UserExistsError
commented
2 years ago ExtractArray pulls out the code section of a DLL (ignores PE header and all other sections that are not code). For a carefully written DLL, the code section can be run as shellcode by writing it into executable memory and, for example, calling CreateThread on it. The reflective loader used in this project is one such example of a DLL where this works.
This project uses ExtractArray to convert the reflective loader DLL into shellcode, then appends an arbitrary DLL to that shellcode. ExtractArray is not meant to be run on the DLL provided to InjectDLL.exe.
If you want to load a DLL from memory instead of passing it to the command line, you can modify the code here where the DLL is read from a file:
If you want to convert this DLL to a char array, you can copy and modify ExtractArray to write the entire file to an array, and not just the .text section. The loop below could be rewritten to write out all imageSize bytes of the array image:
Is possible to load the DLL from the
chararray generated by theExtracArrayinstead of loading it from disk?