pe patching

[m2abrams15]

so, i got the process ID working. i guess the issue im having now is just that your tool has to many features :) i need to strip it down to simply do the PE patching and unpatching.

i think the functions i need are held in examine_process and examine_file and examine_PE. so im working on re-writing some of the functions to work with Stephen Fewer's dll injection

[vtorri]

ok. Tell me if you want me to close the issue. Also, don't hesitate to tell me if you succeed in implementing this :-)

[m2abrams15]

is there an easy way to compile your project into a static library?

[vtorri]

do you use Visual Studio ?

[m2abrams15]

yeah, i just found the libexamine you have in the project. side note, i have to give full path for config.h and exmine.h for some reason. not sure

[vtorri]

Strange. I note this, thank you

[m2abrams15]

also, when compiling for 64-bit IMAGE_DELAYLOAD_DESCRIPTOR claims it is undefined.

[m2abrams15]

and lastly, when i compiled the libexamine, it compiles for 32-bit. but then when i add it in as a dependency, i get : error LNK1107: invalid or corrupt file: cannot read at 0x2B8 \libexamine.dll

[vtorri]

It has been a long time since I tried to compile it with Visual Studio (I usually use POSIX configuration for compilation with gcc).

For the compilation for x64, it's possible to choose this in the IDE, at the top.

It's time for me to look at Visual Studio compilation :)

thank you

[m2abrams15]

yeah any help you could provide getting the library to compile would be huge.

im using visual studio 2013 at the moment

[vtorri]

normally i have fixed all the wrong paths for Visual Studio 2013 (vc12), for x86 and x64, debug or release, but i tested with Visual Studio 2015. I don't know if there are still problems with Visual Studio 2013. Can you update and report problems, please ?

[m2abrams15]

So you want me to try to compile in 2015? On Jun 4, 2016 12:04 AM, "vtorri" notifications@github.com wrote:

normally i have fixed all the wrong paths for Visual Studio 2013 (vc12), for x86 and x64, debug or release, but i tested with Visual Studio 2015. I don't know if there are still problems with Visual Studio 2013. Can you update and report problems, please ?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/vtorri/examine/issues/3#issuecomment-223736831, or mute the thread https://github.com/notifications/unsubscribe/AS0l_A2kVgA0BvzrZgJ0qbi22VUrf0Djks5qIQdUgaJpZM4It0CU .

[vtorri]

no. Try with Visual Studio 2013. I just wante to say that I tested the Visual Studio 2013 solution (in visual_studio/vc12) with my Visual Studio 2015

[m2abrams15]

hey so whatever you did worked it compiled without errors in VS 2013 target platform v120. However, it does still crash compiling for v90 (visual studio 2008) which is the only redist package installed by default

[m2abrams15]

looks like i can include the library, regardless of the target platform and it doesn't require the VS120 redist

[vtorri]

normally, as I compile also with mingw (gcc on Windows) and that it uses msvcrt.dll (the Windows XP libc), there shouldn't be a lot of problems. I had one day a Visual Studio 2008 installed, but it's not easily to find these days :-)

[m2abrams15]

yeah i completely understand that :P So i got the lib added as a dependency. now im just going to add the headers into the proj and use the memcheck.c as a blueprint.

[m2abrams15]

hmm, yeah so it still wont compile for 2008. And i dont think i can embed a library needing v120 into a dll using v90