We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Describe the bug I'm trying to add a single DLL to the import table of a x64 EXE
To Reproduce Steps to reproduce the behavior:
Expected behavior The executable should execute regularly without any new crashes
Environment (please complete the following information):
python -c "import lief;print(lief.__version__)"
LIEF/config.h
Additional context Code used:
def download_libgadget(path=".", bitness="x86"): libpath = path + "/libgadget.dll" if os.path.isfile(libpath): print(f"[+] {libpath} already exists, skipping") return None latest = requests.get("https://api.github.com/repos/frida/frida/releases/latest").json() for a in latest["assets"]: if a["name"].startswith("frida-gadget") and a["name"].endswith(f"windows-{bitness}.dll.xz"): url = a["browser_download_url"] print("[+] Downloading", url) r = requests.get(url, allow_redirects=True) open(libpath + ".xz", "wb").write(r.content) with lzma.open(libpath + ".xz", "rb") as f: open(libpath, "wb").write(f.read()) print("[+] Downloaded", a["name"]) break def inject(binary): injected = lief.parse(binary) bitness = 32 if injected.header.machine == lief.PE.MACHINE_TYPES.I386: print("[+] Detected 32 bit PE") elif injected.header.machine == lief.PE.MACHINE_TYPES.AMD64: print("[+] Detected 64 bit PE") bitness = 64 else: print("[!] Unable to detected binary bitness") exit(1) download_libgadget(realpath(dirname(binary)), "x86" if bitness == 32 else "x86_64") gadget = injected.add_library("libgadget.dll") gadget.add_entry("frida_gadget_wait_for_permission_to_resume") builder = lief.PE.Builder(injected) builder.build_imports(True) builder.patch_imports(True) builder.build() os.rename(binary, binary + ".b-" + str(datetime.now().isoformat())) builder.write(binary) if __name__ == "__main__": from sys import argv inject(argv[1])
error.txt
Unfortunately I can't freely redistribute the executable so contact me if you need it to send it privately
The text was updated successfully, but these errors were encountered:
Yes, actually the modification of the import/export table for PE binary is very (very) limited. I'll have to refactor this part around November.
Sorry, something went wrong.
Are there any other solutions to inject frida into an exe? I don't get why nobody does it and there's literally nothing out there
romainthomas
No branches or pull requests
Describe the bug
I'm trying to add a single DLL to the import table of a x64 EXE
To Reproduce
Steps to reproduce the behavior:
Expected behavior
The executable should execute regularly without any new crashes
Environment (please complete the following information):
python -c "import lief;print(lief.__version__)"
or the one fromLIEF/config.h
: 0.12.1-Additional context
Code used:
error.txt
Unfortunately I can't freely redistribute the executable so contact me if you need it to send it privately
The text was updated successfully, but these errors were encountered: