Basic implementation of the Windows loader in Rust. This implementation is still a work in progress and some parts like relocation and execution of TLS callbacks are still missing. However, it can already be used to load DLLs and call the entry point.
To load a dll, simply run load_library_rs and specify the path to the dll you want to load. Don’t forget the terminating null-byte.
The entry point will then be called automatically.
use load_library_rs::load_library;
fn main() {
load_library("C:\\Users\\user\\Desktop\\testdll.dll\0");
}To test this, you can use a simple test dll like this one: testdll from memN0ps.
- Relocation
- Use load_library_rs recursively for imports
- Link module to PEB
- Fix TLS Callbacks
- Do some sanity checks
The code is mainly based on the DarkLoadLibrary C implementation.