A lightweight native DLL mapping library that supports mapping directly from memory
Please checkout https://github.com/jdewera/lunar for a continuation of this project.
As of 10/2023 this repository is deprecated and the project is now being maintained under a new account/repository due to some issues encountered with this account. There are some minor differences between the versions for maintainabiltiy sake (prefer private ntdll functions instead of manual setup) but otherwise they should be compatible.
The example below demonstrates a basic implementation of the library
var process = Process.GetProcessesByName("")[0];
var dllFilePath = "";
var flags = MappingFlags.DiscardHeaders;
var mapper = new LibraryMapper(process, dllFilePath, flags);
mapper.MapLibrary();
Provides the functionality to map a DLL from disk or memory into a process
public sealed class LibraryMapper
Initialises an instance of the LibraryMapper
class with the functionality to map a DLL from memory into a process
public LibraryMapper(Process, Memory<byte>, MappingFlags);
Initialises an instance of the LibraryMapper
class with the functionality to map a DLL from disk into a process
public LibraryMapper(Process, string, MappingFlags);
The base address of the DLL in the process
public nint DllBaseAddress { get; }
Maps the DLL into the process
public void MapLibrary();
Unmaps the DLL from the process
public void UnmapLibrary();
Defines actions that the mapper should perform during the mapping process
[Flags]
public enum MappingFlags
Default value
MappingsFlags.None
Specifies that the header region of the DLL should not be mapped
MappingsFlags.DiscardHeaders
Specifies that the entry point of any TLS callbacks and the DLL should not be called
MappingsFlags.SkipInitRoutines