momo5502 / emulator

🪅 Windows User Space Emulator
GNU General Public License v2.0
418 stars 30 forks source link

map_nt_to_emulator_protection #30

Closed leftspace89 closed 15 hours ago

leftspace89 commented 2 days ago

https://github.com/momo5502/emulator/blob/main/src/windows-emulator/memory_utils.hpp#L38

I'm not sure if this was intended or bug but i had to change to this.

case PAGE_EXECUTE_READWRITE: return memory_permission::all;

momo5502 commented 2 days ago

uh, yeah, looks like i fucked up 😂 feel free to open up a PR :D

leftspace89 commented 2 days ago

you got this :) also out ouf topic but is it possible to run dllmain with reserved arg. I'm more interested with emulating dll not just an executable.

i don't see any code related which runs dllmain with correct args.

const auto main_thread_id = context.create_thread(emu, context.executable->entry_point, 0, 0); switch_to_thread(*this, main_thread_id);

momo5502 commented 1 day ago

you got this :) also out ouf topic but is it possible to run dllmain with reserved arg. I'm more interested with emulating dll not just an executable.

i don't see any code related which runs dllmain with correct args.

const auto main_thread_id = context.create_thread(emu, context.executable->entry_point, 0, 0); switch_to_thread(*this, main_thread_id);

DllMain is never called explicitly from the emulator, because ntdll runs DllMain. There is a lot more involved than just calling it, e.g. you need to setup TLS.

This emulator only supports emulating entire processes. If you want to emulate a Dll, I recommend integrating it somewhere. You can e.g. use rundll32.exe, or build your own host application that just calls LoadLibrary and emulate that, which will eventually emulate your Dll

momo5502 commented 15 hours ago

Fixed: d83f2c61e8961259aa88078d8be6d90db2b4ed7b