momo5502 / emulator

🪅 Windows User Space Emulator
GNU General Public License v2.0
414 stars 30 forks source link

map_nt_to_emulator_protection #30

Open leftspace89 opened 1 day ago

leftspace89 commented 1 day ago

https://github.com/momo5502/emulator/blob/main/src/windows-emulator/memory_utils.hpp#L38

I'm not sure if this was intended or bug but i had to change to this.

case PAGE_EXECUTE_READWRITE: return memory_permission::all;

momo5502 commented 1 day ago

uh, yeah, looks like i fucked up 😂 feel free to open up a PR :D

leftspace89 commented 1 day ago

you got this :) also out ouf topic but is it possible to run dllmain with reserved arg. I'm more interested with emulating dll not just an executable.

i don't see any code related which runs dllmain with correct args.

const auto main_thread_id = context.create_thread(emu, context.executable->entry_point, 0, 0); switch_to_thread(*this, main_thread_id);

momo5502 commented 17 hours ago

you got this :) also out ouf topic but is it possible to run dllmain with reserved arg. I'm more interested with emulating dll not just an executable.

i don't see any code related which runs dllmain with correct args.

const auto main_thread_id = context.create_thread(emu, context.executable->entry_point, 0, 0); switch_to_thread(*this, main_thread_id);

DllMain is never called explicitly from the emulator, because ntdll runs DllMain. There is a lot more involved than just calling it, e.g. you need to setup TLS.

This emulator only supports emulating entire processes. If you want to emulate a Dll, I recommend integrating it somewhere. You can e.g. use rundll32.exe, or build your own host application that just calls LoadLibrary and emulate that, which will eventually emulate your Dll