'Execute an embeded exe with createprocess c++
I am trying to execute an exe file which is embedded in a buffer. I try to execute this exe file with createProcess (i think that this is possible) but i get the createprocess error 123.
Here is the code:
void main(){
unsigned char exe_file[] = {
0x4d, 0x5a, 0x90, 0x00, 0x03, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
0xff, 0xff, 0x00, 0x00...
}
STARTUPINFO si;
PROCESS_INFORMATION pi;
ZeroMemory(&si, sizeof(si));
si.cb = sizeof(si);
ZeroMemory(&pi, sizeof(pi));
if (!CreateProcess((LPCWSTR)exe_file, // No module name (use command line)
NULL, // Command line
NULL, // Process handle not inheritable
NULL, // Thread handle not inheritable
FALSE, // Set handle inheritance to FALSE
0, // No creation flags
NULL, // Use parent's environment block
NULL, // Use parent's starting directory
&si, // Pointer to STARTUPINFO structure
&pi) // Pointer to PROCESS_INFORMATION structure
)
{
printf("CreateProcess failed (%d).\n", GetLastError());
return;
}
// Wait until child process exits.
WaitForSingleObject(pi.hProcess, INFINITE);
// Close process and thread handles.
CloseHandle(pi.hProcess);
CloseHandle(pi.hThread);
}
I add the LPCWSTR casting because if not, I get a compilation error (incompatibility of unsigned char...) Thank you.
Solution 1:[1]
I try to execute this exe file [which is embedded in a buffer] with createProcess (i think that this is possible)
Sorry, but no, it is not possible with CreateProcess(). It works only with .EXE files on disk, not in memory. You would have to save your buffer to a temporary file first, and then execute that file instead.
Otherwise, there are 3rd party loaders floating around that support running EXE images from memory buffers. There is nothing in the native Win32 API that supports what you are attempting.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 |