Is it possible to make this tool compatible with windows applications?
I've made som tries myself without any luck.
The exe is correcly converted, but giving the entry point to the loader nothing happens.

I guess that may people would enjoy a "testload" applications, compiled as a DLL file, with a given export name, so i may be called with rundll32. This would enable to calle rundll32 testload.dll,Load

I should be able to write this for console applications, but (sady) not for Windows applications.
Anyone would help?
Thanks in advance!
\Jeky--

LoadLibraryA

I tried to replace "LoadLibraryA" with a memory load module and found it failed.

my code:

size_t v_size = 0;
PBYTE loaded_pe = peconv::load_pe_executable(file.c_str(), v_size);
if (NULL == loaded_pe) {
    return FALSE;
}

// calculate the Entry Point of the manually loaded module
DWORD ep_rva = (0 == rva_ep) ? peconv::get_entry_point_rva(loaded_pe) : rva_ep;
ULONG_PTR ep_va = ep_rva + (ULONG_PTR)loaded_pe;
if (NULL == ep_rva || NULL == ep_va) {
    return FALSE;
}

typedef int(APIENTRY* fnMainCRTStartup)();
fnMainCRTStartup AddressOfEntryPoint = (fnMainCRTStartup)ep_va;
if (AddressOfEntryPoint) {
    auto result = AddressOfEntryPoint();
}

Currently only loading of the EXE as a DLL is supported. But in order to call any function, we must manually find and call its address.

For easier use, it would be beneficial to have the export table created, and the Original Entry Point should be added as an exported function.

Hi,

I have a multiple megabyte exe which just write something to the console. After the conversion the generated dll file only 300k and (of course) calling start on it not working at all, nothing happens. How to fix this?

Hello and thank you very much for your amazing work!

I'm trying to use your code to convert an exe to a dll but i'm experiencing a problem.
I'm not expert in the matter so I hope you can give me any hints.
The program fails converting the raw pe to virtual with these messages:

[!] Truncated to maximal size: fc7000, buffer size:18e9000
[-] Raw section size is out ouf bounds: 332000

Adding some debug info, if I understood correctly, it seems the size of some virtual sections reported in the section header is wrong:

Section 13 at 9576448, size: 105902592
Section 14 at 22769664, size: 3350528

The size of section 13 should not be that big, right? This leads to the first error message.
And also the SizeOfImage header seems to be too small, which leads to the second error message and failure.
Unfortunately i cannot share the exe, but it runs normally, it's not corrupted.
Any idea why this happens? Anything I can do to handle this type of files?

Thank you again!

Is there any way to get console output from GetProcAddress ? my exe produce only console output and I'm trying to get that output to variable in GetProcAddress Start function. Can you help ?

Hello,

this is a very interesting project.
I wanted to use it to convert some programs that take their parameters from command line.

So, for testing, I created a program that addition two int as parameter 1 and 2 and output the sum in a file (as there is no console output, but I am not interested in it).

When I call "Addition.exe 99 6", parameters 1 and 2 are 99 and 6. That s ok
When I call "rundll32.exe .\Addition.dll,Start 99 6" ; parameters 1 and 2 are "".\Addition.dll,Start and 99.
And If I load it in a program, it just display the parameter of that program !

Is there a way to correct that, so parameter 1 is alwways the parameter send to the entry point

Thanks

Regards

Nicolas

hi i dont understand how to use it
can you tell me how pls ?
and is it possible to run it with rundll32 ?

Could you support covert an exe without relocation table? Am I use it in a wrong way ?
As we know, most of exe have no relocation table.