Solved

VB Serious Problem

Posted on 2003-11-18
5
256 Views
Last Modified: 2010-04-17
I want the source code for extracting and running an exe file from memory (ram). Few wrapping app's use this method
0
Comment
Question by:sriharish
  • 2
  • 2
5 Comments
 
LVL 22

Expert Comment

by:cookre
ID: 9776314
If I understand you correctly, you want to find an exe as it resides in RAM?
0
 
LVL 1

Author Comment

by:sriharish
ID: 9776383
Thats Right
0
 
LVL 9

Accepted Solution

by:
bhagyesht earned 250 total points
ID: 9776404
0
 
LVL 22

Expert Comment

by:cookre
ID: 9776591
If one could freeze RAM at the instant just before a EXE gets control, it MIGHT be possible to reconstruct something similar to the original disk copy of the EXE, but it's unlikely.  It would be possible with a .COM file, since that's an image file, but an EXE is far from an image file.

For example, some memory allocation and initialization is performed by the OS as part of the load process.  Once the loading is complete, you wouldn't be able to tell if a particular address range was originally valued in the EXE of if it was allocated by the OS by virtue of a res.  Shoot, even the starting address doesn't appear in RAM - that's obtained by the OS from the original EXE and control simply passed there after loading is complete.

Now that I've thought about it, I'd say you won't be able to reconstruct an EXE file from what you find in RAM.

0
 
LVL 9

Expert Comment

by:bhagyesht
ID: 9776620
"I'd say you won't be able to reconstruct an EXE file from what you find in RAM" I agree with you cookre. besides in windows it may not be loaded at the one go conideering dlls and other issues
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

I know it’s not a new topic to discuss and it has lots of online contents already available over the net. But Then I thought it would be useful to this site’s visitors and can have online repository on vim most commonly used commands. This post h…
A short article about problems I had with the new location API and permissions in Marshmallow
An introduction to basic programming syntax in Java by creating a simple program. Viewers can follow the tutorial as they create their first class in Java. Definitions and explanations about each element are given to help prepare viewers for future …
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now