public void Pil32_DelayLoads()
{
Given_Pe32Header(0x00100000);
Given_Section(".text", 0x1000u, 0x1000u);
Given_DelayLoadDirectories(
new DelayLoadDirectoryEntry
{
Name = "user32.dll",
ImportNames = new string[] {
"GetDesktopWindow",
"GetFocus"
}
});
sc.AddService <IDiagnosticsService>(mr.Stub <IDiagnosticsService>());
mr.ReplayAll();
Given_PeLoader();
var program = peldr.Load(addrLoad);
var rel = peldr.Relocate(program, addrLoad);
Assert.AreEqual(2, program.ImportReferences.Count);
Assert.AreEqual("user32.dll!GetDesktopWindow", program.ImportReferences[Address.Ptr32(0x0010183C)].ToString());
Assert.AreEqual("user32.dll!GetFocus", program.ImportReferences[Address.Ptr32(0x00101840)].ToString());
}
public void Pil32_DelayLoads_Absolute()
{
Given_Pe32Header(0x00100000);
Given_Section(".text", 0x1000u, 0x1000u);
Given_DelayLoadDirectories(
new DelayLoadDirectoryEntry
{
Attributes = 0,
Name = "user32.dll",
ImportNames = new string[] {
"GetDesktopWindow",
"GetFocus"
}
});
Given_PeLoader();
var program = peldr.Load(addrLoad);
peldr.Relocate(program, addrLoad);
Assert.AreEqual(2, program.ImportReferences.Count);
Assert.AreEqual("user32.dll!GetDesktopWindow", program.ImportReferences[Address.Ptr32(0x0010183C)].ToString());
Assert.AreEqual("user32.dll!GetFocus", program.ImportReferences[Address.Ptr32(0x00101840)].ToString());
}
private void emulatorToolStripMenuItem_Click(object sender, EventArgs e)
{
var sc = new ServiceContainer();
var fs = new FileStream(@"D:\dev\jkl\dec\halsten\decompiler_paq\upx\demo.exe", FileMode.Open);
var size = fs.Length;
var abImage = new byte[size];
fs.Read(abImage, 0, (int)size);
var exe = new ExeImageLoader(sc, "foolexe", abImage);
var peLdr = new PeImageLoader(sc, "foo.exe", abImage, exe.e_lfanew);
var addr = peLdr.PreferredBaseAddress;
var program = peLdr.Load(addr);
var rr = peLdr.Relocate(program, addr);
var win32 = new Win32Emulator(program.SegmentMap, program.Platform, program.ImportReferences);
var emu = new X86Emulator((IntelArchitecture)program.Architecture, program.SegmentMap, win32);
emu.InstructionPointer = rr.EntryPoints[0].Address;
emu.ExceptionRaised += delegate { throw new Exception(); };
emu.WriteRegister(Registers.esp, (uint)peLdr.PreferredBaseAddress.ToLinear() + 0x0FFC);
emu.Start();
}