https://github.com/ytk2128/dll-merger

Merging DLLs with a PE32 EXE without LoadLibrary
https://github.com/ytk2128/dll-merger

Last synced: 21 days ago
JSON representation

Merging DLLs with a PE32 EXE without LoadLibrary

• Host: GitHub
• URL: https://github.com/ytk2128/dll-merger
• Owner: ytk2128
• License: mit
• Created: 2022-02-06T07:43:32.000Z (almost 3 years ago)
• Default Branch: main
• Last Pushed: 2022-11-20T12:56:48.000Z (about 2 years ago)
• Last Synced: 2024-08-05T17:27:12.494Z (4 months ago)
• Language: C++
• Homepage:
• Size: 26.4 KB
• Stars: 240
• Watchers: 7
• Forks: 61
• Open Issues: 5
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

• awesome-hacking-lists - ytk2128/dll-merger - Merging DLLs with a PE32 EXE without LoadLibrary (C++)

README

        
# 🔗 dll-merger

Merging DLLs with a PE32 EXE without LoadLibrary

# Building the project

* ```git clone https://github.com/ytk2128/dll-merger.git --recurse-submodules```

* Open **src/merger.sln**

* Build Solution

# Principle of merging

dll-merger merges DLLs with a PE32 EXE and injects the loader code into the EXE and the injected loader loads DLLs manually without LoadLibrary, and thus the loaded DLLs are invisible in the PEB.

![executable before merging](https://user-images.githubusercontent.com/60180255/152682145-3c217853-daf0-4174-a6cd-17fbf1662e20.svg)

![executable after merging](https://user-images.githubusercontent.com/60180255/152682142-6a587520-7208-4b91-ae22-4dc32558d8c7.svg)

# Demonstration

1. Execute ```merger.exe procexp.exe MyDLL.dll```

2. ```procexp.exe_out.exe``` is created

3. ```MyDLL.dll``` is invisibly loaded in the ```procexp.exe_out.exe```