2 releases
| 0.1.2 | Apr 18, 2023 |
|---|---|
| 0.1.1 | Apr 11, 2023 |
| 0.1.0 |
|
#464 in Operating systems
63 downloads per month
2MB
1K
SLoC
Contains (DOS exe, 1.5MB) examples/putty_x64.exe, (DOS exe, 1.5MB) examples/putty_x86.exe
rspe
Simple Native Rust Reflective PE loader library
Features
This project can execute RunPE into memory using the following methods:
- Native RunPE (C/C++/RUST...)
- 64-bit
- 32-bit
- .NET RunPE (C#/VB/CLR...)
- 64-bit .NET RunPE into Memory (maybe view clroxide lib)
- 32-bit .NET RunPE into Memory (maybe view clroxide lib)
Use
use rspe::{reflective_loader, utils::check_dotnet};
// Main function
fn main() -> Result<(), String> {
// Read the file to load into a buffer
#[cfg(target_arch = "x86_64")]
let data = include_bytes!(r#".\putty_x64.exe"#).to_vec();
#[cfg(target_arch = "x86")]
let data = include_bytes!(r#".\putty_x86.exe"#).to_vec();
// Load the file based on the target architecture
// Check if the file is a .NET assembly
if !check_dotnet(data.clone()) {
// If it is not, use the reflective loader to load the file
unsafe {
reflective_loader(data.clone());
// Using Threads (useful to bind 2nd exe to execute at the same time):
// Currently not in use, but can be used to load the pe file in a separate thread
// let handle = std::thread::spawn(move || {
// pe::loader::reflective_loader(data.clone());
// });
// let _ = handle.join();
};
} else {
panic!("This is a .NET PE file. Only native PE image are supported! Please provide a native PE image.")
}
Ok(())
}
Credits / References
Special thanks to the following individuals and projects for their contributions to this project:
- memN0ps for providing useful winapi rust code for learning
- trickster0 for providing many OffensiveRust code for learning
License
This project is licensed under the MIT License - see the LICENSE file for details.