory.

    I thought maybe this was already done in VB before . It is a complexe task and is indeed a gray area but it a shame one needs to have the dll saved on disk first for it to be used .

    Can anybody think of any other alternative ?

  7. #7

  8. #8

    Thread Starter
    Fanatic Member
    Join Date
    Nov 2013
    Posts
    658

    Re: Load dll from memory ?

    Hi the trick,

    With your PE loader code, will I first need to extract the shellcode from the dll (Which I don't know how) or will it be just the dll file bytes (not shellcode) which is easier ?

    Thanks for your response.

    LATE EDIT: Will your loader work for x64bit Windows with the appropiate PtrSafe and LongPtr modifications or is the whole memory structure of 64 bit different ?
    Last edited by JAAFAR; Apr 25th, 2017 at 11:21 AM.

  9. #9
    PowerPoster
    Join Date
    Feb 2006
    Posts
    24,482

    Re: Load dll from memory ?

    It might be cleaner to look into static linking, though VB6 isn't really built for that.

    Why not just create a proper installer instead of resorting to malware techniques? The path you are on will probably run afoul of anti-virus software anyway.

  10. #10

    Thread Starter
    Fanatic Member
    Join Date
    Nov 2013
    Posts
    658

    Re: Load dll from memory ?

    Quote Originally Posted by dilettante View Post
    It might be cleaner to look into static linking, though VB6 isn't really built for that.

    Why not just create a proper installer instead of resorting to malware techniques?
    Can you elaborate on that ?

    Thank you.

  11. #11
    PowerPoster
    Join Date
    Feb 2006
    Posts
    24,482

    Re: Load dll from memory ?

    I'm not sure how to use static linking with a VB6 main program. Maybe somebody else has done that, but it will involve a few gyrations and a special make process.

    But why not just use the PDW to make a setup package?

    Or if this a flat DLL you don't need to register maybe use a self-extracting archive for distribution and call it good?

  12. #12

  13. #13

    Thread Starter
    Fanatic Member
    Join Date
    Nov 2013
    Posts
    658

    Re: Load dll from memory ?

    Quote Originally Posted by dilettante View Post
    But why not just use the PDW to make a setup package?

    Or if this a flat DLL you don't need to register maybe use a self-extracting archive for distribution and call it good?
    Thanks dilettante .. That will defeat the purpose of what I am trying to do which is to keep the dll embedded in the VBA program and not to have a external file or package - Will it not ?

  14. #14
    PowerPoster
    Join Date
    Feb 2017
    Posts
    4,997

    Re: Load dll from memory ?

    deleted.....

  15. #15
    PowerPoster
    Join Date
    Jun 2015
    Posts
    2,224

    Re: Load dll from memory ?

    you have the code, do the static link.
    Both dz32 and wqewto and Trick have had success with static linking.

    personally I convert to VB. It usually makes the code smaller and easier to understand anyway.

  16. #16

    Thread Starter
    Fanatic Member
    Join Date
    Nov 2013
    Posts
    658

    Re: Load dll from memory ?

    Quote Originally Posted by DEXWERX View Post
    you have the code, do the static link.
    Both dz32 and wqewto and Trick have had success with static linking.

    personally I convert to VB. It usually makes the code smaller and easier to understand anyway.
    Sorry to be a pain but, the dll is to be used in VBA ,as mentioned im my OP, which is not compiled code and has no linker involved.

  17. #17
    PowerPoster
    Join Date
    Jun 2015
    Posts
    2,224

    Re: Load dll from memory ?

    Quote Originally Posted by JAAFAR View Post
    Sorry to be a pain but, the dll is to be used in VBA ,as (NOT) mentioned im my OP, which is not compiled code and has no linker involved.
    ah! then you can understand the confusion - being this is the VB6 forum.

    How much code are you talking - why can't you convert it. Post it here? Especially considering your 32bit dll can't be "loaded" in 64bit VBA.
    Last edited by DEXWERX; Apr 25th, 2017 at 12:31 PM.

  18. #18

    Thread Starter
    Fanatic Member
    Join Date
    Nov 2013
    Posts
    658

    Re: Load dll from memory ?

    Quote Originally Posted by DEXWERX View Post
    ah! then you can understand the confusion - being this is the VB6 forum.

    How much code are you talking - why can't you convert it. Post it here? Especially considering your 32bit dll can't be "loaded" in 64bit VBA.
    I did mention that I needed this for VBA in my second post and the dll is 64Bit (not 32bit) and I have it working as expected in Windows10 64bit/Office 64bit when loaded the classical way.

    The reason I need to run the code from a dll is because the code installs a CBT Windows hook (SetWindowsHookEx) and executing the code from VBA is not IDE safe as opposed to executing it from a dll.

    I know that embeeding a dll into an office application with no external DLL file to re-distribute is doable as shown in this link:
    http://www.everythingaccess.com/tuto...n-Access-forms

    I am after something similar.

  19. #19
    PowerPoster wqweto's Avatar
    Join Date
    May 2011
    Location
    Sofia, Bulgaria
    Posts
    5,120

    Re: Load dll from memory ?

    @JAAFAR: DLLs include sections with relocations that need to be fixed up depending on the actual load address -- that's what the OS loader does and what The trick showed how to do manually. Shellcode by definition is relocatable so it is very easy to use from VB6 -- just get a pointer and call it. It's way more hard to produce relocatable bytecode from C/C++ compiler because even `switch` statements emit labels that need relocation.

    Here is how I did some "shellcode" in a recent VB6 project of mine: https://github.com/wqweto/ZipArchive...ZipArchive.cls

    STR_THUNKs are just base64 encoded x86 bytecode for which each function entry-point is communicated out-of-band in STR_THUNK_OFFSETS. This auto-generated section is produced from `lib/sshzlib/sshzlib.c` plain C file compiled to a DLL, loaded (with the OS loader) and then the bytecode/offsets are extracted from the memory image.

    cheers,
    </wqw>

  20. #20
    PowerPoster
    Join Date
    Jun 2015
    Posts
    2,224

    Re: Load dll from memory ?

    Quote Originally Posted by JAAFAR View Post
    I did mention that I needed this for VBA in my second post and the dll is 64Bit (not 32bit) and I have it working as expected in Windows10 64bit/Office 64bit when loaded the classical way.

    The reason I need to run the code from a dll is because the code installs a CBT Windows hook (SetWindowsHookEx) and executing the code from VBA is not IDE safe as opposed to executing it from a dll.

    I know that embeeding a dll into an office application with no external DLL file to re-distribute is doable as shown in this link:
    http://www.everythingaccess.com/tuto...n-Access-forms

    I am after something similar.
    I've seen that method - It's basically the same as loading the assembly of the routine, and executing it from memory.
    wqewto, The Trick (And LaVolpe) have used embedded assembly to make single File Class's for use in VB.

    The link you've posted - uses an IDispatch object created via Assembly or C/C++, and then patches the API entrypoints using a latebound call to an Init function.
    This way you only need the code of the COM object. Clever in that you don't need to do a lot of "loading"/address fixups, and really only need to extract the code of the object.
    A lot of effort, just to get rid of a dependency.

    Why wouldn't you just drop the dll file and load it that way? It's way more maintainable than embedded machine code.
    Last edited by DEXWERX; Apr 25th, 2017 at 01:21 PM.

  21. #21

    Thread Starter
    Fanatic Member
    Join Date
    Nov 2013
    Posts
    658

    Re: Load dll from memory ?

    Quote Originally Posted by wqweto View Post
    @JAAFAR: DLLs include sections with relocations that need to be fixed up depending on the actual load address -- that's what the OS loader does and what The trick showed how to do manually. Shellcode by definition is relocatable so it is very easy to use from VB6 -- just get a pointer and call it. It's way more hard to produce relocatable bytecode from C/C++ compiler because even `switch` statements emit labels that need relocation.

    Here is how I did some "shellcode" in a recent VB6 project of mine: https://github.com/wqweto/ZipArchive...ZipArchive.cls

    STR_THUNKs are just base64 encoded x86 bytecode for which each function entry-point is communicated out-of-band in STR_THUNK_OFFSETS. This auto-generated section is produced from `lib/sshzlib/sshzlib.c` plain C file compiled to a DLL, loaded (with the OS loader) and then the bytecode/offsets are extracted from the memory image.

    cheers,
    </wqw>
    @wqw : That looks daunting and way over my head

    I guess I first need to have a better understanding of what the subject involves before attempting similar venture.. I thought this would be less complicated.

    Thanks anyway.

  22. #22

    Thread Starter
    Fanatic Member
    Join Date
    Nov 2013
    Posts
    658

    Re: Load dll from memory ?

    Quote Originally Posted by DEXWERX View Post
    I've seen that method - It's basically the same as loading the assembly of the routine, and executing it from memory.
    wqewto, The Trick (And LaVolpe) have used embedded assembly to make single File Class's for use in VB.

    The link you've posted - uses an IDispatch object created via Assembly or C/C++, and then patches the API entrypoints using a latebound call to an Init function.
    This way you only need the code of the COM object. Clever in that you don't need to do a lot of "loading"/address fixups, and really only need to extract the code of the object.
    A lot of effort, just to get rid of a dependency.

    Why wouldn't you just drop the dll file and load it that way? It's way more maintainable than embedded machine code.
    @DEXWERX:

    I am a newbie at this stuff but i am eager to learn .

    The link you've posted - uses an IDispatch object created via Assembly or C/C++, and then patches the API entrypoints using a latebound call to an Init function.
    This way you only need the code of the COM object. Clever in that you don't need to do a lot of "loading"/address fixups, and really only need to extract the code of the object.
    Is there a tutorial/example that can teach me how to implement the above technique in a methodical way using C++ (I have no knowledge of ASM)? I would be grateful if you or someone else could point me in the right direction.
    Last edited by JAAFAR; Apr 25th, 2017 at 01:41 PM.

  23. #23

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width