private void CallInitialisationRoutines(DllReason reason) { if (_mappingFlags.HasFlag(MappingFlags.SkipInitialisationRoutines)) { return; } // Call the entry point of any TLS callbacks foreach (var tlsCallBack in _peImage.TlsDirectory.TlsCallBacks) { var tlsCallBackAddress = DllBaseAddress + tlsCallBack.Rva; _processManager.CallRoutine(tlsCallBackAddress, DllBaseAddress, reason, 0); } // Call the entry point of the DLL if (_peImage.Headers.PEHeader.AddressOfEntryPoint == 0) { return; } var entryPointAddress = DllBaseAddress + _peImage.Headers.PEHeader.AddressOfEntryPoint; if (!_processManager.CallRoutine <bool>(entryPointAddress, DllBaseAddress, reason, 0)) { throw new ApplicationException($"Failed to call the entry point of the DLL with {reason:G}"); } }
private void CallInitialisationRoutines(DllReason reason) { // Call the entry point of any TLS callbacks if (_peImage.TlsDirectory.Value.TlsCallbackOffsets.Any(tlsCallbackOffset => !_processManager.CallRoutine <bool>(CallingConvention.StdCall, DllBaseAddress + tlsCallbackOffset, DllBaseAddress.ToInt64(), (long)reason, 0))) { throw ExceptionBuilder.BuildRemoteRoutineCallException($"the entry point of a TLS callback with {reason:G}"); } // Call the entry point of the DLL if (_peImage.PeHeaders.PEHeader.AddressOfEntryPoint != 0 && !_processManager.CallRoutine <bool>(CallingConvention.StdCall, DllBaseAddress + _peImage.PeHeaders.PEHeader.AddressOfEntryPoint, DllBaseAddress.ToInt64(), (long)reason, 0)) { throw ExceptionBuilder.BuildRemoteRoutineCallException($"the entry point of the DLL with {reason:G}"); } }
private void CallInitialisationRoutines(DllReason reason) { // Call any TLS callbacks if (_peImage.TlsCallbacks.Any(tlsCallback => !_processManager.CallFunction <bool>(CallingConvention.StdCall, DllBaseAddress + tlsCallback.Offset, DllBaseAddress.ToInt64(), (long)reason, 0))) { throw new Win32Exception($"Failed to call the entry point of a TLS callback with {reason.ToString()} in the remote process"); } // Call the entry point of the DLL if (_peImage.Headers.PEHeader.AddressOfEntryPoint == 0) { return; } if (!_processManager.CallFunction <bool>(CallingConvention.StdCall, DllBaseAddress + _peImage.Headers.PEHeader.AddressOfEntryPoint, DllBaseAddress.ToInt64(), (long)reason, 0)) { throw new Win32Exception($"Failed to call the entry point of the DLL with {reason.ToString()} in the remote process"); } }
private void CallInitRoutines(DllReason dllReason) { // Call any TLS callbacks with dllReason if (PeImage.TlsCallbacks.Any(tlsCallback => !ProcessManager.CallFunction <bool>(CallingConvention.StdCall, DllBaseAddress + tlsCallback.Offset, (long)DllBaseAddress, (long)dllReason, 0))) { throw new Win32Exception($"Failed to call the entry point of a TLS callback with {dllReason.ToString()}"); } // Call the entry point of the DLL with dllReason if (PeImage.Headers.PEHeader.AddressOfEntryPoint == 0) { return; } if (!ProcessManager.CallFunction <bool>(CallingConvention.StdCall, DllBaseAddress + PeImage.Headers.PEHeader.AddressOfEntryPoint, (long)DllBaseAddress, (long)dllReason, 0)) { throw new Win32Exception($"Failed to call the entry point of the DLL with {dllReason.ToString()}"); } }
private void CallInitialisationRoutines(DllReason reason) { // Call the entry point of any TLS callbacks foreach (var callbackAddress in _peImage.TlsDirectory.GetTlsCallbacks().Select(callBack => DllBaseAddress + callBack.RelativeAddress)) { _processContext.CallRoutine(callbackAddress, DllBaseAddress, reason, 0); } if (_peImage.Headers.PEHeader !.AddressOfEntryPoint == 0) { return; } // Call the entry point of the DLL var entryPointAddress = DllBaseAddress + _peImage.Headers.PEHeader !.AddressOfEntryPoint; if (!_processContext.CallRoutine <bool>(entryPointAddress, DllBaseAddress, reason, 0)) { throw new ApplicationException($"Failed to call the entry point of the DLL with {reason:G}"); } }